urlscan.io logo urlscan.io
SecurityTrails logo

www.mdzol.com Open in urlscan Pro
2606:4700::6812:18c2  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://mdzol.com/
Effective URL: https://www.mdzol.com/
Submission: On July 25 via manual from AR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 65 IPs in 5 countries across 36 domains to perform 398 HTTP transactions. The main IP is 2606:4700::6812:18c2, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.mdzol.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 8th 2021. Valid for: a year.
This is the only time www.mdzol.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 5 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
69 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
22 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
27 142.250.184.226 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 4 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f11... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
28 2a00:1450:400... 15169 (GOOGLE)
18 2a00:1450:400... 15169 (GOOGLE)
1 142.250.181.226 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
1 64.233.166.155 15169 (GOOGLE)
4 69 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:303... 13335 (CLOUDFLAR...)
3 11 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
6 9 142.250.184.194 15169 (GOOGLE)
2 4 2.18.234.21 16625 (AKAMAI-AS)
2 3 185.33.220.243 29990 (ASN-APPNEX)
1 78.46.23.46 24940 (HETZNER-AS)
1 4 138.201.63.164 24940 (HETZNER-AS)
1 2 142.250.186.70 15169 (GOOGLE)
1 145.239.2.103 16276 (OVH)
8 2606:4700:20:... 13335 (CLOUDFLAR...)
3 4 35.244.159.8 15169 (GOOGLE)
2 104.111.242.245 16625 (AKAMAI-AS)
1 138.201.63.117 24940 (HETZNER-AS)
1 76.223.26.175 16509 (AMAZON-02)
1 13.226.145.23 16509 (AMAZON-02)
1 4 94.130.102.164 24940 (HETZNER-AS)
2 2 104.111.239.217 16625 (AKAMAI-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 178.79.227.54 22822 (LLNW)
1 2 35.186.240.205 15169 (GOOGLE)
1 1 34.95.127.121 15169 (GOOGLE)
1 85.14.248.71 24961 (MYLOC-AS ...)
6 13.226.145.126 16509 (AMAZON-02)
3 4 185.94.180.125 35220 (SPOTX-AMS)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
2 142.250.186.66 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 172.217.16.130 15169 (GOOGLE)
398 65
5    2606:4700::6812:18c2 (United States)

ASN13335 (CLOUDFLARENET, US)
mdzol.com
www.mdzol.com
videos.mdzol.com
2    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
69    2606:4700::6812:19c2 (United States)

ASN13335 (CLOUDFLARENET, US)
www.mdzol.com
videos.mdzol.com
2    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
22    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
9    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2606:4700::6810:5e41 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
27    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
securepubads.g.doubleclick.net
1    2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    2606:4700:3031::ac43:b70b (United States)

ASN13335 (CLOUDFLARENET, US)
www.inversorglobal.com
staticsig.inversorglobal.com
2    2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
3    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
2    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
d-13005548613403204316.ampproject.net
2    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
3p.ampproject.net
2    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
10    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
9    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
googleads.g.doubleclick.net
3    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
28    2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
18    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
pubads.g.doubleclick.net
7    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
10    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    64.233.166.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wm-in-f155.1e100.net
bid.g.doubleclick.net
69    2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
9    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn0.gstatic.com
4    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn2.gstatic.com
5    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn3.gstatic.com
3    2606:4700:3032::6815:14bd (United States)

ASN13335 (CLOUDFLARENET, US)
telemet.xyz
11    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
9    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
cm.g.doubleclick.net
4    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
3    185.33.220.243 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    78.46.23.46 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.46.23.46.78.clients.your-server.de
hal9000.redintelligence.net
4    138.201.63.164 (Lingenfeld, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.164.63.201.138.clients.your-server.de
hal90006.redintelligence.net
2    142.250.186.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net
5994599.fls.doubleclick.net
1    145.239.2.103 (France)

ASN16276 (OVH, FR)
PTR: ns3082036.ip-145-239-2.eu
cdn.contentspread.net
8    2606:4700:20::ac43:4a81 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
as.ad4m.at
assets.ad4m.at
4    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
2    104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com
sync.teads.tv
1    138.201.63.117 (Lingenfeld, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.117.63.201.138.clients.your-server.de
ad.ad-srv.net
1    76.223.26.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: ad9411418cf2cdacd.awsglobalaccelerator.com
de1-bid.adsrvr.org
1    13.226.145.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-23.dus51.r.cloudfront.net
choices.truste.com
4    94.130.102.164 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.164.102.130.94.clients.your-server.de
ad12.ad-srv.net
2    104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com
www.awin1.com
1    2606:4700::6812:7e05 (United States)

ASN13335 (CLOUDFLARENET, US)
www.conrad.de
1    178.79.227.54 (United States)

ASN22822 (LLNW, US)
PTR: https-178-79-227-54.vie.llnw.net
asset.conrad.com
2    35.186.240.205 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 205.240.186.35.bc.googleusercontent.com
lenovo.7eer.net
1    34.95.127.121 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 121.127.95.34.bc.googleusercontent.com
www.ojrq.net
1    85.14.248.71 (Bottrop, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
m.exactag.com
6    13.226.145.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-126.dus51.r.cloudfront.net
choices.trustarc.com
4    185.94.180.125 (United States)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
1    2a00:1288:80:800::7000 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
2    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
googleads4.g.doubleclick.net
1    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn1.gstatic.com
1    2607:f8b0:4001:c05::5e (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
ade.googlesyndication.com
Apex Domain
Subdomains		 Transfer
101 googlesyndication.com
2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
ade.googlesyndication.com
861 KB
74 mdzol.com
mdzol.com
www.mdzol.com
videos.mdzol.com
1 MB
53 doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
pubads.g.doubleclick.net
bid.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
5994599.fls.doubleclick.net
googleads4.g.doubleclick.net
388 KB
34 gstatic.com
www.gstatic.com
fonts.gstatic.com
encrypted-tbn0.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
encrypted-tbn1.gstatic.com
csi.gstatic.com
527 KB
28 2mdn.net
s0.2mdn.net
275 KB
22 ampproject.org
cdn.ampproject.org
484 KB
17 google.com
www.google.com
adservice.google.com
1 KB
12 googleapis.com
ajax.googleapis.com
imasdk.googleapis.com
fonts.googleapis.com
553 KB
11 googletagservices.com
www.googletagservices.com
387 KB
8 ad4m.at
ad4m.at
as.ad4m.at
assets.ad4m.at
55 KB
6 trustarc.com
choices.trustarc.com
17 KB
5 ad-srv.net
ad.ad-srv.net
ad12.ad-srv.net
9 KB
5 redintelligence.net
hal9000.redintelligence.net
hal90006.redintelligence.net
10 KB
4 spotxchange.com
sync.search.spotxchange.com
2 KB
4 openx.net
us-u.openx.net
1 KB
4 casalemedia.com
dsum-sec.casalemedia.com
4 KB
4 ampproject.net
d-13005548613403204316.ampproject.net
3p.ampproject.net
30 KB
4 inversorglobal.com
www.inversorglobal.com
staticsig.inversorglobal.com
61 KB
3 adnxs.com
ib.adnxs.com
3 KB
3 telemet.xyz
telemet.xyz
20 KB
3 google.de
www.google.de
adservice.google.de
394 B
2 7eer.net
lenovo.7eer.net
680 B
2 awin1.com
www.awin1.com
1 KB
2 teads.tv
sync.teads.tv
344 B
2 facebook.com
www.facebook.com
380 B
2 google-analytics.com
www.google-analytics.com
19 KB
2 facebook.net
connect.facebook.net
99 KB
1 yahoo.com
ads.yahoo.com
446 B
1 exactag.com
m.exactag.com
888 B
1 ojrq.net
www.ojrq.net
513 B
1 conrad.com
asset.conrad.com
45 KB
1 conrad.de
www.conrad.de
707 B
1 truste.com
choices.truste.com
9 KB
1 adsrvr.org
de1-bid.adsrvr.org
1 KB
1 contentspread.net
cdn.contentspread.net
62 KB
1 cloudflareinsights.com
static.cloudflareinsights.com
5 KB
398 36
Domain Requested by
72 tpc.googlesyndication.com 4 redirects www.mdzol.com
cdn.ampproject.org
2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
googleads.g.doubleclick.net
69 www.mdzol.com www.mdzol.com
ajax.googleapis.com
static.cloudflareinsights.com
28 s0.2mdn.net imasdk.googleapis.com
tpc.googlesyndication.com
www.mdzol.com
s0.2mdn.net
27 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.mdzol.com
2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
22 cdn.ampproject.org www.mdzol.com
securepubads.g.doubleclick.net
18 pagead2.googlesyndication.com srcdoc
securepubads.g.doubleclick.net
tpc.googlesyndication.com
2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
googleads.g.doubleclick.net
13 www.google.com 3 redirects www.mdzol.com
2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
tpc.googlesyndication.com
11 www.googletagservices.com www.mdzol.com
securepubads.g.doubleclick.net
2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
10 googleads.g.doubleclick.net 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
www.mdzol.com
10 fonts.gstatic.com fonts.googleapis.com
10 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com securepubads.g.doubleclick.net
9 cm.g.doubleclick.net 6 redirects googleads.g.doubleclick.net
9 www.gstatic.com www.mdzol.com
2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
7 fonts.googleapis.com securepubads.g.doubleclick.net
2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
s0.2mdn.net
6 choices.trustarc.com choices.truste.com
choices.trustarc.com
5 ad4m.at 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
ad4m.at
5 encrypted-tbn3.gstatic.com 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
4 sync.search.spotxchange.com 3 redirects googleads.g.doubleclick.net
4 ad12.ad-srv.net 1 redirects 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
ad12.ad-srv.net
4 us-u.openx.net 3 redirects googleads.g.doubleclick.net
4 hal90006.redintelligence.net 1 redirects 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
hal90006.redintelligence.net
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 encrypted-tbn2.gstatic.com 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
4 encrypted-tbn0.gstatic.com 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
4 adservice.google.com securepubads.g.doubleclick.net
imasdk.googleapis.com
5994599.fls.doubleclick.net
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
3 telemet.xyz ajax.googleapis.com
telemet.xyz
3 videos.mdzol.com www.mdzol.com
3p.ampproject.net
d-13005548613403204316.ampproject.net
3 imasdk.googleapis.com cdn.ampproject.org
3p.ampproject.net
imasdk.googleapis.com
3 staticsig.inversorglobal.com www.mdzol.com
staticsig.inversorglobal.com
2 googleads4.g.doubleclick.net www.mdzol.com
2 lenovo.7eer.net 1 redirects as.ad4m.at
2 as.ad4m.at ad4m.at
as.ad4m.at
2 www.awin1.com 2 redirects
2 sync.teads.tv googleads.g.doubleclick.net
2 5994599.fls.doubleclick.net 1 redirects www.mdzol.com
2 adservice.google.de securepubads.g.doubleclick.net
2 www.facebook.com www.mdzol.com
connect.facebook.net
2 3p.ampproject.net cdn.ampproject.org
d-13005548613403204316.ampproject.net
2 d-13005548613403204316.ampproject.net cdn.ampproject.org
2 www.google-analytics.com www.mdzol.com
www.google-analytics.com
2 connect.facebook.net www.mdzol.com
connect.facebook.net
2 ajax.googleapis.com www.mdzol.com
2 mdzol.com 2 redirects
1 ade.googlesyndication.com
1 csi.gstatic.com securepubads.g.doubleclick.net
1 encrypted-tbn1.gstatic.com 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
1 ads.yahoo.com googleads.g.doubleclick.net
1 m.exactag.com www.mdzol.com
1 www.ojrq.net 1 redirects
1 assets.ad4m.at as.ad4m.at
1 asset.conrad.com ad12.ad-srv.net
1 www.conrad.de ad12.ad-srv.net
1 choices.truste.com 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
1 de1-bid.adsrvr.org 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
1 ad.ad-srv.net www.mdzol.com
1 cdn.contentspread.net hal90006.redintelligence.net
1 hal9000.redintelligence.net 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
1 bid.g.doubleclick.net imasdk.googleapis.com
1 pubads.g.doubleclick.net imasdk.googleapis.com
1 www.google.de www.mdzol.com
1 www.inversorglobal.com 1 redirects
1 stats.g.doubleclick.net www.google-analytics.com
1 static.cloudflareinsights.com www.mdzol.com
398 64
Subject Issuer Validity Valid
mdzol.com
Cloudflare Inc ECC CA-3		 2021-06-08 -
2022-06-07		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-11 -
2022-06-10		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-05-26 -
2021-08-24		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
www.google.de
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
redintelligence.net
R3		 2021-06-21 -
2021-09-19		 3 months crt.sh
contentspread.net
R3		 2021-06-04 -
2021-09-02		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
teads.tv
R3		 2021-06-14 -
2021-09-12		 3 months crt.sh
ad-srv.net
R3		 2021-06-21 -
2021-09-19		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.truste.com
Amazon		 2021-02-16 -
2022-03-17		 a year crt.sh
www.conrad.de
Cloudflare Inc ECC CA-3		 2021-05-17 -
2022-05-16		 a year crt.sh
asset.conrad.com
GeoTrust RSA CA 2018		 2020-06-19 -
2021-08-20		 a year crt.sh
*.7eer.net
Sectigo RSA Domain Validation Secure Server CA		 2021-01-07 -
2022-02-07		 a year crt.sh
*.exactag.com
Sectigo ECC Domain Validation Secure Server CA		 2019-08-28 -
2021-09-13		 2 years crt.sh
*.trustarc.com
Go Daddy Secure Certificate Authority - G2		 2020-05-21 -
2022-07-17		 2 years crt.sh
*.search.spotxchange.com
GeoTrust RSA CA 2018		 2021-04-08 -
2022-05-09		 a year crt.sh
*.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-07-08 -
2021-08-25		 2 months crt.sh

This page contains 37 frames:

Primary Page: https://www.mdzol.com/
Frame ID: AA17051323213BBB40BDB8678DB89661
Requests: 119 HTTP requests in this frame

Frame: https://staticsig.inversorglobal.com/cotizaciones.php
Frame ID: 60465C52E44EC572ACAE850586941BE6
Requests: 3 HTTP requests in this frame

Frame: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E667FFE6C4837AC5C01AC3C08DADD9E7
Requests: 1 HTTP requests in this frame

Frame: https://d-13005548613403204316.ampproject.net/2107092322000/frame.html
Frame ID: 4C56800E2A274919FA34903F3EAD1872
Requests: 7 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.472.0_es.html
Frame ID: CB880E317F2115D7F18FC34C2C8C2559
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 5108B5E60192CE1A0139E8DC08C2893F
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/032107200040000/amp4ads-v0.mjs
Frame ID: A3D4FC4016753993476AFD059DB6A7E2
Requests: 16 HTTP requests in this frame

Frame: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3CC0B58E4C17993634B540AD182B5D85
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 140CE7E5C8427F06C0B3593205C98713
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 16585B18A99BBC791B7E9BB9A6D4ADD1
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs
Frame ID: 84564F50BDB79456EE55653538C1D604
Requests: 17 HTTP requests in this frame

Frame: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CD54B2E419ED197EF00822637C23BF39
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYr8jFlQEwAQ&v=APEucNUT5GY6oT_2uLE-uXUPmM16g3MBi1Hhc4z5JJ5x84IJOk7CyF2h2jXjgyw7ecvcFcKQXda_Xyfs-PirxkRknkRsMRL7cRVekuyh4kEraL8LbZcaXXUKJi0zUuMgeo2_gqhLDe-6tbp6zzhEN-9vBu8eR8FyR-6D3PkH0cfGSHOhT8SnQ7c
Frame ID: 3BEF77010805DF76545883831DD99E86
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E6C9BDFA0CA69F84168A29B6805BB771
Requests: 3 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=COPqrJOg_fECFZaL_QcdKvQKyg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1972549206669.7136
Frame ID: 76E3DFFF303D50095DA0E1580123E750
Requests: 2 HTTP requests in this frame

Frame: https://hal90006.redintelligence.net/request_content.php?s=72095600013656700710624011666006&a=759e0b7b
Frame ID: D19ADDE07C200C81068A61ED43021538
Requests: 4 HTTP requests in this frame

Frame: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 23E2792C6C1EB8FC4762DE7C2B79A5AE
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCS6EoYnM2MbDAB&v=APEucNVGHC70dKP8BOaaoQlPfdN7UtExgPuUSkZ8WwCeBNJgUZhHXzgn1vmsH6OMT_i6KTZOQBKpD1LTckBpTm8LBAIB6LxVopQuhkXq3KavFkRef-Eq4An2KD6K0v2cA8YSXiEKOZ6McJ-yc1MOv2oouk2RSbzQKRSFoczBz7GvE8PwVnfkhEY
Frame ID: 811828ECC7BFC6766B78FCB758CD6837
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7514D2B55C0881EE8225766BC2E7B352
Requests: 3 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 61F7E64DC21D6B3F8A9AFD9D86A25F04
Requests: 1 HTTP requests in this frame

Frame: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8F57E3F012C0301498616FE92BF717EE
Requests: 16 HTTP requests in this frame

Frame: https://www.conrad.de/ztpv.php?awc=11354_473322_1627182760_2c004fe1-ecf6-11eb-ad65-692d0665ba09&insert=AW
Frame ID: C6BA181141A6DC5E4EDE7F68DB0B03D3
Requests: 1 HTTP requests in this frame

Frame: https://ad12.ad-srv.net/request_content.php?s=86908700010503901199115011666012&a=1124f00a
Frame ID: 6A196407BA4C4994F1C71BF1E31AB575
Requests: 3 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=24412&b=Yxqtrfz14YfpepuVHpC3HQtQVkUZt1Tmb&f=q4gUmfBDeXt797fZH3C1HRCQVEUztgTZR&c=300&d=250&e=&g=12cd6f19de7f24519932f53ae0ce639a%2F11123255538266358272&i=20148&j=20&k=0&l=0&m=0&n=&p=&q=&o=dbmRTXL&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC3bs8qNb8YML4Csi73gPKhr8gorGO3WLDo6HD1AzwLhABIIjopn1glQLIAQmpAjXhxKEswLM-qAMBqgTnAU_Qrt4ayuXCM9tN7d9avqDy-Y1ssQi6pyymveBvk1MGLHRcb_sWT8cdm-cSOJzOM9BdEidjQQe2JNPWwvFRidNyLyu38WJjjsUIsci-LZGOXZ5Kve1UtNOxFqHpQSH_Kb7TqMlvnFqsXVdwZVcy93nfyh5ZaD-p3Iw2ce4g5eRDe2mvKAEc1GLDkrTHnSAazYs_tlsFTnthz98-YXfOg8eCe5TOkF4Jp2C1MF7JC9XD4z7T75dlwfKF-zYgiW1lpc8wrbK0NfU0wELxzurNTGm-mUJ2e0yMFzUQX8uu_2wu3aPk9LzycsAE_9eFyqED4AQDkAYBoAZNgAfqwcFeqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIjhgBAQARgdgAoDmAsByAsBgAwBsBOin9MG0BMA2BMD2BQB0BUBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAASFeRo-Z3KEn_i9pRIP7LCLfaqCAQKXw%2526sig%253DAOD64_1QHSycN411sAObJsNXLjO3qejwSw%2526client%253Dca-pub-2590451264042842%2526dbm_c%253DAKAmf-DFkyZY5UcN2IaFEY0gzqgNq1gfEjHwnkvUh9wcLsFDGmTGWUV2CjcFeCu-2TPqOn1uGXfMymnFJ0D1GN4_S_8DkQHknxFOIdasM9rrpBxGSn5PKDlJ2wLRQ6SuWUnbtr67V576GgXIcbKTo7Cti_1CIM6BWQ%2526cry%253D1%2526dbm_d%253DAKAmf-Bx5eF16Mo-FK3MnHpM-z9E_HqUpO79siM_1j01naJr1CjBs7PX2RVk--t6A0IpZGQQNK-zttzKe-abxwbLvrbxZE5M0e0DX7RBVhpAIIRe4MaicPJYOFDAu7VA-qEccIGKvsL02TZv4EfVute07NmAzfKjHLb1kuTCHmZFcrymcHa-k6m7hZZ1z9D14L9CtRscCi2uoLvso8g7keaFq3zMfojd6VBRw_8MKd3s3LMkTovN_E9cpnRqmi2ycbnjP_5llVSVCbXKMFFqLJfIgUjptsatzNKkRUFaTOzzKD15_x8-F5SZeWMQlY-t-nysLzLCmZUG4e4VfdrQz8ZB0bfSBICJ8TeAx5dRFTUbwLgxnjjL6370BnMAFZTvEJtr9RZpG4dqznh2_hk8Ck969V6SEREglkKAmHPFA1A9a2vicK_yrDzB1ecfblii9E6TIO_6EUKV%2526adurl%253D&y=0&z=0
Frame ID: 9B8B3EC820680464223DC5907DEF9D96
Requests: 4 HTTP requests in this frame

Frame: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 10F69BA9F3B70137E4BE469147E58D15
Requests: 15 HTTP requests in this frame

Frame: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EA224EBFF9B2EEEF26C148B1BAD7FCA1
Requests: 16 HTTP requests in this frame

Frame: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 689B4D62FB757FD5019FD565D2CC555D
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/962118667511754641/sixt_retargeting_970x250_orange_V2_de.html
Frame ID: 945C0B6EA08B1436B7C9D2FDF9B09A0B
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: A788F8C6B8C8320E0773B82C627272AE
Requests: 2 HTTP requests in this frame

Frame: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0DFB76BE2788C5C59B6EF4637B86C9E8
Requests: 15 HTTP requests in this frame

Frame: https://choices.trustarc.com/get?name=admarker-icon-tr.png
Frame ID: 0FFDEB1D649A7FDC742DCE6980B3517C
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CISOChD9gyMYx7yTcDAB&v=APEucNVrRZyBXsGiGl3LhKOtLN-xZ_urW9999FC0UHFPaiBnlp4YKVdcjH8ta_r5dQMka2633-rUgTV5dKsSlMBZUK2sgFyfTmjqeSIqka3gF0BRANNJhPpJfgH_3pFgQ-I4vTHL5lipQKPzHrZDwfHsZe98RGIfvE7JxhDd3WdViAHu_hK_iak
Frame ID: D019AF1861C238F5683E6A718F7B6221
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C35A5F7FE731FD8B25986A18FBF25A7B
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/index.html?e=69&leftOffset=0&topOffset=0&c=LwDo9otTol&t=1&renderingType=2
Frame ID: 8116EAD59F13A9163C4BAF58D61ADAC0
Requests: 29 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs
Frame ID: 4F4E218265D949FF4D672454FDCF6C6F
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/022107130206000/amp4ads-v0.mjs
Frame ID: 6622CA37E369ED1EAA713936CA3FC5CB
Requests: 14 HTTP requests in this frame

Frame: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 40254D61290348A048C20689A3539652
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://mdzol.com/ HTTP 301
    https://mdzol.com/ HTTP 301
    https://www.mdzol.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

398
Requests

99 %
HTTPS

62 %
IPv6

36
Domains

64
Subdomains

65
IPs

5
Countries

5089 kB
Transfer

11428 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://mdzol.com/ HTTP 301
    https://mdzol.com/ HTTP 301
    https://www.mdzol.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 75
  • https://www.inversorglobal.com/cotizaciones/ HTTP 301
  • https://staticsig.inversorglobal.com/cotizaciones.php
Request Chain 157
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnz8L0mAEQwAIYwAIyCKmt_0JLcgDt HTTP 301
  • https://tpc.googlesyndication.com/simgad/10961211485099542529
Request Chain 194
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENqLQS9xtxf1Wyf-r9Mrsyw&google_cver=1
Request Chain 195
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YPzWqAhgiTCBt6UlOit5BwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENqLQS9xtxf1Wyf-r9Mrsyw&google_cver=1
Request Chain 196
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEI1fXukSmICFxzhTEnMsWos&google_cver=1
Request Chain 197
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODU1MjAxMTk2MDEwNDA0NDg1
Request Chain 202
  • https://hal90006.redintelligence.net/request.php?zone=ma1tq3l10cm4&nw=20&renderingType=javascript&namespace=0fa3917288&subid=&uid=f9cbecf22fcca36c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6wL1p9b8YI_1M6yYrASjq7SYCrXN-YNXnN-5q-UM8C4QASCI6KZ9YJUCyAEJqQI14cShLMCzPqgDAaoE5wFP0MsAlhidRE2u5fDEDuYwYdSS4gOaV_tH1VTDkSwz4JK5Pv8KtW-fm10PLWCNZ0FOAQYdDz1wqf0viQUZ_Nn56ANvMTHAWvZvIKqHLTikY_llWcZE6ONn2lbTU_GtE1f0YrhSA_HkN-FKgz8Ngbaot2Fnpb7WbSK-ayYBvjv5cuiGerQ1_N_U9CAUS29Qo27nK_O-iLOdJcis7tJQGX32A9IaObppoe1bvrESwMQPHeJrsq5zaTzYp0QDkyUN4GPXrexo1PjO98ffVcQfXmCF5Q_rPg4651vm2Vd1ySJP1R0N3Lwz_rnABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoHnnX03zwNQlbwNK7E4-XwYUzDg%26sig%3DAOD64_0ObkVP4eAEEoZlZaqGnuO-dOgPlw%26client%3Dca-pub-2590451264042842%26dbm_c%3DAKAmf-DiGZG7NEsQddgKMiM6BXRxuJL8Kx1qDlxWSfM-BEUxDibjHbEsxa9CUtqYHpXepacPbr0XB7pKw5mIAlSVbnBKbEvKI1-rtZxbpRbvuuplCXkgl7lmAswdACYqPwUXOxUSUz75p1rZRrMtSnaLf748LlYnkw%26cry%3D1%26dbm_d%3DAKAmf-BMIWbNWdMeq7rD86zzorF-UCFU4Oy7kkdu8XGOADgYAwhF4v_qrx4PX4U-B9swy7zDrUfKHQXzsf0yUDLhElOKhCJeFEgCU4axDrzNMgHsbX0ZieyuHVXMTfvsXjFZHenrqQAjYHn23gdIUubAWDetl3CL4LViS8MRgnoPG8kmAKQQZ41O9-eDl9sJ6P8SpEKDWq8Z4SE3uJDQLx3ggLxoqb0CHy2IV_V_meYKRfI6VnBHcGXRp3aFq09v1IuyH0800BKi6eLUovItJ_7MfzNN2B941IATS3i91ZRg6qeIVwJCCOsJzA8mylxoLyXvQoWmJAraehjEy_EDeiCFCUK3h3oY_oH733zOuJkadrBNobP59TJyYS40TG5oUU8ylmAc1u2RS0IqeBDTC-04d1N-QD-WLNgnYixNSJnd9ju8bozx6kE_ty9kZcOuNcElQYraewwF%26adurl%3D&documentReferer=https%3A%2F%2Fwww.mdzol.com%2F&ancestorOrigins=https%3A%2F%2Fwww.mdzol.com&random=7075131018059&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal90006.redintelligence.net/request.php?zone=ma1tq3l10cm4&nw=20&renderingType=javascript&namespace=0fa3917288&subid=&uid=f9cbecf22fcca36c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6wL1p9b8YI_1M6yYrASjq7SYCrXN-YNXnN-5q-UM8C4QASCI6KZ9YJUCyAEJqQI14cShLMCzPqgDAaoE5wFP0MsAlhidRE2u5fDEDuYwYdSS4gOaV_tH1VTDkSwz4JK5Pv8KtW-fm10PLWCNZ0FOAQYdDz1wqf0viQUZ_Nn56ANvMTHAWvZvIKqHLTikY_llWcZE6ONn2lbTU_GtE1f0YrhSA_HkN-FKgz8Ngbaot2Fnpb7WbSK-ayYBvjv5cuiGerQ1_N_U9CAUS29Qo27nK_O-iLOdJcis7tJQGX32A9IaObppoe1bvrESwMQPHeJrsq5zaTzYp0QDkyUN4GPXrexo1PjO98ffVcQfXmCF5Q_rPg4651vm2Vd1ySJP1R0N3Lwz_rnABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoHnnX03zwNQlbwNK7E4-XwYUzDg%26sig%3DAOD64_0ObkVP4eAEEoZlZaqGnuO-dOgPlw%26client%3Dca-pub-2590451264042842%26dbm_c%3DAKAmf-DiGZG7NEsQddgKMiM6BXRxuJL8Kx1qDlxWSfM-BEUxDibjHbEsxa9CUtqYHpXepacPbr0XB7pKw5mIAlSVbnBKbEvKI1-rtZxbpRbvuuplCXkgl7lmAswdACYqPwUXOxUSUz75p1rZRrMtSnaLf748LlYnkw%26cry%3D1%26dbm_d%3DAKAmf-BMIWbNWdMeq7rD86zzorF-UCFU4Oy7kkdu8XGOADgYAwhF4v_qrx4PX4U-B9swy7zDrUfKHQXzsf0yUDLhElOKhCJeFEgCU4axDrzNMgHsbX0ZieyuHVXMTfvsXjFZHenrqQAjYHn23gdIUubAWDetl3CL4LViS8MRgnoPG8kmAKQQZ41O9-eDl9sJ6P8SpEKDWq8Z4SE3uJDQLx3ggLxoqb0CHy2IV_V_meYKRfI6VnBHcGXRp3aFq09v1IuyH0800BKi6eLUovItJ_7MfzNN2B941IATS3i91ZRg6qeIVwJCCOsJzA8mylxoLyXvQoWmJAraehjEy_EDeiCFCUK3h3oY_oH733zOuJkadrBNobP59TJyYS40TG5oUU8ylmAc1u2RS0IqeBDTC-04d1N-QD-WLNgnYixNSJnd9ju8bozx6kE_ty9kZcOuNcElQYraewwF%26adurl%3D&documentReferer=https%3A%2F%2Fwww.mdzol.com%2F&ancestorOrigins=https%3A%2F%2Fwww.mdzol.com&random=7075131018059&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 204
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1972549206669.7136 HTTP 302
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=COPqrJOg_fECFZaL_QcdKvQKyg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1972549206669.7136
Request Chain 221
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKU0ZhU_W0XWSq1dQltBKjY&google_cver=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEKU0ZhU_W0XWSq1dQltBKjY&google_cver=1
Request Chain 222
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MmQ2ZDcwMjgtMmYwMC0yNTFiLWUyODUtM2ZlYzI4NDgwNTAy
Request Chain 223
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEN0JfC3M9gArCcuP6X2Dhw0&google_cver=1
Request Chain 242
  • https://ad12.ad-srv.net/request.php?zone=dgeex1zreb35&nw=11&renderingType=javascript&namespace=bc2ea4afdb&subid=&uid=7197bc1c3874ce42&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=http%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3Dd3a84d8c-0f53-4daf-9082-341ff5a895fa%26ag%3Dgys06nz%26sfe%3D133456a8%26sig%3DtEfgTh2Pl1SCdBLdI0thyKo88zEToCm69nlYJm0gPBA.%26crid%3Dw7thc0cp%26cf%3D1041558%26fq%3D0%26t%3D1%26td_s%3Dwww.mdzol.com%26rcats%3D%26mcat%3D%26mste%3D%26mfld%3D3%26mssi%3DNone%26mfsi%3D1wi5owhg7w%26sv%3Dgoogle%26uhow%3D5%26agsa%3D%26wp%3DYPzWqAAHp3kKd7xaAAE61ArxJSGJUeh7AK-nYg%26rgco%3DGermany%26rgre%3D%26rgme%3D%26rgci%3D%26rgz%3D%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3Dpub-2590451264042842%26rlangs%3Des%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DOAFQAXgAgAEAiAEBkAEA%26dur%3D%26durs%3DUJSBm-%26crrelr%3D%26npt%3D1%26svscid%3Dpub-2590451264042842%26mdl%3DChrome%2520-%2520Windows%26pcm%3D1%26said%3DYPzWqAAIS38Hg4BtyABpKg%253D%253D%26auct%3D1%26grdc%3DCAEYASABKAFAAUgC%26r%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC6XKzqNb8YPnOHtr43gPU9YSYCN2V5bdc9v6PjlfAjbcBEAEgAGCVAoIBF2NhLXB1Yi0yNTkwNDUxMjY0MDQyODQyoAHahvPoA8gBCeACAKgDAaoE9QFP0Lek2ptWuni1EhLW9i0KoSEwQ8-fkoloFMQwx-lA-0xt55t-UwGj6Pwv6ek8lDT1MZK8abwLT2VhXyY5QBZ6zH3xcL80-Mf11vouQ3BERu8gfdLkhEV2HutQPf3Yd98XObX0CtbD7xop1sjtejmeuUfFsU0dTd_OMSoegH5TtjapOgQgyDYHSnNP8edzpSk7amu92IFt_fZawdNMmlPUgZZ35a3_UsGZJkZko1gx9IstFU484vIh2RS6R2AooDDNmRAQOSFNxQRkQAKEG3THJ2hf280bkdTI7Z72ok8U_gg6er9KeY512y96SuIEi0Z2vF0HuOAEAYAGiuyxp9booeauAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0WVXMHi2yLZZPP0E9x6VTl8qmpHg%2526client%253Dca-pub-2590451264042842%2526adurl%253D&documentReferer=https%3A%2F%2Fwww.mdzol.com%2F&ancestorOrigins=https%3A%2F%2Fwww.mdzol.com&random=1631355591609&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://ad12.ad-srv.net/request.php?zone=dgeex1zreb35&nw=11&renderingType=javascript&namespace=bc2ea4afdb&subid=&uid=7197bc1c3874ce42&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=http%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3Dd3a84d8c-0f53-4daf-9082-341ff5a895fa%26ag%3Dgys06nz%26sfe%3D133456a8%26sig%3DtEfgTh2Pl1SCdBLdI0thyKo88zEToCm69nlYJm0gPBA.%26crid%3Dw7thc0cp%26cf%3D1041558%26fq%3D0%26t%3D1%26td_s%3Dwww.mdzol.com%26rcats%3D%26mcat%3D%26mste%3D%26mfld%3D3%26mssi%3DNone%26mfsi%3D1wi5owhg7w%26sv%3Dgoogle%26uhow%3D5%26agsa%3D%26wp%3DYPzWqAAHp3kKd7xaAAE61ArxJSGJUeh7AK-nYg%26rgco%3DGermany%26rgre%3D%26rgme%3D%26rgci%3D%26rgz%3D%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3Dpub-2590451264042842%26rlangs%3Des%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DOAFQAXgAgAEAiAEBkAEA%26dur%3D%26durs%3DUJSBm-%26crrelr%3D%26npt%3D1%26svscid%3Dpub-2590451264042842%26mdl%3DChrome%2520-%2520Windows%26pcm%3D1%26said%3DYPzWqAAIS38Hg4BtyABpKg%253D%253D%26auct%3D1%26grdc%3DCAEYASABKAFAAUgC%26r%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC6XKzqNb8YPnOHtr43gPU9YSYCN2V5bdc9v6PjlfAjbcBEAEgAGCVAoIBF2NhLXB1Yi0yNTkwNDUxMjY0MDQyODQyoAHahvPoA8gBCeACAKgDAaoE9QFP0Lek2ptWuni1EhLW9i0KoSEwQ8-fkoloFMQwx-lA-0xt55t-UwGj6Pwv6ek8lDT1MZK8abwLT2VhXyY5QBZ6zH3xcL80-Mf11vouQ3BERu8gfdLkhEV2HutQPf3Yd98XObX0CtbD7xop1sjtejmeuUfFsU0dTd_OMSoegH5TtjapOgQgyDYHSnNP8edzpSk7amu92IFt_fZawdNMmlPUgZZ35a3_UsGZJkZko1gx9IstFU484vIh2RS6R2AooDDNmRAQOSFNxQRkQAKEG3THJ2hf280bkdTI7Z72ok8U_gg6er9KeY512y96SuIEi0Z2vF0HuOAEAYAGiuyxp9booeauAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0WVXMHi2yLZZPP0E9x6VTl8qmpHg%2526client%253Dca-pub-2590451264042842%2526adurl%253D&documentReferer=https%3A%2F%2Fwww.mdzol.com%2F&ancestorOrigins=https%3A%2F%2Fwww.mdzol.com&random=1631355591609&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 245
  • https://www.awin1.com/cshow.php?s=2470208&v=11354&q=371931&r=473322&pv=1&viewref=86908700010503901199115011666012 HTTP 302
  • https://www.conrad.de/ztpv.php?awc=11354_473322_1627182760_2c004fe1-ecf6-11eb-ad65-692d0665ba09&insert=AW
Request Chain 248
  • https://www.awin1.com/cshow.php?s=2470210&v=11354&q=371931&r=473322&pref1=86908700010503901199115011666012 HTTP 302
  • https://asset.conrad.com/media10/isa/160267/c1/-/de/summer_728x90?format=gif
Request Chain 253
  • https://lenovo.7eer.net/i/1197007/815244/3786?subId1=oneidYxqtrfz14YfpepuVHpC3HQtQVkUZt1Tmboneid__dbmRTXL&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.ojrq.net/p/?return=https%3A%2F%2Flenovo.7eer.net%2Fi%2F1197007%2F815244%2F3786%3FsubId1%3DoneidYxqtrfz14YfpepuVHpC3HQtQVkUZt1Tmboneid__dbmRTXL%26gdpr_consent%3D%26gdpr%3D0%26gdpr_pd%3D0%26level%3D1&cid=3786&tpsync=no HTTP 302
  • https://lenovo.7eer.net/i/1197007/815244/3786?subId1=oneidYxqtrfz14YfpepuVHpC3HQtQVkUZt1Tmboneid__dbmRTXL&gdpr_consent=&gdpr=0&gdpr_pd=0&level=1&brwsr=2c0cfae5-ecf6-11eb-8ab4-e92270992e00&brwsrsig=0NXSNB3O8yS028synyVSLxOL0UZRQL
Request Chain 267
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDbocXZrQEQ0A8Y9AMyCDwOf0coj-Bs HTTP 301
  • https://tpc.googlesyndication.com/simgad/9024987478588063079
Request Chain 283
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCn1pGUrQEQjgkYpAIyCMGzc6O6_O1y HTTP 301
  • https://tpc.googlesyndication.com/simgad/6589101311599443551
Request Chain 305
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 317
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEBSOnEfrkS3vitPDYjwqj-4&google_cver=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEBSOnEfrkS3vitPDYjwqj-4&google_cver=1&__user_check__=1&sync_id=2cc43b3a-ecf6-11eb-8660-129210fe0306
Request Chain 318
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=2cc301de-ecf6-11eb-810a-1a7cb9e30106 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MmNjMzAxOGItZWNmNi0xMWViLTgxMGEtMWE3Y2I5ZTMwMTA2
Request Chain 367
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 384
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 402
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnz8L0mAEQwAIYwAIyCKmt_0JLcgDt HTTP 301
  • https://tpc.googlesyndication.com/simgad/10961211485099542529

398 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.mdzol.com/
Redirect Chain
  • http://mdzol.com/
  • https://mdzol.com/
  • https://www.mdzol.com/
225 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.mdzol.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3da3fcb8ef7dd2f5111a889bf8d900aa62c1259b9815cfe05822154289eec355

Request headers

:method
GET
:authority
www.mdzol.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:37 GMT
content-type
text/html
cache-control
public,max-age=0
expires
Sun, 25 Jul 2021 03:08:35 GMT
vary
Accept-Encoding
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
67423524e9154e07-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date
Sun, 25 Jul 2021 03:12:36 GMT
content-type
text/html; charset=UTF-8
location
https://www.mdzol.com/
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
67423524384a4e07-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.3/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.3/jquery.min.js
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69a3831c082fc105b56c53865cc797fa90b83d920fb2f9f6875b00ad83a18174
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Jul 2021 16:12:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
471627
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33991
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Jul 2022 16:12:10 GMT
start.css
www.mdzol.com/a/plantillas/p/mdz/css/ 		47 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mdzol.com/a/plantillas/p/mdz/css/start.css?cA_22972
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
940b6a1efbac7b1076b981e30fe0ab20d3bb1453e30222f919ec379fa23fb796

Request headers

:path
/a/plantillas/p/mdz/css/start.css?cA_22972
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.mdzol.com
referer
https://www.mdzol.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:37 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 05 Dec 2019 13:25:46 GMT
server
cloudflare
age
1429407
etag
W/"4f9b9806fabd51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public,stale-if-error=86400,max-age=31536000
cf-polished
origSize=61248
cf-ray
6742352cca0d536a-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-bgj
minify
end.css
www.mdzol.com/a/plantillas/p/mdz/css/ 		152 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.mdzol.com/a/plantillas/p/mdz/css/end.css?cA_22972
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
600bb9fa592c1c5945892bfb7fe9c01e26f889f7fe9bab409fea6884ff2c3486

Request headers

:path
/a/plantillas/p/mdz/css/end.css?cA_22972
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.mdzol.com
referer
https://www.mdzol.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:37 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 28 May 2021 10:35:24 GMT
server
cloudflare
age
1429407
etag
W/"cb121a2bad53d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public,stale-if-error=86400,max-age=31536000
cf-polished
origSize=170483
cf-ray
6742352cca0f536a-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-bgj
minify
variosmdz.js
www.mdzol.com/a/plantillas/js/ 		315 B
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mdzol.com/a/plantillas/js/variosmdz.js?id=cA_22972
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbd9f14bb70584199ea4367d885c6670ea977c596c4dbfb66a6942b7b7d53e5d

Request headers

:path
/a/plantillas/js/variosmdz.js?id=cA_22972
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.mdzol.com
referer
https://www.mdzol.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:37 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 04 Jan 2020 14:52:04 GMT
server
cloudflare
age
1429889
etag
W/"082c87ec3d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,stale-if-error=86400,max-age=31536000
cf-polished
origSize=354
cf-ray
6742352cca10536a-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-bgj
minify
gpt.js
www.googletagservices.com/tag/js/ 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
43c70c5f3b7a3a6ea577f5c5536a4a515e8723e81e749935e9e8385894256959
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"939 / 810 of 1000 / last-modified: 1627160188"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24037
x-xss-protection
0
expires
Sun, 25 Jul 2021 03:12:37 GMT
logomdz.svg
www.mdzol.com/a/plantillas/p/mdz/imgs/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mdzol.com/a/plantillas/p/mdz/imgs/logomdz.svg?v1
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77a1a956b92bedb582d8194e150fe430a778db2802fb3802659b26c40adfadd9

Request headers

:path
/a/plantillas/p/mdz/imgs/logomdz.svg?v1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.mdzol.com
referer
https://www.mdzol.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:37 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 17 Sep 2019 16:53:36 GMT
server
cloudflare
age
2908707
etag
W/"0a86472786dd51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public,stale-if-error=86400,max-age=31536000
cf-ray
6742352d0a7b536a-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
mdz-radio.jpeg
www.mdzol.com/a/plantillas/p/mdz/imgs/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mdzol.com/a/plantillas/p/mdz/imgs/mdz-radio.jpeg
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed1d262cf5adb6385127f0fd555b2bacf4712fbd627489a62c81ea2d9eed1b75

Request headers

:path
/a/plantillas/p/mdz/imgs/mdz-radio.jpeg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.mdzol.com
referer
https://www.mdzol.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:37 GMT
cf-cache-status
HIT
age
2908707
cf-polished
origSize=3199, status=webp_bigger
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
2848
last-modified
Tue, 17 Sep 2019 16:53:36 GMT
server
cloudflare
etag
"0a86472786dd51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public,stale-if-error=86400,max-age=31536000
accept-ranges
bytes
cf-ray
6742352d0a7c536a-FRA
cf-bgj
imgq:100,h2pri
napsix.jpeg
www.mdzol.com/a/plantillas/p/mdz/imgs/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mdzol.com/a/plantillas/p/mdz/imgs/napsix.jpeg
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff483cf8394f0ec60e70b371399ace7a252839af83b6e26a1cf1b1157af72924

Request headers

:path
/a/plantillas/p/mdz/imgs/napsix.jpeg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.mdzol.com
referer
https://www.mdzol.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:37 GMT
cf-cache-status
HIT
age
2908707
cf-polished
origSize=3189, status=webp_bigger
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
2747
last-modified
Tue, 17 Sep 2019 16:53:36 GMT
server
cloudflare
etag
"0a86472786dd51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public,stale-if-error=86400,max-age=31536000
accept-ranges
bytes
cf-ray
6742352d0a7d536a-FRA
cf-bgj
imgq:100,h2pri
gmg.jpg
www.mdzol.com/a/plantillas/p/mdz/pics/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mdzol.com/a/plantillas/p/mdz/pics/gmg.jpg
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
908c9a15674ab7422a18d0cea98a7c42291d3281fb2a3963c984e177fde2cd31

Request headers

:path
/a/plantillas/p/mdz/pics/gmg.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.mdzol.com
referer
https://www.mdzol.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:37 GMT
cf-cache-status
HIT
age
2908707
cf-polished
origSize=18496, status=webp_bigger
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
5424
last-modified
Tue, 30 Jun 2020 14:53:10 GMT
server
cloudflare
etag
"b88572cee4ed61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public,stale-if-error=86400,max-age=31536000
accept-ranges
bytes
cf-ray
6742352d0a7e536a-FRA
cf-bgj
imgq:100,h2pri
f97x97-962750_964112_4765.jpg
www.mdzol.com/u/fotografias/m/2020/9/25/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mdzol.com/u/fotografias/m/2020/9/25/f97x97-962750_964112_4765.jpg
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0edea0255414148efb1cc9af5e4c70962a865eb8e053e1b173050a5a6fed0e26

Request headers

:path
/u/fotografias/m/2020/9/25/f97x97-962750_964112_4765.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.mdzol.com
referer
https://www.mdzol.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:37 GMT
cf-cache-status
HIT
age
2280
cf-polished
origSize=2568, status=webp_bigger
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
2310
last-modified
Mon, 26 Oct 2020 19:06:47 GMT
server
cloudflare
etag
"563cfa26cbabd61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public,stale-if-error=86400,max-age=31536000
accept-ranges
bytes
cf-ray
6742352d0a7f536a-FRA
cf-bgj
imgq:100,h2pri
f97x97-1086010_1087372_5050.jpg
www.mdzol.com/u/fotografias/m/2021/7/24/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mdzol.com/u/fotografias/m/2021/7/24/f97x97-1086010_1087372_5050.jpg
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b37848499137c91967a323dfb734c9f1d8d3d4b017ba886405f0ca4ae15f6635

Request headers

:path
/u/fotografias/m/2021/7/24/f97x97-1086010_1087372_5050.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.mdzol.com
referer
https://www.mdzol.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:37 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
server
cloudflare
age
2279
cf-polished
origSize=3959, status=webp_bigger
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
no-cache,private
accept-ranges
bytes
cf-ray
6742352d0a82536a-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
3609
expires
Sun, 25 Jul 2021 01:19:31 GMT
f97x97-1029840_1031202_5056.jpg
www.mdzol.com/u/fotografias/m/2021/3/12/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mdzol.com/u/fotografias/m/2021/3/12/f97x97-1029840_1031202_5056.jpg
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da58adb064d7684b1a22c7f1a37b9d16fa291a674a0801fbb918aa6bba24a65a

Request headers

:path
/u/fotografias/m/2021/3/12/f97x97-1029840_1031202_5056.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.mdzol.com
referer
https://www.mdzol.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:37 GMT
cf-cache-status
HIT
age
2280
cf-polished
origSize=5011, status=webp_bigger
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
4503
last-modified
Thu, 13 May 2021 18:46:20 GMT
server
cloudflare
etag
"e989c442848d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public,stale-if-error=86400,max-age=31536000
accept-ranges
bytes
cf-ray
6742352d0a83536a-FRA
cf-bgj
imgq:100,h2pri
f97x97-1071812_1073174_5044.jpeg
www.mdzol.com/u/fotografias/m/2021/6/20/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mdzol.com/u/fotografias/m/2021/6/20/f97x97-1071812_1073174_5044.jpeg
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8babe596e3df81de63b4b74beb1a0b1baf99005b9a06588ad9e713b11487fa15

Request headers

:path
/u/fotografias/m/2021/6/20/f97x97-1071812_1073174_5044.jpeg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.mdzol.com
referer
https://www.mdzol.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:37 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
server
cloudflare
age
2280
cf-polished
origSize=3072, status=webp_bigger
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
no-cache,private
accept-ranges
bytes
cf-ray
6742352d0a84536a-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
2774
expires
Wed, 21 Jul 2021 01:01:00 GMT
autor-108.png
www.mdzol.com/u/aps/noticias/fotografias/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mdzol.com/u/aps/noticias/fotografias/autor-108.png
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
500c46e67d0cc6b3424c494939d1014c338374b7888335af229bf4e05ed95acd

Request headers

:path
/u/aps/noticias/fotografias/autor-108.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.mdzol.com
referer
https://www.mdzol.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:37 GMT
cf-cache-status
HIT
age
737468
cf-polished
origFmt=png, origSize=81688
content-disposition
inline; filename="autor-108.webp"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
44702
last-modified
Wed, 24 Feb 2021 23:52:52 GMT
server
cloudflare
etag
"7bdd9298bd71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
public,stale-if-error=86400,max-age=31536000
accept-ranges
bytes
cf-ray
6742352d0a85536a-FRA
cf-bgj
imgq:100,h2pri
f97x97-980281_981643_5050.jpg
www.mdzol.com/u/fotografias/m/2020/11/12/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mdzol.com/u/fotografias/m/2020/11/12/f97x97-980281_981643_5050.jpg
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87ef2968ed9e28c0a74ea82850515ac4387351b507deb3cc4091599861707af7

Request headers

:path
/u/fotografias/m/2020/11/12/f97x97-980281_981643_5050.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.mdzol.com
referer
https://www.mdzol.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:37 GMT
cf-cache-status
HIT
age
17619
cf-polished
origSize=3218, status=webp_bigger
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
2935
last-modified
Sun, 04 Jul 2021 17:46:33 GMT
server
cloudflare
etag
"597a5c87fc70d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public,stale-if-error=86400,max-age=31536000
accept-ranges
bytes
cf-ray
6742352d0a87536a-FRA
cf-bgj
imgq:100,h2pri
f97x97-1085969_1087331_6139.jpg
www.mdzol.com/u/fotografias/m/2021/7/24/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mdzol.com/u/fotografias/m/2021/7/24/f97x97-1085969_1087331_6139.jpg
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1f3a4ddee0d6d4cbe4e98d95684a7b61562747ee8009c0996a1a09dd0e5c110

Request headers

:path
/u/fotografias/m/2021/7/24/f97x97-1085969_1087331_6139.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.mdzol.com
referer
https://www.mdzol.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:37 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
server
cloudflare
age
19753
cf-polished
origSize=2663, status=webp_bigger
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
no-cache,private
accept-ranges
bytes
cf-ray
6742352d0a88536a-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
2343
expires
Sat, 24 Jul 2021 21:38:30 GMT
v0.js
cdn.ampproject.org/ 		270 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bffdecfcb89b4e0df53beea60d61adeff13cae71cbca25dceb74faf1f9ddd0a2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
71089
x-xss-protection
0
server
sffe
date
Sun, 25 Jul 2021 03:12:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=3000, stale-while-revalidate=1206600
etag
"611587272bb41c8a"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Jul 2021 03:12:37 GMT
amp-ima-video-0.1.js
cdn.ampproject.org/v0/ 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-ima-video-0.1.js
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2197172f2168715cd5bc0aebf55485cc5e6ef993ee6394a494b1b4c3be69d0e1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13191
x-xss-protection
0
server
sffe
date
Sun, 25 Jul 2021 03:12:37 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"794794c644cc3719"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Jul 2021 03:12:37 GMT
f97x97-1085875_1087237_5387.jpg
www.mdzol.com/u/fotografias/m/2021/7/24/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mdzol.com/u/fotografias/m/2021/7/24/f97x97-1085875_1087237_5387.jpg
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a599831402a036dbe178104ad16f5184469bfc7fb25d4f611ddafb651b43dc1

Request headers

:path
/u/fotografias/m/2021/7/24/f97x97-1085875_1087237_5387.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.mdzol.com
referer
https://www.mdzol.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:37 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
server
cloudflare
age
2280
cf-polished
origSize=3206, status=webp_bigger
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
no-cache,private
accept-ranges
bytes
cf-ray
6742352d0a89536a-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
2923
expires
Sun, 25 Jul 2021 01:29:47 GMT
autor-22.png
www.mdzol.com/u/aps/noticias/fotografias/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mdzol.com/u/aps/noticias/fotografias/autor-22.png
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af1b31951e61b0065b656029358c16e900be866e22a08573109b7687708750d1

Request headers

:path
/u/aps/noticias/fotografias/autor-22.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.mdzol.com
referer
https://www.mdzol.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:37 GMT
cf-cache-status
HIT
age
66360
cf-polished
origFmt=png, origSize=84292
content-disposition
inline; filename="autor-22.webp"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
44820
last-modified
Thu, 21 Nov 2019 14:56:48 GMT
server
cloudflare
etag
"a314ace67ba0d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
public,stale-if-error=86400,max-age=31536000
accept-ranges
bytes
cf-ray
6742352d0a8a536a-FRA
cf-bgj
imgq:100,h2pri
f97x97-1085950_1087312_4830.jpg
www.mdzol.com/u/fotografias/m/2021/7/24/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mdzol.com/u/fotografias/m/2021/7/24/f97x97-1085950_1087312_4830.jpg
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
212d57fba34d9277022e5675f1507c45441cacc7d33789be6c04c9fe782d146d

Request headers

:path
/u/fotografias/m/2021/7/24/f97x97-1085950_1087312_4830.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.mdzol.com
referer
https://www.mdzol.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:37 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
server
cloudflare
age
2280
cf-polished
origSize=2255, status=webp_bigger
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
no-cache,private
accept-ranges
bytes
cf-ray
6742352d0a8b536a-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
1973
expires
Sun, 25 Jul 2021 00:29:00 GMT
f97x97-1081044_1082406_5050.jpeg
www.mdzol.com/u/fotografias/m/2021/7/13/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mdzol.com/u/fotografias/m/2021/7/13/f97x97-1081044_1082406_5050.jpeg
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f347a6ec75fc96cb8847a81074c37f27fa9e3600d962404ce874f80166f0b51

Request headers

:path
/u/fotografias/m/2021/7/13/f97x97-1081044_1082406_5050.jpeg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.mdzol.com
referer
https://www.mdzol.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:37 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
server
cloudflare
age
15310
cf-polished
origSize=4192, status=webp_bigger
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
no-cache,private
accept-ranges
bytes
cf-ray
6742352d0a8c536a-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
3790
expires
Tue, 13 Jul 2021 12:19:26 GMT
f97x97-1085982_1087344_4347.jpg
www.mdzol.com/u/fotografias/m/2021/7/24/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mdzol.com/u/fotografias/m/2021/7/24/f97x97-1085982_1087344_4347.jpg
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b33f974f975e54d1a12be33cd5bf74266d69b1274b9d4be98049c1cb8265941

Request headers

:path
/u/fotografias/m/2021/7/24/f97x97-1085982_1087344_4347.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.mdzol.com
referer
https://www.mdzol.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:37 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
server
cloudflare
age
15311
cf-polished
origSize=3545, status=webp_bigger
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
no-cache,private
accept-ranges
bytes
cf-ray
6742352d0a8d536a-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
3203
expires
Sat, 24 Jul 2021 22:50:40 GMT
f97x97-1085946_1087308_6149.jpeg
www.mdzol.com/u/fotografias/m/2021/7/24/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mdzol.com/u/fotografias/m/2021/7/24/f97x97-1085946_1087308_6149.jpeg
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90163eabc62808d2b65007d44bd94f209ee37c2ed0cd7083aefc873c595c3e25

Request headers

:path
/u/fotografias/m/2021/7/24/f97x97-1085946_1087308_6149.jpeg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.mdzol.com
referer
https://www.mdzol.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:37 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
server
cloudflare
age
22206
cf-polished
origSize=3232, status=webp_bigger
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
no-cache,private
accept-ranges
bytes
cf-ray
6742352d0a8e536a-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
2881
expires
Sat, 24 Jul 2021 20:28:55 GMT
f97x97-1083859_1085221_5050.jpg
www.mdzol.com/u/fotografias/m/2021/7/19/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mdzol.com/u/fotografias/m/2021/7/19/f97x97-1083859_1085221_5050.jpg
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3333371be24b10ed2a213fc3a2f63346d5f050ea0c6865be5548d54251377ace

Request headers

:path
/u/fotografias/m/2021/7/19/f97x97-1083859_1085221_5050.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.mdzol.com
referer
https://www.mdzol.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:37 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
server
cloudflare
age
24503
cf-polished
origSize=3218, status=webp_bigger
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
no-cache,private
accept-ranges
bytes
cf-ray
6742352d0a8f536a-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
2916
expires
Tue, 20 Jul 2021 10:31:16 GMT
f356x200-965121_975310_2819.jpg
www.mdzol.com/u/fotografias/m/2020/10/2/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mdzol.com/u/fotografias/m/2020/10/2/f356x200-965121_975310_2819.jpg
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43d1edb4fbc575033c7cbf8d8ded481f574da2c8c1548d35cba86db1706b4ebb

Request headers

:path
/u/fotografias/m/2020/10/2/f356x200-965121_975310_2819.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.mdzol.com
referer
https://www.mdzol.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:37 GMT
cf-cache-status
HIT
age
11516
cf-polished
origSize=20790, status=webp_bigger
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
19453
last-modified
Thu, 01 Apr 2021 16:31:45 GMT
server
cloudflare
etag
"27aa65811427d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public,stale-if-error=86400,max-age=31536000
accept-ranges
bytes
cf-ray
6742352d0a90536a-FRA
cf-bgj
imgq:100,h2pri
f356x200-975776_985965_7452.jpg
www.mdzol.com/u/fotografias/m/2020/10/31/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mdzol.com/u/fotografias/m/2020/10/31/f356x200-975776_985965_7452.jpg
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d97f24e612757fad03449e480b8910ceca1b1e3d27809d965caf57adfd2a2c9

Request headers

:path
/u/fotografias/m/2020/10/31/f356x200-975776_985965_7452.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.mdzol.com
referer
https://www.mdzol.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:37 GMT
cf-cache-status
HIT
age
15310
cf-polished
origSize=13324, status=webp_bigger
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
12731
last-modified
Sat, 31 Oct 2020 16:20:33 GMT
server
cloudflare
etag
"c7d8fdc1a1afd61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public,stale-if-error=86400,max-age=31536000
accept-ranges
bytes
cf-ray
6742352d0a91536a-FRA
cf-bgj
imgq:100,h2pri
autor-121.png
www.mdzol.com/u/aps/noticias/fotografias/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mdzol.com/u/aps/noticias/fotografias/autor-121.png
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08a205d48c6c16c652d3dcc880a5d4888c1414664012cae07a13e749ed76601f

Request headers

:path
/u/aps/noticias/fotografias/autor-121.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.mdzol.com
referer
https://www.mdzol.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:37 GMT
cf-cache-status
HIT
age
36998
cf-polished
origFmt=png, origSize=80311
content-disposition
inline; filename="autor-121.webp"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
44600
last-modified
Fri, 11 Jun 2021 14:49:57 GMT
server
cloudflare
etag
"ff2040cd15ed71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
public,stale-if-error=86400,max-age=31536000
accept-ranges
bytes
cf-ray
6742352d0a92536a-FRA
cf-bgj
imgq:100,h2pri
f356x200-975925_986114_4719.jpg
www.mdzol.com/u/fotografias/m/2020/10/31/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mdzol.com/u/fotografias/m/2020/10/31/f356x200-975925_986114_4719.jpg
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eb5b3768979d3e309a56e268d5f7836bad7deec3ed3743b812fe0a6b2ebcea3

Request headers

:path
/u/fotografias/m/2020/10/31/f356x200-975925_986114_4719.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.mdzol.com
referer
https://www.mdzol.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:37 GMT
cf-cache-status
HIT
age
27929
cf-polished
origSize=11193, status=webp_bigger
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
10644
last-modified
Sun, 01 Nov 2020 18:15:22 GMT
server
cloudflare
etag
"7679a4f67ab0d61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public,stale-if-error=86400,max-age=31536000
accept-ranges
bytes
cf-ray
6742352d0a94536a-FRA
cf-bgj
imgq:100,h2pri
autor-122.png
www.mdzol.com/u/aps/noticias/fotografias/ 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mdzol.com/u/aps/noticias/fotografias/autor-122.png
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eefd5e38ba75af9279acba05c9de9510c605dc5dd5c2313e5d6835350f16cd8

Request headers

:path
/u/aps/noticias/fotografias/autor-122.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.mdzol.com
referer
https://www.mdzol.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:37 GMT
cf-cache-status
HIT
age
36999
cf-polished
origFmt=png, origSize=84742
content-disposition
inline; filename="autor-122.webp"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
44852
last-modified
Fri, 11 Jun 2021 21:52:33 GMT
server
cloudflare
etag
"eba95715c5fd71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
public,stale-if-error=86400,max-age=31536000
accept-ranges
bytes
cf-ray
6742352d0a95536a-FRA
cf-bgj
imgq:100,h2pri
f356x200-1085901_1096090_4928.jpeg
www.mdzol.com/u/fotografias/m/2021/7/24/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mdzol.com/u/fotografias/m/2021/7/24/f356x200-1085901_1096090_4928.jpeg
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7194240894faa25b57748d906c2eb75810640e60b3a398cd0191064b828c1616

Request headers

:path
/u/fotografias/m/2021/7/24/f356x200-1085901_1096090_4928.jpeg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.mdzol.com
referer
https://www.mdzol.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:37 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
server
cloudflare
age
27929
cf-polished
origSize=17908, status=webp_bigger
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
no-cache,private
accept-ranges
bytes
cf-ray
6742352d0a96536a-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
16822
expires
Sat, 24 Jul 2021 18:49:21 GMT
f356x200-1078124_1088313_4455.jpeg
www.mdzol.com/u/fotografias/m/2021/7/5/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mdzol.com/u/fotografias/m/2021/7/5/f356x200-1078124_1088313_4455.jpeg
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2166f5784977dacac50008132b064d2ab35205f3abe4f3b0f2d53516ee1ba53b

Request headers

:path
/u/fotografias/m/2021/7/5/f356x200-1078124_1088313_4455.jpeg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.mdzol.com
referer
https://www.mdzol.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:37 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
server
cloudflare
age
48550
cf-polished
origSize=25305, status=webp_bigger
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
no-cache,private
accept-ranges
bytes
cf-ray
6742352d0a97536a-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
23294
expires
Wed, 21 Jul 2021 18:54:19 GMT
f356x200-1084940_1095129_5050.jpg
www.mdzol.com/u/fotografias/m/2021/7/22/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mdzol.com/u/fotografias/m/2021/7/22/f356x200-1084940_1095129_5050.jpg
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
277e0e5da0df9785d0d1978c41a6b40ddce651f67bbd54d5650c347f267ab0a0

Request headers

:path
/u/fotografias/m/2021/7/22/f356x200-1084940_1095129_5050.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.mdzol.com
referer
https://www.mdzol.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:37 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
server
cloudflare
age
45698
cf-polished
origSize=13993, status=webp_bigger
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
no-cache,private
accept-ranges
bytes
cf-ray
6742352d0a98536a-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
12874
expires
Sat, 24 Jul 2021 13:23:06 GMT
f356x200-1085524_1095713_4925.jpg
www.mdzol.com/u/fotografias/m/2021/7/23/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mdzol.com/u/fotografias/m/2021/7/23/f356x200-1085524_1095713_4925.jpg
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63987d8663c5b621d56ad833f0e4567288f988db62c5a4b2cc79ff7897f3273a

Request headers

:path
/u/fotografias/m/2021/7/23/f356x200-1085524_1095713_4925.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.mdzol.com
referer
https://www.mdzol.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:37 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
server
cloudflare
age
32325
cf-polished
origSize=13347, status=webp_bigger
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
no-cache,private
accept-ranges
bytes
cf-ray
6742352d0a99536a-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
12676
expires
Fri, 23 Jul 2021 21:17:17 GMT
autor-113.png
www.mdzol.com/u/aps/noticias/fotografias/ 		66 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mdzol.com/u/aps/noticias/fotografias/autor-113.png
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4eb285ca31a3d0daeb7148c69fbff3debca2f3f5ab7bc25432e4827215de2e66

Request headers

:path
/u/aps/noticias/fotografias/autor-113.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.mdzol.com
referer
https://www.mdzol.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:37 GMT
cf-cache-status
HIT
age
146261
cf-polished
origFmt=png, origSize=113948
content-disposition
inline; filename="autor-113.webp"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
67778
last-modified
Wed, 07 Apr 2021 11:14:04 GMT
server
cloudflare
etag
"df7f8a1e9f2bd71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
public,stale-if-error=86400,max-age=31536000
accept-ranges
bytes
cf-ray
6742352d0a9b536a-FRA
cf-bgj
imgq:100,h2pri
autor-134.png
www.mdzol.com/u/aps/noticias/fotografias/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mdzol.com/u/aps/noticias/fotografias/autor-134.png
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16fe7e3c96650fa4b8e8da4e93070e1d323afce0bad720938770734eedf442c9

Request headers

:path
/u/aps/noticias/fotografias/autor-134.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.mdzol.com
referer
https://www.mdzol.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:37 GMT
cf-cache-status
HIT
age
51623
cf-polished
origFmt=png, origSize=24717
content-disposition
inline; filename="autor-134.webp"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
12850
last-modified
Tue, 20 Apr 2021 13:07:00 GMT
server
cloudflare
etag
"c8599dce635d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
public,stale-if-error=86400,max-age=31536000
accept-ranges
bytes
cf-ray
6742352d0a9c536a-FRA
cf-bgj
imgq:100,h2pri
autor-133.png
www.mdzol.com/u/aps/noticias/fotografias/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mdzol.com/u/aps/noticias/fotografias/autor-133.png
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16fe7e3c96650fa4b8e8da4e93070e1d323afce0bad720938770734eedf442c9

Request headers

:path
/u/aps/noticias/fotografias/autor-133.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.mdzol.com
referer
https://www.mdzol.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:37 GMT
cf-cache-status
HIT
age
36998
cf-polished
origFmt=png, origSize=24717
content-disposition
inline; filename="autor-133.webp"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
12850
last-modified
Tue, 20 Apr 2021 13:07:00 GMT
server
cloudflare
etag
"c8599dce635d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
public,stale-if-error=86400,max-age=31536000
accept-ranges
bytes
cf-ray
6742352d0a9d536a-FRA
cf-bgj
imgq:100,h2pri
autor-125.png
www.mdzol.com/u/aps/noticias/fotografias/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mdzol.com/u/aps/noticias/fotografias/autor-125.png
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16fe7e3c96650fa4b8e8da4e93070e1d323afce0bad720938770734eedf442c9

Request headers

:path
/u/aps/noticias/fotografias/autor-125.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.mdzol.com
referer
https://www.mdzol.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:37 GMT
cf-cache-status
HIT
age
659933
cf-polished
origFmt=png, origSize=24717
content-disposition
inline; filename="autor-125.webp"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
12850
last-modified
Tue, 20 Apr 2021 13:07:00 GMT
server
cloudflare
etag
"c8599dce635d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
public,stale-if-error=86400,max-age=31536000
accept-ranges
bytes
cf-ray
6742352d0a9e536a-FRA
cf-bgj
imgq:100,h2pri
348.jpg
www.mdzol.com/u/banners/gmg/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mdzol.com/u/banners/gmg/348.jpg
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3774cc25ae0b69f3bb7018432617be6bf74376b3c13b3500fe67ecda62475323

Request headers

:path
/u/banners/gmg/348.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.mdzol.com
referer
https://www.mdzol.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:37 GMT
cf-cache-status
HIT
age
2905323
cf-polished
origSize=21316, status=webp_bigger
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
8974
last-modified
Thu, 04 Jun 2020 12:17:12 GMT
server
cloudflare
etag
"8872f7136a3ad61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public,stale-if-error=86400,max-age=31536000
accept-ranges
bytes
cf-ray
6742352d0aa0536a-FRA
cf-bgj
imgq:100,h2pri
768.jpg
www.mdzol.com/u/banners/gmg/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mdzol.com/u/banners/gmg/768.jpg
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77b4a8683f3383908c69af7c19e1f852303a920f42fac75265d9123b1e520f22

Request headers

:path
/u/banners/gmg/768.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.mdzol.com
referer
https://www.mdzol.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:37 GMT
cf-cache-status
HIT
age
2905323
cf-polished
origSize=23708, status=webp_bigger
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
6471
last-modified
Thu, 04 Jun 2020 12:17:10 GMT
server
cloudflare
etag
"905d5d126a3ad61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public,stale-if-error=86400,max-age=31536000
accept-ranges
bytes
cf-ray
6742352d0aa1536a-FRA
cf-bgj
imgq:100,h2pri
1024.jpg
www.mdzol.com/u/banners/gmg/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mdzol.com/u/banners/gmg/1024.jpg
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a78ae3eee23681542192eacd70236330ed4374400e7a1a92c66419014cf946a

Request headers

:path
/u/banners/gmg/1024.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.mdzol.com
referer
https://www.mdzol.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:37 GMT
cf-cache-status
HIT
age
2905323
cf-polished
origSize=26683, status=webp_bigger
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
9346
last-modified
Thu, 04 Jun 2020 12:17:12 GMT
server
cloudflare
etag
"8ae8af136a3ad61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public,stale-if-error=86400,max-age=31536000
accept-ranges
bytes
cf-ray
6742352d0aa3536a-FRA
cf-bgj
imgq:100,h2pri
1200.jpg
www.mdzol.com/u/banners/gmg/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mdzol.com/u/banners/gmg/1200.jpg
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f0a1047ba4ea8aa5c36d8c3f0e9b085a2e6ab2b1fcb4150cc6718c16eb4d70a

Request headers

:path
/u/banners/gmg/1200.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.mdzol.com
referer
https://www.mdzol.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:37 GMT
cf-cache-status
HIT
age
2905323
cf-polished
origSize=20740, status=webp_bigger
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
8188
last-modified
Thu, 04 Jun 2020 12:17:11 GMT
server
cloudflare
etag
"3eec52136a3ad61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public,stale-if-error=86400,max-age=31536000
accept-ranges
bytes
cf-ray
6742352d0aa4536a-FRA
cf-bgj
imgq:100,h2pri
autor-15.png
www.mdzol.com/u/aps/noticias/fotografias/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mdzol.com/u/aps/noticias/fotografias/autor-15.png
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d25b11dbd5fd6288b437118f6e7c0f170fe8b475c1cfdc41af8ff78190332ab

Request headers

:path
/u/aps/noticias/fotografias/autor-15.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.mdzol.com
referer
https://www.mdzol.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:37 GMT
cf-cache-status
HIT
age
1113556
cf-polished
origFmt=png, origSize=67489
content-disposition
inline; filename="autor-15.webp"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
33760
last-modified
Thu, 21 Nov 2019 14:49:29 GMT
server
cloudflare
etag
"5810c6e07aa0d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
public,stale-if-error=86400,max-age=31536000
accept-ranges
bytes
cf-ray
6742352d0aa6536a-FRA
cf-bgj
imgq:100,h2pri
f386x217-1082891_1094875_5050.jpg
www.mdzol.com/u/fotografias/m/2021/7/17/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mdzol.com/u/fotografias/m/2021/7/17/f386x217-1082891_1094875_5050.jpg
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a949fb3f520a050dc0aa8b88da80bd6bca253a52d05614fc6055666389e491b

Request headers

:path
/u/fotografias/m/2021/7/17/f386x217-1082891_1094875_5050.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.mdzol.com
referer
https://www.mdzol.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:37 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
server
cloudflare
age
651731
cf-polished
origSize=19042, status=webp_bigger
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
no-cache,private
accept-ranges
bytes
cf-ray
6742352d0aa7536a-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
18089
expires
Sat, 17 Jul 2021 14:02:20 GMT
19.png
www.mdzol.com/u/portadas/cabeceras/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mdzol.com/u/portadas/cabeceras/19.png
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6de93ac968047ecaceaa1c413b31ddf90910f208419128a49963630acb1ef858

Request headers

:path
/u/portadas/cabeceras/19.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.mdzol.com
referer
https://www.mdzol.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:37 GMT
cf-cache-status
HIT
age
2669374
cf-polished
origFmt=png, origSize=19684
content-disposition
inline; filename="19.webp"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
2120
last-modified
Mon, 11 Nov 2019 14:15:58 GMT
server
cloudflare
etag
"eae2378a9a98d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
public,stale-if-error=86400,max-age=31536000
accept-ranges
bytes
cf-ray
6742352d0aa8536a-FRA
cf-bgj
imgq:100,h2pri
20.png
www.mdzol.com/u/portadas/cabeceras/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mdzol.com/u/portadas/cabeceras/20.png
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83c0005e3b667c5e449f02973549615995485004dab354a231f54e7ff87ebbd7

Request headers

:path
/u/portadas/cabeceras/20.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.mdzol.com
referer
https://www.mdzol.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:37 GMT
cf-cache-status
HIT
age
813324
cf-polished
origFmt=png, origSize=29469
content-disposition
inline; filename="20.webp"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
7206
last-modified
Mon, 11 Nov 2019 14:15:04 GMT
server
cloudflare
etag
"ca3ff7699a98d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
public,stale-if-error=86400,max-age=31536000
accept-ranges
bytes
cf-ray
6742352d0aa9536a-FRA
cf-bgj
imgq:100,h2pri
23.png
www.mdzol.com/u/portadas/cabeceras/ 		914 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mdzol.com/u/portadas/cabeceras/23.png
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0689243aa4d9f3bac29825ae72d77e55d23bfeb9a5b1542decae480f0f62fe1f

Request headers

:path
/u/portadas/cabeceras/23.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.mdzol.com
referer
https://www.mdzol.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:37 GMT
cf-cache-status
HIT
age
1939735
cf-polished
origFmt=png, origSize=6175
content-disposition
inline; filename="23.webp"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
914
last-modified
Mon, 11 Nov 2019 14:16:43 GMT
server
cloudflare
etag
"42358ca49a98d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
public,stale-if-error=86400,max-age=31536000
accept-ranges
bytes
cf-ray
6742352d0aaa536a-FRA
cf-bgj
imgq:100,h2pri
21.png
www.mdzol.com/u/portadas/cabeceras/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mdzol.com/u/portadas/cabeceras/21.png
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3adc08a17403677336564af378fad63adc1e44f6c7577348229e70c20b818c71

Request headers

:path
/u/portadas/cabeceras/21.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.mdzol.com
referer
https://www.mdzol.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:37 GMT
cf-cache-status
HIT
age
245802
cf-polished
origFmt=png, origSize=8429
content-disposition
inline; filename="21.webp"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
4538
last-modified
Mon, 11 Nov 2019 14:15:43 GMT
server
cloudflare
etag
"ebbd44819a98d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
public,stale-if-error=86400,max-age=31536000
accept-ranges
bytes
cf-ray
6742352d0aab536a-FRA
cf-bgj
imgq:100,h2pri
22.png
www.mdzol.com/u/portadas/cabeceras/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mdzol.com/u/portadas/cabeceras/22.png
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
40b83f2e0a3ed83a553c5da988c4a8d7fa70860eff0847ee3f7eaceda6c87b02

Request headers

:path
/u/portadas/cabeceras/22.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.mdzol.com
referer
https://www.mdzol.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:37 GMT
cf-cache-status
HIT
age
2905323
cf-polished
origFmt=png, origSize=6416
content-disposition
inline; filename="22.webp"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
3198
last-modified
Mon, 11 Nov 2019 14:15:30 GMT
server
cloudflare
etag
"967c63799a98d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
public,stale-if-error=86400,max-age=31536000
accept-ranges
bytes
cf-ray
6742352d0aac536a-FRA
cf-bgj
imgq:100,h2pri
mdz-radio.jpeg
www.mdzol.com/a/plantillas/p/mdz/pics/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mdzol.com/a/plantillas/p/mdz/pics/mdz-radio.jpeg
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed1d262cf5adb6385127f0fd555b2bacf4712fbd627489a62c81ea2d9eed1b75

Request headers

:path
/a/plantillas/p/mdz/pics/mdz-radio.jpeg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.mdzol.com
referer
https://www.mdzol.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:37 GMT
cf-cache-status
HIT
age
2908707
cf-polished
origSize=3199, status=webp_bigger
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
2848
last-modified
Tue, 17 Sep 2019 16:53:36 GMT
server
cloudflare
etag
"0a86472786dd51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public,stale-if-error=86400,max-age=31536000
accept-ranges
bytes
cf-ray
6742352d0aad536a-FRA
cf-bgj
imgq:100,h2pri
napsix.jpeg
www.mdzol.com/a/plantillas/p/mdz/pics/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mdzol.com/a/plantillas/p/mdz/pics/napsix.jpeg
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff483cf8394f0ec60e70b371399ace7a252839af83b6e26a1cf1b1157af72924

Request headers

:path
/a/plantillas/p/mdz/pics/napsix.jpeg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.mdzol.com
referer
https://www.mdzol.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:37 GMT
cf-cache-status
HIT
age
2908707
cf-polished
origSize=3189, status=webp_bigger
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
2747
last-modified
Tue, 17 Sep 2019 16:53:36 GMT
server
cloudflare
etag
"0a86472786dd51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public,stale-if-error=86400,max-age=31536000
accept-ranges
bytes
cf-ray
6742352d0aae536a-FRA
cf-bgj
imgq:100,h2pri
logo-footer.svg
www.mdzol.com/a/plantillas/p/mdz/pics/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mdzol.com/a/plantillas/p/mdz/pics/logo-footer.svg
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
90cecdccf9575dbb07ad70ce29971df83ad49d1b2af9739aef01b5ab721d8370

Request headers

:path
/a/plantillas/p/mdz/pics/logo-footer.svg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.mdzol.com
referer
https://www.mdzol.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:37 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 17 Sep 2019 16:53:38 GMT
server
cloudflare
age
2908707
etag
W/"0d59573786dd51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public,stale-if-error=86400,max-age=31536000
cf-ray
6742352d0aaf536a-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
telemet.script.js
www.mdzol.com/a/plantillas/p/mdz/js/ 		1 KB
959 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mdzol.com/a/plantillas/p/mdz/js/telemet.script.js
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f202225a1657614f1b41888b81aa2102e8b5047f6968ccfcb644dc0c858d0bf

Request headers

:path
/a/plantillas/p/mdz/js/telemet.script.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.mdzol.com
referer
https://www.mdzol.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:37 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 29 Oct 2019 13:06:59 GMT
server
cloudflare
age
2908725
etag
W/"56e6dbf598ed51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,stale-if-error=86400,max-age=31536000
cf-polished
origSize=2491
cf-ray
6742352d0ab0536a-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-bgj
minify
firebase-app.js
www.gstatic.com/firebasejs/5.7.0/ 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/5.7.0/firebase-app.js
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c16b5e0a7baf923398f1a497be1d4cd389abd3352b5e148eaa24354fb6a66a21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Jul 2021 13:29:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
481401
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12419
x-xss-protection
0
last-modified
Fri, 07 Dec 2018 01:03:40 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 19 Jul 2022 13:29:16 GMT
firebase-auth.js
www.gstatic.com/firebasejs/5.7.0/ 		152 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/5.7.0/firebase-auth.js
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d400cf4d7e7083c3553804f6a44149014292d457650f1d2bef299f6f9bbb07b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 11:24:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
402488
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49167
x-xss-protection
0
last-modified
Fri, 07 Dec 2018 01:03:40 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Jul 2022 11:24:29 GMT
firebase-functions.js
www.gstatic.com/firebasejs/5.7.0/ 		7 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/5.7.0/firebase-functions.js
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
69dc3329c00eca4a5e80971ac9eb5d003400597b9568f682c4e1baac5bcb242a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 04:11:43 GMT
vary
Accept-Encoding
last-modified
Fri, 07 Dec 2018 01:03:40 GMT
server
sffe
x-content-type-options
nosniff
age
428454
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7479
x-xss-protection
0
expires
Wed, 20 Jul 2022 04:11:43 GMT
firebase-messaging.js
www.gstatic.com/firebasejs/5.7.0/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/5.7.0/firebase-messaging.js
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55b61bb491d81d60e6c1aa84b59bfc94e96cbbf510138720c2e1536c7ebd1ba8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 04:37:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
426908
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10096
x-xss-protection
0
last-modified
Fri, 07 Dec 2018 01:03:41 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 20 Jul 2022 04:37:29 GMT
home.b6de541692a2f4f36600.js
www.mdzol.com/a/plantillas/p/mdz/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mdzol.com/a/plantillas/p/mdz/js/home.b6de541692a2f4f36600.js
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8bb6bcf03df743bff50abb1fa3deeae4910d4ed5b4168ec3a6722378acf7431

Request headers

:path
/a/plantillas/p/mdz/js/home.b6de541692a2f4f36600.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.mdzol.com
referer
https://www.mdzol.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:37 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 18 Sep 2019 14:51:12 GMT
server
cloudflare
age
2905323
etag
W/"2887883306ed51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,stale-if-error=86400,max-age=31536000
cf-ray
6742352d0a79536a-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-bgj
minify
beacon.min.js
static.cloudflareinsights.com/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:37 GMT
content-encoding
gzip
last-modified
Fri, 28 May 2021 17:24:20 GMT
server
cloudflare
etag
W/"5753bdd2-d310-49fa-bd2b-065a8e512116"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
6742352d2fe3975a-FRA
fbevents.js
connect.facebook.net/en_US/ 		95 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0d17b8a38d3dce6f7357bbc8da105d92c21b6cf1c4b92351ce2b1861b065f2c5
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
24676
x-xss-protection
0
pragma
public
x-fb-debug
aAXqudpb5h6rv1cieP6YSqEXOQxDM6kgOy6OgYJksibAe13EUedL5BxC/prAUbk4/Q6cDmVrwAdBmwV1SHXSKw==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
date
Sun, 25 Jul 2021 03:12:37 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Jun 2021 17:36:57 GMT
server
Golfe2
age
5249
date
Sun, 25 Jul 2021 01:45:08 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19661
expires
Sun, 25 Jul 2021 03:45:08 GMT
lecturas.asp
www.mdzol.com/include/includes/varios/ 		0
420 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.mdzol.com/include/includes/varios/lecturas.asp?docid=0&desde=w&r=&u=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36&a=0&s=0&ur=/&t=0&fn=
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.3/jquery.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/include/includes/varios/lecturas.asp?docid=0&desde=w&r=&u=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/89.0.4389.72%20Safari/537.36&a=0&s=0&ur=/&t=0&fn=
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
www.mdzol.com
x-requested-with
XMLHttpRequest
:scheme
https
sec-fetch-site
same-origin
referer
https://www.mdzol.com/
:method
GET
Accept
*/*
Referer
https://www.mdzol.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Jul 2021 03:12:38 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
text/html; Charset=UTF-8
cache-control
private,Private
set-cookie
E801=E80%2D202172501237%2D460805835%2D637; expires=Mon, 25-Jul-2022 03:00:00 GMT; path=/ ASPSESSIONIDCACABDRT=CAPKKGLBJGNGPMOGFBDFMIAL; path=/
cf-ray
6742352cfa64536a-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
expires
Mon, 25 Jul 2011 03:00:00 GMT
iconos.ttf
www.mdzol.com/a/plantillas/p/mdz/css/fonts/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mdzol.com/a/plantillas/p/mdz/css/fonts/iconos.ttf
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/a/plantillas/p/mdz/css/start.css?cA_22972
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0683e84a63df9c6846a76e74d4369f554600cf9da19031d7351c2e226b6fb18d

Request headers

:path
/a/plantillas/p/mdz/css/fonts/iconos.ttf
pragma
no-cache
origin
https://www.mdzol.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
www.mdzol.com
referer
https://www.mdzol.com/a/plantillas/p/mdz/css/start.css?cA_22972
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://www.mdzol.com
Referer
https://www.mdzol.com/a/plantillas/p/mdz/css/start.css?cA_22972
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:37 GMT
cf-cache-status
HIT
last-modified
Tue, 17 Sep 2019 13:23:48 GMT
server
cloudflare
age
2908725
etag
"d7984235b6dd51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
public,stale-if-error=86400,max-age=31536000
accept-ranges
bytes
cf-ray
6742352d0ab1536a-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
8788
proximanova-regular.woff
www.mdzol.com/a/plantillas/p/mdz/css/fonts/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mdzol.com/a/plantillas/p/mdz/css/fonts/proximanova-regular.woff
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/a/plantillas/p/mdz/css/start.css?cA_22972
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e95ec92b46b9be9c829b2886bdafc6015a2f4bea0ed9dcf643e4bcb2137c332

Request headers

:path
/a/plantillas/p/mdz/css/fonts/proximanova-regular.woff
pragma
no-cache
origin
https://www.mdzol.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
www.mdzol.com
referer
https://www.mdzol.com/a/plantillas/p/mdz/css/start.css?cA_22972
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://www.mdzol.com
Referer
https://www.mdzol.com/a/plantillas/p/mdz/css/start.css?cA_22972
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:37 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 17 Sep 2019 13:26:16 GMT
server
cloudflare
age
2908725
etag
W/"3f61157c5b6dd51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/x-woff
access-control-allow-origin
*
cache-control
public,stale-if-error=86400,max-age=31536000
cf-ray
6742352d0ab2536a-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
proximanova-bold.woff
www.mdzol.com/a/plantillas/p/mdz/css/fonts/ 		26 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mdzol.com/a/plantillas/p/mdz/css/fonts/proximanova-bold.woff
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/a/plantillas/p/mdz/css/start.css?cA_22972
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ee5bb7f5c7d3e8ed3f68976e13779205c288b5f596bd8c2f7d4bd3435a12999

Request headers

:path
/a/plantillas/p/mdz/css/fonts/proximanova-bold.woff
pragma
no-cache
origin
https://www.mdzol.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
www.mdzol.com
referer
https://www.mdzol.com/a/plantillas/p/mdz/css/start.css?cA_22972
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://www.mdzol.com
Referer
https://www.mdzol.com/a/plantillas/p/mdz/css/start.css?cA_22972
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:37 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 17 Sep 2019 13:26:51 GMT
server
cloudflare
age
2908725
etag
W/"66a3a8905b6dd51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/x-woff
access-control-allow-origin
*
cache-control
public,stale-if-error=86400,max-age=31536000
cf-ray
6742352d0ab3536a-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
TiemposHeadlineWeb-Bold.woff
www.mdzol.com/a/plantillas/p/mdz/css/fonts/ 		54 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mdzol.com/a/plantillas/p/mdz/css/fonts/TiemposHeadlineWeb-Bold.woff
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/a/plantillas/p/mdz/css/start.css?cA_22972
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d3ff252082ac311a937540e9e74c401081402a1217d78ed1e73797e15f53dd3

Request headers

:path
/a/plantillas/p/mdz/css/fonts/TiemposHeadlineWeb-Bold.woff
pragma
no-cache
origin
https://www.mdzol.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
www.mdzol.com
referer
https://www.mdzol.com/a/plantillas/p/mdz/css/start.css?cA_22972
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://www.mdzol.com
Referer
https://www.mdzol.com/a/plantillas/p/mdz/css/start.css?cA_22972
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:37 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 17 Sep 2019 13:31:33 GMT
server
cloudflare
age
2908725
etag
W/"b19f2395c6dd51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/x-woff
access-control-allow-origin
*
cache-control
public,stale-if-error=86400,max-age=31536000
cf-ray
6742352d0ab4536a-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
TiemposHeadlineWeb-Regular.woff
www.mdzol.com/a/plantillas/p/mdz/css/fonts/ 		55 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mdzol.com/a/plantillas/p/mdz/css/fonts/TiemposHeadlineWeb-Regular.woff
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/a/plantillas/p/mdz/css/start.css?cA_22972
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e59bfa0880348b10f27aff2806f307c5b7ddf40a72279979b0056b173ba1873

Request headers

:path
/a/plantillas/p/mdz/css/fonts/TiemposHeadlineWeb-Regular.woff
pragma
no-cache
origin
https://www.mdzol.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
www.mdzol.com
referer
https://www.mdzol.com/a/plantillas/p/mdz/css/start.css?cA_22972
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://www.mdzol.com
Referer
https://www.mdzol.com/a/plantillas/p/mdz/css/start.css?cA_22972
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:37 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 17 Sep 2019 13:30:05 GMT
server
cloudflare
age
2908725
etag
W/"e2139545c6dd51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/x-woff
access-control-allow-origin
*
cache-control
public,stale-if-error=86400,max-age=31536000
cf-ray
6742352d0ab6536a-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
bg-coronavirus.jpg
www.mdzol.com/a/plantillas/p/mdz/imgs/ 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mdzol.com/a/plantillas/p/mdz/imgs/bg-coronavirus.jpg
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/a/plantillas/p/mdz/css/end.css?cA_22972
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70d66362ef9dbad3cde72b2fce9afb58261a6c73236bc9a92b7152510879b255

Request headers

:path
/a/plantillas/p/mdz/imgs/bg-coronavirus.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.mdzol.com
referer
https://www.mdzol.com/a/plantillas/p/mdz/css/end.css?cA_22972
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.mdzol.com/a/plantillas/p/mdz/css/end.css?cA_22972
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:37 GMT
cf-cache-status
HIT
age
1939736
cf-polished
origFmt=jpeg, origSize=86250
content-disposition
inline; filename="bg-coronavirus.webp"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
55728
last-modified
Mon, 13 Apr 2020 12:11:49 GMT
server
cloudflare
etag
"1d79a0b58c11d61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
public,stale-if-error=86400,max-age=31536000
accept-ranges
bytes
cf-ray
6742352d4ad7536a-FRA
cf-bgj
imgq:100,h2pri
proximanova-extra-bold.woff
www.mdzol.com/a/plantillas/p/mdz/css/fonts/ 		41 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.mdzol.com/a/plantillas/p/mdz/css/fonts/proximanova-extra-bold.woff
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/a/plantillas/p/mdz/css/start.css?cA_22972
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c37551b16fe3a49b92d7572c0b7bcd7e943a1318ae32ba9d35712359e14bdd2

Request headers

:path
/a/plantillas/p/mdz/css/fonts/proximanova-extra-bold.woff
pragma
no-cache
origin
https://www.mdzol.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
www.mdzol.com
referer
https://www.mdzol.com/a/plantillas/p/mdz/css/start.css?cA_22972
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://www.mdzol.com
Referer
https://www.mdzol.com/a/plantillas/p/mdz/css/start.css?cA_22972
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:37 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 17 Sep 2019 13:27:39 GMT
server
cloudflare
age
2908725
etag
W/"5fa37bad5b6dd51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
font/x-woff
access-control-allow-origin
*
cache-control
public,stale-if-error=86400,max-age=31536000
cf-ray
6742352d5ae6536a-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
chapa-mdzradio_fnd.png
www.mdzol.com/a/plantillas/p/mdz/imgs/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mdzol.com/a/plantillas/p/mdz/imgs/chapa-mdzradio_fnd.png
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/a/plantillas/p/mdz/css/end.css?cA_22972
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
310472726eba9558f3c205e0e90943c9d7e404b4e3e2cc3661d9f49112a72137

Request headers

:path
/a/plantillas/p/mdz/imgs/chapa-mdzradio_fnd.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.mdzol.com
referer
https://www.mdzol.com/a/plantillas/p/mdz/css/end.css?cA_22972
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.mdzol.com/a/plantillas/p/mdz/css/end.css?cA_22972
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:38 GMT
cf-cache-status
HIT
age
2888235
cf-polished
origFmt=png, origSize=7312
content-disposition
inline; filename="chapa-mdzradio_fnd.webp"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
4130
last-modified
Tue, 17 Sep 2019 13:46:12 GMT
server
cloudflare
etag
"17c5fd445e6dd51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
public,stale-if-error=86400,max-age=31536000
accept-ranges
bytes
cf-ray
6742352d7b00536a-FRA
cf-bgj
imgq:100,h2pri
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j91&a=179573679&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mdzol.com%2F&ul=en-us&de=UTF-8&dt=MDZ%20Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=894377022&gjid=653893170&cid=1904766599.1627182758&tid=UA-4899705-6&_gid=747950730.1627182758&_r=1&_slc=1&z=2040838600
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 25 Jul 2021 03:12:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.mdzol.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2021071401.js
securepubads.g.doubleclick.net/gpt/ 		329 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
65506c87a4e71875a107df7ca37f45ccfd40688cf8e01f65c7e71792dbd6818c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 14 Jul 2021 08:38:54 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117283
x-xss-protection
0
expires
Sun, 25 Jul 2021 03:12:38 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		176 B
303 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.mdzol.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
4b8682ff7b92654c85bef498e13e018e47fa27dff707ab2216ae3c0043cd649f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 25 Jul 2021 03:12:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
116
x-xss-protection
0
expires
Sun, 25 Jul 2021 03:12:38 GMT
348054322043240
connect.facebook.net/signals/config/ 		260 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/348054322043240?v=2.9.43&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ead4403643b1b670a82a28523e3b091e3b4d66543507b5b12607c19a045458ea
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
75566
x-xss-protection
0
pragma
public
x-fb-debug
D8Poyzhc3giJ9FZj8VJBMtB0WulVoupSidRZxXfZ+kKMChXsq5R6BlAPtJbkPgUv0k5c7o9gRc2czXuM3F9+sA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sun, 25 Jul 2021 03:12:38 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
87 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-4899705-6&cid=1904766599.1627182758&jid=894377022&gjid=653893170&_gid=747950730.1627182758&_u=IEBAAEAAAAAAAC~&z=547558758
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 25 Jul 2021 03:12:38 GMT
content-type
text/plain
access-control-allow-origin
https://www.mdzol.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
cotizaciones.php
staticsig.inversorglobal.com/ Frame 6046
Redirect Chain
  • https://www.inversorglobal.com/cotizaciones/
  • https://staticsig.inversorglobal.com/cotizaciones.php
4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://staticsig.inversorglobal.com/cotizaciones.php
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::ac43:b70b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
353e392aed49fb4ae0f81d03d4178941c620b723296931b6caaedfc2d2f61f07

Request headers

:method
GET
:authority
staticsig.inversorglobal.com
:scheme
https
:path
/cotizaciones.php
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.mdzol.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.mdzol.com/

Response headers

date
Sun, 25 Jul 2021 03:12:38 GMT
content-type
text/html; charset=UTF-8
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lSjVbKwp9qdzyWagCh2IX5M%2BHRsunxl7uEMKPLdNqmcMplKvI5R48ky3Jd%2FSLOfBmAJMRtp7y13XyADoUvgb8IBfJ6SSYBZ6%2BO7MgmkllpLLQVGklDADPhBtkd3calUSiPYYW6m8dECvcMvWC%2FXWTOfv0kQVrHC3N67c"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
674235304df84327-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date
Sun, 25 Jul 2021 03:12:38 GMT
content-type
text/html
location
https://staticsig.inversorglobal.com/cotizaciones.php
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SHSDerMxIkWwo%2Fn4R4GvPvxrUmxCVWu0MzUG8uVmwDukf%2FvMZo1gk3Kui6rxRxxyRnTnhZLRAEd%2B2dcEZCpthCixZWEV2U036absY3YNuqteCKZLrdU7GnuHvyEgiIm8unnKaM456J6Y0Z4wHsY3wus5hrmR"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6742352e5b044327-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
logo-radio.svg
www.mdzol.com/a/plantillas/p/mdz/imgs/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mdzol.com/a/plantillas/p/mdz/imgs/logo-radio.svg
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/a/plantillas/p/mdz/css/end.css?cA_22972
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4624c33a17177b381047e3a6340ae817e388c3cb4a157bc61fddc1f5069d769b

Request headers

:path
/a/plantillas/p/mdz/imgs/logo-radio.svg
pragma
no-cache
cookie
_ga=GA1.2.1904766599.1627182758; _gid=GA1.2.747950730.1627182758; _gat=1; E801=E80%2D202172501237%2D460805835%2D637; ASPSESSIONIDCACABDRT=CAPKKGLBJGNGPMOGFBDFMIAL
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.mdzol.com
referer
https://www.mdzol.com/a/plantillas/p/mdz/css/end.css?cA_22972
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.mdzol.com/a/plantillas/p/mdz/css/end.css?cA_22972
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 10 Jul 2020 13:19:28 GMT
server
cloudflare
age
2905324
etag
W/"ef930bdbc56d61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public,stale-if-error=86400,max-age=31536000
cf-ray
6742352e6c19536a-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
ga-audiences
www.google.com/ads/ 		42 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-4899705-6&cid=1904766599.1627182758&jid=894377022&_u=IEBAAEAAAAAAAC~&z=896525926
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Jul 2021 03:12:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j91&tid=UA-4899705-6&cid=1904766599.1627182758&jid=894377022&_u=IEBAAEAAAAAAAC~&z=896525926
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Jul 2021 03:12:38 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		340 KB
117 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a23c66a61e031b78959955ed3681550ddf8235b618f09cc7c561c1cd00f5967
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119631
x-xss-protection
0
expires
Sun, 25 Jul 2021 03:12:38 GMT
frame.html
d-13005548613403204316.ampproject.net/2107092322000/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://d-13005548613403204316.ampproject.net/2107092322000/frame.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
ima-video.js
3p.ampproject.net/2107092322000/vendor/ 		51 KB
15 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://3p.ampproject.net/2107092322000/vendor/ima-video.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d96c6bc1c7e76ac25c2272dace2b412f31a392583bf8f634bf5cce48d0b71d3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 12:02:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
54622
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15194
x-xss-protection
0
last-modified
Sat, 10 Jul 2021 10:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 24 Jul 2022 12:02:16 GMT
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=348054322043240&ev=PageView&dl=https%3A%2F%2Fwww.mdzol.com%2F&rl=&if=false&ts=1627182758188&sw=1600&sh=1200&v=2.9.43&r=stable&ec=0&o=30&fbp=fb.1.1627182758187.1670871037&it=1627182758053&coo=false&rqm=GET
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:38 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sun, 25 Jul 2021 03:12:38 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.mdzol.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 25 Jul 2021 03:12:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.mdzol.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 25 Jul 2021 03:12:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		47 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2300070110521685&correlator=753611865424688&output=ldjh&impl=fif&eid=21068767%2C31061842%2C20211866&vrg=2021071401&ptt=17&sc=1&sfv=1-0-38&ecs=20210725&iu_parts=31928600%2Canchocompleto(1)&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C750x300%7C970x90%7C970x250%7C990x200%7C990x300%7C990x400&cust_params=sitio%3Dmdz-online%26id_noticia%3Dn%26temas%3D%26intereses%3D%26tipo%3Dhome%26cfg_adx%3D%26seccion%3Dhome%26autor%3DNo%2520es%2520Noticia%26subseccion%3DNULL&cookie_enabled=1&bc=31&arp=1&abxe=1&lmt=1627182758&dt=1627182758267&dlt=1627182757872&idt=330&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=1142&adks=3305645721&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.mdzol.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x0&msz=728x0&ga_vid=1904766599.1627182758&ga_sid=1627182758&ga_hid=179573679&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
2012a175ba1a5319868ac22c14861ca5d95ea113589f93849cc8bb270b7df322
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11769
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.mdzol.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E667 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.mdzol.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.mdzol.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Sun, 25 Jul 2021 03:12:38 GMT
expires
Mon, 25 Jul 2022 03:12:38 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ads
securepubads.g.doubleclick.net/gampad/ 		72 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2300070110521685&correlator=753611865424688&output=ldjh&impl=fif&eid=21068767%2C31061842%2C20211866&vrg=2021071401&ptt=17&sc=1&sfv=1-0-38&ecs=20210725&iu_parts=31928600%2Canchocompleto(3)&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C750x300%7C970x90%7C970x250%7C990x200%7C990x300%7C990x400&cust_params=sitio%3Dmdz-online%26id_noticia%3Dn%26temas%3D%26intereses%3D%26tipo%3Dhome%26cfg_adx%3D%26seccion%3Dhome%26autor%3DNo%2520es%2520Noticia%26subseccion%3DNULL&cookie_enabled=1&bc=31&arp=1&abxe=1&lmt=1627182758&dt=1627182758273&dlt=1627182757872&idt=330&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=3447&adks=3096144300&ucis=2&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.mdzol.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x0&msz=728x0&ga_vid=1904766599.1627182758&ga_sid=1627182758&ga_hid=179573679&ga_fc=false&fws=4&ohw=1600&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
b16dba310a91d49b790fd7c6d99895faf66efe05aae9815589a02006f30b50a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18632
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.mdzol.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		14 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2300070110521685&correlator=753611865424688&output=ldjh&impl=fif&eid=21068767%2C31061842%2C20211866&vrg=2021071401&ptt=17&sc=1&sfv=1-0-38&ecs=20210725&iu_parts=31928600%2Clateral(1)&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C386x300&cust_params=sitio%3Dmdz-online%26id_noticia%3Dn%26temas%3D%26intereses%3D%26tipo%3Dhome%26cfg_adx%3D%26seccion%3Dhome%26autor%3DNo%2520es%2520Noticia%26subseccion%3DNULL&cookie_enabled=1&bc=31&arp=1&abxe=1&lmt=1627182758&dt=1627182758275&dlt=1627182757872&idt=330&frm=20&biw=1600&bih=1200&oid=3&adxs=1056&adys=5131&adks=1960094939&ucis=3&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.mdzol.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=388x250&msz=300x250&ga_vid=1904766599.1627182758&ga_sid=1627182758&ga_hid=179573679&ga_fc=false&fws=516&ohw=1600&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
6c86fc7f03f22143db49f573e85d84bc4d4d5ec3112eff8bfc1bca7681f45209
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8114
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.mdzol.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		14 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2300070110521685&correlator=753611865424688&output=ldjh&impl=fif&eid=21068767%2C31061842%2C20211866&vrg=2021071401&ptt=17&sc=1&sfv=1-0-38&ecs=20210725&iu_parts=31928600%2Clateralplus(1)&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600%7C300x600%7C386x600&cust_params=sitio%3Dmdz-online%26id_noticia%3Dn%26temas%3D%26intereses%3D%26tipo%3Dhome%26cfg_adx%3D%26seccion%3Dhome%26autor%3DNo%2520es%2520Noticia%26subseccion%3DNULL&cookie_enabled=1&bc=31&arp=1&abxe=1&lmt=1627182758&dt=1627182758277&dlt=1627182757872&idt=330&frm=20&biw=1600&bih=1200&oid=3&adxs=1126&adys=5909&adks=2280162684&ucis=4&ifi=4&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.mdzol.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=388x600&msz=160x600&ga_vid=1904766599.1627182758&ga_sid=1627182758&ga_hid=179573679&ga_fc=false&fws=516&ohw=1600&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
217335bea519c6428d9c9a7571b989d0e12e3497c829d350a000692b906f1993
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8056
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.mdzol.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		49 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2300070110521685&correlator=753611865424688&output=ldjh&impl=fif&eid=21068767%2C31061842%2C20211866&vrg=2021071401&ptt=17&sc=1&sfv=1-0-38&ecs=20210725&iu_parts=31928600%2Canchocompleto(2)&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C750x300%7C970x90%7C970x250%7C990x200%7C990x300%7C990x400&cust_params=sitio%3Dmdz-online%26id_noticia%3Dn%26temas%3D%26intereses%3D%26tipo%3Dhome%26cfg_adx%3D%26seccion%3Dhome%26autor%3DNo%2520es%2520Noticia%26subseccion%3DNULL&cookie_enabled=1&bc=31&arp=1&abxe=1&lmt=1627182758&dt=1627182758279&dlt=1627182757872&idt=330&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=6575&adks=1805839468&ucis=5&ifi=5&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.mdzol.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x0&msz=728x0&ga_vid=1904766599.1627182758&ga_sid=1627182758&ga_hid=179573679&ga_fc=false&fws=4&ohw=1600&btvi=4&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
499e68e56e0ff786e03711cdc04d8c1584318e2c9c76fa7fa6169e842ea989f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11898
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.mdzol.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		11 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2300070110521685&correlator=753611865424688&output=ldjh&impl=fif&eid=21068767%2C31061842%2C20211866&vrg=2021071401&ptt=17&sc=1&sfv=1-0-38&ecs=20210725&iu_parts=31928600%2Canchocompleto(4)&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C750x300%7C970x90%7C970x250%7C990x200%7C990x300%7C990x400&cust_params=sitio%3Dmdz-online%26id_noticia%3Dn%26temas%3D%26intereses%3D%26tipo%3Dhome%26cfg_adx%3D%26seccion%3Dhome%26autor%3DNo%2520es%2520Noticia%26subseccion%3DNULL&cookie_enabled=1&bc=31&arp=1&abxe=1&lmt=1627182758&dt=1627182758281&dlt=1627182757872&idt=330&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=7689&adks=1788192640&ucis=6&ifi=6&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.mdzol.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x0&msz=728x0&ga_vid=1904766599.1627182758&ga_sid=1627182758&ga_hid=179573679&ga_fc=false&fws=4&ohw=1600&btvi=5&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
72e734a300145adffa1bc4eb86c3b415e0d8340d4966ee85cc32c76d29ec8e9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5524
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.mdzol.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		67 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2300070110521685&correlator=753611865424688&output=ldjh&impl=fif&eid=21068767%2C31061842%2C20211866&vrg=2021071401&ptt=17&sc=1&sfv=1-0-38&ecs=20210725&iu_parts=31928600%2Canchocompleto(5)&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C750x300%7C970x90%7C970x250%7C990x200%7C990x300%7C990x400&cust_params=sitio%3Dmdz-online%26id_noticia%3Dn%26temas%3D%26intereses%3D%26tipo%3Dhome%26cfg_adx%3D%26seccion%3Dhome%26autor%3DNo%2520es%2520Noticia%26subseccion%3DNULL&cookie_enabled=1&bc=31&arp=1&abxe=1&lmt=1627182758&dt=1627182758283&dlt=1627182757872&idt=330&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=10758&adks=762427846&ucis=7&ifi=7&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.mdzol.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x0&msz=728x0&ga_vid=1904766599.1627182758&ga_sid=1627182758&ga_hid=179573679&ga_fc=false&fws=4&ohw=1600&btvi=6&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
4fd72c46281e418a795e36792a29f67be9743c63e1fd8477b052b1eb6767befe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17744
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.mdzol.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		67 KB
18 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2300070110521685&correlator=753611865424688&output=ldjh&impl=fif&eid=21068767%2C31061842%2C20211866&vrg=2021071401&ptt=17&sc=1&sfv=1-0-38&ecs=20210725&iu_parts=31928600%2Canchocompleto(6)&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C750x300%7C970x90%7C970x250%7C990x200%7C990x300%7C990x400&cust_params=sitio%3Dmdz-online%26id_noticia%3Dn%26temas%3D%26intereses%3D%26tipo%3Dhome%26cfg_adx%3D%26seccion%3Dhome%26autor%3DNo%2520es%2520Noticia%26subseccion%3DNULL&cookie_enabled=1&bc=31&arp=1&abxe=1&lmt=1627182758&dt=1627182758286&dlt=1627182757872&idt=330&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=11337&adks=2650234820&ucis=8&ifi=8&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.mdzol.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x0&msz=728x0&ga_vid=1904766599.1627182758&ga_sid=1627182758&ga_hid=179573679&ga_fc=false&fws=4&ohw=1600&btvi=7&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
3deddd3f41fe0ddcbf961b95cc4f26218271b306557421d944bfdb5f1343bba0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17891
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.mdzol.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
frame.html
d-13005548613403204316.ampproject.net/2107092322000/ Frame 4C56 		507 B
275 B 		Document
General
Check archive.org
Download Go to
Full URL
https://d-13005548613403204316.ampproject.net/2107092322000/frame.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ima-video-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af9c43c4245a11083fd6ccb171f10a182613de3fee9031c51ab8648968e73972
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
d-13005548613403204316.ampproject.net
:scheme
https
:path
/2107092322000/frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.mdzol.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.mdzol.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
br
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
214
date
Sun, 25 Jul 2021 03:12:38 GMT
expires
Mon, 25 Jul 2022 03:12:38 GMT
last-modified
Sat, 10 Jul 2021 10:38:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
6975_.0000000.jpg
videos.mdzol.com/mdz-in/2021/07/24/ 		468 B
802 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://videos.mdzol.com/mdz-in/2021/07/24/6975_.0000000.jpg
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26b05d464a9903a0597b14f9a1452a8599db78bf51f197e4f74b85426ceecdc6

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:38 GMT
cf-cache-status
HIT
age
771
cf-polished
origFmt=jpeg, origSize=4303
cf-ray
6742352f8d414e07-FRA
content-disposition
inline; filename="6975_.webp"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
468
x-amz-id-2
j9gc0yQqzs51+gk+4ysu9RktHIDzyYoJaFWXQ4vA6V09yhK2x9F5lhmFeiQTaitSCm3y3PjvTFE=
last-modified
Sun, 25 Jul 2021 00:22:33 GMT
server
cloudflare
etag
"7ca5067ee0d5bb79a76f724929e2a62e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-amz-request-id
QFEKP8DRECS1NX3J
accept-ranges
bytes
content-type
image/webp
cf-bgj
imgq:100,h2pri
ads
securepubads.g.doubleclick.net/gampad/ 		92 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2300070110521685&correlator=753611865424688&output=ldjh&impl=fif&eid=21068767%2C31061842%2C20211866&vrg=2021071401&ptt=17&sc=1&sfv=1-0-38&ecs=20210725&iu_parts=31928600%2Canchocompleto(8)&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C750x300%7C970x90%7C970x250%7C990x200%7C990x300%7C990x400&cust_params=sitio%3Dmdz-online%26id_noticia%3Dn%26temas%3D%26intereses%3D%26tipo%3Dhome%26cfg_adx%3D%26seccion%3Dhome%26autor%3DNo%2520es%2520Noticia%26subseccion%3DNULL&cookie_enabled=1&bc=31&arp=1&abxe=1&lmt=1627182758&dt=1627182758326&dlt=1627182757872&idt=330&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=12408&adks=2260564578&ucis=9&ifi=9&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.mdzol.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x0&msz=728x0&ga_vid=1904766599.1627182758&ga_sid=1627182758&ga_hid=179573679&ga_fc=false&fws=4&ohw=1600&btvi=8&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
3d85e802bb8f41747e865bd3005cc09d7b4ddcf746c2e48141b59f7537bab951
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/962118667511754641/sixt_retargeting_970x250_orange_V2_de.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/962118667511754641/sixt_retargeting_970x250_orange_V2_de.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIGX55Og_fECFYSjdwodkBgDUA&gqi=&layout=/sadbundle/%24csp%253Der3%24/962118667511754641/sixt_retargeting_970x250_orange_V2_de.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/962118667511754641/sixt_retargeting_970x250_orange_V2_de.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/962118667511754641/sixt_retargeting_970x250_orange_V2_de.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIGX55Og_fECFYSjdwodkBgDUA&gqi=&layout=/sadbundle/%24csp%253Der3%24/962118667511754641/sixt_retargeting_970x250_orange_V2_de.html
content-encoding
br
x-content-type-options
nosniff
google-creative-id
-1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29219
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
date
Sun, 25 Jul 2021 03:12:41 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.mdzol.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		12 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2300070110521685&correlator=753611865424688&output=ldjh&impl=fif&eid=21068767%2C31061842%2C20211866&vrg=2021071401&ptt=17&sc=1&sfv=1-0-38&ecs=20210725&iu_parts=31928600%2Canchocompleto(7)&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C750x300%7C970x90%7C970x250%7C990x200%7C990x300%7C990x400&cust_params=sitio%3Dmdz-online%26id_noticia%3Dn%26temas%3D%26intereses%3D%26tipo%3Dhome%26cfg_adx%3D%26seccion%3Dhome%26autor%3DNo%2520es%2520Noticia%26subseccion%3DNULL&cookie_enabled=1&bc=31&arp=1&abxe=1&lmt=1627182758&dt=1627182758354&dlt=1627182757872&idt=330&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=12987&adks=3399903101&ucis=a&ifi=10&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.mdzol.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x0&msz=728x0&ga_vid=1904766599.1627182758&ga_sid=1627182758&ga_hid=179573679&ga_fc=false&fws=4&ohw=1600&btvi=9&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e2f8b6ac53c76f5ab9aef84fe4cff95ea6d18baab5ffdd847c55fe57bb90541a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7401
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.mdzol.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
logo-que-ver.png
www.mdzol.com/a/plantillas/p/mdz/imgs/ 		87 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mdzol.com/a/plantillas/p/mdz/imgs/logo-que-ver.png
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/a/plantillas/p/mdz/css/end.css?cA_22972
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f73fc9ed3e1a51f35cb5a7e2f4b1c091975e54f64a15ab5e47088ba01afaf5f

Request headers

:path
/a/plantillas/p/mdz/imgs/logo-que-ver.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.mdzol.com
referer
https://www.mdzol.com/a/plantillas/p/mdz/css/end.css?cA_22972
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.mdzol.com/a/plantillas/p/mdz/css/end.css?cA_22972
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:38 GMT
cf-cache-status
HIT
age
158767
cf-polished
origFmt=png, origSize=161443
content-disposition
inline; filename="logo-que-ver.webp"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
89402
last-modified
Wed, 19 Aug 2020 12:08:51 GMT
server
cloudflare
etag
"5f589802176d61:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
content-type
image/webp
cache-control
public,stale-if-error=86400,max-age=31536000
accept-ranges
bytes
cf-ray
6742352fbd744e07-FRA
cf-bgj
imgq:100,h2pri
ads
securepubads.g.doubleclick.net/gampad/ 		42 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2300070110521685&correlator=753611865424688&output=ldjh&impl=fif&eid=21068767%2C31061842%2C20211866&vrg=2021071401&ptt=17&sc=1&sfv=1-0-38&ecs=20210725&iu_parts=31928600%2Canchocompleto(9)&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C750x300%7C970x90%7C970x250%7C990x200%7C990x300%7C990x400&cust_params=sitio%3Dmdz-online%26id_noticia%3Dn%26temas%3D%26intereses%3D%26tipo%3Dhome%26cfg_adx%3D%26seccion%3Dhome%26autor%3DNo%2520es%2520Noticia%26subseccion%3DNULL&cookie_enabled=1&bc=31&arp=1&abxe=1&lmt=1627182758&dt=1627182758370&dlt=1627182757872&idt=330&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=14155&adks=3344501286&ucis=b&ifi=11&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.mdzol.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x0&msz=728x0&ga_vid=1904766599.1627182758&ga_sid=1627182758&ga_hid=179573679&ga_fc=false&fws=4&ohw=1600&btvi=10&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ffeb7e8a3408c4a76177afaeb19faa9846b03f8b2beb420e26c4414a29dbb578
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10667
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.mdzol.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.mdzol.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 25 Jul 2021 03:12:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.mdzol.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 25 Jul 2021 03:12:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		41 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2300070110521685&correlator=753611865424688&output=ldjh&impl=fif&eid=21068767%2C31061842%2C20211866&vrg=2021071401&ptt=17&sc=1&sfv=1-0-38&ecs=20210725&iu_parts=31928600%2Clateralplus(2)&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600%7C300x600%7C386x600&cust_params=sitio%3Dmdz-online%26id_noticia%3Dn%26temas%3D%26intereses%3D%26tipo%3Dhome%26cfg_adx%3D%26seccion%3Dhome%26autor%3DNo%2520es%2520Noticia%26subseccion%3DNULL&cookie_enabled=1&bc=31&arp=1&abxe=1&lmt=1627182758&dt=1627182758395&dlt=1627182757872&idt=330&frm=20&biw=1600&bih=1200&oid=3&adxs=1000&adys=15261&adks=3897509322&ucis=c&ifi=12&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.mdzol.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=380x0&msz=380x0&ga_vid=1904766599.1627182758&ga_sid=1627182758&ga_hid=179573679&ga_fc=false&fws=4&ohw=1600&btvi=11&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
ccb6a01c67dc986326b9cc6bbeee81e9a45d29d36064b55096f39a8e16215fa4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10608
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.mdzol.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		76 KB
19 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2300070110521685&correlator=753611865424688&output=ldjh&impl=fif&eid=21068767%2C31061842%2C20211866&vrg=2021071401&ptt=17&sc=1&sfv=1-0-38&ecs=20210725&iu_parts=31928600%2Canchocompleto(10)&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C750x300%7C970x90%7C970x250%7C990x200%7C990x300%7C990x400&cust_params=sitio%3Dmdz-online%26id_noticia%3Dn%26temas%3D%26intereses%3D%26tipo%3Dhome%26cfg_adx%3D%26seccion%3Dhome%26autor%3DNo%2520es%2520Noticia%26subseccion%3DNULL&cookie_enabled=1&bc=31&arp=1&abxe=1&lmt=1627182758&dt=1627182758402&dlt=1627182757872&idt=330&frm=20&biw=1600&bih=1200&oid=3&adxs=436&adys=16178&adks=749629026&ucis=d&ifi=13&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.mdzol.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x0&msz=728x0&ga_vid=1904766599.1627182758&ga_sid=1627182758&ga_hid=179573679&ga_fc=false&fws=4&ohw=1600&btvi=12&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
9c0e86ce5701b47263e7bbfb5945f20db80efdccc7373428b45fd10dba3a709f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18915
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.mdzol.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		441 B
452 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2300070110521685&correlator=753611865424688&output=ldjh&impl=fif&eid=21068767%2C31061842%2C20211866&vrg=2021071401&ptt=17&sc=1&sfv=1-0-38&ecs=20210725&iu_parts=31928600%2Cfueradepagina&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ists=1&cust_params=sitio%3Dmdz-online%26id_noticia%3Dn%26temas%3D%26intereses%3D%26tipo%3Dhome%26cfg_adx%3D%26seccion%3Dhome%26autor%3DNo%2520es%2520Noticia%26subseccion%3DNULL&cookie_enabled=1&bc=31&arp=1&abxe=1&lmt=1627182758&dt=1627182758408&dlt=1627182757872&idt=330&frm=20&biw=1600&bih=1200&oid=3&adxs=800&adys=16285&adks=266306951&ucis=e&ifi=14&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.mdzol.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x0&msz=0x0&ga_vid=1904766599.1627182758&ga_sid=1627182758&ga_hid=179573679&ga_fc=false&fws=4&ohw=1600&btvi=13&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
8b00f7fda091cb4bc22d6425405fc1dbfd54284e2495d3ffc725799bc4e45ebd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:42 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
227
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.mdzol.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ima-video.js
3p.ampproject.net/2107092322000/vendor/ Frame 4C56 		51 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://3p.ampproject.net/2107092322000/vendor/ima-video.js
Requested by
Host: d-13005548613403204316.ampproject.net
URL: https://d-13005548613403204316.ampproject.net/2107092322000/frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d96c6bc1c7e76ac25c2272dace2b412f31a392583bf8f634bf5cce48d0b71d3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d-13005548613403204316.ampproject.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 12:02:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
54622
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15194
x-xss-protection
0
last-modified
Sat, 10 Jul 2021 10:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 24 Jul 2022 12:02:16 GMT
0.b6de541692a2f4f36600.chunk.js
www.mdzol.com/a/plantillas/p/mdz/js/ 		182 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mdzol.com/a/plantillas/p/mdz/js/0.b6de541692a2f4f36600.chunk.js
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/a/plantillas/p/mdz/js/home.b6de541692a2f4f36600.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a1693f96a4de53b2bd7d58b3443ad912b70d1baf1e4e4c8b848e977011e5b6b

Request headers

:path
/a/plantillas/p/mdz/js/0.b6de541692a2f4f36600.chunk.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.mdzol.com
referer
https://www.mdzol.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 16 Dec 2019 15:17:24 GMT
server
cloudflare
age
2908725
etag
W/"1da042eb23b4d51:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,stale-if-error=86400,max-age=31536000
cf-polished
origSize=356810
cf-ray
674235303dab536a-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-bgj
minify
14.b6de541692a2f4f36600.chunk.js
www.mdzol.com/a/plantillas/p/mdz/js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.mdzol.com/a/plantillas/p/mdz/js/14.b6de541692a2f4f36600.chunk.js
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/a/plantillas/p/mdz/js/home.b6de541692a2f4f36600.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9384e15deb923196d26651ae71a3b21666e653fd81f186bf30491b2818998069

Request headers

:path
/a/plantillas/p/mdz/js/14.b6de541692a2f4f36600.chunk.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.mdzol.com
referer
https://www.mdzol.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 28 May 2021 10:35:24 GMT
server
cloudflare
age
160186
etag
W/"693e1a2bad53d71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,stale-if-error=86400,max-age=31536000
cf-polished
origSize=39155
cf-ray
674235303dac536a-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-bgj
minify
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.8.2/ 		91 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/a/plantillas/p/mdz/js/telemet.script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 02:07:23 GMT
x-content-type-options
nosniff
age
176715
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
93435
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Jul 2022 02:07:23 GMT
6975_.0000000.jpg
videos.mdzol.com/mdz-in/2021/07/24/ Frame 4C56 		468 B
949 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://videos.mdzol.com/mdz-in/2021/07/24/6975_.0000000.jpg
Requested by
Host: 3p.ampproject.net
URL: https://3p.ampproject.net/2107092322000/vendor/ima-video.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26b05d464a9903a0597b14f9a1452a8599db78bf51f197e4f74b85426ceecdc6

Request headers

Referer
https://d-13005548613403204316.ampproject.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:38 GMT
cf-cache-status
HIT
age
771
cf-polished
origFmt=jpeg, origSize=4303
cf-ray
674235304dbe536a-FRA
content-disposition
inline; filename="6975_.webp"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
468
x-amz-id-2
j9gc0yQqzs51+gk+4ysu9RktHIDzyYoJaFWXQ4vA6V09yhK2x9F5lhmFeiQTaitSCm3y3PjvTFE=
last-modified
Sun, 25 Jul 2021 00:22:33 GMT
server
cloudflare
etag
"7ca5067ee0d5bb79a76f724929e2a62e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
x-amz-request-id
QFEKP8DRECS1NX3J
accept-ranges
bytes
content-type
image/webp
cf-bgj
imgq:100,h2pri
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 4C56 		340 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: 3p.ampproject.net
URL: https://3p.ampproject.net/2107092322000/vendor/ima-video.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a23c66a61e031b78959955ed3681550ddf8235b618f09cc7c561c1cd00f5967
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d-13005548613403204316.ampproject.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119631
x-xss-protection
0
expires
Sun, 25 Jul 2021 03:12:38 GMT
6975mp4_.mp4
videos.mdzol.com/mdz-in/2021/07/24/ Frame 4C56 		384 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://videos.mdzol.com/mdz-in/2021/07/24/6975mp4_.mp4
Requested by
Host: d-13005548613403204316.ampproject.net
URL: https://d-13005548613403204316.ampproject.net/2107092322000/frame.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://d-13005548613403204316.ampproject.net/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Sun, 25 Jul 2021 03:12:38 GMT
cf-cache-status
HIT
last-modified
Sun, 25 Jul 2021 00:22:55 GMT
server
cloudflare
age
770
etag
"8ce0944e026bd6e3623920506a75dab3-2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
video/mp4
Content-Range
bytes 0-11836290/11836291
x-amz-request-id
HW5FFPSGE7CDXHQA
cf-ray
674235305dcb536a-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
Content-Length
11836291
x-amz-id-2
MKwOlsytivg38gj2RSJcrNW3FNXYhlqUJHa7g666hC0kOXJFDyA3l19L0OAniAD6vp9qwFgWrhc=
f1427x655-1086029_1219573_5050.jpeg
www.mdzol.com/u/fotografias/m/2021/7/24/ 		82 KB
83 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mdzol.com/u/fotografias/m/2021/7/24/f1427x655-1086029_1219573_5050.jpeg
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a0795632016f69453c85182bb7fc3cf6d0c776c620b1b99f9710033171820293

Request headers

:path
/u/fotografias/m/2021/7/24/f1427x655-1086029_1219573_5050.jpeg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.mdzol.com
referer
https://www.mdzol.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:38 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
server
cloudflare
age
771
cf-polished
origSize=88418, status=webp_bigger
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
no-cache,private
accept-ranges
bytes
cf-ray
674235310e63536a-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
84346
expires
Sun, 25 Jul 2021 01:19:32 GMT
f386x217-1086058_1098042_6850.jpeg
www.mdzol.com/u/fotografias/m/2021/7/24/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mdzol.com/u/fotografias/m/2021/7/24/f386x217-1086058_1098042_6850.jpeg
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d198b2d4656349bbb6d80442b98bbdc0ad331b3632668426d6329e1e55cb6419

Request headers

:path
/u/fotografias/m/2021/7/24/f386x217-1086058_1098042_6850.jpeg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.mdzol.com
referer
https://www.mdzol.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:39 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
server
cloudflare
cf-polished
origSize=19006, status=webp_bigger
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
no-cache,private
accept-ranges
bytes
cf-ray
674235310e64536a-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
18088
expires
Sun, 25 Jul 2021 03:01:03 GMT
f386x217-944749_956733_6943.jpg
www.mdzol.com/u/fotografias/m/2020/8/6/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mdzol.com/u/fotografias/m/2020/8/6/f386x217-944749_956733_6943.jpg
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a17c8349de38ba508b42d307c4ce6e66b70b8dfb617c61831df8bae85e4d0420

Request headers

:path
/u/fotografias/m/2020/8/6/f386x217-944749_956733_6943.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.mdzol.com
referer
https://www.mdzol.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:38 GMT
cf-cache-status
HIT
age
11218
cf-polished
origSize=9617, status=webp_bigger
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
9176
last-modified
Wed, 30 Jun 2021 20:22:12 GMT
server
cloudflare
etag
"7dc82b9ced6dd71:0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public,stale-if-error=86400,max-age=31536000
accept-ranges
bytes
cf-ray
674235310e65536a-FRA
cf-bgj
imgq:100,h2pri
f386x217-1085975_1097959_5050.jpg
www.mdzol.com/u/fotografias/m/2021/7/24/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.mdzol.com/u/fotografias/m/2021/7/24/f386x217-1085975_1097959_5050.jpg
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e657199383deee88220875199a44b8e6c97e0aeb09ef88afd75782a3fd914e08

Request headers

:path
/u/fotografias/m/2021/7/24/f386x217-1085975_1097959_5050.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.mdzol.com
referer
https://www.mdzol.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:38 GMT
cf-cache-status
HIT
cf-bgj
imgq:100,h2pri
server
cloudflare
age
17374
cf-polished
origSize=16029, status=webp_bigger
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
no-cache,private
accept-ranges
bytes
cf-ray
674235310e66536a-FRA
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
15285
expires
Sat, 24 Jul 2021 22:06:24 GMT
bridge3.472.0_es.html
imasdk.googleapis.com/js/core/ Frame CB88 		578 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.472.0_es.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef497a3cfc62c3bad692dcb17692eaca96e4d9b9e438f288b6613327d1bc0e1c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.472.0_es.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://d-13005548613403204316.ampproject.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://d-13005548613403204316.ampproject.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
194410
date
Fri, 23 Jul 2021 07:46:14 GMT
expires
Sat, 23 Jul 2022 07:46:14 GMT
last-modified
Mon, 19 Jul 2021 20:22:08 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
156384
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame 4C56 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d-13005548613403204316.ampproject.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Sun, 25 Jul 2021 03:12:38 GMT
integrator.js
adservice.google.com/adsid/ Frame 4C56 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=d-13005548613403204316.ampproject.net
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d-13005548613403204316.ampproject.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 25 Jul 2021 03:12:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 5108 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://d-13005548613403204316.ampproject.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:08:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
277
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 25 Jul 2021 04:08:01 GMT
/
www.facebook.com/tr/ 		0
83 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryPPBAEfS6M7KhBMg6

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Sun, 25 Jul 2021 03:12:38 GMT
content-type
text/plain
access-control-allow-origin
https://www.mdzol.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
ads
pubads.g.doubleclick.net/gampad/ Frame CB88 		24 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22046766299%2Fmdz_vast_home&description_url=%5Bplaceholder%5D&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1248375244022305&sdkv=h.3.472.0&osd=2&frm=2&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&mpt=amp-ima&mpv=0.1&sdki=44d&adk=915807340&sdk_apis=2%2C8&media_url=https%3A%2F%2Fvideos.mdzol.com%2Fmdz-in%2F2021%2F07%2F24%2F6975mp4_.mp4&sid=01EAF153-F250-4E56-A901-F01AF1EC7941&eid=44730465&url=https%3A%2F%2Fwww.mdzol.com%2F&ref=https%3A%2F%2Fwww.mdzol.com%2F&dt=1627182758708&scor=1630919905857254&ged=ve4_td1_tt0_pd1_la1000_er0.0.0.0_vi0.0.285.388_vp0_eb16747
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.472.0_es.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
f3c06cf6c6f3f942af77d5576d2dc7e73c9759f8903685adb0f11ef347b621f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6469
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
logo-blanco.png
staticsig.inversorglobal.com/ Frame 6046 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://staticsig.inversorglobal.com/logo-blanco.png
Requested by
Host: staticsig.inversorglobal.com
URL: https://staticsig.inversorglobal.com/cotizaciones.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b70b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5df654f9b59dd3322a2b8703682b1ee78559832b7a6c02803c0cb8ef94587389

Request headers

Referer
https://staticsig.inversorglobal.com/cotizaciones.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:38 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
2281
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
1291
last-modified
Thu, 20 May 2021 14:28:56 GMT
server
cloudflare
etag
"60a67228-50b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pdyn%2BZoPiPU%2BbxS77SlLsy33n%2Fu%2BBfbsm2MKw2Zh8rToY1IT%2FPwkM7DABT1QLDov5Utd2H2ioMxOdNQpBIYZrEZ4eCljmtdoR9fwDG5LqQ2JUEA3U0icN6QywwkKESTt7LmrhYWN0rdEv1AC2D8cUPmMIvBF0PClIz2L"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
674235322cc705e4-FRA
D-DIN-Bold.otf
staticsig.inversorglobal.com/ Frame 6046 		56 KB
57 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://staticsig.inversorglobal.com/D-DIN-Bold.otf
Requested by
Host: staticsig.inversorglobal.com
URL: https://staticsig.inversorglobal.com/cotizaciones.php
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::ac43:b70b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b01c027cbc7e13b52ffaa499af67ac7793e34cf68b5caf4c490450512b4eb7c

Request headers

Origin
https://staticsig.inversorglobal.com
Referer
https://staticsig.inversorglobal.com/cotizaciones.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:38 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
147
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
57720
last-modified
Thu, 20 May 2021 14:28:56 GMT
server
cloudflare
etag
"60a67228-e178"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w19pszjfFg3aAieOCWSej5AHYJrCFQPJF5o2tjtMYs2Rzj4%2BXcywFJXwVhMW1MOfPk3wyOXwNVUVw%2BbFg5Cc%2FE8uBbNnV5q%2FjKraSk%2BQNSM3wMmKYgzZNfvH4IWWtc0xDeI51GCxQA5rFRfgmCpSivII6AuaAHqJH7of"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
674235322cc905e4-FRA
amp4ads-v0.mjs
cdn.ampproject.org/rtv/032107200040000/ Frame A3D4 		188 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032107200040000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ebec7366236d66d326611f9c885116c612b7fe36ff0b65b55924c666383d4d8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
367411
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55094
x-xss-protection
0
server
sffe
date
Tue, 20 Jul 2021 21:09:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"3c07ea68efdee93e"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 21:09:07 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/032107200040000/v0/ Frame A3D4 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032107200040000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b4f1f72b78c93a6cdf32fbce758cc76e353e589296975f8491a265167cfdb0c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
367411
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4808
x-xss-protection
0
server
sffe
date
Tue, 20 Jul 2021 21:09:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"82cb572e3b54d217"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 21:09:07 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/032107200040000/v0/ Frame A3D4 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032107200040000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
695be856611d9d209b70e4b7356594bd123af15d79843a3711289bf90e3525b1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
367411
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27828
x-xss-protection
0
server
sffe
date
Tue, 20 Jul 2021 21:09:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"2309f93374d1f64f"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 21:09:07 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/032107200040000/v0/ Frame A3D4 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032107200040000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a0c3f2e5825816bcac42e686f0c3aa76e1aa566f71a437d8768702d4a3a45875
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
367411
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1648
x-xss-protection
0
server
sffe
date
Tue, 20 Jul 2021 21:09:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"0ef177dade489237"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 21:09:07 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/032107200040000/v0/ Frame A3D4 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/032107200040000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
172ecde3db13e66cf99995d63de308e2d6e3fdeb1a99dfaeec136f4862eb1573
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
367411
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12831
x-xss-protection
0
server
sffe
date
Tue, 20 Jul 2021 21:09:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"896e0bc3d66ccdf5"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 21:09:07 GMT
css
fonts.googleapis.com/ Frame A3D4 		6 KB
765 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 25 Jul 2021 01:46:57 GMT
server
ESF
date
Sun, 25 Jul 2021 03:12:38 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 25 Jul 2021 03:12:38 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/5207624360289613354/ Frame A3D4 		122 KB
122 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5207624360289613354/downsize_200k_v1?w=1200&h=628
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
231da5020a407f8936f72ded333d33ae714659051784b119f0ffe90460b8b1c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Jul 2021 04:08:27 GMT
x-content-type-options
nosniff
age
342251
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124690
x-xss-protection
0
last-modified
Wed, 04 Sep 2019 08:01:10 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Jul 2022 04:08:27 GMT
truncated
/ Frame A3D4 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame A3D4 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4cf1b81478b10bb6840a367df7387144fbaf211b781b7769a101988d6f901489

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
es.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A3D4 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/es.png
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f86391f8f5e12c3838b2bb51d1910da2a1a2aa975e44bfc3e189dc8bccdc0549
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Jul 2021 23:05:53 GMT
x-content-type-options
nosniff
server
cafe
age
14805
etag
15820072736840818134
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2687
x-xss-protection
0
expires
Sun, 25 Jul 2021 23:05:53 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A3D4 		295 B
520 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Jul 2021 13:07:41 GMT
x-content-type-options
nosniff
server
cafe
age
50697
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sun, 25 Jul 2021 13:07:41 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame A3D4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CpnJvptb8YNyyE-iM3gPQk7ugCfLPps9jrpOD-vYK3NkeEAEgiOimfWCVAqAB9867gwPIAQmpAjXhxKEswLM-4AIAqAMByAMKqgT6AU_Q5NtNLNUAyRWy-KKyoWI9QfaZ4b1Cb8AZbcTDlvGDYBB6uM6S4ju7WI8o5P-f0yBLh3Sf969uU2vlsW71SEDuAWsaITt4tTbVIr7mLQmDZbIVd7OWfksnU3OUEnk8jKzYCJK9pnie40g3eSfz8rikwOC7CwkQYqtRjAM40gb1smBQr3JrNPmBLe6pfngigmqweuNeceCUo6mvTXWdqP9zIoHr4SAU1m_Mg9ROQESTDJZ14gMlldQ1N-FeT-YcbClrMvioTI_z684AjM_eDEK70tEbHPAizrGIWJBaNUOtKdA3Ab8YThCObSPwDVfpbz3JUO365mTBFgjABJbMlcrkAuAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfxsMR8qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEMHVC9IICQiI4YAQEAEYHYAKA8gLAdgTDYgUAtAVAZgWAYAXAbIXGgoYCAASFHB1Yi0yNTkwNDUxMjY0MDQyODQy&sigh=tz3E3iHG188&template_id=484
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame A3D4 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.mdzol.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 12:00:01 GMT
x-content-type-options
nosniff
age
400358
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 12:00:01 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame A3D4 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.mdzol.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 01:45:21 GMT
x-content-type-options
nosniff
age
437238
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 01:45:21 GMT
vast
bid.g.doubleclick.net/dbm/ Frame CB88 		27 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-AVoSvEBknNxMqqhwkDPUYxnbOsfgVUifEi8KIBKGLeXUdVnycH6HoqLPmkEQHsd0WJnNaY7r16Z1WJdUtNzmkC4yiUKg&cry=1&dbm_d=AKAmf-B2PD-dhZ7OD9jWh0ApGZDHZtEL4G36wHdetJwfgBJslcgfpmp5piznOBdQ5Uc_dSzuBfhkt_DSb8AfGUb3SKB0Wy7ijmBcUy2DyqMOIbWNqd6e_RrkvBEKXbPYeCH32ZvjthMjEipjSJbnYZL21U7yA51s5vFCFhcWgX0x04thCDADUDvx2W2S0zDJdVryG2XwK4dCDBqNYnf-KaDMiEm_ZV6WpjS1wfnw-7KA1X0U7HEX4JT9lYiITEKdHaiIGJukP5PrUgsSRnIUKohwC0bN7vWQ9BQZWGvcyvRInwKGsf9Wj-1RTrbh3uaqFTixqaMNf71cqyc7ZOK02dbcn_ssIadoquCeViT1Jni_cAjD3MkmXWtBydSPr4N-cttC7H4AVIHD0f8j2Dh6eyAfgAoifO7XnWPQDV8u4IBCBFVLPIrRISRUeHnri-xPH7nQpyczw94lESTtVFlW5DJgbQ3BTJP87RaZne7GiAs1vndgz1npPIBZYUq016nsq_Dq13jT8ejEJ1F6bMFE-XIU6mBkaElIqtzIC5lUamimWFEKqQHzBNyJL7X2kQJR0NSV5PMvHWHBUQ7Ik0pQ4dayTNnk2qYb_s_8_YHQWnvFfWmcgUaHf7GLrivHcVxchhqMOtYffsnYu8-t1a_XAtCLqfwP5eQcpuiBVDbfg0nZoAmL3jlcELXV-V1h8odkPZIeNORwyTPtQSW_AFdYsYavUdEegW09NfV3vOdCeoqAZAneCxKNb0gZJxgP74O_aN15lSslcUgRtZpGKg2eG7WcFTbXYz5uHgBgaOLH8Sbo7L3wVHZW6rTwRxICguZizhrNun-DK6KeY6pBs6nWTkE-tmh7Q27hpjXox3mJEhKrZEneVv21da31o5aWeFl158hnkUUwOrSq2ceUkxNtkX6T91MVku4cnJ2FuEwAyts0RW1uunrLUgWJHh3UsI-UgvXTk5xXP7B_lUJwm7qRxvEcf9CFxhNqTOOBFgYmE7f0Dzk_ZM27eW2ewfOCFEVzS62E8TDv2brt_MefbkjnUm_5XOk7xrvlkwMBDaNVqewuKM85rkz5-xZ7yw574q5yMDZS4b1qTW-BMPKJlgs5AQoQ35-wPhDa0QPoepucOeNGsAw14xzjajoPPVjnaFh_dhcIcgYE6lHSyNhw6CQLUBTnhazGUlomU6lVYXQ5XMdkU1G75lIlldYsghvX3yHEK0y8A9GggjhLpQNEphD5hDDkHlCjOeQD5lj8zzNVuXG4-Pimp7b9yxHxqNVnaoaYW8VJFlGe0nD60tSKtFvRZ5QDgjO1MJba2UvssHKLm1YUfE7GWVygcyHz1mxVkfpmJcNgnepNylUtXiTRYrwEH9XlPHEweTgakSTALntfwKvcnpsvyQAPY9WIXzL8M5_AjT_1RJdZL5h_9XFo8KgZ3irB-7QIpvRmbJyW67Arey67nsFkz_Xo7FBmXX3gAxH-fkw3kmSomHshKf5YB9vq7f-lX1pQQSRJImwrnhF6h3nx2ePIqDz9Ik3-qyrOyjzss9G9bNCjPiSUb4GTm5I94gGxqlxHdd6xYeAY7XbtW5QqQp8Fbc9pCsyqxP-HmwBZXTMnZwpIPLYHqrEZ23Tgacx63yVlC3U3yLkNcFpOQUuM7vFHfFUj1HzKVKLOPAWtFYt0PD5gq6rqHB7KEjsJJ8wQ7-S0OwQ3LZZLBXhKPxyVrYCiGcaskcQFnwUi9nKDLUbVnwfciYP0ZZ5EgOEET_J0Y3UXu0uWAgXwk2eYxw0ZHrSpKjk2q1b2Y30AN12_7riqzyxhpwU8gWbW-oemO3-qhBoqu2A3lcpfCd9fG4fyFLM9B6A1lX89HeFl2jKhKd_oVT7kDS5BrjxghvZTxyQaa037STotY7U2S6-AZfW2iKKfoUOazhrU9xuwEiQ7ykLeG5xBIfQnhvDZAp-2CZfOBnIV21LwGoBT8QtuVzADeL85UrbhAcg1DwLnFxHcXm5uz1O_BcIB0J1np87Lp_5CdlpDrWmYr-dmntyvNSzs_HtiJL6_9jdzsBojciQTLJdp6OY3QGzI5JiwKzORP9gZ4ALEA3DlcpaDWY-D9lmVCGZW6lG92T3nlPhwHPBn43t3MNayWEsHYfiV4zfJfHS_zSmtLpfskjPzz69YgVvIyR02c0Mx-gM6RhMenjqTBdVLro5BKyDckX3765Bypg8Vlj_6jh9-VPq8BCQtJVyRyMx1SU-Wlihc90vf-SHh3Ru8HgXWrJ4v0Emh7neKWq3OZLRchN3DEsVLDsJT6YsVgmBD2IKzb1A9XalyarVBb5kn1kcpmAzLV_KbPNKeYpqbP8czkxnopb2blUBq2nc7ny0FOLPvzK2colGTSNzVn6Y6EAW5tu1qv3XnTvP1tIuivyqDA3VzdVVrD33MtYQC9N81uOkYpD_yzmS30Ralz0bzwOyNv2I76n47pgjb9RTCIfp87QpoVVX5-TU1pg5wYIOzy7ooLFXxNgI4JdhTqk5d7TRiOBkG_lXB-zGsAMplVNg8byXoPNXkcPi6wxDcE5E83CKMzGybIDFM9Cs-ADTWmk7EsnMvpMOm68f1rnSb696kx3a_BqBtCuDugav6KoDo7-liq0Qxaq2vdq-og9TObBIoYJhgSa0sVnZ70Dz-6RhRbVAhENV5SEVrqAkTwJ5IPaj7hiUv35-02Rql0bvWFZLpZsTGCPAuyYlNXCRNIBTe5Pc1DP-goRHLvQqshBXZ66BKAe35NkDwvcZWxL8fza7aeFXqexqPYDTynev3sa9Ppwo7zest4nwJ30ZulySpHacrkb4jjVRGcNvx_C0mQRYAm_LzWXxy9Ow_5qedzl2FJXIZY8P3Gu6cA7RUAyszfHb8-mYX4QZ01UqhtZn694FLyW6GMHYuTF-lwL2e7xDsbiHb49ymgdEBS0emnzvJRdKbb0Z2YErJ91yP06bExcLX6UsT15wixXxS_Q_qfZmJJsWblh5A9CFZYScLfavJ2y4COuxFR37-Hbwd7BlbrOtKcMNgRWlkYPpC33cR0ewu7sRMn4lz33GJfSf7xYuawMMS-gzajNV4cyQ_SA9pHQETbyz7OifFh1dzjgSiJqORf9RRsVRcZP1IPGT3TZCBH7wsSnklY28vpMkbM9PHxmPMRREk&cid=CAASBORouu8&sdkv=h.3.472.0&osd=2&frm=2&vis=1&sdr=1&is_amp=0&hl=en&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&u_so=l&ctv=0&mpt=amp-ima&mpv=0.1&sdki=44d&adk=915807340&sdk_apis=2%2C8&media_url=https%3A%2F%2Fvideos.mdzol.com%2Fmdz-in%2F2021%2F07%2F24%2F6975mp4_.mp4&sid=01EAF153-F250-4E56-A901-F01AF1EC7941&eid=44730465&url=https%3A%2F%2Fwww.mdzol.com%2F&ref=https%3A%2F%2Fwww.mdzol.com%2F&dt=1627182759046&ged=ve4_td1_tt0_pd1_la1000_er0.0.0.0_vi0.0.285.388_vp0_ts0_eb16747
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.472.0_es.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.166.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wm-in-f155.1e100.net
Software
cafe /
Resource Hash
dc8a48b98748c347c065626b07152cd74a389e5cc02c3798636cdc367da5f223
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13567
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
es.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A3D4 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/es.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032107200040000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f86391f8f5e12c3838b2bb51d1910da2a1a2aa975e44bfc3e189dc8bccdc0549
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Jul 2021 23:14:39 GMT
x-content-type-options
nosniff
server
cafe
age
14280
etag
15820072736840818134
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2687
x-xss-protection
0
expires
Sun, 25 Jul 2021 23:14:39 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame A3D4 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/032107200040000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Jul 2021 12:37:33 GMT
x-content-type-options
nosniff
server
cafe
age
52506
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sun, 25 Jul 2021 12:37:33 GMT
container.html
2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3CC0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.mdzol.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.mdzol.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Sun, 25 Jul 2021 03:12:38 GMT
expires
Mon, 25 Jul 2022 03:12:38 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5073fab4fddb9f037315ac9c663dce6681b03976250cab681638dfe17475466f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:39 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1627039897272555"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27998
x-xss-protection
0
expires
Sun, 25 Jul 2021 03:12:39 GMT
e6b29a9e1c50a56444499af64242d99b.js
www.gstatic.com/mysidia/ Frame 3CC0 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/e6b29a9e1c50a56444499af64242d99b.js?tag=pingback
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6bf65017f076ca561646c6472693c86c0b3faf52705b8172482c67a9fa4e7114
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 01:16:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6966
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4681
x-xss-protection
0
last-modified
Tue, 20 Jul 2021 05:53:23 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sat, 23 Oct 2021 01:16:33 GMT
css
fonts.googleapis.com/ Frame 3CC0 		2 KB
531 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 25 Jul 2021 02:53:10 GMT
server
ESF
date
Sun, 25 Jul 2021 03:12:39 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 25 Jul 2021 03:12:39 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame 3CC0 		1 KB
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
830
x-xss-protection
0
server
cafe
etag
3558876194914413708
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 08 Aug 2021 03:12:19 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/ Frame 3CC0 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/abg_lite_fy2019.js
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7438cd6d98fc8e372c9a87e319ab965229ce2ba37798db808c8408f791db86ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:06:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
353
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7622
x-xss-protection
0
server
cafe
etag
16178317465966918049
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 08 Aug 2021 03:06:46 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame 3CC0 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/window_focus_fy2019.js
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:03:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
570
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 08 Aug 2021 03:03:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3CC0 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4409f886851d18b5071cc08d25845e0d959d51fd1e9eec92118d0f12a44e5eeb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:39 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1627039891503395"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38153
x-xss-protection
0
expires
Sun, 25 Jul 2021 03:12:39 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame 3CC0 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1b1a4081a8a32bc714fbb7a2509141683bc3eb707a421c0db556ed856f6d8e99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:07:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
284
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6195
x-xss-protection
0
server
cafe
etag
10716856519410487149
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 08 Aug 2021 03:07:55 GMT
l
www.google.com/ads/measurement/ Frame 3CC0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTPVzM_Dgdo1Lt9NYXNbdN_Zxn75xewTNZvweQ7RDWiti2_we7NLCrjYHMtPx9TjVAIeJdnCI-MBaIy-k1erVwBwn7TTg
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
4661e2b537cafc373934756b83790a75.js
www.gstatic.com/mysidia/ Frame 3CC0 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/4661e2b537cafc373934756b83790a75.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d450db79b0f7039b6486a399d93ebe1efa7a81e0f7b1170931b8b3dddf4a31d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 02:23:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2927
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10780
x-xss-protection
0
last-modified
Tue, 20 Jul 2021 05:53:23 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sat, 23 Oct 2021 02:23:52 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 3CC0 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CPWv7ptb8YNOWN8nl3gPCm7DICt6sz4pi7_SqyfwK3t2pkp0dEAEgiOimfWCVAqABj-Dy0QLIAQmpAjXhxKEswLM-4AIAqAMByAObBKoE8gFP0LB2DXDy2cCFQPWzuy7PbbXqHDelkyTxazLZG8dFSJ5n5lkicgP2J7EOn6Be4Z6AsVO6HLG9s27jaZNdtBtsEB1SzdcY3B_kBVvljxHCe5zDEY6BLuKpyTGtW_ifW8a2I17gM4dzhPmaNqNYcHOJXqSgOfv4OGIvO3ohJgaLbuRuUfEK8cRvWy1xTKMm8BjI_SSLR5jzEW3KqT81gy6CwBxxXrikk2SYBKde7B5rhmePr-w5PdG_bwj0B3pmPF-2Fd2YKukmTsptexdGNiqFd14deeB4U9RzREJTRHFf5X3LSm9vl4KCYg0DZXWgcvOdSMAEmqCCq7IC4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB9mfja4BqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCgsAPSCAkIiOGAEBABGB2ACgPICwHYEw2IFATQFQGAFwGyFxoKGAgAEhRwdWItMjU5MDQ1MTI2NDA0Mjg0Mg&sigh=F1lPyLZ6zls&template_id=494
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
shopping
encrypted-tbn0.gstatic.com/ Frame 3CC0 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSt8h8jKVfyQ2UL482fhlj3hVNKgtMQ251uH9qxeEWDvjrhCBO1EY_8Nus3aw&usqp=CAI
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a3d4b847babd625738fab334f4d2b4ce8cff00ea0c8647a0719e830c6e61747
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 05:56:18 GMT
x-content-type-options
nosniff
last-modified
Tue, 04 May 2021 01:18:46 GMT
server
sffe
age
422181
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10324
x-xss-protection
0
expires
Wed, 20 Jul 2022 05:56:18 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame 3CC0 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRYNPesl2OiLIBkRLg-W6D0jM2IuefHWWuPZXQf7z_GmS_XWa3HIvqqVxIFhOc&usqp=CAI
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
42a1f4f79fd6bfc07e44674e3777785e4f9cf92b0f3ab50bd7c2da0d8e757ba7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Jul 2021 06:18:54 GMT
x-content-type-options
nosniff
last-modified
Sat, 20 Feb 2021 16:41:58 GMT
server
sffe
age
593625
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8846
x-xss-protection
0
expires
Mon, 18 Jul 2022 06:18:54 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 3CC0 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQ117Mfui1vuMDVlGvO1Irw19X7IrmDdSVD6XzSkLSU0-10U94x-MxtCD6o274&usqp=CAI
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4e1d9d1502865bc43d7c3560c2c3e8ce18e4349e945700cf9615be2fe39b2e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 11:28:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 24 Jan 2021 06:59:56 GMT
server
sffe
age
56637
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10058
x-xss-protection
0
expires
Sun, 24 Jul 2022 11:28:42 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 3CC0 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcT79H26hiyuCt1b8Dalx8EBAc4_Rhvo7rKuwA4AqcwV6oLtoqRD96Pz7QtaVA&usqp=CAI
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5b97e17077cff8fe3c8471d37ca02b9490aa7393a3505481c66e631f4082c96
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 12:38:29 GMT
x-content-type-options
nosniff
last-modified
Sat, 20 Mar 2021 08:01:24 GMT
server
sffe
age
225250
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15680
x-xss-protection
0
expires
Fri, 22 Jul 2022 12:38:29 GMT
10961211485099542529
tpc.googlesyndication.com/simgad/ Frame 3CC0
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnz8L0mAEQwAIYwAIyCKmt_0JLcgDt
  • https://tpc.googlesyndication.com/simgad/10961211485099542529
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10961211485099542529
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
125a7792f218e4f2535cf90eb39ab5465d7ea509386143fc06b8cc0f60df957a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Jul 2021 22:47:08 GMT
x-content-type-options
nosniff
age
447931
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8555
x-xss-protection
0
last-modified
Thu, 24 Oct 2019 10:11:39 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Jul 2022 22:47:08 GMT

Redirect headers

timing-allow-origin
*
date
Sat, 24 Jul 2021 03:40:25 GMT
x-content-type-options
nosniff
server
cafe
age
84734
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/10961211485099542529
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 23 Aug 2021 03:40:25 GMT
truncated
/ Frame 3CC0 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5c64a0ab0cbc91f0b36fa4ac96a0195843869a8d50a6bf163b4de0a392e6e0a5

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame 3CC0 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 16:30:42 GMT
x-content-type-options
nosniff
age
384117
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20900
x-xss-protection
0
last-modified
Mon, 19 Apr 2021 22:53:16 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 16:30:42 GMT
weather_mdz.css
telemet.xyz/mdz/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://telemet.xyz/mdz/weather_mdz.css
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:14bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aad918e70fbc0a100a446924f594ee20dec7fdffd5aff126172b8fcfa5d4a40c

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:39 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
290
cf-polished
origSize=9112
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
pragma
public
last-modified
Mon, 27 Aug 2018 17:11:52 GMT
server
cloudflare
etag
W/"5b8430d8-2398"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r049hDGYzt1O%2BFD64ah6C6Yc%2BkBsFZq907HdbHBpzLkqEhE26nitu8moyZZUDyaTImEDUKO4cZ9bIkuChzm3wy7cB0A%2BVlw88xLnTTmcU9iTU81%2BKZEnw7nBopVZkou2iM1WEiqGMIGjiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
expires
Sun, 25 Jul 2021 03:17:49 GMT
cache-control
max-age=600, public, max-age=600
cf-ray
67423537fdd2177a-FRA
cf-bgj
minify
CURRENT.json
telemet.xyz/mdz/ 		21 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://telemet.xyz/mdz/CURRENT.json?get_param=value
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.8.2/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::6815:14bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8187123a5cdd334d624225a62e455a9f13c3024714cd74f9b24ff419a2cde4ba

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:40 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
pragma
public
last-modified
Sun, 25 Jul 2021 02:45:03 GMT
server
cloudflare
etag
W/"60fcd02f-5356"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f3RZeFcELGPqZwwBgXgqKMwktEMD6rbUU5V1niXTaXQYI5YHzkF8WjhiI0t5lsHEabGfiIz5bWKCBzcU52dbOwSfGwyIFZiglRQlvgYagzCLEbfxBMJqC5xWHchTl3UU4PTikPef9hGxng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=600, public, max-age=600
cf-ray
67423537f8ddd709-FRA
expires
Sun, 25 Jul 2021 03:22:40 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021071401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9455ee79d03d3262de042233c2d243c9fa3ffdca059e071685c96bf8ceea1962
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 25 Jul 2021 03:12:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8460
x-xss-protection
0
rum
www.mdzol.com/cdn-cgi/ 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.mdzol.com/cdn-cgi/rum?req_id=67423524e9154e07
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:19c2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-fetch-mode
cors
origin
https://www.mdzol.com
accept-encoding
gzip, deflate, br
accept-language
en-US
sec-fetch-dest
empty
cookie
_fbp=fb.1.1627182758699.1542157851; __gads=ID=ccfaa71742e82708-2212ba058cc800dd:T=1627182758:S=ALNI_MYHC1ojoC7xC2VVuaO7L495pL4-sg
content-length
31687
:path
/cdn-cgi/rum?req_id=67423524e9154e07
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json
accept
*/*
cache-control
no-cache
:authority
www.mdzol.com
referer
https://www.mdzol.com/
:scheme
https
sec-fetch-site
same-origin
:method
POST
Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
application/json

Response headers

date
Sun, 25 Jul 2021 03:12:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
access-control-allow-methods
POST,OPTIONS
content-type
text/plain
access-control-allow-origin
https://www.mdzol.com
access-control-max-age
86400
access-control-allow-credentials
true
cf-ray
67423537dc80536a-FRA
vary
Origin
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Sun, 25 Jul 2021 03:12:39 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 140C 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.mdzol.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.mdzol.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Sun, 25 Jul 2021 02:39:35 GMT
expires
Mon, 25 Jul 2022 02:39:35 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
1984
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 1658 		783 B
531 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
41ae6a4881ebeebcadfdeef1a7726ffa8fdcb26ffbf49b90e9d307e363832652
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-+T9PfTEd/MDP4rKhqEOrXw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.mdzol.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.mdzol.com/

Response headers

expires
Sun, 25 Jul 2021 03:12:39 GMT
date
Sun, 25 Jul 2021 03:12:39 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-+T9PfTEd/MDP4rKhqEOrXw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rC_9MNdzujh4BoSBgapm_dys7sQE8JDGlsbaQBHCCWU.js
pagead2.googlesyndication.com/bg/ Frame 140C 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/rC_9MNdzujh4BoSBgapm_dys7sQE8JDGlsbaQBHCCWU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac2ffd30d773ba387806848181aa66fddcaceec404f090c696c6da4011c20965
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 00:12:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
10786
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13334
x-xss-protection
0
last-modified
Wed, 14 Jul 2021 07:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 25 Jul 2022 00:12:53 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012107130206000/ Frame 8456 		188 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1caacdebd86c67f86ab89cdbd30b056a8c1141638aafdd35ec453c4bae91692b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
222459
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55160
x-xss-protection
0
server
sffe
date
Thu, 22 Jul 2021 13:25:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"b724d3ee8cec1601"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Jul 2022 13:25:00 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012107130206000/v0/ Frame 8456 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012107130206000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b16e9c1da7045c9057350282766a114be2070b065e5e8a42ae635d0610ba6d0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
222460
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4795
x-xss-protection
0
server
sffe
date
Thu, 22 Jul 2021 13:24:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"392d0f0d5f27c169"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Jul 2022 13:24:59 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012107130206000/v0/ Frame 8456 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012107130206000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
faf5e994ddbada86a873b5d14c1bc0f449a097e61e6fbe0c04e0691b70ec5644
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
222459
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27843
x-xss-protection
0
server
sffe
date
Thu, 22 Jul 2021 13:25:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"f120bcb28bbafed0"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Jul 2022 13:25:00 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012107130206000/v0/ Frame 8456 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012107130206000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d398520ac47945ab429cf02b444202f4db1cf7fee5b5335cf98fb009ce56ab8e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
222460
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1658
x-xss-protection
0
server
sffe
date
Thu, 22 Jul 2021 13:24:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"6fba3cabb8cd86f8"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Jul 2022 13:24:59 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012107130206000/v0/ Frame 8456 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012107130206000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29d096500cc94cbe347c613cb34199c274da1fe8b5df04fdb49ee75ace5edbec
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
222459
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12840
x-xss-protection
0
server
sffe
date
Thu, 22 Jul 2021 13:25:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"6d4edf2414c2591f"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Jul 2022 13:25:00 GMT
css
fonts.googleapis.com/ Frame 8456 		6 KB
669 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 25 Jul 2021 02:26:56 GMT
server
ESF
date
Sun, 25 Jul 2021 03:12:39 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 25 Jul 2021 03:12:39 GMT
es.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8456 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/es.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f86391f8f5e12c3838b2bb51d1910da2a1a2aa975e44bfc3e189dc8bccdc0549
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Jul 2021 23:14:39 GMT
x-content-type-options
nosniff
server
cafe
age
14280
etag
15820072736840818134
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2687
x-xss-protection
0
expires
Sun, 25 Jul 2021 23:14:39 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8456 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Jul 2021 12:37:33 GMT
x-content-type-options
nosniff
server
cafe
age
52506
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sun, 25 Jul 2021 12:37:33 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/1470044453616930424/ Frame 8456 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1470044453616930424/downsize_200k_v1
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
602ff4c71559293f587f6819faa2881c15f21da62f3ff9f0de91958e4cc24083
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 00:23:36 GMT
x-content-type-options
nosniff
age
442143
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23752
x-xss-protection
0
last-modified
Wed, 04 Sep 2019 08:01:10 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 00:23:36 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/9340273311301133063/ Frame 8456 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9340273311301133063/downsize_200k_v1?w=1200&h=628
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d069648ddf49a606c25feca74c3732aaecbd5138ded045adc296b2444e9f9b69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 06:57:44 GMT
x-content-type-options
nosniff
age
418495
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43580
x-xss-protection
0
last-modified
Wed, 04 Sep 2019 08:01:10 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 06:57:44 GMT
truncated
/ Frame 8456 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 8456 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5a97c142901e6148affb01a849efc3ec6d3b1d9cecadb3d597194a73aa3c962d

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
adview
securepubads.g.doubleclick.net/pagead/ Frame 8456 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CvxpXp9b8YJHjGsGtrATD-IvwD_LPps9jrpOD-vYK3NkeEAEgiOimfWCVAqAB9867gwPIAQmpAjXhxKEswLM-4AIAqAMByAMKqgT0AU_QUFgKK78g6x42TLfA1QGUCHmdE824MNv6Jezh7OYQHX5cdbw9KWbju34eoFucbdjUbgmce3LfJQZHFirc2QK1QPp9PCHuG1N3kMrANVLugdDhyC-U4vQPZhxhHIPophe9CpB2eBavvajugy6RwrUvTksnf0wCqU4OtSmKkaK37-5msINhIyBxbAahgdVRU04wsjho0_k-myfEK7Wyrg4mbUtQHGvEqm-H2_cqVXWY3tsSoZ1KSxOYP5c7z6IJzeDZSN0mcp7Lm_6WkhTNfjZp7mqFK9n053rwgKJcukNT0nQwxqKQFl8orWKHvjrPpaODWQ3ABJbMlcrkAuAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfxsMR8qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEJLmAtIICQiI4YAQEAEYHYAKA8gLAdgTDYgUAtAVAZgWAYAXAbIXGgoYCAASFHB1Yi0yNTkwNDUxMjY0MDQyODQy&sigh=S1mBa6q5WvI&template_id=484
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 8456 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.mdzol.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 12:00:01 GMT
x-content-type-options
nosniff
age
400358
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:46 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 12:00:01 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 8456 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.mdzol.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 01:45:21 GMT
x-content-type-options
nosniff
age
437238
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15732
x-xss-protection
0
last-modified
Mon, 05 Apr 2021 21:10:39 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 01:45:21 GMT
es.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8456 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/es.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f86391f8f5e12c3838b2bb51d1910da2a1a2aa975e44bfc3e189dc8bccdc0549
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Jul 2021 23:14:39 GMT
x-content-type-options
nosniff
server
cafe
age
14280
etag
15820072736840818134
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2687
x-xss-protection
0
expires
Sun, 25 Jul 2021 23:14:39 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 8456 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Jul 2021 12:37:33 GMT
x-content-type-options
nosniff
server
cafe
age
52506
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sun, 25 Jul 2021 12:37:33 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021071401&jk=2300070110521685&bg=!1Nel15PNAAbnC78O5ws7ACkAdvg8WgyaHRY60yG4aW2zb4KtASNkglOm1nI3KWLE5oM2kXiHCHa9qAIAAACDUgAAADNoAQeZAn80g1zY4ApIzRN_-5vUf9138Wcjo5-5lQ-2fh0NstSPSwpY-3w7tjX-Xn8Bf0nmqxYTIfP2I7Fj7jFRBPFzz4qX-uxQ5pQK_5KIRB6dpjC0XoP00olM6pHmccgc69yluKSBgQO61GTgmh09lx0VSQ9VOeNoCEZXuWWFrEFNTbCngnO1bMpegiHnkcl_X7Vr6VSGC_nnyUNOIQru_CHn65yYut68blT_01iH-xk4dlNTdt-Uh1TtNPoTPl39aVqdmC4cW-rVSV8kVY01gwbLD3FTOCXRWL0giuS75xMTXvBRAYLjojwehcYqGAOAR68nhBz8XF353-sxEUq0I0p_uuhAo_femet5ThYS1v76qQBxaQsHp7GlY1Ob1-9LR3imJJF6-8-9iumYLxqy3Q6NVpd0aBxrd99vVuyZ78u9ilqXMxv1gWb0v9YrtCvYmU8Clgpa7UkWdNImnnR70t14GDAMzwfhB0qCzwGvlCHtrWTR5fNApuOQjc1QICUqUODOsme2-jA2TVJWSGa3GOFAn9J1cRGF0soVLw-cnvc2C75Ror1c84XB4wCgSW4-eATI9MDSRD_PklodsQ0ozM8GIouX17GVUD-SgC0oZYLS3HZ-FlAvgmq-ZiOee0IzbEeon2acxCEH-qBkBeILtbBOtHUYRRoyYzkhjl8piltFXTEXFeqD1aNWht5b1aBhM6CDQpyVCRHe6k3tgLvBjPLSjJ5WYii_mzcvWQCko55OCqMh3ZP25_AFAKdYciTLpHNIk-jWstQuqhyG-1hchVAzOr5z5aCwtaWpE408MEmYlRzDMK2T0SRbhgXrah96KCmoTi5PA1SRnuzR8-gVOF8LdpM
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Jul 2021 03:12:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mdz-clima.woff
telemet.xyz/mdz/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://telemet.xyz/mdz/mdz-clima.woff
Requested by
Host: telemet.xyz
URL: https://telemet.xyz/mdz/weather_mdz.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3032::6815:14bd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55e1e466133efcfc0d2c5c089bf7e7a58a1f443caab6b45ecc8a6df18e8ad780

Request headers

Origin
https://www.mdzol.com
Referer
https://telemet.xyz/mdz/weather_mdz.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:40 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
139
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
13872
pragma
public
last-modified
Wed, 22 Aug 2018 19:30:38 GMT
server
cloudflare
etag
"5b7db9de-3630"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U8Qjaie8obFc%2FjvzyFYIrHojtR0%2BWLM16P9hXSZPnzWh1iok6k7c7XIFdOp9EYMVvrylGyOsAHi1WPZx5OIxwnq7JDGauOhzrvSIdJuiuNBAFHL90CpUhBEGqnoxa%2B0pZ6p4%2BJDKrGQblA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=600, public, max-age=600
accept-ranges
bytes
cf-ray
6742353b3f2918e5-FRA
expires
Sun, 25 Jul 2021 03:20:20 GMT
container.html
2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CD54 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.mdzol.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.mdzol.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Sun, 25 Jul 2021 03:12:38 GMT
expires
Mon, 25 Jul 2022 03:12:38 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
googleads.g.doubleclick.net/xbbe/ Frame 3BEF 		624 B
474 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYr8jFlQEwAQ&v=APEucNUT5GY6oT_2uLE-uXUPmM16g3MBi1Hhc4z5JJ5x84IJOk7CyF2h2jXjgyw7ecvcFcKQXda_Xyfs-PirxkRknkRsMRL7cRVekuyh4kEraL8LbZcaXXUKJi0zUuMgeo2_gqhLDe-6tbp6zzhEN-9vBu8eR8FyR-6D3PkH0cfGSHOhT8SnQ7c
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CN-KGhCn9EsYr8jFlQEwAQ&v=APEucNUT5GY6oT_2uLE-uXUPmM16g3MBi1Hhc4z5JJ5x84IJOk7CyF2h2jXjgyw7ecvcFcKQXda_Xyfs-PirxkRknkRsMRL7cRVekuyh4kEraL8LbZcaXXUKJi0zUuMgeo2_gqhLDe-6tbp6zzhEN-9vBu8eR8FyR-6D3PkH0cfGSHOhT8SnQ7c
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnqnZcAGeoGtBpWq0XsVP94pxJIArhAP9QIvHTYmWI8JvjZ5BMFPLhM2ymc69I; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sun, 25 Jul 2021 03:12:40 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 25 Jul 2021 03:12:40 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame CD54 		24 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D_wBSmpjiTbIh7xDAkyjNMvCvOWLaxa3THEKDIMtxGB3cSG99xBpW5BkduJs8d5Pr212mVvXQgAYM-EyCBOKDMaAWF9IH11ZSgQo6OdMHw0KFZNQEZIeNVY1KInbn8hrHiFBFmvvYVytGNUX4HOAc3bAOikA&cry=1&dbm_d=AKAmf-DtLBp_0SJRz-kUlnWipaAB-HU1UrgR0FAIEa78YuTRurT5ERPeP2Zko5B56xDoxYLmVzYDVNW5GJfPhawQLHpXxDXoPBMG1N9AzX_P1hw-acGPIt46V0zablkyovBDIxcdDhjRQBbIzu7VImW0yZFv8T1TXOtg71YFVxd21SO9x1u-E3mPv_Zxrn5ro3VIyW6WAlM1TZclaW9msO9JcDeemgeoGImHaK7ztzJ703KbCEit9w01O4FT0PoF4Fw3iShIyybvML3K4tDT4HLGUaDF35W_ZyywhiXp9oCXAKUCWVXEPwxBIOp6Fs99EyEK-k5Of_NLHsI2FOSFMfrSTYWos6lspR0NF0DzirpVOWnkZHZ4dmYMu2l5eiWEOaWpYaUoLm3NgMRvbZHmhQ7Hv8Xkgf0lnUqP30lCiLXQVrfOgcPUyHOE4oon3LIjceIlfYOEBoKTVhFtqbL518V6mT_gHn-8U51daFgeWSlxU44mYM3XzVDakUoBzgeMt71aWXR0d-trSyiRECsRvv8Nxee1jGPTjyzxF4fD87mzb-oX3dljefdguO12sTSQ1DSjTzK8hCExf8jEpKsU2rdtFOY2HeKKKn8GbiWFneKcr4Oxijbq5Fyvhj7sbb7dxMR_5AjA60ERp0vKVCtF7oW2HSs8XXxfhgJP_qOGrWi_kEha7Cir9yrIVvS2GIJakTKEzHqSBdyYLtubROG6l37hLrJfR7jSYS6zdff-VnrFE-0Ssb-UazB2cIqDyGWtpGlXQ4iM6JmGwaDPWR-uVjsTeEXNAYBLCo4wX3cPuVzwTvkecmuRj9Qt01Z0JGAb0lYMridcXyJ7fD9qo9Gg_0_VvDnh58kIOTmPUwosGVIr0qaYmfuC9zCQCLPca7Mg95McrWVGFO8EJTwL46rN3DvimnF1Eti-i07Np2z84rNi9DXOroiAPC1AZtdG7VHIbPtkPtHk59V1SWnGDH0Ev_wb24M_GoY0UpfuqQbh-k7Nc6ZAY9IJsW2YGcU2ppguMKind4b-TS0PTc-Cqpi4pJAHlKY0vQJYvJKSI5DoH0Gn54V2fcDlnjNKAf6I4t0nZr6N8LNQk8y0BDBtFlCnr5CNQ3UF0LazcmHy_jbRv-yqDb7_Ws-sUVn9EXhNmafBnmtSVhoofNWpBltwZYFpxS2k-g5ZsyVHvjZXhpLrm-4qWTy9ZxGVhd-YGEbSIWXn_KBzeO-mzHObk0YllfI68D0Uvj_8Hl-GxCNNLUDRUBH4bVBR5Xc2fYspsMfIBVDeh5681s5FqIMuFBv0ALazidkPlEK7bmXPHtCnGEpNiTiIBsoYkA_raPVqDNN3XhOA2zlKs8SUzhjmYuhFaXje-p7mxpu3l2SoHtAagTujNJC0BxvOqsJ0QaIuXs8bRXkgC8z3gpPy9ZfXROtUTucCawS4YHmRY0AAV3H2ItjK_tndTNMvHY88U1VLmEyk3Qu4y-BgVuG7sJxqt5P4tgbhGT4nOiAPTnsrtxzbqISSCh-tL13dg_sOuQt0VU7ULxSYFwvYx4NeLnKJ0QC_k_ybYs3666T_gxQ3CvPX2Yepuh-YwALQ_gcWji4AGsniEkqzunL3R0Wh857ab7I-_9sbbxAzRLeoeVtimrV5byNyiclX-sLzr25L9FL4u3u_xgDvyyJxzpnMzHZLXYEAPB_y9lCMVl9U_BRyqjsnbGOKaykwZa1Fr_86hL4uRrRYHZsBMyI0ZOFpPCSPYC9kn33po85w97-WUWB4ckZ0UZOseyfz4GXVwbGS4ujksihvyj85RTawURRU8iArDDQybBZcHqxjebtVKJ6ydpxoXmfs_jCICgcp52oaimx0oWroyLbm3bDoYGvA4iDpX6YOsqzwB0kND5ZAC7atOgMuE5UbUVC7DoRj0M7tEOIWr_g94kQVZJWIwSXqFxoKibX9JdxRPJIzuKOimxuvKbH97_tYgnz9_y0PIE5e9IrLZ-F7XTOXjPfRS3cQaL-8UV-yd2UTEfvgERBSbuWVpg8X9OaHCEtpmPIUKrng-4L3XMOONv7kDKE3JWc9YBrG4qTHjHUydchWmDUQqHq7DvROO7YgeLNhHlG2OsL6jO2_KgBhEb6-8r0lXv5KHciDjtRNFo7h8BZy6aTkGOQCsxcMCT5hMuf2rR7ebAGOWgG1un1Qn5tc13FAikQ126PK2nAt6IKjYu-PMoNXf8f9nZmkdUaoWiQkccMLV4STbptJcfsSOQRIfRDJj8lkyRPdC8Ofw1FPJWBX4aywRp-NpWu-hKD2Dxud8rsO8sjATujVSca3XxidookjnjrUm1x4JvzPZWiU-aEbJu4BYNX1bTA9JdnLx2P65lKGFz_tFWWphCaJbz1FT_0Gyk4a_fWNUPsoIBIz9BAGXCqJX3p9zW7rp3LwgbfVTtQXmSZTDG6Z9GD4uJ3pfs-s34W6W1JWY1kr8PU1_uP8UQkKTMtflYkWwWm0IFrYM0vo2o7QuvgnW-hFkXu9h8ic6YJaZva1cwec8yhkULCC5lyZKC_G-BbTmR9rv_jjsgXCJeI5JAVP4FFHQQ9RyFTWFQXgxPlwv8VXmEs_61bUBQ5QC5ZQ4y80S2lfLHDKQP7arFlrfpozXBERZmOo8oN4-VCPNPbV3Ox2spbujA7BgGNVxR-klSgRiG9RFVXeWtu5KOwY1FRKP9XaHOcYuGPOsYfpvuzqI3-mWNWFaqF9Po4i9o26Kz9GycD8P7fLccV8nPRwwnG3bextzbU74YsrJKx8q1N5G1C2kN6MnMb9yVQTHmJ5z2Cjd7nwTVfXU7GsWrWsk9deRpSqopBKhjY2INosubLKG15Fxf_auOXIrMcsizxGdhcO1-19pANoI8hNLRykFFlH3hVBGckqf_Bu0xCq3LahuPmgZMO0LCNT9wdxE7wnauVsQQ82N5Ha6nZgDT4xAQ0w7YGe7WYz2VUgvBzIgr8BuZLzXLDQ9JtKwCkfMrAPGVlHJlxWg7wrxDQYXdYE76MSasuy6_rfHBrx68Z1gTJfIF6Begu9Y5zJrOrpzVqacA&cid=CAASFeRoHnnX03zwNQlbwNK7E4-XwYUzDg&rfl=1%2Chttps%253A%252F%252Fwww.mdzol.com%252F%240
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a06771058ba3a1d053d0d1a37aabecf454414fc274507ad9f49348390e6bd87b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Jul 2021 03:12:40 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12788
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CD54 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cr-AX6AWrebKCt_zu1lbTIecgYggITDdqMKumv7mW2f1YJ3wcDe4NtFG65aCLCTWC4UJWvPTRhoHTr4hooOHQypOhX47qTxy6NeJiTeyzIRTrKuDc
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Jul 2021 03:12:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame CD54 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/window_focus_fy2019.js
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:03:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
571
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 08 Aug 2021 03:03:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CD54 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4409f886851d18b5071cc08d25845e0d959d51fd1e9eec92118d0f12a44e5eeb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:40 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1627039891503395"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38153
x-xss-protection
0
expires
Sun, 25 Jul 2021 03:12:40 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame CD54 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1b1a4081a8a32bc714fbb7a2509141683bc3eb707a421c0db556ed856f6d8e99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:07:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
285
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6195
x-xss-protection
0
server
cafe
etag
10716856519410487149
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 08 Aug 2021 03:07:55 GMT
rum
dsum-sec.casalemedia.com/ Frame 3BEF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENqLQS9xtxf1Wyf-r9Mrsyw&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENqLQS9xtxf1Wyf-r9Mrsyw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYr8jFlQEwAQ&v=APEucNUT5GY6oT_2uLE-uXUPmM16g3MBi1Hhc4z5JJ5x84IJOk7CyF2h2jXjgyw7ecvcFcKQXda_Xyfs-PirxkRknkRsMRL7cRVekuyh4kEraL8LbZcaXXUKJi0zUuMgeo2_gqhLDe-6tbp6zzhEN-9vBu8eR8FyR-6D3PkH0cfGSHOhT8SnQ7c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 25 Jul 2021 03:12:40 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 25 Jul 2021 03:12:40 GMT

Redirect headers

pragma
no-cache
date
Sun, 25 Jul 2021 03:12:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENqLQS9xtxf1Wyf-r9Mrsyw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 3BEF
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YPzWqAhgiTCBt6UlOit5BwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENqLQS9xtxf1Wyf-r9Mrsyw&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENqLQS9xtxf1Wyf-r9Mrsyw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYr8jFlQEwAQ&v=APEucNUT5GY6oT_2uLE-uXUPmM16g3MBi1Hhc4z5JJ5x84IJOk7CyF2h2jXjgyw7ecvcFcKQXda_Xyfs-PirxkRknkRsMRL7cRVekuyh4kEraL8LbZcaXXUKJi0zUuMgeo2_gqhLDe-6tbp6zzhEN-9vBu8eR8FyR-6D3PkH0cfGSHOhT8SnQ7c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 25 Jul 2021 03:12:40 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 25 Jul 2021 03:12:40 GMT

Redirect headers

pragma
no-cache
date
Sun, 25 Jul 2021 03:12:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENqLQS9xtxf1Wyf-r9Mrsyw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 3BEF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEI1fXukSmICFxzhTEnMsWos&google_cver=1
43 B
1003 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEI1fXukSmICFxzhTEnMsWos&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYr8jFlQEwAQ&v=APEucNUT5GY6oT_2uLE-uXUPmM16g3MBi1Hhc4z5JJ5x84IJOk7CyF2h2jXjgyw7ecvcFcKQXda_Xyfs-PirxkRknkRsMRL7cRVekuyh4kEraL8LbZcaXXUKJi0zUuMgeo2_gqhLDe-6tbp6zzhEN-9vBu8eR8FyR-6D3PkH0cfGSHOhT8SnQ7c
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 25 Jul 2021 03:12:40 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
8b18b087-92f6-4db6-83d3-1eb9ae8919e9
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 25 Jul 2021 03:12:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEI1fXukSmICFxzhTEnMsWos&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3BEF
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODU1MjAxMTk2MDEwNDA0NDg1
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODU1MjAxMTk2MDEwNDA0NDg1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYr8jFlQEwAQ&v=APEucNUT5GY6oT_2uLE-uXUPmM16g3MBi1Hhc4z5JJ5x84IJOk7CyF2h2jXjgyw7ecvcFcKQXda_Xyfs-PirxkRknkRsMRL7cRVekuyh4kEraL8LbZcaXXUKJi0zUuMgeo2_gqhLDe-6tbp6zzhEN-9vBu8eR8FyR-6D3PkH0cfGSHOhT8SnQ7c
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Jul 2021 03:12:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 25 Jul 2021 03:12:40 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
05e7b200-834a-4d02-8f50-a4c16f48e031
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODU1MjAxMTk2MDEwNDA0NDg1
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210720/r20110914/ Frame CD54 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210720/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D_wBSmpjiTbIh7xDAkyjNMvCvOWLaxa3THEKDIMtxGB3cSG99xBpW5BkduJs8d5Pr212mVvXQgAYM-EyCBOKDMaAWF9IH11ZSgQo6OdMHw0KFZNQEZIeNVY1KInbn8hrHiFBFmvvYVytGNUX4HOAc3bAOikA&cry=1&dbm_d=AKAmf-DtLBp_0SJRz-kUlnWipaAB-HU1UrgR0FAIEa78YuTRurT5ERPeP2Zko5B56xDoxYLmVzYDVNW5GJfPhawQLHpXxDXoPBMG1N9AzX_P1hw-acGPIt46V0zablkyovBDIxcdDhjRQBbIzu7VImW0yZFv8T1TXOtg71YFVxd21SO9x1u-E3mPv_Zxrn5ro3VIyW6WAlM1TZclaW9msO9JcDeemgeoGImHaK7ztzJ703KbCEit9w01O4FT0PoF4Fw3iShIyybvML3K4tDT4HLGUaDF35W_ZyywhiXp9oCXAKUCWVXEPwxBIOp6Fs99EyEK-k5Of_NLHsI2FOSFMfrSTYWos6lspR0NF0DzirpVOWnkZHZ4dmYMu2l5eiWEOaWpYaUoLm3NgMRvbZHmhQ7Hv8Xkgf0lnUqP30lCiLXQVrfOgcPUyHOE4oon3LIjceIlfYOEBoKTVhFtqbL518V6mT_gHn-8U51daFgeWSlxU44mYM3XzVDakUoBzgeMt71aWXR0d-trSyiRECsRvv8Nxee1jGPTjyzxF4fD87mzb-oX3dljefdguO12sTSQ1DSjTzK8hCExf8jEpKsU2rdtFOY2HeKKKn8GbiWFneKcr4Oxijbq5Fyvhj7sbb7dxMR_5AjA60ERp0vKVCtF7oW2HSs8XXxfhgJP_qOGrWi_kEha7Cir9yrIVvS2GIJakTKEzHqSBdyYLtubROG6l37hLrJfR7jSYS6zdff-VnrFE-0Ssb-UazB2cIqDyGWtpGlXQ4iM6JmGwaDPWR-uVjsTeEXNAYBLCo4wX3cPuVzwTvkecmuRj9Qt01Z0JGAb0lYMridcXyJ7fD9qo9Gg_0_VvDnh58kIOTmPUwosGVIr0qaYmfuC9zCQCLPca7Mg95McrWVGFO8EJTwL46rN3DvimnF1Eti-i07Np2z84rNi9DXOroiAPC1AZtdG7VHIbPtkPtHk59V1SWnGDH0Ev_wb24M_GoY0UpfuqQbh-k7Nc6ZAY9IJsW2YGcU2ppguMKind4b-TS0PTc-Cqpi4pJAHlKY0vQJYvJKSI5DoH0Gn54V2fcDlnjNKAf6I4t0nZr6N8LNQk8y0BDBtFlCnr5CNQ3UF0LazcmHy_jbRv-yqDb7_Ws-sUVn9EXhNmafBnmtSVhoofNWpBltwZYFpxS2k-g5ZsyVHvjZXhpLrm-4qWTy9ZxGVhd-YGEbSIWXn_KBzeO-mzHObk0YllfI68D0Uvj_8Hl-GxCNNLUDRUBH4bVBR5Xc2fYspsMfIBVDeh5681s5FqIMuFBv0ALazidkPlEK7bmXPHtCnGEpNiTiIBsoYkA_raPVqDNN3XhOA2zlKs8SUzhjmYuhFaXje-p7mxpu3l2SoHtAagTujNJC0BxvOqsJ0QaIuXs8bRXkgC8z3gpPy9ZfXROtUTucCawS4YHmRY0AAV3H2ItjK_tndTNMvHY88U1VLmEyk3Qu4y-BgVuG7sJxqt5P4tgbhGT4nOiAPTnsrtxzbqISSCh-tL13dg_sOuQt0VU7ULxSYFwvYx4NeLnKJ0QC_k_ybYs3666T_gxQ3CvPX2Yepuh-YwALQ_gcWji4AGsniEkqzunL3R0Wh857ab7I-_9sbbxAzRLeoeVtimrV5byNyiclX-sLzr25L9FL4u3u_xgDvyyJxzpnMzHZLXYEAPB_y9lCMVl9U_BRyqjsnbGOKaykwZa1Fr_86hL4uRrRYHZsBMyI0ZOFpPCSPYC9kn33po85w97-WUWB4ckZ0UZOseyfz4GXVwbGS4ujksihvyj85RTawURRU8iArDDQybBZcHqxjebtVKJ6ydpxoXmfs_jCICgcp52oaimx0oWroyLbm3bDoYGvA4iDpX6YOsqzwB0kND5ZAC7atOgMuE5UbUVC7DoRj0M7tEOIWr_g94kQVZJWIwSXqFxoKibX9JdxRPJIzuKOimxuvKbH97_tYgnz9_y0PIE5e9IrLZ-F7XTOXjPfRS3cQaL-8UV-yd2UTEfvgERBSbuWVpg8X9OaHCEtpmPIUKrng-4L3XMOONv7kDKE3JWc9YBrG4qTHjHUydchWmDUQqHq7DvROO7YgeLNhHlG2OsL6jO2_KgBhEb6-8r0lXv5KHciDjtRNFo7h8BZy6aTkGOQCsxcMCT5hMuf2rR7ebAGOWgG1un1Qn5tc13FAikQ126PK2nAt6IKjYu-PMoNXf8f9nZmkdUaoWiQkccMLV4STbptJcfsSOQRIfRDJj8lkyRPdC8Ofw1FPJWBX4aywRp-NpWu-hKD2Dxud8rsO8sjATujVSca3XxidookjnjrUm1x4JvzPZWiU-aEbJu4BYNX1bTA9JdnLx2P65lKGFz_tFWWphCaJbz1FT_0Gyk4a_fWNUPsoIBIz9BAGXCqJX3p9zW7rp3LwgbfVTtQXmSZTDG6Z9GD4uJ3pfs-s34W6W1JWY1kr8PU1_uP8UQkKTMtflYkWwWm0IFrYM0vo2o7QuvgnW-hFkXu9h8ic6YJaZva1cwec8yhkULCC5lyZKC_G-BbTmR9rv_jjsgXCJeI5JAVP4FFHQQ9RyFTWFQXgxPlwv8VXmEs_61bUBQ5QC5ZQ4y80S2lfLHDKQP7arFlrfpozXBERZmOo8oN4-VCPNPbV3Ox2spbujA7BgGNVxR-klSgRiG9RFVXeWtu5KOwY1FRKP9XaHOcYuGPOsYfpvuzqI3-mWNWFaqF9Po4i9o26Kz9GycD8P7fLccV8nPRwwnG3bextzbU74YsrJKx8q1N5G1C2kN6MnMb9yVQTHmJ5z2Cjd7nwTVfXU7GsWrWsk9deRpSqopBKhjY2INosubLKG15Fxf_auOXIrMcsizxGdhcO1-19pANoI8hNLRykFFlH3hVBGckqf_Bu0xCq3LahuPmgZMO0LCNT9wdxE7wnauVsQQ82N5Ha6nZgDT4xAQ0w7YGe7WYz2VUgvBzIgr8BuZLzXLDQ9JtKwCkfMrAPGVlHJlxWg7wrxDQYXdYE76MSasuy6_rfHBrx68Z1gTJfIF6Begu9Y5zJrOrpzVqacA&cid=CAASFeRoHnnX03zwNQlbwNK7E4-XwYUzDg&rfl=1%2Chttps%253A%252F%252Fwww.mdzol.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1130c26caface5cfa7b2d0cdbbb70cdb3004c582e74969d580216f65596c47c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:01:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
686
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9349
x-xss-protection
0
server
cafe
etag
11779355884012761328
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 08 Aug 2021 03:01:14 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame CD54 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D_wBSmpjiTbIh7xDAkyjNMvCvOWLaxa3THEKDIMtxGB3cSG99xBpW5BkduJs8d5Pr212mVvXQgAYM-EyCBOKDMaAWF9IH11ZSgQo6OdMHw0KFZNQEZIeNVY1KInbn8hrHiFBFmvvYVytGNUX4HOAc3bAOikA&cry=1&dbm_d=AKAmf-DtLBp_0SJRz-kUlnWipaAB-HU1UrgR0FAIEa78YuTRurT5ERPeP2Zko5B56xDoxYLmVzYDVNW5GJfPhawQLHpXxDXoPBMG1N9AzX_P1hw-acGPIt46V0zablkyovBDIxcdDhjRQBbIzu7VImW0yZFv8T1TXOtg71YFVxd21SO9x1u-E3mPv_Zxrn5ro3VIyW6WAlM1TZclaW9msO9JcDeemgeoGImHaK7ztzJ703KbCEit9w01O4FT0PoF4Fw3iShIyybvML3K4tDT4HLGUaDF35W_ZyywhiXp9oCXAKUCWVXEPwxBIOp6Fs99EyEK-k5Of_NLHsI2FOSFMfrSTYWos6lspR0NF0DzirpVOWnkZHZ4dmYMu2l5eiWEOaWpYaUoLm3NgMRvbZHmhQ7Hv8Xkgf0lnUqP30lCiLXQVrfOgcPUyHOE4oon3LIjceIlfYOEBoKTVhFtqbL518V6mT_gHn-8U51daFgeWSlxU44mYM3XzVDakUoBzgeMt71aWXR0d-trSyiRECsRvv8Nxee1jGPTjyzxF4fD87mzb-oX3dljefdguO12sTSQ1DSjTzK8hCExf8jEpKsU2rdtFOY2HeKKKn8GbiWFneKcr4Oxijbq5Fyvhj7sbb7dxMR_5AjA60ERp0vKVCtF7oW2HSs8XXxfhgJP_qOGrWi_kEha7Cir9yrIVvS2GIJakTKEzHqSBdyYLtubROG6l37hLrJfR7jSYS6zdff-VnrFE-0Ssb-UazB2cIqDyGWtpGlXQ4iM6JmGwaDPWR-uVjsTeEXNAYBLCo4wX3cPuVzwTvkecmuRj9Qt01Z0JGAb0lYMridcXyJ7fD9qo9Gg_0_VvDnh58kIOTmPUwosGVIr0qaYmfuC9zCQCLPca7Mg95McrWVGFO8EJTwL46rN3DvimnF1Eti-i07Np2z84rNi9DXOroiAPC1AZtdG7VHIbPtkPtHk59V1SWnGDH0Ev_wb24M_GoY0UpfuqQbh-k7Nc6ZAY9IJsW2YGcU2ppguMKind4b-TS0PTc-Cqpi4pJAHlKY0vQJYvJKSI5DoH0Gn54V2fcDlnjNKAf6I4t0nZr6N8LNQk8y0BDBtFlCnr5CNQ3UF0LazcmHy_jbRv-yqDb7_Ws-sUVn9EXhNmafBnmtSVhoofNWpBltwZYFpxS2k-g5ZsyVHvjZXhpLrm-4qWTy9ZxGVhd-YGEbSIWXn_KBzeO-mzHObk0YllfI68D0Uvj_8Hl-GxCNNLUDRUBH4bVBR5Xc2fYspsMfIBVDeh5681s5FqIMuFBv0ALazidkPlEK7bmXPHtCnGEpNiTiIBsoYkA_raPVqDNN3XhOA2zlKs8SUzhjmYuhFaXje-p7mxpu3l2SoHtAagTujNJC0BxvOqsJ0QaIuXs8bRXkgC8z3gpPy9ZfXROtUTucCawS4YHmRY0AAV3H2ItjK_tndTNMvHY88U1VLmEyk3Qu4y-BgVuG7sJxqt5P4tgbhGT4nOiAPTnsrtxzbqISSCh-tL13dg_sOuQt0VU7ULxSYFwvYx4NeLnKJ0QC_k_ybYs3666T_gxQ3CvPX2Yepuh-YwALQ_gcWji4AGsniEkqzunL3R0Wh857ab7I-_9sbbxAzRLeoeVtimrV5byNyiclX-sLzr25L9FL4u3u_xgDvyyJxzpnMzHZLXYEAPB_y9lCMVl9U_BRyqjsnbGOKaykwZa1Fr_86hL4uRrRYHZsBMyI0ZOFpPCSPYC9kn33po85w97-WUWB4ckZ0UZOseyfz4GXVwbGS4ujksihvyj85RTawURRU8iArDDQybBZcHqxjebtVKJ6ydpxoXmfs_jCICgcp52oaimx0oWroyLbm3bDoYGvA4iDpX6YOsqzwB0kND5ZAC7atOgMuE5UbUVC7DoRj0M7tEOIWr_g94kQVZJWIwSXqFxoKibX9JdxRPJIzuKOimxuvKbH97_tYgnz9_y0PIE5e9IrLZ-F7XTOXjPfRS3cQaL-8UV-yd2UTEfvgERBSbuWVpg8X9OaHCEtpmPIUKrng-4L3XMOONv7kDKE3JWc9YBrG4qTHjHUydchWmDUQqHq7DvROO7YgeLNhHlG2OsL6jO2_KgBhEb6-8r0lXv5KHciDjtRNFo7h8BZy6aTkGOQCsxcMCT5hMuf2rR7ebAGOWgG1un1Qn5tc13FAikQ126PK2nAt6IKjYu-PMoNXf8f9nZmkdUaoWiQkccMLV4STbptJcfsSOQRIfRDJj8lkyRPdC8Ofw1FPJWBX4aywRp-NpWu-hKD2Dxud8rsO8sjATujVSca3XxidookjnjrUm1x4JvzPZWiU-aEbJu4BYNX1bTA9JdnLx2P65lKGFz_tFWWphCaJbz1FT_0Gyk4a_fWNUPsoIBIz9BAGXCqJX3p9zW7rp3LwgbfVTtQXmSZTDG6Z9GD4uJ3pfs-s34W6W1JWY1kr8PU1_uP8UQkKTMtflYkWwWm0IFrYM0vo2o7QuvgnW-hFkXu9h8ic6YJaZva1cwec8yhkULCC5lyZKC_G-BbTmR9rv_jjsgXCJeI5JAVP4FFHQQ9RyFTWFQXgxPlwv8VXmEs_61bUBQ5QC5ZQ4y80S2lfLHDKQP7arFlrfpozXBERZmOo8oN4-VCPNPbV3Ox2spbujA7BgGNVxR-klSgRiG9RFVXeWtu5KOwY1FRKP9XaHOcYuGPOsYfpvuzqI3-mWNWFaqF9Po4i9o26Kz9GycD8P7fLccV8nPRwwnG3bextzbU74YsrJKx8q1N5G1C2kN6MnMb9yVQTHmJ5z2Cjd7nwTVfXU7GsWrWsk9deRpSqopBKhjY2INosubLKG15Fxf_auOXIrMcsizxGdhcO1-19pANoI8hNLRykFFlH3hVBGckqf_Bu0xCq3LahuPmgZMO0LCNT9wdxE7wnauVsQQ82N5Ha6nZgDT4xAQ0w7YGe7WYz2VUgvBzIgr8BuZLzXLDQ9JtKwCkfMrAPGVlHJlxWg7wrxDQYXdYE76MSasuy6_rfHBrx68Z1gTJfIF6Begu9Y5zJrOrpzVqacA&cid=CAASFeRoHnnX03zwNQlbwNK7E4-XwYUzDg&rfl=1%2Chttps%253A%252F%252Fwww.mdzol.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 02:34:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2275
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 25 Jul 2022 02:34:45 GMT
ma1tq3l10cm4
hal9000.redintelligence.net/zone/ Frame CD54 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/ma1tq3l10cm4?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6wL1p9b8YI_1M6yYrASjq7SYCrXN-YNXnN-5q-UM8C4QASCI6KZ9YJUCyAEJqQI14cShLMCzPqgDAaoE5wFP0MsAlhidRE2u5fDEDuYwYdSS4gOaV_tH1VTDkSwz4JK5Pv8KtW-fm10PLWCNZ0FOAQYdDz1wqf0viQUZ_Nn56ANvMTHAWvZvIKqHLTikY_llWcZE6ONn2lbTU_GtE1f0YrhSA_HkN-FKgz8Ngbaot2Fnpb7WbSK-ayYBvjv5cuiGerQ1_N_U9CAUS29Qo27nK_O-iLOdJcis7tJQGX32A9IaObppoe1bvrESwMQPHeJrsq5zaTzYp0QDkyUN4GPXrexo1PjO98ffVcQfXmCF5Q_rPg4651vm2Vd1ySJP1R0N3Lwz_rnABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoHnnX03zwNQlbwNK7E4-XwYUzDg%26sig%3DAOD64_0ObkVP4eAEEoZlZaqGnuO-dOgPlw%26client%3Dca-pub-2590451264042842%26dbm_c%3DAKAmf-DiGZG7NEsQddgKMiM6BXRxuJL8Kx1qDlxWSfM-BEUxDibjHbEsxa9CUtqYHpXepacPbr0XB7pKw5mIAlSVbnBKbEvKI1-rtZxbpRbvuuplCXkgl7lmAswdACYqPwUXOxUSUz75p1rZRrMtSnaLf748LlYnkw%26cry%3D1%26dbm_d%3DAKAmf-BMIWbNWdMeq7rD86zzorF-UCFU4Oy7kkdu8XGOADgYAwhF4v_qrx4PX4U-B9swy7zDrUfKHQXzsf0yUDLhElOKhCJeFEgCU4axDrzNMgHsbX0ZieyuHVXMTfvsXjFZHenrqQAjYHn23gdIUubAWDetl3CL4LViS8MRgnoPG8kmAKQQZ41O9-eDl9sJ6P8SpEKDWq8Z4SE3uJDQLx3ggLxoqb0CHy2IV_V_meYKRfI6VnBHcGXRp3aFq09v1IuyH0800BKi6eLUovItJ_7MfzNN2B941IATS3i91ZRg6qeIVwJCCOsJzA8mylxoLyXvQoWmJAraehjEy_EDeiCFCUK3h3oY_oH733zOuJkadrBNobP59TJyYS40TG5oUU8ylmAc1u2RS0IqeBDTC-04d1N-QD-WLNgnYixNSJnd9ju8bozx6kE_ty9kZcOuNcElQYraewwF%26adurl%3D
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
78.46.23.46 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.46.23.46.78.clients.your-server.de
Software
Apache /
Resource Hash
945709883ec26c0aad76042d31544e59e2bb6719e6b6651aaf47e88baa3fc446

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 03:12:40 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3891
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame E6C9 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Sun, 25 Jul 2021 02:31:14 GMT
expires
Mon, 25 Jul 2022 02:31:14 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
2486
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
request.php
hal90006.redintelligence.net/ Frame CD54
Redirect Chain
  • https://hal90006.redintelligence.net/request.php?zone=ma1tq3l10cm4&nw=20&renderingType=javascript&namespace=0fa3917288&subid=&uid=f9cbecf22fcca36c&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
  • https://hal90006.redintelligence.net/request.php?zone=ma1tq3l10cm4&nw=20&renderingType=javascript&namespace=0fa3917288&subid=&uid=f9cbecf22fcca36c&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90006.redintelligence.net/request.php?zone=ma1tq3l10cm4&nw=20&renderingType=javascript&namespace=0fa3917288&subid=&uid=f9cbecf22fcca36c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6wL1p9b8YI_1M6yYrASjq7SYCrXN-YNXnN-5q-UM8C4QASCI6KZ9YJUCyAEJqQI14cShLMCzPqgDAaoE5wFP0MsAlhidRE2u5fDEDuYwYdSS4gOaV_tH1VTDkSwz4JK5Pv8KtW-fm10PLWCNZ0FOAQYdDz1wqf0viQUZ_Nn56ANvMTHAWvZvIKqHLTikY_llWcZE6ONn2lbTU_GtE1f0YrhSA_HkN-FKgz8Ngbaot2Fnpb7WbSK-ayYBvjv5cuiGerQ1_N_U9CAUS29Qo27nK_O-iLOdJcis7tJQGX32A9IaObppoe1bvrESwMQPHeJrsq5zaTzYp0QDkyUN4GPXrexo1PjO98ffVcQfXmCF5Q_rPg4651vm2Vd1ySJP1R0N3Lwz_rnABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoHnnX03zwNQlbwNK7E4-XwYUzDg%26sig%3DAOD64_0ObkVP4eAEEoZlZaqGnuO-dOgPlw%26client%3Dca-pub-2590451264042842%26dbm_c%3DAKAmf-DiGZG7NEsQddgKMiM6BXRxuJL8Kx1qDlxWSfM-BEUxDibjHbEsxa9CUtqYHpXepacPbr0XB7pKw5mIAlSVbnBKbEvKI1-rtZxbpRbvuuplCXkgl7lmAswdACYqPwUXOxUSUz75p1rZRrMtSnaLf748LlYnkw%26cry%3D1%26dbm_d%3DAKAmf-BMIWbNWdMeq7rD86zzorF-UCFU4Oy7kkdu8XGOADgYAwhF4v_qrx4PX4U-B9swy7zDrUfKHQXzsf0yUDLhElOKhCJeFEgCU4axDrzNMgHsbX0ZieyuHVXMTfvsXjFZHenrqQAjYHn23gdIUubAWDetl3CL4LViS8MRgnoPG8kmAKQQZ41O9-eDl9sJ6P8SpEKDWq8Z4SE3uJDQLx3ggLxoqb0CHy2IV_V_meYKRfI6VnBHcGXRp3aFq09v1IuyH0800BKi6eLUovItJ_7MfzNN2B941IATS3i91ZRg6qeIVwJCCOsJzA8mylxoLyXvQoWmJAraehjEy_EDeiCFCUK3h3oY_oH733zOuJkadrBNobP59TJyYS40TG5oUU8ylmAc1u2RS0IqeBDTC-04d1N-QD-WLNgnYixNSJnd9ju8bozx6kE_ty9kZcOuNcElQYraewwF%26adurl%3D&documentReferer=https%3A%2F%2Fwww.mdzol.com%2F&ancestorOrigins=https%3A%2F%2Fwww.mdzol.com&random=7075131018059&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.164 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
852c4602692714abeab6573e278c21ee246d353f5adea60b4ff4b010e3ae8c80

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 25 Jul 2021 03:12:40 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
72095600013656700710624011666006
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
894
Expires
Sun, 25 Jul 2021 04:12:40 +0200

Redirect headers

Pragma
no-cache
Date
Sun, 25 Jul 2021 03:12:40 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=ma1tq3l10cm4&nw=20&renderingType=javascript&namespace=0fa3917288&subid=&uid=f9cbecf22fcca36c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6wL1p9b8YI_1M6yYrASjq7SYCrXN-YNXnN-5q-UM8C4QASCI6KZ9YJUCyAEJqQI14cShLMCzPqgDAaoE5wFP0MsAlhidRE2u5fDEDuYwYdSS4gOaV_tH1VTDkSwz4JK5Pv8KtW-fm10PLWCNZ0FOAQYdDz1wqf0viQUZ_Nn56ANvMTHAWvZvIKqHLTikY_llWcZE6ONn2lbTU_GtE1f0YrhSA_HkN-FKgz8Ngbaot2Fnpb7WbSK-ayYBvjv5cuiGerQ1_N_U9CAUS29Qo27nK_O-iLOdJcis7tJQGX32A9IaObppoe1bvrESwMQPHeJrsq5zaTzYp0QDkyUN4GPXrexo1PjO98ffVcQfXmCF5Q_rPg4651vm2Vd1ySJP1R0N3Lwz_rnABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoHnnX03zwNQlbwNK7E4-XwYUzDg%26sig%3DAOD64_0ObkVP4eAEEoZlZaqGnuO-dOgPlw%26client%3Dca-pub-2590451264042842%26dbm_c%3DAKAmf-DiGZG7NEsQddgKMiM6BXRxuJL8Kx1qDlxWSfM-BEUxDibjHbEsxa9CUtqYHpXepacPbr0XB7pKw5mIAlSVbnBKbEvKI1-rtZxbpRbvuuplCXkgl7lmAswdACYqPwUXOxUSUz75p1rZRrMtSnaLf748LlYnkw%26cry%3D1%26dbm_d%3DAKAmf-BMIWbNWdMeq7rD86zzorF-UCFU4Oy7kkdu8XGOADgYAwhF4v_qrx4PX4U-B9swy7zDrUfKHQXzsf0yUDLhElOKhCJeFEgCU4axDrzNMgHsbX0ZieyuHVXMTfvsXjFZHenrqQAjYHn23gdIUubAWDetl3CL4LViS8MRgnoPG8kmAKQQZ41O9-eDl9sJ6P8SpEKDWq8Z4SE3uJDQLx3ggLxoqb0CHy2IV_V_meYKRfI6VnBHcGXRp3aFq09v1IuyH0800BKi6eLUovItJ_7MfzNN2B941IATS3i91ZRg6qeIVwJCCOsJzA8mylxoLyXvQoWmJAraehjEy_EDeiCFCUK3h3oY_oH733zOuJkadrBNobP59TJyYS40TG5oUU8ylmAc1u2RS0IqeBDTC-04d1N-QD-WLNgnYixNSJnd9ju8bozx6kE_ty9kZcOuNcElQYraewwF%26adurl%3D&documentReferer=https%3A%2F%2Fwww.mdzol.com%2F&ancestorOrigins=https%3A%2F%2Fwww.mdzol.com&random=7075131018059&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Sun, 25 Jul 2021 04:12:40 +0200
rC_9MNdzujh4BoSBgapm_dys7sQE8JDGlsbaQBHCCWU.js
pagead2.googlesyndication.com/bg/ Frame E6C9 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/rC_9MNdzujh4BoSBgapm_dys7sQE8JDGlsbaQBHCCWU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac2ffd30d773ba387806848181aa66fddcaceec404f090c696c6da4011c20965
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 00:12:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
10787
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13334
x-xss-protection
0
last-modified
Wed, 14 Jul 2021 07:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 25 Jul 2022 00:12:53 GMT
activityi;dc_pre=COPqrJOg_fECFZaL_QcdKvQKyg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1972549206669.7136
5994599.fls.doubleclick.net/ Frame 76E3
Redirect Chain
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1972549206669.7136?
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=COPqrJOg_fECFZaL_QcdKvQKyg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1972549206669.7136?
392 B
346 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5994599.fls.doubleclick.net/activityi;dc_pre=COPqrJOg_fECFZaL_QcdKvQKyg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1972549206669.7136?
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f6.1e100.net
Software
cafe /
Resource Hash
b8e86743608a4ea40b139f26a858ec4a96c6592f1a27d81ab172a2c9ddbe5200
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
5994599.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=COPqrJOg_fECFZaL_QcdKvQKyg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1972549206669.7136?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnqnZcAGeoGtBpWq0XsVP94pxJIArhAP9QIvHTYmWI8JvjZ5BMFPLhM2ymc69I
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Sun, 25 Jul 2021 03:12:40 GMT
expires
Sun, 25 Jul 2021 03:12:40 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
323
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Sun, 25 Jul 2021 03:12:40 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://5994599.fls.doubleclick.net/activityi;dc_pre=COPqrJOg_fECFZaL_QcdKvQKyg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1972549206669.7136?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
request_content.php
hal90006.redintelligence.net/ Frame D19A 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal90006.redintelligence.net/request_content.php?s=72095600013656700710624011666006&a=759e0b7b
Requested by
Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request.php?zone=ma1tq3l10cm4&nw=20&renderingType=javascript&namespace=0fa3917288&subid=&uid=f9cbecf22fcca36c&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x600&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6wL1p9b8YI_1M6yYrASjq7SYCrXN-YNXnN-5q-UM8C4QASCI6KZ9YJUCyAEJqQI14cShLMCzPqgDAaoE5wFP0MsAlhidRE2u5fDEDuYwYdSS4gOaV_tH1VTDkSwz4JK5Pv8KtW-fm10PLWCNZ0FOAQYdDz1wqf0viQUZ_Nn56ANvMTHAWvZvIKqHLTikY_llWcZE6ONn2lbTU_GtE1f0YrhSA_HkN-FKgz8Ngbaot2Fnpb7WbSK-ayYBvjv5cuiGerQ1_N_U9CAUS29Qo27nK_O-iLOdJcis7tJQGX32A9IaObppoe1bvrESwMQPHeJrsq5zaTzYp0QDkyUN4GPXrexo1PjO98ffVcQfXmCF5Q_rPg4651vm2Vd1ySJP1R0N3Lwz_rnABKqd_L7PAeAEA5AGAaAGTYAH6-foXqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUbqAfz0RuoB5bYG9gHANIICQiI4YAQEAEYHYAKA5gLAcgLAYAMAbATwpraCtATANgTA9gUAdAVAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoHnnX03zwNQlbwNK7E4-XwYUzDg%26sig%3DAOD64_0ObkVP4eAEEoZlZaqGnuO-dOgPlw%26client%3Dca-pub-2590451264042842%26dbm_c%3DAKAmf-DiGZG7NEsQddgKMiM6BXRxuJL8Kx1qDlxWSfM-BEUxDibjHbEsxa9CUtqYHpXepacPbr0XB7pKw5mIAlSVbnBKbEvKI1-rtZxbpRbvuuplCXkgl7lmAswdACYqPwUXOxUSUz75p1rZRrMtSnaLf748LlYnkw%26cry%3D1%26dbm_d%3DAKAmf-BMIWbNWdMeq7rD86zzorF-UCFU4Oy7kkdu8XGOADgYAwhF4v_qrx4PX4U-B9swy7zDrUfKHQXzsf0yUDLhElOKhCJeFEgCU4axDrzNMgHsbX0ZieyuHVXMTfvsXjFZHenrqQAjYHn23gdIUubAWDetl3CL4LViS8MRgnoPG8kmAKQQZ41O9-eDl9sJ6P8SpEKDWq8Z4SE3uJDQLx3ggLxoqb0CHy2IV_V_meYKRfI6VnBHcGXRp3aFq09v1IuyH0800BKi6eLUovItJ_7MfzNN2B941IATS3i91ZRg6qeIVwJCCOsJzA8mylxoLyXvQoWmJAraehjEy_EDeiCFCUK3h3oY_oH733zOuJkadrBNobP59TJyYS40TG5oUU8ylmAc1u2RS0IqeBDTC-04d1N-QD-WLNgnYixNSJnd9ju8bozx6kE_ty9kZcOuNcElQYraewwF%26adurl%3D&documentReferer=https%3A%2F%2Fwww.mdzol.com%2F&ancestorOrigins=https%3A%2F%2Fwww.mdzol.com&random=7075131018059&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.164 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
0395877c31c618a393691246c1ee89ac6760f0e196fa3202e5d99a0274e95cce

Request headers

Host
hal90006.redintelligence.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
8lcfmzhxc8d6_uid=3635fe24dd7101fe
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/

Response headers

Date
Sun, 25 Jul 2021 03:12:40 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Sun, 25 Jul 2021 04:12:40 +0200
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1430
Connection
close
Content-Type
text/html; charset=utf-8
truncated
/ Frame CD54 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ca74ce2f1d7ed0717814f55d2bfe2bcaee3241af4f0d6d71de383f4c9bfb94

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
mircosoft-300-600%20(1).jpg
cdn.contentspread.net/24i/advertiser/32995/creativesup/ Frame D19A 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.contentspread.net/24i/advertiser/32995/creativesup/mircosoft-300-600%20(1).jpg
Requested by
Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request_content.php?s=72095600013656700710624011666006&a=759e0b7b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
145.239.2.103 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3082036.ip-145-239-2.eu
Software
nginx /
Resource Hash
5057f7beaa08450682a5418bdce93e9783bd704527406843fb019ea0a52778d4

Request headers

Referer
https://hal90006.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 03:12:40 GMT
Last-Modified
Mon, 20 Jun 2016 09:27:03 GMT
Server
nginx
ETag
"5767b6e7-f6a2"
Content-Type
image/jpeg
Connection
close
Accept-Ranges
bytes
Content-Length
63138
viewability
hal90006.redintelligence.net/ Frame D19A 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90006.redintelligence.net/viewability?s=72095600013656700710624011666006&a=f66617f5&vb=m
Requested by
Host: hal90006.redintelligence.net
URL: https://hal90006.redintelligence.net/request_content.php?s=72095600013656700710624011666006&a=759e0b7b
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.164 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hal90006.redintelligence.net/request_content.php?s=72095600013656700710624011666006&a=759e0b7b
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 03:12:40 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
truncated
/ Frame D19A 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
dc_pre=COPqrJOg_fECFZaL_QcdKvQKyg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1972549206669.7136
adservice.google.com/ddm/fls/z/ Frame 76E3 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=COPqrJOg_fECFZaL_QcdKvQKyg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1972549206669.7136
Requested by
Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=COPqrJOg_fECFZaL_QcdKvQKyg;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1972549206669.7136?
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5994599.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Jul 2021 03:12:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 23E2 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.mdzol.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.mdzol.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Sun, 25 Jul 2021 03:12:38 GMT
expires
Mon, 25 Jul 2022 03:12:38 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ Frame E6C9 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BO21UqNb8YN6LDtL4gAeE57LICwAAAAA4AeAEAg&bg=!9vWl9bHNAAbnC78O5ws7ACkAdvg8WtqV6ende07Bt3X1mOy6PgjyHokOr-10pt8paFHG7Oi5y9H14QIAAAC0UgAAABpoAQeZAr6be98hvTsJIEoKeXjH7OYIxfxIll4KAZTTwAXQwC5ZCFHX9tmos1XREfQeCH-qcKWaEZkadAfQV3WiZWJ16HVXCvk4T1cUNws7chvClCkyh5QnAqVPS64USUDwfBlwBepYDh81rQzKKYgv-HIS63bELFDYPKmwtF6dsBCGQbPsvNAky_jBr7pTkPvL9fM9NVrtStOlhGMQo5Nu-M-hpiiWbs7DkGqYLfCfyB29mJ9nyNrzObDXQ000Mc6kkvpqIySzCxmmUi61mcG-p2Mpuqr3Yqe_qoX6Shazcmdr2qeHHisE90o19uJmf3CSmUWiNdqgn10kAHxWRihdVGEYiDX8r-ldpeM02rYO14Mj9EJhPoEkpG9Lu4SloJoLIjyQC-sreBoYpjvgfFklqAfKPe9RDgNKd-3YMNOuVU4QH1dti2OTDYPNjZYUJNVzWOwh_zfvBJlBUALzMIcptWsIUNv_uwSpIKw73DqKLAyNB3-bUZ4prDpJbFQO-Rw80_0etV_qv813perxbjBItdtKK3IM52vsdmyJABb_nRoXucpRVZRacQx_rs3FrpTfTRMsUOS3dNuiY4Qw1y3YVweiIXKF1HgGPAk_-YkL3duFGQIHL8y9DBWea7ooK0kwV5bNRKLcNPdXkNdt8rD3aN38zcXD1oQ_T-7QH15qhMHKnCGVMzB0nb0Olgzix3ouQkYaTi7Cn_1nJmlF-1BN_erOGaitv7vqR7NwCCFYxIBbUG83EjYBDu9ZQrnEnknG5lE_yYStjcXC_3RYrhhT5cADCOAYJrnvKruAbUc7lvk5cQV9WVW7VYq0sW17RaJdpDz0meNpmV5lRLkV8cm5S2jJ2cXtppMzlIIGRgAJVBJpql_joB0l6CfXAeE7hhn4nOxm9jlVIrczK-yku5HsfG-FpDL_JjaheJ-VEF3jqe83hzI
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Jul 2021 03:12:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 8118 		640 B
318 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCS6EoYnM2MbDAB&v=APEucNVGHC70dKP8BOaaoQlPfdN7UtExgPuUSkZ8WwCeBNJgUZhHXzgn1vmsH6OMT_i6KTZOQBKpD1LTckBpTm8LBAIB6LxVopQuhkXq3KavFkRef-Eq4An2KD6K0v2cA8YSXiEKOZ6McJ-yc1MOv2oouk2RSbzQKRSFoczBz7GvE8PwVnfkhEY
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CICHEhCS6EoYnM2MbDAB&v=APEucNVGHC70dKP8BOaaoQlPfdN7UtExgPuUSkZ8WwCeBNJgUZhHXzgn1vmsH6OMT_i6KTZOQBKpD1LTckBpTm8LBAIB6LxVopQuhkXq3KavFkRef-Eq4An2KD6K0v2cA8YSXiEKOZ6McJ-yc1MOv2oouk2RSbzQKRSFoczBz7GvE8PwVnfkhEY
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnqnZcAGeoGtBpWq0XsVP94pxJIArhAP9QIvHTYmWI8JvjZ5BMFPLhM2ymc69I; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sun, 25 Jul 2021 03:12:40 GMT
server
cafe
cache-control
private
content-length
295
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 25 Jul 2021 03:12:40 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 23E2 		24 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C-BOj56aHh_dXLadxZ6ORec7SXUDb13FBpQfD8ZD0D-wZVg_eGv7bClhzQLRNfMaqzrcP1fyonvT_pg04HNWPfc7EXwlxM4DI8GiDSUlkFxd2-lLURkwoeGcQT39C3Nl6e4cY6biqCLO_Ko-HquVdZIlCIhg&cry=1&dbm_d=AKAmf-Cx107d6PyPjaevjqvbqyruQSWAtsFpGBXDPbyastINnCGqZxJHDBw2AQcPE2u7WHjjRfCC_nGJqXPCz5i9b_Mbh8ZqWAdY5z9THGq-XLB5GC5QCENt4oT2oxL_gGpDA6wsFgJtFM8ONZA4DvK9xsq1RNFQIViEkG_r0tpJOGEPuFZwrnB4sPJPQCvaxuxohbnhheQaAZp__4gcI-xnYxCECyIpW79HU2L-vhcXUdczIW-izLr1C33gYBfNeyyO8xTijfwsHCK7lCYqFLaKT5fQRnUPYqq-WVz5KhM5tMuRzMi1JWYf5Y4Wn6bfVpFIWl3rFAyDGuulOQn6eRPf_tIjoJHrS9w21YbIz8-gEpGHTMlvNq2kBTn8zYJrEJFrNk0EouPWUZfl8Jv_OwqUlZ1XcX2tzeBB6O6OHE3iyanv5RTHJ2WiMZJsIiSW-6ShhQW4f5UFkBuPCOhEc02FruSxHUqgou-BH7rdhK-_MXsgma7sxpkknn_L3r8sofm9wbMXeaV9jEQgnSVrSPD2MAlXrciPCkbrP2dlbbG2lachsmHSCmH5z5AztfhDQpPMUI3F36SefHmY9jqRb6sWY4pViMO00T-D9mevjqlmTGTEMcXH43X7GKRGQ4PuoA1_mnsTw2zFHm2c5nV7Qq5y2o00yxo-BmOvR3EkF5JW7CPjvR6DTDmsDirbO7n-ZX566c3vIYnrraRqs7e09VU-nkx7VIdp5v7j8SW2pWONKus9411uARNUDCoaWiBKiaGwm6aKBC3w4mx8KXIa2icFBA58FkSrmwZ7PIVmnxSn6w1luyV7LWET2ooQjZ0Khn-gDa2UD3qd2yjex7D4r9KYpSrd1yGpEuyQkARGDpD2qZ5T0ABXgZj_7edvJkLJPYdYvINGhkor4QusNgWjMuJlHS8jwnbigAtnv_35hsLHVy8NgnWthxK9bysiwn1uuQV6ybHSzJvl4nndTuSfqE9mk_1nMwcls21nMMTt2CiFp873pMGs_oKmhR22aGBi1GNT-W2NghbygGv_GzMr-FWPHZg6Zak3hJwZJ46BONG9mqa_gAo2h6gJRbJFarJ6_hPF-0Bfu9Z3SVqmBq9JjEXeqG2l5_1nLplWB2GKSE11JnvzstYIAG3Y5NMKVc4IYvELYWq3u-eCijexb_C0D846HVY1BKMHg7BJu70_9wz6o2ZY3k6fnWbYYExY2e9CCBvDunipeZK713VkGDc69kHscTdo8SSQJWZi87k4W5Jlg--nWf98fWLWHohS4cZ8LA5PB4bvT2r-C3CGMQILuJVKUy4sFcB_EN7y4bT0aP3tfFDtitZxi3RDd3MIpPCKblgqKd4DcZofjFFcx5J-UmPwbXzKS-bzt-uzu1XmvqCgcbCXeIobIXjIFNFB5O_ERXaVLuDVcfxruuLu1vXzM3sPlFNP3_FNRa35hTOU3901I_RlSCCDlM5UmP3Oq5jekaqiG-9nv0XLhv8MLOqZSIf83DUTi2aUJPH94PMB4_xQKHYRVxLdbYdnapwJ53nf6CJ5dL23ChHx6qq-GaPIOA5Iqwmz5_8N5ypRQWYlbTFifcswHWyGgaUDvBjSdt2Ou7gzYvyR8z-MD24pVEX5U6OLRJzKy1KhrzmgQnIMjqCOHjnAbIvcelI8546Yc3SmoI4HzjsG3xrf-TfZbBz6lodOpVsDuxUYk8pBiUjW0XsQRgzCbiV2pJ5JSOBrI1u6543PqBChGxnMKqr0KP9THfgPHj8WtQUS1H8R_S3RLbKkDddkPPJbtuvyZOgqeigfwyIu1_WumjQfW2v4HLOaQzvg51veBZ61UW1irMmSBfAIVIJH_0JRFfFeQgZb0XXoCwPDZymnvnZLDUkn2Mf60KkFhBsypg5heRRTK3yf5g7_qb70Bve37ve7BQixPoyRZdIjtPOuOhiChb9d2VYWhMucQGotsLLGSfUNJ2U3xtywIvkB-HcJH8YBTbhhHlPH491oOUUDwojrLSKC5Kk_wpizLUO-XMx9qYEvDKlRWM3U1KXFVq2-V0EOWaTuXO4t6seVM8nkirhWGuoTjXBdgEmgPzfiApV7ZrUSQkg2grDdRKOOk2bB8hRZ1FyPc7Kom9Ls-dx7PtKbllk5QTlLCYPy1QyYI9_FtoY7WB5_DunNW6b247XhhxcXUh8w98TuM6lSIGd9GjkEaokVBybPOPxcDtY1IiTycZyVuSt50Rj4wJzLRA4gfAwjbEmVZrdyZ3j73ibJWXS7rQcGXiEWiWs_4uwEVMJO9K0yANmNw75AhqMJDTLvt9y8IPEsAj3585qxNf2h-SR9uCb61h_Awq65QYmuPwfR1Gsmy83xxd_Cm-2HckwoOqHQLJwOJfJy2jc8r5gsmtUoAgCB5rKDR39w9JzpXm3Frmz4T44codc7FOem0yv_VcwC8oAoPXBTOZXH2slXZOVs3jro0r0CwroQr-pOGrIkUtpLRRNoajsEt0VwDZVg0-7iySpaN6W3mlUWZ0P6XaxuCtvkf6UE448NMop2qvKFniVQCuHjDmX3kZ8IhwEYZXbywp6XgWrDLSvkFYLx_LZBZRMDoiCUWu-DVhlqYQGRBYmAO0ZVPc8OKMDm15Hy_QH68cjTneCt-y02CI7yG50g9otBMriLpYPp-i_RbrX3_11gR9v7MkxMwwWeAFKE5uab9OxKqU4Z3OE-2tpHna4VLczpiF1J55MKYmo2viOirFxmI9KwU3kqqw4a2D0M58dwECwP5i-W_nQ3uxQY-nTYvFMy7rqZq03CN-p6nfBiMqp3Um_EQgX-YILaXcOUUNm8267m3LJFqj1cQ0uooy7LhlGMIFWNep19bZ9gofVrd0HS_W3aRIxp0qhMaN6OlFeDagu6s0OQK5hq8d1jTwue0KHsslhhIzliy5_VNDwtbwvUwCQWy2iekPzsZucJSQ_bcu5cVn_ORVF9zx3EUJOiBuoguMyOfDpg2U3yIBbIIGSeRjvyQLFgyVETPJsTLWU6UIWykaoK7gAYv2ON4_UsSt2POm3cvYMJM4ft_316AP70rH4zuhNP9WETIJLo-j3jjjNBerTs_E7IUMfRpyMfZD6FybKDA3KSnY_PLVdthw&cid=CAASFeRo-Z3KEn_i9pRIP7LCLfaqCAQKXw&rfl=1%2Chttps%253A%252F%252Fwww.mdzol.com%252F%240
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aff2992741df89d656a471b587d577314875970c5fa5882a243557343d6b40ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Jul 2021 03:12:40 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12863
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 23E2 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CVpH0RcsZKlY4rgVxSGQmHt0-uvO3weampq733yP7Doj0PUwXckinIPCxAh-t1cx_e3PcFnubVaey1n7JX5WcEBG_g0X7GVEOrlvnHiAZDUufzkbk
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Jul 2021 03:12:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
r62eglto.js
ad4m.at/ Frame 23E2 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4a37ceca755265b121a604484e994dabd38d5061fbf524b7fbff789e7ae5423

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=Yifx+w==, md5=dYxhy2ipXS+j9p8i0KpDgA==
date
Sun, 25 Jul 2021 03:12:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
54226
x-guploader-uploadid
ABg5-UxreyhrcfN7xScl9xTXe-G67tc6hbQ1tHnoI5xVH4ghNOkQ9sF6ds68T76UCmvWI5lNWXSj9BXUSy_B3ceUfd0
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Mon, 14 Jun 2021 12:07:55 GMT
server
cloudflare
etag
W/"758c61cb68a95d2fa3f69f22d0aa4380"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=juLNZkHJjwVaMzUb6eEmlG%2FevFldRrb8LCde7bhidfvj%2BFgQX6tuYxc%2BJqrOFQOBGk%2FpTeiVSPRexyoU%2FKlkG1zxfKqEjJA7zs4wi8IbgvC5OOvNE%2BJtpskt86qkUBM4JmO9nD4%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623672475536814
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11941
cf-ray
6742353d8f5f4aa3-FRA
expires
Sat, 24 Jul 2021 12:08:54 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame 23E2 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/window_focus_fy2019.js
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:03:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
571
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 08 Aug 2021 03:03:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 23E2 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4409f886851d18b5071cc08d25845e0d959d51fd1e9eec92118d0f12a44e5eeb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:40 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1627039891503395"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38153
x-xss-protection
0
expires
Sun, 25 Jul 2021 03:12:40 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame 23E2 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1b1a4081a8a32bc714fbb7a2509141683bc3eb707a421c0db556ed856f6d8e99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:07:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
285
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6195
x-xss-protection
0
server
cafe
etag
10716856519410487149
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 08 Aug 2021 03:07:55 GMT
l
www.google.com/ads/measurement/ Frame 23E2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTSnUoXAagYEld-j6K30aNVqsiGs-5aSQBz2aYDfZihXxdTS97KWCqioz8ka8HDdP81QCEsQ3ZrtF0m4zOa7h5sGWGeNw
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sd
us-u.openx.net/w/1.0/ Frame 8118
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKU0ZhU_W0XWSq1dQltBKjY&google_cver=1
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEKU0ZhU_W0XWSq1dQltBKjY&google_cver=1
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEKU0ZhU_W0XWSq1dQltBKjY&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCS6EoYnM2MbDAB&v=APEucNVGHC70dKP8BOaaoQlPfdN7UtExgPuUSkZ8WwCeBNJgUZhHXzgn1vmsH6OMT_i6KTZOQBKpD1LTckBpTm8LBAIB6LxVopQuhkXq3KavFkRef-Eq4An2KD6K0v2cA8YSXiEKOZ6McJ-yc1MOv2oouk2RSbzQKRSFoczBz7GvE8PwVnfkhEY
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.211.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Jul 2021 03:12:40 GMT
via
1.1 google
server
OXGW/16.211.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEKU0ZhU_W0XWSq1dQltBKjY&google_cver=1
date
Sun, 25 Jul 2021 03:12:40 GMT
via
1.1 google
server
OXGW/16.211.0
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
pixel
cm.g.doubleclick.net/ Frame 8118
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MmQ2ZDcwMjgtMmYwMC0yNTFiLWUyODUtM2ZlYzI4NDgwNTAy
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MmQ2ZDcwMjgtMmYwMC0yNTFiLWUyODUtM2ZlYzI4NDgwNTAy
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCS6EoYnM2MbDAB&v=APEucNVGHC70dKP8BOaaoQlPfdN7UtExgPuUSkZ8WwCeBNJgUZhHXzgn1vmsH6OMT_i6KTZOQBKpD1LTckBpTm8LBAIB6LxVopQuhkXq3KavFkRef-Eq4An2KD6K0v2cA8YSXiEKOZ6McJ-yc1MOv2oouk2RSbzQKRSFoczBz7GvE8PwVnfkhEY
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Jul 2021 03:12:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 25 Jul 2021 03:12:40 GMT
content-encoding
gzip
server
OXGW/16.211.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MmQ2ZDcwMjgtMmYwMC0yNTFiLWUyODUtM2ZlYzI4NDgwNTAy
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
um
sync.teads.tv/ Frame 8118
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEN0JfC3M9gArCcuP6X2Dhw0&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEN0JfC3M9gArCcuP6X2Dhw0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCS6EoYnM2MbDAB&v=APEucNVGHC70dKP8BOaaoQlPfdN7UtExgPuUSkZ8WwCeBNJgUZhHXzgn1vmsH6OMT_i6KTZOQBKpD1LTckBpTm8LBAIB6LxVopQuhkXq3KavFkRef-Eq4An2KD6K0v2cA8YSXiEKOZ6McJ-yc1MOv2oouk2RSbzQKRSFoczBz7GvE8PwVnfkhEY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.3 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Jul 2021 03:12:40 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sun, 25 Jul 2021 03:12:40 GMT
server
akka-http/10.2.3
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 25 Jul 2021 03:12:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEN0JfC3M9gArCcuP6X2Dhw0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 8118 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhCS6EoYnM2MbDAB&v=APEucNVGHC70dKP8BOaaoQlPfdN7UtExgPuUSkZ8WwCeBNJgUZhHXzgn1vmsH6OMT_i6KTZOQBKpD1LTckBpTm8LBAIB6LxVopQuhkXq3KavFkRef-Eq4An2KD6K0v2cA8YSXiEKOZ6McJ-yc1MOv2oouk2RSbzQKRSFoczBz7GvE8PwVnfkhEY
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.3 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Jul 2021 03:12:40 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sun, 25 Jul 2021 03:12:40 GMT
server
akka-http/10.2.3
content-length
23
content-type
image/gif
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210720/r20110914/ Frame 23E2 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210720/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C-BOj56aHh_dXLadxZ6ORec7SXUDb13FBpQfD8ZD0D-wZVg_eGv7bClhzQLRNfMaqzrcP1fyonvT_pg04HNWPfc7EXwlxM4DI8GiDSUlkFxd2-lLURkwoeGcQT39C3Nl6e4cY6biqCLO_Ko-HquVdZIlCIhg&cry=1&dbm_d=AKAmf-Cx107d6PyPjaevjqvbqyruQSWAtsFpGBXDPbyastINnCGqZxJHDBw2AQcPE2u7WHjjRfCC_nGJqXPCz5i9b_Mbh8ZqWAdY5z9THGq-XLB5GC5QCENt4oT2oxL_gGpDA6wsFgJtFM8ONZA4DvK9xsq1RNFQIViEkG_r0tpJOGEPuFZwrnB4sPJPQCvaxuxohbnhheQaAZp__4gcI-xnYxCECyIpW79HU2L-vhcXUdczIW-izLr1C33gYBfNeyyO8xTijfwsHCK7lCYqFLaKT5fQRnUPYqq-WVz5KhM5tMuRzMi1JWYf5Y4Wn6bfVpFIWl3rFAyDGuulOQn6eRPf_tIjoJHrS9w21YbIz8-gEpGHTMlvNq2kBTn8zYJrEJFrNk0EouPWUZfl8Jv_OwqUlZ1XcX2tzeBB6O6OHE3iyanv5RTHJ2WiMZJsIiSW-6ShhQW4f5UFkBuPCOhEc02FruSxHUqgou-BH7rdhK-_MXsgma7sxpkknn_L3r8sofm9wbMXeaV9jEQgnSVrSPD2MAlXrciPCkbrP2dlbbG2lachsmHSCmH5z5AztfhDQpPMUI3F36SefHmY9jqRb6sWY4pViMO00T-D9mevjqlmTGTEMcXH43X7GKRGQ4PuoA1_mnsTw2zFHm2c5nV7Qq5y2o00yxo-BmOvR3EkF5JW7CPjvR6DTDmsDirbO7n-ZX566c3vIYnrraRqs7e09VU-nkx7VIdp5v7j8SW2pWONKus9411uARNUDCoaWiBKiaGwm6aKBC3w4mx8KXIa2icFBA58FkSrmwZ7PIVmnxSn6w1luyV7LWET2ooQjZ0Khn-gDa2UD3qd2yjex7D4r9KYpSrd1yGpEuyQkARGDpD2qZ5T0ABXgZj_7edvJkLJPYdYvINGhkor4QusNgWjMuJlHS8jwnbigAtnv_35hsLHVy8NgnWthxK9bysiwn1uuQV6ybHSzJvl4nndTuSfqE9mk_1nMwcls21nMMTt2CiFp873pMGs_oKmhR22aGBi1GNT-W2NghbygGv_GzMr-FWPHZg6Zak3hJwZJ46BONG9mqa_gAo2h6gJRbJFarJ6_hPF-0Bfu9Z3SVqmBq9JjEXeqG2l5_1nLplWB2GKSE11JnvzstYIAG3Y5NMKVc4IYvELYWq3u-eCijexb_C0D846HVY1BKMHg7BJu70_9wz6o2ZY3k6fnWbYYExY2e9CCBvDunipeZK713VkGDc69kHscTdo8SSQJWZi87k4W5Jlg--nWf98fWLWHohS4cZ8LA5PB4bvT2r-C3CGMQILuJVKUy4sFcB_EN7y4bT0aP3tfFDtitZxi3RDd3MIpPCKblgqKd4DcZofjFFcx5J-UmPwbXzKS-bzt-uzu1XmvqCgcbCXeIobIXjIFNFB5O_ERXaVLuDVcfxruuLu1vXzM3sPlFNP3_FNRa35hTOU3901I_RlSCCDlM5UmP3Oq5jekaqiG-9nv0XLhv8MLOqZSIf83DUTi2aUJPH94PMB4_xQKHYRVxLdbYdnapwJ53nf6CJ5dL23ChHx6qq-GaPIOA5Iqwmz5_8N5ypRQWYlbTFifcswHWyGgaUDvBjSdt2Ou7gzYvyR8z-MD24pVEX5U6OLRJzKy1KhrzmgQnIMjqCOHjnAbIvcelI8546Yc3SmoI4HzjsG3xrf-TfZbBz6lodOpVsDuxUYk8pBiUjW0XsQRgzCbiV2pJ5JSOBrI1u6543PqBChGxnMKqr0KP9THfgPHj8WtQUS1H8R_S3RLbKkDddkPPJbtuvyZOgqeigfwyIu1_WumjQfW2v4HLOaQzvg51veBZ61UW1irMmSBfAIVIJH_0JRFfFeQgZb0XXoCwPDZymnvnZLDUkn2Mf60KkFhBsypg5heRRTK3yf5g7_qb70Bve37ve7BQixPoyRZdIjtPOuOhiChb9d2VYWhMucQGotsLLGSfUNJ2U3xtywIvkB-HcJH8YBTbhhHlPH491oOUUDwojrLSKC5Kk_wpizLUO-XMx9qYEvDKlRWM3U1KXFVq2-V0EOWaTuXO4t6seVM8nkirhWGuoTjXBdgEmgPzfiApV7ZrUSQkg2grDdRKOOk2bB8hRZ1FyPc7Kom9Ls-dx7PtKbllk5QTlLCYPy1QyYI9_FtoY7WB5_DunNW6b247XhhxcXUh8w98TuM6lSIGd9GjkEaokVBybPOPxcDtY1IiTycZyVuSt50Rj4wJzLRA4gfAwjbEmVZrdyZ3j73ibJWXS7rQcGXiEWiWs_4uwEVMJO9K0yANmNw75AhqMJDTLvt9y8IPEsAj3585qxNf2h-SR9uCb61h_Awq65QYmuPwfR1Gsmy83xxd_Cm-2HckwoOqHQLJwOJfJy2jc8r5gsmtUoAgCB5rKDR39w9JzpXm3Frmz4T44codc7FOem0yv_VcwC8oAoPXBTOZXH2slXZOVs3jro0r0CwroQr-pOGrIkUtpLRRNoajsEt0VwDZVg0-7iySpaN6W3mlUWZ0P6XaxuCtvkf6UE448NMop2qvKFniVQCuHjDmX3kZ8IhwEYZXbywp6XgWrDLSvkFYLx_LZBZRMDoiCUWu-DVhlqYQGRBYmAO0ZVPc8OKMDm15Hy_QH68cjTneCt-y02CI7yG50g9otBMriLpYPp-i_RbrX3_11gR9v7MkxMwwWeAFKE5uab9OxKqU4Z3OE-2tpHna4VLczpiF1J55MKYmo2viOirFxmI9KwU3kqqw4a2D0M58dwECwP5i-W_nQ3uxQY-nTYvFMy7rqZq03CN-p6nfBiMqp3Um_EQgX-YILaXcOUUNm8267m3LJFqj1cQ0uooy7LhlGMIFWNep19bZ9gofVrd0HS_W3aRIxp0qhMaN6OlFeDagu6s0OQK5hq8d1jTwue0KHsslhhIzliy5_VNDwtbwvUwCQWy2iekPzsZucJSQ_bcu5cVn_ORVF9zx3EUJOiBuoguMyOfDpg2U3yIBbIIGSeRjvyQLFgyVETPJsTLWU6UIWykaoK7gAYv2ON4_UsSt2POm3cvYMJM4ft_316AP70rH4zuhNP9WETIJLo-j3jjjNBerTs_E7IUMfRpyMfZD6FybKDA3KSnY_PLVdthw&cid=CAASFeRo-Z3KEn_i9pRIP7LCLfaqCAQKXw&rfl=1%2Chttps%253A%252F%252Fwww.mdzol.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1130c26caface5cfa7b2d0cdbbb70cdb3004c582e74969d580216f65596c47c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:01:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
686
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9349
x-xss-protection
0
server
cafe
etag
11779355884012761328
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 08 Aug 2021 03:01:14 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 23E2 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C-BOj56aHh_dXLadxZ6ORec7SXUDb13FBpQfD8ZD0D-wZVg_eGv7bClhzQLRNfMaqzrcP1fyonvT_pg04HNWPfc7EXwlxM4DI8GiDSUlkFxd2-lLURkwoeGcQT39C3Nl6e4cY6biqCLO_Ko-HquVdZIlCIhg&cry=1&dbm_d=AKAmf-Cx107d6PyPjaevjqvbqyruQSWAtsFpGBXDPbyastINnCGqZxJHDBw2AQcPE2u7WHjjRfCC_nGJqXPCz5i9b_Mbh8ZqWAdY5z9THGq-XLB5GC5QCENt4oT2oxL_gGpDA6wsFgJtFM8ONZA4DvK9xsq1RNFQIViEkG_r0tpJOGEPuFZwrnB4sPJPQCvaxuxohbnhheQaAZp__4gcI-xnYxCECyIpW79HU2L-vhcXUdczIW-izLr1C33gYBfNeyyO8xTijfwsHCK7lCYqFLaKT5fQRnUPYqq-WVz5KhM5tMuRzMi1JWYf5Y4Wn6bfVpFIWl3rFAyDGuulOQn6eRPf_tIjoJHrS9w21YbIz8-gEpGHTMlvNq2kBTn8zYJrEJFrNk0EouPWUZfl8Jv_OwqUlZ1XcX2tzeBB6O6OHE3iyanv5RTHJ2WiMZJsIiSW-6ShhQW4f5UFkBuPCOhEc02FruSxHUqgou-BH7rdhK-_MXsgma7sxpkknn_L3r8sofm9wbMXeaV9jEQgnSVrSPD2MAlXrciPCkbrP2dlbbG2lachsmHSCmH5z5AztfhDQpPMUI3F36SefHmY9jqRb6sWY4pViMO00T-D9mevjqlmTGTEMcXH43X7GKRGQ4PuoA1_mnsTw2zFHm2c5nV7Qq5y2o00yxo-BmOvR3EkF5JW7CPjvR6DTDmsDirbO7n-ZX566c3vIYnrraRqs7e09VU-nkx7VIdp5v7j8SW2pWONKus9411uARNUDCoaWiBKiaGwm6aKBC3w4mx8KXIa2icFBA58FkSrmwZ7PIVmnxSn6w1luyV7LWET2ooQjZ0Khn-gDa2UD3qd2yjex7D4r9KYpSrd1yGpEuyQkARGDpD2qZ5T0ABXgZj_7edvJkLJPYdYvINGhkor4QusNgWjMuJlHS8jwnbigAtnv_35hsLHVy8NgnWthxK9bysiwn1uuQV6ybHSzJvl4nndTuSfqE9mk_1nMwcls21nMMTt2CiFp873pMGs_oKmhR22aGBi1GNT-W2NghbygGv_GzMr-FWPHZg6Zak3hJwZJ46BONG9mqa_gAo2h6gJRbJFarJ6_hPF-0Bfu9Z3SVqmBq9JjEXeqG2l5_1nLplWB2GKSE11JnvzstYIAG3Y5NMKVc4IYvELYWq3u-eCijexb_C0D846HVY1BKMHg7BJu70_9wz6o2ZY3k6fnWbYYExY2e9CCBvDunipeZK713VkGDc69kHscTdo8SSQJWZi87k4W5Jlg--nWf98fWLWHohS4cZ8LA5PB4bvT2r-C3CGMQILuJVKUy4sFcB_EN7y4bT0aP3tfFDtitZxi3RDd3MIpPCKblgqKd4DcZofjFFcx5J-UmPwbXzKS-bzt-uzu1XmvqCgcbCXeIobIXjIFNFB5O_ERXaVLuDVcfxruuLu1vXzM3sPlFNP3_FNRa35hTOU3901I_RlSCCDlM5UmP3Oq5jekaqiG-9nv0XLhv8MLOqZSIf83DUTi2aUJPH94PMB4_xQKHYRVxLdbYdnapwJ53nf6CJ5dL23ChHx6qq-GaPIOA5Iqwmz5_8N5ypRQWYlbTFifcswHWyGgaUDvBjSdt2Ou7gzYvyR8z-MD24pVEX5U6OLRJzKy1KhrzmgQnIMjqCOHjnAbIvcelI8546Yc3SmoI4HzjsG3xrf-TfZbBz6lodOpVsDuxUYk8pBiUjW0XsQRgzCbiV2pJ5JSOBrI1u6543PqBChGxnMKqr0KP9THfgPHj8WtQUS1H8R_S3RLbKkDddkPPJbtuvyZOgqeigfwyIu1_WumjQfW2v4HLOaQzvg51veBZ61UW1irMmSBfAIVIJH_0JRFfFeQgZb0XXoCwPDZymnvnZLDUkn2Mf60KkFhBsypg5heRRTK3yf5g7_qb70Bve37ve7BQixPoyRZdIjtPOuOhiChb9d2VYWhMucQGotsLLGSfUNJ2U3xtywIvkB-HcJH8YBTbhhHlPH491oOUUDwojrLSKC5Kk_wpizLUO-XMx9qYEvDKlRWM3U1KXFVq2-V0EOWaTuXO4t6seVM8nkirhWGuoTjXBdgEmgPzfiApV7ZrUSQkg2grDdRKOOk2bB8hRZ1FyPc7Kom9Ls-dx7PtKbllk5QTlLCYPy1QyYI9_FtoY7WB5_DunNW6b247XhhxcXUh8w98TuM6lSIGd9GjkEaokVBybPOPxcDtY1IiTycZyVuSt50Rj4wJzLRA4gfAwjbEmVZrdyZ3j73ibJWXS7rQcGXiEWiWs_4uwEVMJO9K0yANmNw75AhqMJDTLvt9y8IPEsAj3585qxNf2h-SR9uCb61h_Awq65QYmuPwfR1Gsmy83xxd_Cm-2HckwoOqHQLJwOJfJy2jc8r5gsmtUoAgCB5rKDR39w9JzpXm3Frmz4T44codc7FOem0yv_VcwC8oAoPXBTOZXH2slXZOVs3jro0r0CwroQr-pOGrIkUtpLRRNoajsEt0VwDZVg0-7iySpaN6W3mlUWZ0P6XaxuCtvkf6UE448NMop2qvKFniVQCuHjDmX3kZ8IhwEYZXbywp6XgWrDLSvkFYLx_LZBZRMDoiCUWu-DVhlqYQGRBYmAO0ZVPc8OKMDm15Hy_QH68cjTneCt-y02CI7yG50g9otBMriLpYPp-i_RbrX3_11gR9v7MkxMwwWeAFKE5uab9OxKqU4Z3OE-2tpHna4VLczpiF1J55MKYmo2viOirFxmI9KwU3kqqw4a2D0M58dwECwP5i-W_nQ3uxQY-nTYvFMy7rqZq03CN-p6nfBiMqp3Um_EQgX-YILaXcOUUNm8267m3LJFqj1cQ0uooy7LhlGMIFWNep19bZ9gofVrd0HS_W3aRIxp0qhMaN6OlFeDagu6s0OQK5hq8d1jTwue0KHsslhhIzliy5_VNDwtbwvUwCQWy2iekPzsZucJSQ_bcu5cVn_ORVF9zx3EUJOiBuoguMyOfDpg2U3yIBbIIGSeRjvyQLFgyVETPJsTLWU6UIWykaoK7gAYv2ON4_UsSt2POm3cvYMJM4ft_316AP70rH4zuhNP9WETIJLo-j3jjjNBerTs_E7IUMfRpyMfZD6FybKDA3KSnY_PLVdthw&cid=CAASFeRo-Z3KEn_i9pRIP7LCLfaqCAQKXw&rfl=1%2Chttps%253A%252F%252Fwww.mdzol.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 02:34:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2275
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 25 Jul 2022 02:34:45 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 7514 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Sun, 25 Jul 2021 02:31:14 GMT
expires
Mon, 25 Jul 2022 02:31:14 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
2486
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 23E2 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
06a0cd2a1f1c2f5843988bea917cf6f949b7258ed1c0ae1f308ca45433b36a42

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
r62eglto.js
ad4m.at/ Frame 23E2 		36 KB
13 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4a37ceca755265b121a604484e994dabd38d5061fbf524b7fbff789e7ae5423

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=Yifx+w==, md5=dYxhy2ipXS+j9p8i0KpDgA==
date
Sun, 25 Jul 2021 03:12:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
54226
x-guploader-uploadid
ABg5-UxreyhrcfN7xScl9xTXe-G67tc6hbQ1tHnoI5xVH4ghNOkQ9sF6ds68T76UCmvWI5lNWXSj9BXUSy_B3ceUfd0
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
cf-bgj
minify
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
last-modified
Mon, 14 Jun 2021 12:07:55 GMT
server
cloudflare
etag
W/"758c61cb68a95d2fa3f69f22d0aa4380"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MYUk%2BLbXnFXH8ebWEgF4cFgSMyJIde%2FeC%2BOGTqVi4DtPImnh3sofQcGO4QZWcAbcotN9SBWTfmdVH2Nuv5ouxX5LTACipxX4xEJiYmakZRIGf7UPeodfxOZ6N3%2B4%2BJaNlXxNaBk%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1623672475536814
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11941
cf-ray
6742353e48370631-FRA
expires
Sat, 24 Jul 2021 12:08:54 GMT
frame.html
ad4m.at/ Frame 61F7 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/

Response headers

date
Sun, 25 Jul 2021 03:12:40 GMT
content-type
text/html
x-guploader-uploadid
ABg5-UyHG4nMyrBK5WNqT49HT3fkOWy09Qi7AMHmefEGKv6EedjpZshPX4m1mr0_df4AnWlv4nSV1j8tT1-PHgSflkckYhyoGQ
expires
Sun, 25 Jul 2021 04:12:40 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
x-goog-generation
1588777770164783
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
content-language
en
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class
MULTI_REGIONAL
age
22602
cache-control
public, max-age=3600
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EVZlwWR4Nz9iH9tWl%2BSTDSlmrCR6vimUy8fr69BDADqJzf1LM1Moy%2FE%2FQZaSfW75%2B3GMlM2eo4N7v0%2BSGvR7xwTXjhctwk8BQXz%2Bs7EPfKYw84DbL6Z%2FFY5kPl1LPzupama%2BknE%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
6742353e48360631-FRA
content-encoding
br
rC_9MNdzujh4BoSBgapm_dys7sQE8JDGlsbaQBHCCWU.js
pagead2.googlesyndication.com/bg/ Frame 7514 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/rC_9MNdzujh4BoSBgapm_dys7sQE8JDGlsbaQBHCCWU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac2ffd30d773ba387806848181aa66fddcaceec404f090c696c6da4011c20965
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 00:12:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
10787
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13334
x-xss-protection
0
last-modified
Wed, 14 Jul 2021 07:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 25 Jul 2022 00:12:53 GMT
container.html
2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8F57 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.mdzol.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.mdzol.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Sun, 25 Jul 2021 03:12:38 GMT
expires
Mon, 25 Jul 2022 03:12:38 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
securepubads.g.doubleclick.net/pagead/ Frame 8F57 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Co_qwqNb8YPnOHtr43gPU9YSYCN2V5bdc9v6PjlfAjbcBEAEgAGCVAoIBF2NhLXB1Yi0yNTkwNDUxMjY0MDQyODQyoAHahvPoA8gBCeACAKgDAaoE8gFP0Lek2ptWuni1EhLW9i0KoSEwQ8-fkoloFMQwx-lA-0xt55t-UwGj6Pwv6ek8lDT1MZK8abwLT2VhXyY5QBZ6zH3xcL80-Mf11vouQ3BERu8gfdLkhEV2HutQPf3Yd98XObX0CtbD7xop1sjtejmeuUfFsU0dTd_OMSoegH5TtjapOgQgyDYHSnNP8edzpSk7amu92IFt_fZawdNMmlPUgZZ35a3_UsGZJkZko1gx9IstFU484vIh2RS6R2AooDDNmRAQOSFNxQRkQAKEG3THJ2hf280bkdTI7Z72ok8U_gh4eLPYvzicqoWTXGOTmsPJB-AEAYAGiuyxp9booeauAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIiOGAEBABgAoD-gsCCAGADAHQFQGAFwGyFxgKFhIUcHViLTI1OTA0NTEyNjQwNDI4NDI&sigh=CfkXKC72stI
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
dgeex1zreb35
ad.ad-srv.net/zone/ Frame 8F57 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.ad-srv.net/zone/dgeex1zreb35?subid=&redirectClick=http%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3Dd3a84d8c-0f53-4daf-9082-341ff5a895fa%26ag%3Dgys06nz%26sfe%3D133456a8%26sig%3DtEfgTh2Pl1SCdBLdI0thyKo88zEToCm69nlYJm0gPBA.%26crid%3Dw7thc0cp%26cf%3D1041558%26fq%3D0%26t%3D1%26td_s%3Dwww.mdzol.com%26rcats%3D%26mcat%3D%26mste%3D%26mfld%3D3%26mssi%3DNone%26mfsi%3D1wi5owhg7w%26sv%3Dgoogle%26uhow%3D5%26agsa%3D%26wp%3DYPzWqAAHp3kKd7xaAAE61ArxJSGJUeh7AK-nYg%26rgco%3DGermany%26rgre%3D%26rgme%3D%26rgci%3D%26rgz%3D%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3Dpub-2590451264042842%26rlangs%3Des%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DOAFQAXgAgAEAiAEBkAEA%26dur%3D%26durs%3DUJSBm-%26crrelr%3D%26npt%3D1%26svscid%3Dpub-2590451264042842%26mdl%3DChrome%2520-%2520Windows%26pcm%3D1%26said%3DYPzWqAAIS38Hg4BtyABpKg%253D%253D%26auct%3D1%26grdc%3DCAEYASABKAFAAUgC%26r%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC6XKzqNb8YPnOHtr43gPU9YSYCN2V5bdc9v6PjlfAjbcBEAEgAGCVAoIBF2NhLXB1Yi0yNTkwNDUxMjY0MDQyODQyoAHahvPoA8gBCeACAKgDAaoE9QFP0Lek2ptWuni1EhLW9i0KoSEwQ8-fkoloFMQwx-lA-0xt55t-UwGj6Pwv6ek8lDT1MZK8abwLT2VhXyY5QBZ6zH3xcL80-Mf11vouQ3BERu8gfdLkhEV2HutQPf3Yd98XObX0CtbD7xop1sjtejmeuUfFsU0dTd_OMSoegH5TtjapOgQgyDYHSnNP8edzpSk7amu92IFt_fZawdNMmlPUgZZ35a3_UsGZJkZko1gx9IstFU484vIh2RS6R2AooDDNmRAQOSFNxQRkQAKEG3THJ2hf280bkdTI7Z72ok8U_gg6er9KeY512y96SuIEi0Z2vF0HuOAEAYAGiuyxp9booeauAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0WVXMHi2yLZZPP0E9x6VTl8qmpHg%2526client%253Dca-pub-2590451264042842%2526adurl%253D
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.117 Lingenfeld, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.117.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
d6bac329445a4ebd4eeb02db7a741cee116b07414b85674ac6ae6bea0437ff50

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 03:12:40 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3743
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
google
de1-bid.adsrvr.org/bid/feedback/ Frame 8F57 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://de1-bid.adsrvr.org/bid/feedback/google?t=1&iid=d3a84d8c-0f53-4daf-9082-341ff5a895fa&crid=w7thc0cp&wp=YPzWqAAHp3kKd7xaAAE61ArxJSGJUeh7AK-nYg&aid=1&wpc=USD&sfe=133456a8&puid=&tdid=&pid=xnw5wf7&ag=gys06nz&adv=4qqx4oo&sig=14Xk78XIdqmqcniWrPEeU43789VN3-cxGu4_lNijOjWg.&bp=0.11771505657974&cf=1041558&fq=0&td_s=www.mdzol.com&rcats=&mcat=&mste=&mfld=3&mssi=None&mfsi=1wi5owhg7w&uhow=5&agsa=&rgco=Germany&rgre=&rgme=&rgci=&rgz=&svbttd=1&dt=PC&osf=Windows&os=Windows10&br=Chrome&rlangs=es&mlang=&svpid=pub-2590451264042842&did=&rcxt=Other&lat=&lon=&tmpc=&daid=&vp=0&osi=&osv=&mdl=Chrome%20-%20Windows&npt=1&c=OAFQAXgAgAEAiAEBkAEA&dur=&durs=UJSBm-&crrelr=&pcm=1&grdc=CAEYASABKAFAAUgC&said=YPzWqAAIS38Hg4BtyABpKg%3D%3D&auct=1&im=1&mc=0a41e4d7-e63d-47ff-86ff-1173f1a63097
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
76.223.26.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ad9411418cf2cdacd.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Jul 2021 03:12:40 GMT
server
Kestrel
transfer-encoding
chunked
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cache-control
must-revalidate, no-cache
connection
close
content-type
image/gif
ca
choices.truste.com/ Frame 8F57 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=t7d1m8n_gys06nz_w7thc0cp&c=tradedesk01cont1&js=pmw0&w=728&h=90&sid=0
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-23.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
6faebceb718b6e9d3911598273244145b17784ed94ad3dd80b5ea67dce58643b

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Jul 2021 03:12:40 GMT
content-encoding
gzip
server
nginx
x-amz-cf-pop
DUS51-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
via
1.1 d47fba004c254adb4e354d0cef499808.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-id
zhPnPckYqMuDjrF8XKuMNZZ_59tG7K4dlJP1v3apzMYlIIzbkbd9EA==
expires
Mon, 26 Jul 1997 05:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame 8F57 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/window_focus_fy2019.js
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:03:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
571
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 08 Aug 2021 03:03:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8F57 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4409f886851d18b5071cc08d25845e0d959d51fd1e9eec92118d0f12a44e5eeb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:40 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1627039891503395"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38153
x-xss-protection
0
expires
Sun, 25 Jul 2021 03:12:40 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame 8F57 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1b1a4081a8a32bc714fbb7a2509141683bc3eb707a421c0db556ed856f6d8e99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:07:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
285
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6195
x-xss-protection
0
server
cafe
etag
10716856519410487149
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 08 Aug 2021 03:07:55 GMT
l
www.google.com/ads/measurement/ Frame 8F57 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRVj0CF7PE1468P1Ql31YPzdBp_mEQYHUzJGjBmLbil7ZBoLudzNQQHX5oJweF4vZF9UyN0P4Y6mYXbN88oWu2iGGvRjw
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 8F57 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Jul 2021 11:01:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
144673
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Jul 2022 11:01:27 GMT
request.php
ad12.ad-srv.net/ Frame 8F57
Redirect Chain
  • https://ad12.ad-srv.net/request.php?zone=dgeex1zreb35&nw=11&renderingType=javascript&namespace=bc2ea4afdb&subid=&uid=7197bc1c3874ce42&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x9...
  • https://ad12.ad-srv.net/request.php?zone=dgeex1zreb35&nw=11&renderingType=javascript&namespace=bc2ea4afdb&subid=&uid=7197bc1c3874ce42&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x9...
2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad12.ad-srv.net/request.php?zone=dgeex1zreb35&nw=11&renderingType=javascript&namespace=bc2ea4afdb&subid=&uid=7197bc1c3874ce42&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=http%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3Dd3a84d8c-0f53-4daf-9082-341ff5a895fa%26ag%3Dgys06nz%26sfe%3D133456a8%26sig%3DtEfgTh2Pl1SCdBLdI0thyKo88zEToCm69nlYJm0gPBA.%26crid%3Dw7thc0cp%26cf%3D1041558%26fq%3D0%26t%3D1%26td_s%3Dwww.mdzol.com%26rcats%3D%26mcat%3D%26mste%3D%26mfld%3D3%26mssi%3DNone%26mfsi%3D1wi5owhg7w%26sv%3Dgoogle%26uhow%3D5%26agsa%3D%26wp%3DYPzWqAAHp3kKd7xaAAE61ArxJSGJUeh7AK-nYg%26rgco%3DGermany%26rgre%3D%26rgme%3D%26rgci%3D%26rgz%3D%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3Dpub-2590451264042842%26rlangs%3Des%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DOAFQAXgAgAEAiAEBkAEA%26dur%3D%26durs%3DUJSBm-%26crrelr%3D%26npt%3D1%26svscid%3Dpub-2590451264042842%26mdl%3DChrome%2520-%2520Windows%26pcm%3D1%26said%3DYPzWqAAIS38Hg4BtyABpKg%253D%253D%26auct%3D1%26grdc%3DCAEYASABKAFAAUgC%26r%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC6XKzqNb8YPnOHtr43gPU9YSYCN2V5bdc9v6PjlfAjbcBEAEgAGCVAoIBF2NhLXB1Yi0yNTkwNDUxMjY0MDQyODQyoAHahvPoA8gBCeACAKgDAaoE9QFP0Lek2ptWuni1EhLW9i0KoSEwQ8-fkoloFMQwx-lA-0xt55t-UwGj6Pwv6ek8lDT1MZK8abwLT2VhXyY5QBZ6zH3xcL80-Mf11vouQ3BERu8gfdLkhEV2HutQPf3Yd98XObX0CtbD7xop1sjtejmeuUfFsU0dTd_OMSoegH5TtjapOgQgyDYHSnNP8edzpSk7amu92IFt_fZawdNMmlPUgZZ35a3_UsGZJkZko1gx9IstFU484vIh2RS6R2AooDDNmRAQOSFNxQRkQAKEG3THJ2hf280bkdTI7Z72ok8U_gg6er9KeY512y96SuIEi0Z2vF0HuOAEAYAGiuyxp9booeauAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0WVXMHi2yLZZPP0E9x6VTl8qmpHg%2526client%253Dca-pub-2590451264042842%2526adurl%253D&documentReferer=https%3A%2F%2Fwww.mdzol.com%2F&ancestorOrigins=https%3A%2F%2Fwww.mdzol.com&random=1631355591609&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
3e5575bcd4f0b6ab76842c7529c6283a58d95abcded480e4370b0e96a0e345e4

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 25 Jul 2021 03:12:40 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
86908700010503901199115011666012
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
725
Expires
Sun, 25 Jul 2021 04:12:40 +0200

Redirect headers

Pragma
no-cache
Date
Sun, 25 Jul 2021 03:12:40 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=dgeex1zreb35&nw=11&renderingType=javascript&namespace=bc2ea4afdb&subid=&uid=7197bc1c3874ce42&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=http%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3Dd3a84d8c-0f53-4daf-9082-341ff5a895fa%26ag%3Dgys06nz%26sfe%3D133456a8%26sig%3DtEfgTh2Pl1SCdBLdI0thyKo88zEToCm69nlYJm0gPBA.%26crid%3Dw7thc0cp%26cf%3D1041558%26fq%3D0%26t%3D1%26td_s%3Dwww.mdzol.com%26rcats%3D%26mcat%3D%26mste%3D%26mfld%3D3%26mssi%3DNone%26mfsi%3D1wi5owhg7w%26sv%3Dgoogle%26uhow%3D5%26agsa%3D%26wp%3DYPzWqAAHp3kKd7xaAAE61ArxJSGJUeh7AK-nYg%26rgco%3DGermany%26rgre%3D%26rgme%3D%26rgci%3D%26rgz%3D%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3Dpub-2590451264042842%26rlangs%3Des%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DOAFQAXgAgAEAiAEBkAEA%26dur%3D%26durs%3DUJSBm-%26crrelr%3D%26npt%3D1%26svscid%3Dpub-2590451264042842%26mdl%3DChrome%2520-%2520Windows%26pcm%3D1%26said%3DYPzWqAAIS38Hg4BtyABpKg%253D%253D%26auct%3D1%26grdc%3DCAEYASABKAFAAUgC%26r%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC6XKzqNb8YPnOHtr43gPU9YSYCN2V5bdc9v6PjlfAjbcBEAEgAGCVAoIBF2NhLXB1Yi0yNTkwNDUxMjY0MDQyODQyoAHahvPoA8gBCeACAKgDAaoE9QFP0Lek2ptWuni1EhLW9i0KoSEwQ8-fkoloFMQwx-lA-0xt55t-UwGj6Pwv6ek8lDT1MZK8abwLT2VhXyY5QBZ6zH3xcL80-Mf11vouQ3BERu8gfdLkhEV2HutQPf3Yd98XObX0CtbD7xop1sjtejmeuUfFsU0dTd_OMSoegH5TtjapOgQgyDYHSnNP8edzpSk7amu92IFt_fZawdNMmlPUgZZ35a3_UsGZJkZko1gx9IstFU484vIh2RS6R2AooDDNmRAQOSFNxQRkQAKEG3THJ2hf280bkdTI7Z72ok8U_gg6er9KeY512y96SuIEi0Z2vF0HuOAEAYAGiuyxp9booeauAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0WVXMHi2yLZZPP0E9x6VTl8qmpHg%2526client%253Dca-pub-2590451264042842%2526adurl%253D&documentReferer=https%3A%2F%2Fwww.mdzol.com%2F&ancestorOrigins=https%3A%2F%2Fwww.mdzol.com&random=1631355591609&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Sun, 25 Jul 2021 04:12:40 +0200
rs
ad4m.at/ Frame 23E2 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f598b22dd02b7275beada4e0c4c0b24f52f588114b6528b953342db757c5549

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
6742353f7a024e61-FRA
date
Sun, 25 Jul 2021 03:12:40 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7JOwoYg4Uvi2SxEvHY%2B21bWNAz%2BumlwZQpOs%2BQCdsy4%2BieI5Y2YR3czit6J2sO8tMWxmHZfruR%2FlqP2B8ewzr7QMqYb5Q8qnZoTb%2Fan%2FV1GfSOJyoF7c1BTYSK11PA%2B3qqVlaNI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
rs-1tg8
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3-29
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sun, 25 Jul 2021 03:12:40 GMT
content-type
text/plain
content-length
24
access-control-allow-origin
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
access-control-allow-credentials
true
access-control-max-age
1800
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers
content-type
allow
HEAD,POST,GET,OPTIONS
x-backend-server
rs-1tg8
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qzNmcnA0XSOH87zZn9%2BVsAaz0aumwXSoP6VfuuL6ae%2FnIFIiYx%2FKqCOlIxKNdQHd6xGyW8WBFFtkNRfpD5XttQMPvAOj%2FmZSahpEy4iBAHKeh7ss%2FCg8SlC6NyHCSkUIzNdj9QA%3D"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
6742353f59ed4e61-FRA
ztpv.php
www.conrad.de/ Frame C6BA
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2470208&v=11354&q=371931&r=473322&pv=1&viewref=86908700010503901199115011666012
  • https://www.conrad.de/ztpv.php?awc=11354_473322_1627182760_2c004fe1-ecf6-11eb-ad65-692d0665ba09&insert=AW
0
707 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.conrad.de/ztpv.php?awc=11354_473322_1627182760_2c004fe1-ecf6-11eb-ad65-692d0665ba09&insert=AW
Requested by
Host: ad12.ad-srv.net
URL: https://ad12.ad-srv.net/request.php?zone=dgeex1zreb35&nw=11&renderingType=javascript&namespace=bc2ea4afdb&subid=&uid=7197bc1c3874ce42&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=http%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3Dd3a84d8c-0f53-4daf-9082-341ff5a895fa%26ag%3Dgys06nz%26sfe%3D133456a8%26sig%3DtEfgTh2Pl1SCdBLdI0thyKo88zEToCm69nlYJm0gPBA.%26crid%3Dw7thc0cp%26cf%3D1041558%26fq%3D0%26t%3D1%26td_s%3Dwww.mdzol.com%26rcats%3D%26mcat%3D%26mste%3D%26mfld%3D3%26mssi%3DNone%26mfsi%3D1wi5owhg7w%26sv%3Dgoogle%26uhow%3D5%26agsa%3D%26wp%3DYPzWqAAHp3kKd7xaAAE61ArxJSGJUeh7AK-nYg%26rgco%3DGermany%26rgre%3D%26rgme%3D%26rgci%3D%26rgz%3D%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3Dpub-2590451264042842%26rlangs%3Des%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DOAFQAXgAgAEAiAEBkAEA%26dur%3D%26durs%3DUJSBm-%26crrelr%3D%26npt%3D1%26svscid%3Dpub-2590451264042842%26mdl%3DChrome%2520-%2520Windows%26pcm%3D1%26said%3DYPzWqAAIS38Hg4BtyABpKg%253D%253D%26auct%3D1%26grdc%3DCAEYASABKAFAAUgC%26r%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC6XKzqNb8YPnOHtr43gPU9YSYCN2V5bdc9v6PjlfAjbcBEAEgAGCVAoIBF2NhLXB1Yi0yNTkwNDUxMjY0MDQyODQyoAHahvPoA8gBCeACAKgDAaoE9QFP0Lek2ptWuni1EhLW9i0KoSEwQ8-fkoloFMQwx-lA-0xt55t-UwGj6Pwv6ek8lDT1MZK8abwLT2VhXyY5QBZ6zH3xcL80-Mf11vouQ3BERu8gfdLkhEV2HutQPf3Yd98XObX0CtbD7xop1sjtejmeuUfFsU0dTd_OMSoegH5TtjapOgQgyDYHSnNP8edzpSk7amu92IFt_fZawdNMmlPUgZZ35a3_UsGZJkZko1gx9IstFU484vIh2RS6R2AooDDNmRAQOSFNxQRkQAKEG3THJ2hf280bkdTI7Z72ok8U_gg6er9KeY512y96SuIEi0Z2vF0HuOAEAYAGiuyxp9booeauAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0WVXMHi2yLZZPP0E9x6VTl8qmpHg%2526client%253Dca-pub-2590451264042842%2526adurl%253D&documentReferer=https%3A%2F%2Fwww.mdzol.com%2F&ancestorOrigins=https%3A%2F%2Fwww.mdzol.com&random=1631355591609&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:7e05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
www.conrad.de
:scheme
https
:path
/ztpv.php?awc=11354_473322_1627182760_2c004fe1-ecf6-11eb-ad65-692d0665ba09&insert=AW
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/

Response headers

date
Sun, 25 Jul 2021 03:12:41 GMT
content-type
text/html; charset=UTF-8
server-timing
intid;desc=e2463cd6e710443a intid;desc=8a3745b9fcbce4fe
cache-control
no-cache
expires
-1
set-cookie
HTLP_timestamp=1627182761; expires=Fri, 30-Jul-2021 03:12:41 GMT; Max-Age=432000; path=/; secure; SameSite=None CEAffHA=YD; expires=Fri, 30-Jul-2021 03:12:41 GMT; Max-Age=432000; path=/; secure; SameSite=None __cf_bm=6b62c93f120242abe86c640b265573250b4b47a9-1627182761-1800-AYiENmi8g6dhKM7hV+Ihe8IzvvmKdG4MBC0enjVtfxVMHydewnwY1lOQ3laMx3H0hNzVtdsZmCRjXUT2D09lWkI=; path=/; expires=Sun, 25-Jul-21 03:42:41 GMT; domain=.www.conrad.de; HttpOnly; Secure; SameSite=None
p3p
policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
age
0
strict-transport-security
max-age=15552000
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6742354008bf4357-FRA
content-encoding
br

Redirect headers

Location
https://www.conrad.de/ztpv.php?awc=11354_473322_1627182760_2c004fe1-ecf6-11eb-ad65-692d0665ba09&insert=AW
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Content-Length
0
Date
Sun, 25 Jul 2021 03:12:40 GMT
Connection
keep-alive
Set-Cookie
awpv11354=473322|1627182760|2c004fe1-ecf6-11eb-ad65-692d0665ba09;domain=.awin1.com;path=/;expires=Wednesday, 28-Jul-2021 03:12:40 UTC;Secure;SameSite=None AWSESS=377134:2470208;domain=.awin1.com;path=/;Secure;SameSite=None
Strict-Transport-Security
max-age=86400
Awin-Akamai-Rule-Set
default
request_content.php
ad12.ad-srv.net/ Frame 6A19 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad12.ad-srv.net/request_content.php?s=86908700010503901199115011666012&a=1124f00a
Requested by
Host: ad12.ad-srv.net
URL: https://ad12.ad-srv.net/request.php?zone=dgeex1zreb35&nw=11&renderingType=javascript&namespace=bc2ea4afdb&subid=&uid=7197bc1c3874ce42&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=728x90&scrollPos=0x0&extData[]=&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=http%3A%2F%2Finsight.adsrvr.org%2Ftrack%2Fclk%3Fimp%3Dd3a84d8c-0f53-4daf-9082-341ff5a895fa%26ag%3Dgys06nz%26sfe%3D133456a8%26sig%3DtEfgTh2Pl1SCdBLdI0thyKo88zEToCm69nlYJm0gPBA.%26crid%3Dw7thc0cp%26cf%3D1041558%26fq%3D0%26t%3D1%26td_s%3Dwww.mdzol.com%26rcats%3D%26mcat%3D%26mste%3D%26mfld%3D3%26mssi%3DNone%26mfsi%3D1wi5owhg7w%26sv%3Dgoogle%26uhow%3D5%26agsa%3D%26wp%3DYPzWqAAHp3kKd7xaAAE61ArxJSGJUeh7AK-nYg%26rgco%3DGermany%26rgre%3D%26rgme%3D%26rgci%3D%26rgz%3D%26dt%3DPC%26osf%3DWindows%26os%3DWindows10%26br%3DChrome%26svpid%3Dpub-2590451264042842%26rlangs%3Des%26mlang%3D%26did%3D%26rcxt%3DOther%26tmpc%3D%26vrtd%3D%26osi%3D%26osv%3D%26daid%3D%26dnr%3D0%26vpb%3D%26c%3DOAFQAXgAgAEAiAEBkAEA%26dur%3D%26durs%3DUJSBm-%26crrelr%3D%26npt%3D1%26svscid%3Dpub-2590451264042842%26mdl%3DChrome%2520-%2520Windows%26pcm%3D1%26said%3DYPzWqAAIS38Hg4BtyABpKg%253D%253D%26auct%3D1%26grdc%3DCAEYASABKAFAAUgC%26r%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DC6XKzqNb8YPnOHtr43gPU9YSYCN2V5bdc9v6PjlfAjbcBEAEgAGCVAoIBF2NhLXB1Yi0yNTkwNDUxMjY0MDQyODQyoAHahvPoA8gBCeACAKgDAaoE9QFP0Lek2ptWuni1EhLW9i0KoSEwQ8-fkoloFMQwx-lA-0xt55t-UwGj6Pwv6ek8lDT1MZK8abwLT2VhXyY5QBZ6zH3xcL80-Mf11vouQ3BERu8gfdLkhEV2HutQPf3Yd98XObX0CtbD7xop1sjtejmeuUfFsU0dTd_OMSoegH5TtjapOgQgyDYHSnNP8edzpSk7amu92IFt_fZawdNMmlPUgZZ35a3_UsGZJkZko1gx9IstFU484vIh2RS6R2AooDDNmRAQOSFNxQRkQAKEG3THJ2hf280bkdTI7Z72ok8U_gg6er9KeY512y96SuIEi0Z2vF0HuOAEAYAGiuyxp9booeauAaAGIagHpr4bqAfw2RuoB_LZG6gH7NUbqAeW2BvYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_0WVXMHi2yLZZPP0E9x6VTl8qmpHg%2526client%253Dca-pub-2590451264042842%2526adurl%253D&documentReferer=https%3A%2F%2Fwww.mdzol.com%2F&ancestorOrigins=https%3A%2F%2Fwww.mdzol.com&random=1631355591609&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
5e8870a9e5eab1bf60396d325bc0912e1b16599e6ace2295aea67e822c3447b7

Request headers

Host
ad12.ad-srv.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
pwzdy6wsn8n7_uid=dc30b87a73746aaf
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/

Response headers

Date
Sun, 25 Jul 2021 03:12:40 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Sun, 25 Jul 2021 04:12:40 +0200
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1046
Connection
close
Content-Type
text/html; charset=utf-8
rar
as.ad4m.at/ad/ Frame 9B8B 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=24412&b=Yxqtrfz14YfpepuVHpC3HQtQVkUZt1Tmb&f=q4gUmfBDeXt797fZH3C1HRCQVEUztgTZR&c=300&d=250&e=&g=12cd6f19de7f24519932f53ae0ce639a%2F11123255538266358272&i=20148&j=20&k=0&l=0&m=0&n=&p=&q=&o=dbmRTXL&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC3bs8qNb8YML4Csi73gPKhr8gorGO3WLDo6HD1AzwLhABIIjopn1glQLIAQmpAjXhxKEswLM-qAMBqgTnAU_Qrt4ayuXCM9tN7d9avqDy-Y1ssQi6pyymveBvk1MGLHRcb_sWT8cdm-cSOJzOM9BdEidjQQe2JNPWwvFRidNyLyu38WJjjsUIsci-LZGOXZ5Kve1UtNOxFqHpQSH_Kb7TqMlvnFqsXVdwZVcy93nfyh5ZaD-p3Iw2ce4g5eRDe2mvKAEc1GLDkrTHnSAazYs_tlsFTnthz98-YXfOg8eCe5TOkF4Jp2C1MF7JC9XD4z7T75dlwfKF-zYgiW1lpc8wrbK0NfU0wELxzurNTGm-mUJ2e0yMFzUQX8uu_2wu3aPk9LzycsAE_9eFyqED4AQDkAYBoAZNgAfqwcFeqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIjhgBAQARgdgAoDmAsByAsBgAwBsBOin9MG0BMA2BMD2BQB0BUBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAASFeRo-Z3KEn_i9pRIP7LCLfaqCAQKXw%2526sig%253DAOD64_1QHSycN411sAObJsNXLjO3qejwSw%2526client%253Dca-pub-2590451264042842%2526dbm_c%253DAKAmf-DFkyZY5UcN2IaFEY0gzqgNq1gfEjHwnkvUh9wcLsFDGmTGWUV2CjcFeCu-2TPqOn1uGXfMymnFJ0D1GN4_S_8DkQHknxFOIdasM9rrpBxGSn5PKDlJ2wLRQ6SuWUnbtr67V576GgXIcbKTo7Cti_1CIM6BWQ%2526cry%253D1%2526dbm_d%253DAKAmf-Bx5eF16Mo-FK3MnHpM-z9E_HqUpO79siM_1j01naJr1CjBs7PX2RVk--t6A0IpZGQQNK-zttzKe-abxwbLvrbxZE5M0e0DX7RBVhpAIIRe4MaicPJYOFDAu7VA-qEccIGKvsL02TZv4EfVute07NmAzfKjHLb1kuTCHmZFcrymcHa-k6m7hZZ1z9D14L9CtRscCi2uoLvso8g7keaFq3zMfojd6VBRw_8MKd3s3LMkTovN_E9cpnRqmi2ycbnjP_5llVSVCbXKMFFqLJfIgUjptsatzNKkRUFaTOzzKD15_x8-F5SZeWMQlY-t-nysLzLCmZUG4e4VfdrQz8ZB0bfSBICJ8TeAx5dRFTUbwLgxnjjL6370BnMAFZTvEJtr9RZpG4dqznh2_hk8Ck969V6SEREglkKAmHPFA1A9a2vicK_yrDzB1ecfblii9E6TIO_6EUKV%2526adurl%253D&y=0&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cdb51889deec1c7cbbdf19e4eabe7e51b4a10e5c27f6c4dad5e789f231f9980
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
as.ad4m.at
:scheme
https
:path
/ad/rar?a=24412&b=Yxqtrfz14YfpepuVHpC3HQtQVkUZt1Tmb&f=q4gUmfBDeXt797fZH3C1HRCQVEUztgTZR&c=300&d=250&e=&g=12cd6f19de7f24519932f53ae0ce639a%2F11123255538266358272&i=20148&j=20&k=0&l=0&m=0&n=&p=&q=&o=dbmRTXL&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC3bs8qNb8YML4Csi73gPKhr8gorGO3WLDo6HD1AzwLhABIIjopn1glQLIAQmpAjXhxKEswLM-qAMBqgTnAU_Qrt4ayuXCM9tN7d9avqDy-Y1ssQi6pyymveBvk1MGLHRcb_sWT8cdm-cSOJzOM9BdEidjQQe2JNPWwvFRidNyLyu38WJjjsUIsci-LZGOXZ5Kve1UtNOxFqHpQSH_Kb7TqMlvnFqsXVdwZVcy93nfyh5ZaD-p3Iw2ce4g5eRDe2mvKAEc1GLDkrTHnSAazYs_tlsFTnthz98-YXfOg8eCe5TOkF4Jp2C1MF7JC9XD4z7T75dlwfKF-zYgiW1lpc8wrbK0NfU0wELxzurNTGm-mUJ2e0yMFzUQX8uu_2wu3aPk9LzycsAE_9eFyqED4AQDkAYBoAZNgAfqwcFeqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIjhgBAQARgdgAoDmAsByAsBgAwBsBOin9MG0BMA2BMD2BQB0BUBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAASFeRo-Z3KEn_i9pRIP7LCLfaqCAQKXw%2526sig%253DAOD64_1QHSycN411sAObJsNXLjO3qejwSw%2526client%253Dca-pub-2590451264042842%2526dbm_c%253DAKAmf-DFkyZY5UcN2IaFEY0gzqgNq1gfEjHwnkvUh9wcLsFDGmTGWUV2CjcFeCu-2TPqOn1uGXfMymnFJ0D1GN4_S_8DkQHknxFOIdasM9rrpBxGSn5PKDlJ2wLRQ6SuWUnbtr67V576GgXIcbKTo7Cti_1CIM6BWQ%2526cry%253D1%2526dbm_d%253DAKAmf-Bx5eF16Mo-FK3MnHpM-z9E_HqUpO79siM_1j01naJr1CjBs7PX2RVk--t6A0IpZGQQNK-zttzKe-abxwbLvrbxZE5M0e0DX7RBVhpAIIRe4MaicPJYOFDAu7VA-qEccIGKvsL02TZv4EfVute07NmAzfKjHLb1kuTCHmZFcrymcHa-k6m7hZZ1z9D14L9CtRscCi2uoLvso8g7keaFq3zMfojd6VBRw_8MKd3s3LMkTovN_E9cpnRqmi2ycbnjP_5llVSVCbXKMFFqLJfIgUjptsatzNKkRUFaTOzzKD15_x8-F5SZeWMQlY-t-nysLzLCmZUG4e4VfdrQz8ZB0bfSBICJ8TeAx5dRFTUbwLgxnjjL6370BnMAFZTvEJtr9RZpG4dqznh2_hk8Ck969V6SEREglkKAmHPFA1A9a2vicK_yrDzB1ecfblii9E6TIO_6EUKV%2526adurl%253D&y=0&z=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/

Response headers

date
Sun, 25 Jul 2021 03:12:40 GMT
content-type
text/html; charset=utf-8
strict-transport-security
max-age=86400; includeSubDomains; preload
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options
noopen
x-content-type-options
nosniff
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection
1; mode=block
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy
same-origin
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires
0
surrogate-control
no-store
pragma
no-cache
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6742353fa9414aa3-FRA
content-encoding
br
summer_728x90
asset.conrad.com/media10/isa/160267/c1/-/de/ Frame 6A19
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2470210&v=11354&q=371931&r=473322&pref1=86908700010503901199115011666012
  • https://asset.conrad.com/media10/isa/160267/c1/-/de/summer_728x90?format=gif
44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://asset.conrad.com/media10/isa/160267/c1/-/de/summer_728x90?format=gif
Requested by
Host: ad12.ad-srv.net
URL: https://ad12.ad-srv.net/request_content.php?s=86908700010503901199115011666012&a=1124f00a
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.79.227.54 , United States, ASN22822 (LLNW, US),
Reverse DNS
https-178-79-227-54.vie.llnw.net
Software
Cliplister GmbH /
Resource Hash
b74c5b6414abf63b8df414f93c90a037e37c8a6877d4ac165b75cd915bceaa6f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ad12.ad-srv.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:41 GMT
last-modified
Tue, 08 Jun 2021 05:50:40 GMT
server
Cliplister GmbH
age
149305
etag
"60bf0530-aff7"
strict-transport-security
max-age=15768000
reporting
eyJjb25zdW1lcmlkIjoxNjAyNjcsIm93bmVyaWQiOjE2MDI2NywidW5pcXVlaWQiOiIxNjAyNjdiRTJfRzNVYnl6dl95OHlUMklVQjdKQVQiLCJ1dWlkIjoiYWYzY2M1ZmExZmY5MjQ2YzY5MjA1YzgwOTgyN2QyMDJhIiwiYXNzZXR0eXBlIjoicGljdHVyZSJ9
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=172800
x-server
c10
accept-ranges
bytes
content-length
45047
x-llid
6cd0f292b5fdbd84c85913fcd94caa9a
expires
Sun, 25 Jul 2021 09:44:16 GMT

Redirect headers

Date
Sun, 25 Jul 2021 03:12:40 GMT
Strict-Transport-Security
max-age=86400
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://asset.conrad.com/media10/isa/160267/c1/-/de/summer_728x90?format=gif
Awin-Akamai-Rule-Set
default
Node
Helix
Connection
keep-alive
Content-Length
0
viewability
ad12.ad-srv.net/ Frame 6A19 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad12.ad-srv.net/viewability?s=86908700010503901199115011666012&a=f0a7286c&vb=m
Requested by
Host: ad12.ad-srv.net
URL: https://ad12.ad-srv.net/request_content.php?s=86908700010503901199115011666012&a=1124f00a
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
94.130.102.164 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.164.102.130.94.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ad12.ad-srv.net/request_content.php?s=86908700010503901199115011666012&a=1124f00a
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 03:12:40 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7514 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Be8nkqNb8YL_4JPKNjuwPtcGSqAUAAAAAOAHgBAI&bg=!jI-lj8vNAAbnC78O5ws7ACkAdvg8Whu_MiFWyr8I-FMJGC5z4IZSLUFL-t5L7JSHi_-wMK3yfHcmAgIAAAC4UgAAAA9oAQcKANHqA8OwPOYyXtpEQmm1bqrTPx4osWPLlQxqfI-H3DijEmSGOnYWIZa_DgYNU1mYUYuwnMvEYzend9RwCYct7sCfv73gdYwQ7qyvt-Ocu5NmW8a9aDfzA7A1KsjPLjI1RqW1uWCt_beE-CLVii6xFqYTXglMz-NRD5Z0bA8kTRX6yy1l3JRePgRfG4oBbk8_IEEVPS81jeodj4DUcB-PYj-gMRTUuPL0OT9zXg6AzfAlNC-kykUcVu6HxcuCxfpzSCpLZltxLYijRwIMWJMyb1rL65kCwlFS24VkQ7Z0bpY5VfgX2UdFtFLDkAmbdNQvb0sS804XoirsmKlb03OwTGdZaTxABHb4TW2YtvuVLtnsgBn1fLJrxIGPeSa29llY8PiYb7pGo9Lv51mNyjVy_Y2mFRDlenh_l242wRT0KK6NufNqKVnkwbtwOWdV5pCnrEqKbuwrHj7d5leVfue8L2eHse1hIHJXI31TZBTYhvo-6F5aT5hwIxzuLhWl2paqf-LrcrdQwUJyw1rq8RtvkpTFZqXuEIlhE42dvrAAcDpjZSozW0uURqL27q2Hs_0bM_zBGs0yIoLfXkVdMSRnebychqcBs5L-k1FrUsKNNgQiqi1j__kWNLd7Fl_JL7AKQRlE2BCIpv90QNNnT9T2oYo8vysd9zW1tg_t_PLPBeXK8RFOnWl-zqto8IIL_Gk7vFnLPmRv19c82IN1t9bj6zGpD0q8foYfnwyRypSG5cMJ1WrUGb0H4tqHPVAgvRGKl3iEvndFiuX1i_Ea_744FKLeF5SxulXJm8s2IqK1z_Pe69i8GQKfKAqqTaayUXAAZh_BBYRknVNmjA6aNqzppvvqX6AvarDC_XYnAcM64mi8rLmnvuYHCVoR4Pg8YzJHGmn2hlOVcayoZWqFcadc_6DupAlSmZTr3WI5z0PoXMQ1ztbrANv0SJuk13bzTMXJaLCleWtbQ3ZO09ot8C0E-7s9m9fMMw6RBjPIiZ_ry5zSA557IiVGufM5EmSZx7j6pq-k7_XR7LOycvdCuvsHYqhS6mxSLNXctZ8JGNK1s9xKCO7dZFlouan_zjS59McvNcmT2S8D7y1x3BHGwfZglDlYdxsXnSOIX7um167qtxCQz7vnu4KlR_WlzqUplJ_K2oM1LkboHveoHtlnisN09_qf7kuwrKCclHgn8aCoNoEs_E0zsDOXim_OJt2Hy9ClnCUl4KkAW3Q
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Jul 2021 03:12:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
default.css
as.ad4m.at/ad/style/0.1.7/one-ad/ Frame 9B8B 		64 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.7/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=24412&b=Yxqtrfz14YfpepuVHpC3HQtQVkUZt1Tmb&f=q4gUmfBDeXt797fZH3C1HRCQVEUztgTZR&c=300&d=250&e=&g=12cd6f19de7f24519932f53ae0ce639a%2F11123255538266358272&i=20148&j=20&k=0&l=0&m=0&n=&p=&q=&o=dbmRTXL&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC3bs8qNb8YML4Csi73gPKhr8gorGO3WLDo6HD1AzwLhABIIjopn1glQLIAQmpAjXhxKEswLM-qAMBqgTnAU_Qrt4ayuXCM9tN7d9avqDy-Y1ssQi6pyymveBvk1MGLHRcb_sWT8cdm-cSOJzOM9BdEidjQQe2JNPWwvFRidNyLyu38WJjjsUIsci-LZGOXZ5Kve1UtNOxFqHpQSH_Kb7TqMlvnFqsXVdwZVcy93nfyh5ZaD-p3Iw2ce4g5eRDe2mvKAEc1GLDkrTHnSAazYs_tlsFTnthz98-YXfOg8eCe5TOkF4Jp2C1MF7JC9XD4z7T75dlwfKF-zYgiW1lpc8wrbK0NfU0wELxzurNTGm-mUJ2e0yMFzUQX8uu_2wu3aPk9LzycsAE_9eFyqED4AQDkAYBoAZNgAfqwcFeqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIjhgBAQARgdgAoDmAsByAsBgAwBsBOin9MG0BMA2BMD2BQB0BUBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAASFeRo-Z3KEn_i9pRIP7LCLfaqCAQKXw%2526sig%253DAOD64_1QHSycN411sAObJsNXLjO3qejwSw%2526client%253Dca-pub-2590451264042842%2526dbm_c%253DAKAmf-DFkyZY5UcN2IaFEY0gzqgNq1gfEjHwnkvUh9wcLsFDGmTGWUV2CjcFeCu-2TPqOn1uGXfMymnFJ0D1GN4_S_8DkQHknxFOIdasM9rrpBxGSn5PKDlJ2wLRQ6SuWUnbtr67V576GgXIcbKTo7Cti_1CIM6BWQ%2526cry%253D1%2526dbm_d%253DAKAmf-Bx5eF16Mo-FK3MnHpM-z9E_HqUpO79siM_1j01naJr1CjBs7PX2RVk--t6A0IpZGQQNK-zttzKe-abxwbLvrbxZE5M0e0DX7RBVhpAIIRe4MaicPJYOFDAu7VA-qEccIGKvsL02TZv4EfVute07NmAzfKjHLb1kuTCHmZFcrymcHa-k6m7hZZ1z9D14L9CtRscCi2uoLvso8g7keaFq3zMfojd6VBRw_8MKd3s3LMkTovN_E9cpnRqmi2ycbnjP_5llVSVCbXKMFFqLJfIgUjptsatzNKkRUFaTOzzKD15_x8-F5SZeWMQlY-t-nysLzLCmZUG4e4VfdrQz8ZB0bfSBICJ8TeAx5dRFTUbwLgxnjjL6370BnMAFZTvEJtr9RZpG4dqznh2_hk8Ck969V6SEREglkKAmHPFA1A9a2vicK_yrDzB1ecfblii9E6TIO_6EUKV%2526adurl%253D&y=0&z=0
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c35529095f6b1a1b2f9345e8d7e86532048ffbfdd082f03ed114be88865388df
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/rar?a=24412&b=Yxqtrfz14YfpepuVHpC3HQtQVkUZt1Tmb&f=q4gUmfBDeXt797fZH3C1HRCQVEUztgTZR&c=300&d=250&e=&g=12cd6f19de7f24519932f53ae0ce639a%2F11123255538266358272&i=20148&j=20&k=0&l=0&m=0&n=&p=&q=&o=dbmRTXL&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC3bs8qNb8YML4Csi73gPKhr8gorGO3WLDo6HD1AzwLhABIIjopn1glQLIAQmpAjXhxKEswLM-qAMBqgTnAU_Qrt4ayuXCM9tN7d9avqDy-Y1ssQi6pyymveBvk1MGLHRcb_sWT8cdm-cSOJzOM9BdEidjQQe2JNPWwvFRidNyLyu38WJjjsUIsci-LZGOXZ5Kve1UtNOxFqHpQSH_Kb7TqMlvnFqsXVdwZVcy93nfyh5ZaD-p3Iw2ce4g5eRDe2mvKAEc1GLDkrTHnSAazYs_tlsFTnthz98-YXfOg8eCe5TOkF4Jp2C1MF7JC9XD4z7T75dlwfKF-zYgiW1lpc8wrbK0NfU0wELxzurNTGm-mUJ2e0yMFzUQX8uu_2wu3aPk9LzycsAE_9eFyqED4AQDkAYBoAZNgAfqwcFeqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIjhgBAQARgdgAoDmAsByAsBgAwBsBOin9MG0BMA2BMD2BQB0BUBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAASFeRo-Z3KEn_i9pRIP7LCLfaqCAQKXw%2526sig%253DAOD64_1QHSycN411sAObJsNXLjO3qejwSw%2526client%253Dca-pub-2590451264042842%2526dbm_c%253DAKAmf-DFkyZY5UcN2IaFEY0gzqgNq1gfEjHwnkvUh9wcLsFDGmTGWUV2CjcFeCu-2TPqOn1uGXfMymnFJ0D1GN4_S_8DkQHknxFOIdasM9rrpBxGSn5PKDlJ2wLRQ6SuWUnbtr67V576GgXIcbKTo7Cti_1CIM6BWQ%2526cry%253D1%2526dbm_d%253DAKAmf-Bx5eF16Mo-FK3MnHpM-z9E_HqUpO79siM_1j01naJr1CjBs7PX2RVk--t6A0IpZGQQNK-zttzKe-abxwbLvrbxZE5M0e0DX7RBVhpAIIRe4MaicPJYOFDAu7VA-qEccIGKvsL02TZv4EfVute07NmAzfKjHLb1kuTCHmZFcrymcHa-k6m7hZZ1z9D14L9CtRscCi2uoLvso8g7keaFq3zMfojd6VBRw_8MKd3s3LMkTovN_E9cpnRqmi2ycbnjP_5llVSVCbXKMFFqLJfIgUjptsatzNKkRUFaTOzzKD15_x8-F5SZeWMQlY-t-nysLzLCmZUG4e4VfdrQz8ZB0bfSBICJ8TeAx5dRFTUbwLgxnjjL6370BnMAFZTvEJtr9RZpG4dqznh2_hk8Ck969V6SEREglkKAmHPFA1A9a2vicK_yrDzB1ecfblii9E6TIO_6EUKV%2526adurl%253D&y=0&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:40 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
1102098
cf-polished
origSize=65497
surrogate-control
no-store
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
cf-bgj
minify
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options
noopen
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=3600
cf-ray
6742353fc9bc0631-FRA
expires
Sun, 25 Jul 2021 04:12:40 GMT
BB1513DC0DC6459895D99BE27A8EDB870CDAACF00F54D172AC99AA5D59A678B902501C27E01AB93F4D95AC2E0283F91C59BE04BBC576B8B1B5698EC904DF6BD2
assets.ad4m.at/ Frame 9B8B 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/BB1513DC0DC6459895D99BE27A8EDB870CDAACF00F54D172AC99AA5D59A678B902501C27E01AB93F4D95AC2E0283F91C59BE04BBC576B8B1B5698EC904DF6BD2
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=24412&b=Yxqtrfz14YfpepuVHpC3HQtQVkUZt1Tmb&f=q4gUmfBDeXt797fZH3C1HRCQVEUztgTZR&c=300&d=250&e=&g=12cd6f19de7f24519932f53ae0ce639a%2F11123255538266358272&i=20148&j=20&k=0&l=0&m=0&n=&p=&q=&o=dbmRTXL&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC3bs8qNb8YML4Csi73gPKhr8gorGO3WLDo6HD1AzwLhABIIjopn1glQLIAQmpAjXhxKEswLM-qAMBqgTnAU_Qrt4ayuXCM9tN7d9avqDy-Y1ssQi6pyymveBvk1MGLHRcb_sWT8cdm-cSOJzOM9BdEidjQQe2JNPWwvFRidNyLyu38WJjjsUIsci-LZGOXZ5Kve1UtNOxFqHpQSH_Kb7TqMlvnFqsXVdwZVcy93nfyh5ZaD-p3Iw2ce4g5eRDe2mvKAEc1GLDkrTHnSAazYs_tlsFTnthz98-YXfOg8eCe5TOkF4Jp2C1MF7JC9XD4z7T75dlwfKF-zYgiW1lpc8wrbK0NfU0wELxzurNTGm-mUJ2e0yMFzUQX8uu_2wu3aPk9LzycsAE_9eFyqED4AQDkAYBoAZNgAfqwcFeqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIjhgBAQARgdgAoDmAsByAsBgAwBsBOin9MG0BMA2BMD2BQB0BUBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAASFeRo-Z3KEn_i9pRIP7LCLfaqCAQKXw%2526sig%253DAOD64_1QHSycN411sAObJsNXLjO3qejwSw%2526client%253Dca-pub-2590451264042842%2526dbm_c%253DAKAmf-DFkyZY5UcN2IaFEY0gzqgNq1gfEjHwnkvUh9wcLsFDGmTGWUV2CjcFeCu-2TPqOn1uGXfMymnFJ0D1GN4_S_8DkQHknxFOIdasM9rrpBxGSn5PKDlJ2wLRQ6SuWUnbtr67V576GgXIcbKTo7Cti_1CIM6BWQ%2526cry%253D1%2526dbm_d%253DAKAmf-Bx5eF16Mo-FK3MnHpM-z9E_HqUpO79siM_1j01naJr1CjBs7PX2RVk--t6A0IpZGQQNK-zttzKe-abxwbLvrbxZE5M0e0DX7RBVhpAIIRe4MaicPJYOFDAu7VA-qEccIGKvsL02TZv4EfVute07NmAzfKjHLb1kuTCHmZFcrymcHa-k6m7hZZ1z9D14L9CtRscCi2uoLvso8g7keaFq3zMfojd6VBRw_8MKd3s3LMkTovN_E9cpnRqmi2ycbnjP_5llVSVCbXKMFFqLJfIgUjptsatzNKkRUFaTOzzKD15_x8-F5SZeWMQlY-t-nysLzLCmZUG4e4VfdrQz8ZB0bfSBICJ8TeAx5dRFTUbwLgxnjjL6370BnMAFZTvEJtr9RZpG4dqznh2_hk8Ck969V6SEREglkKAmHPFA1A9a2vicK_yrDzB1ecfblii9E6TIO_6EUKV%2526adurl%253D&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a81 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a95a97e578d4cd9b4798e1db832bf4c8800cfd5c5693c1377464903aca85f15f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=RSIgkQ==, md5=XfZeFJqayd4fACFRIKtJhQ==
date
Sun, 25 Jul 2021 03:12:40 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
160575
cf-polished
qual=85, origFmt=jpeg, origSize=37552
x-guploader-uploadid
ADPycdsiPSzn0Lzt7P1Ao06t57ycxK_-q37H55_efvXAk_7luzLVFiBiu3jGtBXruo2qQEq4phba_-kRmheMRhIatadH5Gr9VQ
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
14362
last-modified
Thu, 22 Jul 2021 08:28:14 GMT
server
cloudflare
etag
"5df65e149a9ac9de1f00215120ab4985"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U%2Fd6tk5FL2FPEcDCcEnzHRBrZlX7sNFYs1zk2D2ZFlicfKbUS6mkFX2dZj1Cue3QpUgseQdsUVfaL48AELroM166qoiItEtZpCYSyXdEYK%2FNvz9q%2BnSc15c1FtDqsCKQCCP6Kdjd9oJMfNyn"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1626714603085740
content-type
image/webp
expires
Mon, 26 Jul 2021 03:12:40 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
37552
accept-ranges
bytes
cf-ray
6742353fc96c4aa3-FRA
cf-bgj
imgq:85,h2pri
3786
lenovo.7eer.net/i/1197007/815244/ Frame 9B8B
Redirect Chain
  • https://lenovo.7eer.net/i/1197007/815244/3786?subId1=oneidYxqtrfz14YfpepuVHpC3HQtQVkUZt1Tmboneid__dbmRTXL&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.ojrq.net/p/?return=https%3A%2F%2Flenovo.7eer.net%2Fi%2F1197007%2F815244%2F3786%3FsubId1%3DoneidYxqtrfz14YfpepuVHpC3HQtQVkUZt1Tmboneid__dbmRTXL%26gdpr_consent%3D%26gdpr%3D0%26gdpr_pd%3D0...
  • https://lenovo.7eer.net/i/1197007/815244/3786?subId1=oneidYxqtrfz14YfpepuVHpC3HQtQVkUZt1Tmboneid__dbmRTXL&gdpr_consent=&gdpr=0&gdpr_pd=0&level=1&brwsr=2c0cfae5-ecf6-11eb-8ab4-e92270992e00&brwsrsig=...
50 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lenovo.7eer.net/i/1197007/815244/3786?subId1=oneidYxqtrfz14YfpepuVHpC3HQtQVkUZt1Tmboneid__dbmRTXL&gdpr_consent=&gdpr=0&gdpr_pd=0&level=1&brwsr=2c0cfae5-ecf6-11eb-8ab4-e92270992e00&brwsrsig=0NXSNB3O8yS028synyVSLxOL0UZRQL
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=24412&b=Yxqtrfz14YfpepuVHpC3HQtQVkUZt1Tmb&f=q4gUmfBDeXt797fZH3C1HRCQVEUztgTZR&c=300&d=250&e=&g=12cd6f19de7f24519932f53ae0ce639a%2F11123255538266358272&i=20148&j=20&k=0&l=0&m=0&n=&p=&q=&o=dbmRTXL&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DC3bs8qNb8YML4Csi73gPKhr8gorGO3WLDo6HD1AzwLhABIIjopn1glQLIAQmpAjXhxKEswLM-qAMBqgTnAU_Qrt4ayuXCM9tN7d9avqDy-Y1ssQi6pyymveBvk1MGLHRcb_sWT8cdm-cSOJzOM9BdEidjQQe2JNPWwvFRidNyLyu38WJjjsUIsci-LZGOXZ5Kve1UtNOxFqHpQSH_Kb7TqMlvnFqsXVdwZVcy93nfyh5ZaD-p3Iw2ce4g5eRDe2mvKAEc1GLDkrTHnSAazYs_tlsFTnthz98-YXfOg8eCe5TOkF4Jp2C1MF7JC9XD4z7T75dlwfKF-zYgiW1lpc8wrbK0NfU0wELxzurNTGm-mUJ2e0yMFzUQX8uu_2wu3aPk9LzycsAE_9eFyqED4AQDkAYBoAZNgAfqwcFeqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-zVG6gH7paxAqgHpr4bqAfs1RuoB_PRG6gHltgb2AcA0ggJCIjhgBAQARgdgAoDmAsByAsBgAwBsBOin9MG0BMA2BMD2BQB0BUBgBcB%2526ae%253D1%2526num%253D1%2526cid%253DCAASFeRo-Z3KEn_i9pRIP7LCLfaqCAQKXw%2526sig%253DAOD64_1QHSycN411sAObJsNXLjO3qejwSw%2526client%253Dca-pub-2590451264042842%2526dbm_c%253DAKAmf-DFkyZY5UcN2IaFEY0gzqgNq1gfEjHwnkvUh9wcLsFDGmTGWUV2CjcFeCu-2TPqOn1uGXfMymnFJ0D1GN4_S_8DkQHknxFOIdasM9rrpBxGSn5PKDlJ2wLRQ6SuWUnbtr67V576GgXIcbKTo7Cti_1CIM6BWQ%2526cry%253D1%2526dbm_d%253DAKAmf-Bx5eF16Mo-FK3MnHpM-z9E_HqUpO79siM_1j01naJr1CjBs7PX2RVk--t6A0IpZGQQNK-zttzKe-abxwbLvrbxZE5M0e0DX7RBVhpAIIRe4MaicPJYOFDAu7VA-qEccIGKvsL02TZv4EfVute07NmAzfKjHLb1kuTCHmZFcrymcHa-k6m7hZZ1z9D14L9CtRscCi2uoLvso8g7keaFq3zMfojd6VBRw_8MKd3s3LMkTovN_E9cpnRqmi2ycbnjP_5llVSVCbXKMFFqLJfIgUjptsatzNKkRUFaTOzzKD15_x8-F5SZeWMQlY-t-nysLzLCmZUG4e4VfdrQz8ZB0bfSBICJ8TeAx5dRFTUbwLgxnjjL6370BnMAFZTvEJtr9RZpG4dqznh2_hk8Ck969V6SEREglkKAmHPFA1A9a2vicK_yrDzB1ecfblii9E6TIO_6EUKV%2526adurl%253D&y=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.240.205 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
205.240.186.35.bc.googleusercontent.com
Software
/
Resource Hash
ec34cd386427fe6deacf99f4fdbeea4b1d1ed25f505411650d7ceaa843a7fc63

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Jul 2021 03:12:41 GMT
via
1.1 google
p3p
policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
alt-svc
clear
content-length
50
expires
Sun, 25 Jul 2021 03:12:41 GMT

Redirect headers

pragma
no-cache
date
Sun, 25 Jul 2021 03:12:41 GMT
via
1.1 google
p3p
policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
location
https://lenovo.7eer.net/i/1197007/815244/3786?subId1=oneidYxqtrfz14YfpepuVHpC3HQtQVkUZt1Tmboneid__dbmRTXL&gdpr_consent=&gdpr=0&gdpr_pd=0&level=1&brwsr=2c0cfae5-ecf6-11eb-8ab4-e92270992e00&brwsrsig=0NXSNB3O8yS028synyVSLxOL0UZRQL
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc
clear
content-length
0
expires
Sun, 25 Jul 2021 03:12:41 GMT
truncated
/ Frame 8F57 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3b03904c5f4d8915450dc2f92afb0cb5e229873b9c6776037eabdae869807b5f

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
container.html
2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 10F6 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.mdzol.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.mdzol.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Sun, 25 Jul 2021 03:12:38 GMT
expires
Mon, 25 Jul 2022 03:12:38 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
css
fonts.googleapis.com/ Frame 10F6 		2 KB
531 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 25 Jul 2021 01:48:52 GMT
server
ESF
date
Sun, 25 Jul 2021 03:12:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 25 Jul 2021 03:12:41 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame 10F6 		1 KB
867 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
830
x-xss-protection
0
server
cafe
etag
3558876194914413708
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 08 Aug 2021 03:12:19 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 10F6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C6M6QqNb8YJ35K5C33wO9gYLABLimx95jo9-Kg6gI2ZGJy5gXEAEgiOimfWCVAqAB7brNiAPIAQmpAjXhxKEswLM-4AIAqAMByAObBKoE7QFP0Edt_6JOfypL2Z1hWJOyJUIk7R3_s_AHygfUSS1qKxlW54J36X7bkxCWNLqVVczxOdCtZFeS2ssBdUrblGfwaOLHAx9JyvzvH-yXgw8cXBelYC0ueU1hvjiBB7bPzvYsmMSZQED6u6FtpJAuguLg9sONiCgkU44O6iVhS9n24Q-mWP_2x7c82BFifmyViLUv74q5OvdxFmHY6Y4yQrT9LaPike4N71o5g9g0oj5NEhlYOGcVG8xELhmByw_GtHJca_EQ1rTbD7oerMMgOCkLecvdqt8Gsw2T3lgMi6vLs-iVojZvUXNDh6GO47XABN7lsdwc4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB-7c7xmoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEPO2AtIICQiI4YAQEAEYHYAKA8gLAdgTC4gUA9AVAZgWAYAXAbIXGgoYCAASFHB1Yi0yNTkwNDUxMjY0MDQyODQy&sigh=5h7QNpeGFXU&template_id=494
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/ Frame 10F6 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/abg_lite_fy2019.js
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7438cd6d98fc8e372c9a87e319ab965229ce2ba37798db808c8408f791db86ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:06:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
355
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7622
x-xss-protection
0
server
cafe
etag
16178317465966918049
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 08 Aug 2021 03:06:46 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame 10F6 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/window_focus_fy2019.js
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:03:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
572
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 08 Aug 2021 03:03:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 10F6 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4409f886851d18b5071cc08d25845e0d959d51fd1e9eec92118d0f12a44e5eeb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:41 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1627039891503395"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38153
x-xss-protection
0
expires
Sun, 25 Jul 2021 03:12:41 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame 10F6 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1b1a4081a8a32bc714fbb7a2509141683bc3eb707a421c0db556ed856f6d8e99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:07:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
286
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6195
x-xss-protection
0
server
cafe
etag
10716856519410487149
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 08 Aug 2021 03:07:55 GMT
4661e2b537cafc373934756b83790a75.js
www.gstatic.com/mysidia/ Frame 10F6 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/4661e2b537cafc373934756b83790a75.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d450db79b0f7039b6486a399d93ebe1efa7a81e0f7b1170931b8b3dddf4a31d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 02:23:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2929
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10780
x-xss-protection
0
last-modified
Tue, 20 Jul 2021 05:53:23 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sat, 23 Oct 2021 02:23:52 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 10F6 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcS7WLxOLmC18wMaUD7rXvcoQz-vn4_wi9M5l_kOs3C6jbfGlekm5KhjDY5Wpk8&usqp=CAI
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
777acd32e792ef70f60b68d8d4d27100992cc38088392c6a920fa7f738a223fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Jul 2021 18:16:58 GMT
x-content-type-options
nosniff
last-modified
Wed, 14 Jul 2021 02:01:49 GMT
server
sffe
age
291343
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17293
x-xss-protection
0
expires
Thu, 21 Jul 2022 18:16:58 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 10F6 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcS6ROvmx5U4mHr9HiJT8oHGw72m4g5HmCgwcTLSbHic_WF7IcialoTY62YAdj4&usqp=CAI
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
67c2b625a62944f95c1411933bfddbdaa83f2050b13012e4f1383fa7862834bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Jul 2021 16:46:21 GMT
x-content-type-options
nosniff
last-modified
Tue, 02 Jul 2019 09:17:03 GMT
server
sffe
age
296780
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42776
x-xss-protection
0
expires
Thu, 21 Jul 2022 16:46:21 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 10F6 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQzs8Mk_NVhM8fBAPDLBCXw_AQhuF4SZCwo_21dJ1rv8CoZwVspkFDiNYM-aww&usqp=CAI
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28b234f39f81b1c81631c30f5b162de18c1206d091e1324e991ce0809279b728
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 12:20:04 GMT
x-content-type-options
nosniff
last-modified
Thu, 18 Mar 2021 02:20:51 GMT
server
sffe
age
399157
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18487
x-xss-protection
0
expires
Wed, 20 Jul 2022 12:20:04 GMT
9024987478588063079
tpc.googlesyndication.com/simgad/ Frame 10F6
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDbocXZrQEQ0A8Y9AMyCDwOf0coj-Bs
  • https://tpc.googlesyndication.com/simgad/9024987478588063079
32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9024987478588063079
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9557761cc64eb87792e327000ad323a82f4e67817d827b9905e43676665acaa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 15:35:35 GMT
x-content-type-options
nosniff
age
387426
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32796
x-xss-protection
0
last-modified
Tue, 20 Nov 2018 10:32:52 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 15:35:35 GMT

Redirect headers

timing-allow-origin
*
date
Sat, 24 Jul 2021 22:01:35 GMT
x-content-type-options
nosniff
server
cafe
age
18666
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/9024987478588063079
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 23 Aug 2021 22:01:35 GMT
truncated
/ Frame 10F6 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5fc1c90bb8fbd7b04b7298c5bc49b2b2585d4388d62c40017b05a13060901244

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame 10F6 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 16:30:42 GMT
x-content-type-options
nosniff
age
384119
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20900
x-xss-protection
0
last-modified
Mon, 19 Apr 2021 22:53:16 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 16:30:42 GMT
container.html
2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EA22 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.mdzol.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.mdzol.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Sun, 25 Jul 2021 03:12:38 GMT
expires
Mon, 25 Jul 2022 03:12:38 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
css
fonts.googleapis.com/ Frame EA22 		2 KB
531 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 25 Jul 2021 01:30:07 GMT
server
ESF
date
Sun, 25 Jul 2021 03:12:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 25 Jul 2021 03:12:41 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame EA22 		1 KB
867 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
830
x-xss-protection
0
server
cafe
etag
3558876194914413708
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 08 Aug 2021 03:12:19 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame EA22 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CPbyoqdb8YKK2Beem3gODo5jgArimx95j-I-mkfwKqfTGu4gbEAEgiOimfWCVAqAB7brNiAPIAQmpAjXhxKEswLM-4AIAqAMByAObBKoE7QFP0GkVn3lfUgFx2JHvUe3AgszI1I9H6N8cK-iwJ0BAjnkX_N04MHtk9lvdPDstwLBvZn2-sU4Uz_LdkFzrQPOklJt-4MQ8EroAmjX1FKZOMHTYS2CUm3EUojhtQOu872DxYkO7q8bgf3wkwPFAHiM_bdNYpmWR5YFc9HRGcKmtqboaIfcQydSxWgwEHlFpLDRxdVikQiqnDTP8yHpwCsyQ3yLq2Vxzh5n2Uid_qsD3zsASxE0oB5jrSxHOwzBYWEzoxT06URudT7LdVc807hqnSAtR8TbBgh-oo1MGY1MmXi2K7oKSd3_SxylAoxrABIzirsqeAeAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfu3O8ZqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDpywHSCAkIiOGAEBABGB2ACgPICwHYEwvQFQGYFgGAFwGyFxoKGAgAEhRwdWItMjU5MDQ1MTI2NDA0Mjg0Mg&sigh=pltlF6opQCY&template_id=494
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/ Frame EA22 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/abg_lite_fy2019.js
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7438cd6d98fc8e372c9a87e319ab965229ce2ba37798db808c8408f791db86ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:06:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
355
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7622
x-xss-protection
0
server
cafe
etag
16178317465966918049
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 08 Aug 2021 03:06:46 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame EA22 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/window_focus_fy2019.js
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:03:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
572
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 08 Aug 2021 03:03:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EA22 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4409f886851d18b5071cc08d25845e0d959d51fd1e9eec92118d0f12a44e5eeb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:41 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1627039891503395"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38153
x-xss-protection
0
expires
Sun, 25 Jul 2021 03:12:41 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame EA22 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1b1a4081a8a32bc714fbb7a2509141683bc3eb707a421c0db556ed856f6d8e99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:07:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
286
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6195
x-xss-protection
0
server
cafe
etag
10716856519410487149
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 08 Aug 2021 03:07:55 GMT
l
www.google.com/ads/measurement/ Frame EA22 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTD8ksDFETf9IpVueKYbouS9dvvHdy0oK1JPYxCAXmNi92ffAjeUPMzK7HzwmPiuWJDiI8WTReqHG_IXqD2YG-rk5SscA
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
4661e2b537cafc373934756b83790a75.js
www.gstatic.com/mysidia/ Frame EA22 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/4661e2b537cafc373934756b83790a75.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d450db79b0f7039b6486a399d93ebe1efa7a81e0f7b1170931b8b3dddf4a31d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 02:23:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2929
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10780
x-xss-protection
0
last-modified
Tue, 20 Jul 2021 05:53:23 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sat, 23 Oct 2021 02:23:52 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame EA22 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcR8wUzJhI3sMth5Yz3hEYubDQXfcehCK-dpzEiPBBq6lLyz2JiT9KqzA0HXavE&usqp=CAI
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
511aa2500a4de011ff1c2f58ecd4102763f122446104b758d7d04fb1320ea866
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 02:09:47 GMT
x-content-type-options
nosniff
last-modified
Wed, 10 Mar 2021 19:53:36 GMT
server
sffe
age
435774
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25123
x-xss-protection
0
expires
Wed, 20 Jul 2022 02:09:47 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame EA22 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRKZJPlOvllWxDGiP-qZWna9ciM7uHN9bAlyUWufF0YtdZfa3nrF2JIrun9D5Y&usqp=CAI
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8b0680051b97518936ab7ce2471f3bf599f8706d53836806c8ee96002d5e8788
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 22:01:35 GMT
x-content-type-options
nosniff
last-modified
Sat, 24 Jul 2021 01:45:42 GMT
server
sffe
age
18666
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15435
x-xss-protection
0
expires
Sun, 24 Jul 2022 22:01:35 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame EA22 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTFDs7DgDlBY0Zb3nBp3JcMuvBvc0N270nEg15xeAO_tAfgdVQkGXU4ypT60pU&usqp=CAI
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9861a682443676e2d781076d5875aa031f618b8802a4c15aedbff1807b064e21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:09:23 GMT
x-content-type-options
nosniff
last-modified
Mon, 08 Jul 2019 12:48:29 GMT
server
sffe
age
198
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14539
x-xss-protection
0
expires
Mon, 25 Jul 2022 03:09:23 GMT
6589101311599443551
tpc.googlesyndication.com/simgad/ Frame EA22
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCn1pGUrQEQjgkYpAIyCMGzc6O6_O1y
  • https://tpc.googlesyndication.com/simgad/6589101311599443551
34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/6589101311599443551
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c478f60af5c54b33a0a755bf710ec6731feb1e605e348b9fb90c1b97072f91f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 05:31:46 GMT
x-content-type-options
nosniff
age
423655
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35110
x-xss-protection
0
last-modified
Mon, 25 Nov 2019 11:51:52 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 05:31:46 GMT

Redirect headers

timing-allow-origin
*
date
Sat, 24 Jul 2021 04:03:05 GMT
x-content-type-options
nosniff
server
cafe
age
83376
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/6589101311599443551
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 23 Aug 2021 04:03:05 GMT
truncated
/ Frame EA22 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ce98128d93751d0664a68fe128a34ac024d5f4fc21522a9f7527596b71cd24e6

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame EA22 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 16:30:42 GMT
x-content-type-options
nosniff
age
384119
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20900
x-xss-protection
0
last-modified
Mon, 19 Apr 2021 22:53:16 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 16:30:42 GMT
container.html
2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 689B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.mdzol.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.mdzol.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Sun, 25 Jul 2021 03:12:38 GMT
expires
Mon, 25 Jul 2022 03:12:38 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sixt_retargeting_970x250_orange_V2_de.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/962118667511754641/ Frame 945C 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/962118667511754641/sixt_retargeting_970x250_orange_V2_de.html
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1f5610a7fba0a600eb8351d2a283ac818c72b29ffff7c4cc2892c24aeb39645
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/962118667511754641/sixt_retargeting_970x250_orange_V2_de.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1813
date
Mon, 19 Jul 2021 19:58:15 GMT
expires
Tue, 19 Jul 2022 19:58:15 GMT
last-modified
Tue, 17 Sep 2019 14:43:14 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
age
458066
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ai.aspx
m.exactag.com/ Frame 689B 		43 B
888 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://m.exactag.com/ai.aspx?extProvId=5&extPu=sixt-gaw&extLi=1427470297&rnd=3829977244
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
85.14.248.71 Bottrop, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection
close
X-ET-Monitoring
1
Content-Length
43
Pragma
no-cache
X-ET-Code
11
Last-Modified
So, 25 Jul 2021 03:12:41 GMT
Server
Microsoft-IIS/8.5
Date
Sun, 25 Jul 2021 03:12:40 GMT
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
Cache-Control
private
Access-Control-Allow-Credentials
true
X-ET-Camp
1751
Access-Control-Allow-Headers
*
Expires
Mon, 26 Jul 1997 05:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 689B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CHvVWqdb8YMGeFoTH3gOQsYyABYWzit1jkprD2LMNjsz8uKQoEAEgiOimfWCVAqABhfnx-wPIAQmpAjXhxKEswLM-4AIAqAMByAMIqgT0AU_QHgU3oxgsTBMbVo2QxPfGrHUHtuEQenfkNRiKxrK3hXKgu6wNABUoD9Vj-YUInJ0P1SbPghEPFO3k55q_Y0_O1TVrPJOa2JOjfJG6TvyTTPPxXatIBLXqhJBsrp9YDCEv_iUm5sBdHWe0b_t0skA2_tp5qgsJxEfGT1y_HqOER5iFZLK_Ros1iS_I2mkVMU2fgIMNwfztG9LDYEwnddf-x8Cw8qFhyJQnH0lCIpsag7bKrAUKtt_gbQRRV3-NSmxuVxo_PdE5dv3q9yDCgZVWu8w_9hnYmMwwT3cqfrgfA3NgDeNBJSz0ELaA4Go1iNOYVy7ABKmSqeDJAeAEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAet5aEyqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEELOHAtIICQiI4YAQEAEYHYAKA8gLAdgTDNAVAYAXAbIXGgoYCAASFHB1Yi0yNTkwNDUxMjY0MDQyODQy&sigh=TiFsk7uW83U&template_id=419
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/ Frame 689B 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/abg_lite_fy2019.js
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7438cd6d98fc8e372c9a87e319ab965229ce2ba37798db808c8408f791db86ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:06:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
355
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7622
x-xss-protection
0
server
cafe
etag
16178317465966918049
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 08 Aug 2021 03:06:46 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame 689B 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/window_focus_fy2019.js
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:03:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
572
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 08 Aug 2021 03:03:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 689B 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4409f886851d18b5071cc08d25845e0d959d51fd1e9eec92118d0f12a44e5eeb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:41 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1627039891503395"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38153
x-xss-protection
0
expires
Sun, 25 Jul 2021 03:12:41 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame 689B 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1b1a4081a8a32bc714fbb7a2509141683bc3eb707a421c0db556ed856f6d8e99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:07:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
286
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6195
x-xss-protection
0
server
cafe
etag
10716856519410487149
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 08 Aug 2021 03:07:55 GMT
l
www.google.com/ads/measurement/ Frame 689B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ3VnzpQfOplcGjzsgmt5rNfPg0Mft0YIXXvhA7QCSx9iXwxvTy9ss3B4lRYGOvNQODs6OkmINbHvDadg9aKg2TL3SGaw
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ca
choices.trustarc.com/ Frame 8F57 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=t7d1m8n_gys06nz_w7thc0cp&w=728&h=90&c=tradedesk01cont1&js=pmw1&base=te-clr1-9a9fdc9f-c924-4534-a9da-04208666707c&sid=0
Requested by
Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=t7d1m8n_gys06nz_w7thc0cp&c=tradedesk01cont1&js=pmw0&w=728&h=90&sid=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-126.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
88c0b19cd331c3b314e8a019ff30133a78f78d38fda2d06d093b9af45a72862f

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Jul 2021 03:12:41 GMT
content-encoding
gzip
server
nginx
x-amz-cf-pop
DUS51-C1
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
via
1.1 9e627a2e7bf673974b02e3bf374bb843.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
2413
x-amz-cf-id
mVw3FBuP6k-9g59kdOYdCBZkl_OeZM4dMgil67X-eNVDs_KFAGVjdQ==
expires
Mon, 26 Jul 1997 05:00:00 GMT
ca
choices.trustarc.com/ Frame 8F57 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=t7d1m8n_gys06nz_w7thc0cp&w=728&h=90&c=tradedesk01cont1&js=pmw2
Requested by
Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=tradedesk01&aid=tradedesk01&cid=t7d1m8n_gys06nz_w7thc0cp&c=tradedesk01cont1&js=pmw0&w=728&h=90&sid=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-126.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Jul 2021 00:56:52 GMT
content-encoding
gzip
server
nginx
age
8149
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript;charset=UTF-8
via
1.1 9e627a2e7bf673974b02e3bf374bb843.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
UathZVocyqIgjRNglw6DaPoUefZrkh2My8u1e3raqUZoRDqxuRXMWA==
expires
Mon, 26 Jul 1997 05:00:00 GMT
cap
choices.trustarc.com/ Frame 8F57 		43 B
383 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/cap?aid=tradedesk01&pid=tradedesk01&cid=t7d1m8n_gys06nz_w7thc0cp&w=728&h=90&c=19aa
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-126.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Jul 2021 03:12:41 GMT
via
1.1 9e627a2e7bf673974b02e3bf374bb843.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
DUS51-C1
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
x-amz-cf-id
ZzFq-7ekM4JNtjTa0hiXha5XuvWsByacmQhwFswAoE-XbBBCvo7K1g==
expires
Mon, 26 Jul 1997 05:00:00 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame A788 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnqnZcAGeoGtBpWq0XsVP94pxJIArhAP9QIvHTYmWI8JvjZ5BMFPLhM2ymc69I; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sun, 25 Jul 2021 02:42:56 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1785
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 945C 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/962118667511754641/sixt_retargeting_970x250_orange_V2_de.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 19:35:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27411
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sun, 25 Jul 2021 19:35:50 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 945C 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/962118667511754641/sixt_retargeting_970x250_orange_V2_de.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 12:37:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
52508
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sun, 25 Jul 2021 12:37:33 GMT
createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 945C 		186 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/962118667511754641/sixt_retargeting_970x250_orange_V2_de.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49100
x-xss-protection
0
last-modified
Wed, 16 Mar 2016 13:51:35 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Jul 2021 03:12:41 GMT
sixt_retargeting_970x250_orange_V2_de.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/962118667511754641/ Frame 945C 		39 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/962118667511754641/sixt_retargeting_970x250_orange_V2_de.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/962118667511754641/sixt_retargeting_970x250_orange_V2_de.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
979f253373045cc0d8f959b907caf16c033fd5ae3f411a5a64f337c45c1194f5
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
423821
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9162
x-xss-protection
0
last-modified
Tue, 17 Sep 2019 14:43:14 GMT
server
sffe
date
Tue, 20 Jul 2021 05:29:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 05:29:00 GMT
truncated
/ Frame 689B 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9562db09aa32ff7b74c262aaffaeaad9ca3f9fcde39929ac952746d7ce30217e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
sixt_retargeting_970x250_orange_V2_de_atlas_.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/962118667511754641/images/ Frame 945C 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/962118667511754641/images/sixt_retargeting_970x250_orange_V2_de_atlas_.png
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3350463bb90e56d773a683fc42347b1540bc3f14fdc27ae371e742f27b1c763
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
386889
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22683
x-xss-protection
0
last-modified
Tue, 17 Sep 2019 14:43:14 GMT
server
sffe
date
Tue, 20 Jul 2021 15:44:32 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/content-ads-owners
expires
Wed, 20 Jul 2022 15:44:32 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame A788
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnqnZcAGeoGtBpWq0XsVP94pxJIArhAP9QIvHTYmWI8JvjZ5BMFPLhM2ymc69I; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 25 Jul 2021 03:12:41 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Sun, 25-Jul-2021 04:12:41 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 25 Jul 2021 03:12:41 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 25 Jul 2021 03:12:41 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
get
choices.trustarc.com/ Frame 8F57 		287 B
640 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-icon-tr.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-126.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Wed, 07 Jul 2021 03:25:02 GMT
via
1.1 9e627a2e7bf673974b02e3bf374bb843.cloudfront.net (CloudFront)
server
nginx
age
1554459
x-frame-options
ALLOWALL
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
DUS51-C1
content-length
287
x-amz-cf-id
d5WYA3JhGuArMpKiX322P82NR61nigA9kZK5-jNSGgbR3cfiV5Uqjg==
expires
Fri, 06 Aug 2021 03:25:02 GMT
container.html
2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0DFB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.mdzol.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.mdzol.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Sun, 25 Jul 2021 03:12:38 GMT
expires
Mon, 25 Jul 2022 03:12:38 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
get
choices.trustarc.com/ Frame 0FFD 		287 B
640 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-icon-tr.png
Requested by
Host: choices.trustarc.com
URL: https://choices.trustarc.com/ca?aid=tradedesk01&pid=tradedesk01&cid=t7d1m8n_gys06nz_w7thc0cp&w=728&h=90&c=tradedesk01cont1&js=pmw2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-126.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Wed, 07 Jul 2021 03:25:02 GMT
via
1.1 9e627a2e7bf673974b02e3bf374bb843.cloudfront.net (CloudFront)
server
nginx
age
1554460
x-frame-options
ALLOWALL
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
DUS51-C1
content-length
287
x-amz-cf-id
zjDJfuBxJKEDjSjLb3YtTZEgpGK-G00tchOt9cBybF2SDNa2JtAHeA==
expires
Fri, 06 Aug 2021 03:25:02 GMT
get
choices.trustarc.com/ Frame 0FFD 		739 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://choices.trustarc.com/get?name=admarker-full-tr.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.145.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-145-126.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e
Security Headers
Name Value
X-Frame-Options ALLOWALL

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Mon, 28 Jun 2021 00:11:48 GMT
via
1.1 9e627a2e7bf673974b02e3bf374bb843.cloudfront.net (CloudFront)
server
nginx
age
2343654
x-frame-options
ALLOWALL
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
DUS51-C1
content-length
739
x-amz-cf-id
oeH_ywfMFWs8yJhXn9OOj8aHdAPGstaZGuMZvi5_ntp-0Gy7YxQA6g==
expires
Wed, 28 Jul 2021 00:11:48 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame D019 		499 B
336 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CISOChD9gyMYx7yTcDAB&v=APEucNVrRZyBXsGiGl3LhKOtLN-xZ_urW9999FC0UHFPaiBnlp4YKVdcjH8ta_r5dQMka2633-rUgTV5dKsSlMBZUK2sgFyfTmjqeSIqka3gF0BRANNJhPpJfgH_3pFgQ-I4vTHL5lipQKPzHrZDwfHsZe98RGIfvE7JxhDd3WdViAHu_hK_iak
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CISOChD9gyMYx7yTcDAB&v=APEucNVrRZyBXsGiGl3LhKOtLN-xZ_urW9999FC0UHFPaiBnlp4YKVdcjH8ta_r5dQMka2633-rUgTV5dKsSlMBZUK2sgFyfTmjqeSIqka3gF0BRANNJhPpJfgH_3pFgQ-I4vTHL5lipQKPzHrZDwfHsZe98RGIfvE7JxhDd3WdViAHu_hK_iak
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnqnZcAGeoGtBpWq0XsVP94pxJIArhAP9QIvHTYmWI8JvjZ5BMFPLhM2ymc69I; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sun, 25 Jul 2021 03:12:42 GMT
server
cafe
cache-control
private
content-length
313
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 25 Jul 2021 03:12:42 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 0DFB 		66 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BWWMVqo4YwdNGUbd2DtALul7iUrp17r-g-Aco1u_n1ULgZxaqOxJXSzlmfa1uYobmgrdha7-XwEwrn-M5qrFFyfWiTfGe_iUkYVvUAoQPYb96qsZ0yjHk0bemuqo1gTgEZ43fbyaXG6oDJTRQ5b5gPDsqBQQ&dbm_d=AKAmf-A6uTZsu-B0sWW4XLWQAB_CrRVaBovuKiM79opCzsLwJESPFzzlyDephwUAIYwOGZApTihXskFBECROxBBU4oHxnqK_fYPzcaWhRVGxwVSJf2cTestqrZFT0xvPNMgQyuk4Ht-pc9ZMoSyYA72SPWRSNWRktjHetVwXPnecJeV1NcWbycB0ENNvIVaVYZKKjbTxPwE7CK0NHIVrQNJa4yQVHQTSKlnRg-ceL4rznbCKwbHPlFDLa88MUvbH4rlVCt3TOVhAIBKj5_OMan5vjE5fStECjlLg2DQj_gL6CnAK62A8Khtf_urA6wds33uCDF-sQv2e9gzGaGZ3y2EJ0utPMlhrzUfESux868i8UvWkjt0wqAkDL7x0orJ9bMt_F8LxE8a16qT8SoNja0CdNo0iM4oHMpPbfz8b_q55Sh972mcZ66_mNrAphSidx2l72qvX7k34WgxzUe1WACkGEfLE9ckmrWbtMw2SGp8rhoxSSUAvuf0wUsO9XzBmqSSkZFzYXlqcaL23cBTYm7z0tLGHWFjoTS4sr67IOq1ZJng1nX8h8loAggmIKiLYtP3MA-jmyQ-3s5h6ttOyzCzWWaT3vEmIixLgv9h50aGQAaHLpcjil3Y3xsCVHujlh6GyZ8CchYO6LlO7WZw0PLhfkDtBDUkduufQSiKFbJqg5Ct-4R7y_UiXouI9jBJLD8nl3d2EZp9BYM3B-CeHW1zVsr2jLwwxIOB-36BijGpVNQWWWvth_YdlkV85-u-bmGe7109JPahI4XcHoLMw4lwY1NAUh8hL1u2oqTomkByMtJ2PWJELiTAfSAckz_QyCtsmmCjgpg_HedsGc9peC4FVhRrpRG6stBWbToisUWdclOFG--Neopw18AFPzYhjfyoBIUu8lvdRGs0qsxOAGQPYXs63YGASKLU_nTqWHHp85CwBD3cbmgDJcH8ncLAQ1Da4utA_7d89NMvznxPYBQKPKj2z7CK5zq3UZHGllnNMGQxrD0NIU6IeL5dV7tVSGHMF6vYAak4tJMhuixohTbomZrvXzovsvRpvgvLEwJbO2oZg0VTWvMZ_wH5o6VoDVJXAfyCinVYNXpTTSR70OLmGQ5CdLQWgX0GU4Ha_rGw_Rj1ZK3bZK-c-ManFBzeezPfX-g1JQJCh56anjaHFwXHd0iOxCJIK1f5YkIZgHgbNhk5iR4qnD1cMm5OCgO5k0-DHYW85_IyRQG8C6Iyk6axgJwgJhf4Gj8u0D0JnLBHcE1oNy8DIN6hY_xhvP4b6V0kuHjOf3HldgnRZYu2T426BT7u4NzON0cRZObWmzheABJNiBd2EtsQEH1AXGD6I_O336iuswYR4pu3ByPp-qTLnHmulXZMVA1N6vNrTK6H8JrGYWvq2qpDOluGwZTfMAYlq8Pb8trg_tkIItB-rQ78YmiHupyNRm4K-rb2DmqJ8hpORtQv5_fUCwgOWF1JuT9ThaqI-Npi-TPfi5RwchUPx9ToLRpZQdt9iwRruTPH8oVTrvg9HHbfLee4pucTJ6vwgB8ksEe65GjPAinjT2VAANnK7cYR_7QwoOwyzclE5ZQ4YTHh1lvSKC2v0AmWP9vuqVPryzO9HYHDn2pQbgrjF_ZVFrVugPRj2ZBCzEBZw7W3ZSh9wcI2bPtpLFLyl_HrSBpNaZNeJdpXX4ZF9lTu_wBPmDq10lYmBrNIOoQqRNjrMf4zGqBPLWnmPyqIVadYn-4Dgg7UurSPp7SUoBh0tPmW6BtAN2_0bzRhqX1HLeXcjgs--Wsml5HUm9pF2oG9JUBty4YInBv_OTcjEfzCClQ0YSiu3_dKfaucqxwhKe1HYAz0He3E4Yh0krEdmQLfB4h7mrDbciVG1RiGdnK2xxl2E12zOOd-hjKaOqJ2ol4wrUuaX7xdKvRr2NJvTYXIchGgfFqyoDoZBqCRpefXaJEEJjhyQqXNIc_iqWc6asCWyuvKArGF8wDryiE7QTzFRAqkYg0YSOetiaaeVnv9_6Pk_DtAXnzqlafMAO0Z415f-nSCse0lFy9G1XBcx7SsjutkCMzx6MrbC2CVJnMHAwWM5gquVCKPDfiWzffkCXxwZIZqoGn5SOeRqZhLOg0rYeQGqH8h3r2d6Z5vPjE2yZ3_avCnNBJ2HvsviYlPAICv0PkkDl9dLBgeH1Q4L6RhIz4vjxUjsNMvq3Zja_WEyoUGr9a9IOmxGbiIPKr9GTDiqZp4MWiAaQaFetU5W75ztsvEyL09FLr5Him0t48IXqo0XMrK1UhPNvHgGU_MO06JMlI8-wGmWY1F7QydSxSXAs2PQKxbqJvI54BPC4Qi8Qjhag1zJxvK4P11c6dWG7GmzalZpL1HCg7ipu8O7bvi3KguN6T4MfqfS387Ikf0RGN0-aMmkyZUkFCEPXac5bT9tv8ED-k_4FN9xlBoHYlXgwIxYHFxmZOSTeido8HJ8MRLl06g7U3eVZ4i1OJlEpmj40QM2rECadIYhrQH3EqnhzQR8C2K2LAraZaIh8yrlzWKrNPzZ81K9-cIaJ58lv2-B-Ho3mX8FJLFOAI8l360lU0io7SmeYVC4q2rRCt39dmw4fzW5RUTz0H9CH8cy19gYEJ5I8palH51clReB46a9v5Tj48C7fr89UESOe62TpHv3e_R_m6MVAZJZhR_1RGl0ih5M5DXYJLqWKNvKrsOT9NIqwSToYXuHM6urgWNCR2znJ6SSiWM6SdJjmAPUrw0Pkc_F4LVc4OSpUsxLGjHFBf6x9urrCJ1_SqH-Bnni6y7MBk1KKKloB6zBzkMAlEg-hUBUCgLSI2ZKRYgUUU3t32Ah6R8sabTxwdkzZWzsqjRURYTQIGrnTcg5_TNKPSJewFHk3cuxHWi6ZhVAut0d1H9B1RZcXH65h84h73qQbddLfnn57RcsvkqobGhyzK3YqQgofWBCxZsf1jX5_TvCjF0EwKExqvm5hsUduIn4JEdTso8OW9Hfdo3DhgRV16LCHjAtkbMFWrUpvcHIXSKkrwB08oetwUO_Is_P4iOU48EYgFvIMpUyRiDmKuZ6ssRGO_UMAnkWPRVpabskXEFwoxaENUuKjYG8nZnUJek3oJyzmMInE6ciAGHGuTMaqLRHSEk8lBm_nBsNsiVsQP6p__jMaUgq&cid=CAASFeRo29qwDSmPrPW_QISBb2LTPgrlMg&rfl=1%2Chttps%253A%252F%252Fwww.mdzol.com%252F%240
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5395eb769fbabeadbde9eaa1c29dc8d5912ada4a771d8cfe7313d7fe3e37ef25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Jul 2021 03:12:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26057
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0DFB 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D17sYQYAVBvR_2qpopOgFLNGCDxWd7iYjwQ2DIpigKjr4aoW2DQLpjb_oNhbVYUyXy35qXdOFqAQDvePMoI7VJDAjen5rsOOEPWq1oG6iVSJZ-pcs
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Jul 2021 03:12:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame 0DFB 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/window_focus_fy2019.js
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:03:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
573
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 08 Aug 2021 03:03:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0DFB 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4409f886851d18b5071cc08d25845e0d959d51fd1e9eec92118d0f12a44e5eeb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:42 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1627039891503395"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38153
x-xss-protection
0
expires
Sun, 25 Jul 2021 03:12:42 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame 0DFB 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1b1a4081a8a32bc714fbb7a2509141683bc3eb707a421c0db556ed856f6d8e99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:07:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
287
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6195
x-xss-protection
0
server
cafe
etag
10716856519410487149
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 08 Aug 2021 03:07:55 GMT
l
www.google.com/ads/measurement/ Frame 0DFB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRIVD18BUs6cf8AIuwdX29n5Ra2Mf5ufj3m8Rqr46sfB1xYZ2rsT1sa_QSefATikyhIgNcfGzSLuQ1AArlucZTgnBQP0A
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
partner
sync.search.spotxchange.com/ Frame D019
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEBSOnEfrkS3vitPDYjwqj-4&google_cver=1
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEBSOnEfrkS3vitPDYjwqj-4&google_cver=1&__user_check__=1&sync_id=2cc43b3a-ecf6-11eb-8660-129210fe0306
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEBSOnEfrkS3vitPDYjwqj-4&google_cver=1&__user_check__=1&sync_id=2cc43b3a-ecf6-11eb-8660-129210fe0306
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CISOChD9gyMYx7yTcDAB&v=APEucNVrRZyBXsGiGl3LhKOtLN-xZ_urW9999FC0UHFPaiBnlp4YKVdcjH8ta_r5dQMka2633-rUgTV5dKsSlMBZUK2sgFyfTmjqeSIqka3gF0BRANNJhPpJfgH_3pFgQ-I4vTHL5lipQKPzHrZDwfHsZe98RGIfvE7JxhDd3WdViAHu_hK_iak
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.94.180.125 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 03:12:42 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
21
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Sun, 25 Jul 2021 03:12:42 GMT
Server
nginx
Location
/partner?adv_id=7025&uid=CAESEBSOnEfrkS3vitPDYjwqj-4&google_cver=1&__user_check__=1&sync_id=2cc43b3a-ecf6-11eb-8660-129210fe0306
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
98
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame D019
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MmNjMzAxOGItZWNmNi0xMWViLTgxMGEtMWE3Y2I5ZTMwMTA2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MmNjMzAxOGItZWNmNi0xMWViLTgxMGEtMWE3Y2I5ZTMwMTA2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CISOChD9gyMYx7yTcDAB&v=APEucNVrRZyBXsGiGl3LhKOtLN-xZ_urW9999FC0UHFPaiBnlp4YKVdcjH8ta_r5dQMka2633-rUgTV5dKsSlMBZUK2sgFyfTmjqeSIqka3gF0BRANNJhPpJfgH_3pFgQ-I4vTHL5lipQKPzHrZDwfHsZe98RGIfvE7JxhDd3WdViAHu_hK_iak
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Jul 2021 03:12:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 25 Jul 2021 03:12:42 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MmNjMzAxOGItZWNmNi0xMWViLTgxMGEtMWE3Y2I5ZTMwMTA2
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
63
Connection
keep-alive
Content-Length
0
v1
ads.yahoo.com/cms/ Frame D019 		0
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?esig=1~b04e41039133c73fafd60e0ed8cb49a70ecfb061&nwid=10000483131&sigv=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CISOChD9gyMYx7yTcDAB&v=APEucNVrRZyBXsGiGl3LhKOtLN-xZ_urW9999FC0UHFPaiBnlp4YKVdcjH8ta_r5dQMka2633-rUgTV5dKsSlMBZUK2sgFyfTmjqeSIqka3gF0BRANNJhPpJfgH_3pFgQ-I4vTHL5lipQKPzHrZDwfHsZe98RGIfvE7JxhDd3WdViAHu_hK_iak
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:42 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block
html_inpage_rendering_lib_200_271.js
s0.2mdn.net/879366/ Frame 0DFB 		176 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2f126a8957c32db99e94d1bf7c9ed09fcd38ba99bd632ebd048f01f9c5f9c9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 09:39:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63179
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62241
x-xss-protection
0
last-modified
Wed, 14 Oct 2020 18:02:47 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Jul 2021 09:39:43 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210720/r20110914/elements/html/ Frame 0DFB 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210720/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BWWMVqo4YwdNGUbd2DtALul7iUrp17r-g-Aco1u_n1ULgZxaqOxJXSzlmfa1uYobmgrdha7-XwEwrn-M5qrFFyfWiTfGe_iUkYVvUAoQPYb96qsZ0yjHk0bemuqo1gTgEZ43fbyaXG6oDJTRQ5b5gPDsqBQQ&dbm_d=AKAmf-A6uTZsu-B0sWW4XLWQAB_CrRVaBovuKiM79opCzsLwJESPFzzlyDephwUAIYwOGZApTihXskFBECROxBBU4oHxnqK_fYPzcaWhRVGxwVSJf2cTestqrZFT0xvPNMgQyuk4Ht-pc9ZMoSyYA72SPWRSNWRktjHetVwXPnecJeV1NcWbycB0ENNvIVaVYZKKjbTxPwE7CK0NHIVrQNJa4yQVHQTSKlnRg-ceL4rznbCKwbHPlFDLa88MUvbH4rlVCt3TOVhAIBKj5_OMan5vjE5fStECjlLg2DQj_gL6CnAK62A8Khtf_urA6wds33uCDF-sQv2e9gzGaGZ3y2EJ0utPMlhrzUfESux868i8UvWkjt0wqAkDL7x0orJ9bMt_F8LxE8a16qT8SoNja0CdNo0iM4oHMpPbfz8b_q55Sh972mcZ66_mNrAphSidx2l72qvX7k34WgxzUe1WACkGEfLE9ckmrWbtMw2SGp8rhoxSSUAvuf0wUsO9XzBmqSSkZFzYXlqcaL23cBTYm7z0tLGHWFjoTS4sr67IOq1ZJng1nX8h8loAggmIKiLYtP3MA-jmyQ-3s5h6ttOyzCzWWaT3vEmIixLgv9h50aGQAaHLpcjil3Y3xsCVHujlh6GyZ8CchYO6LlO7WZw0PLhfkDtBDUkduufQSiKFbJqg5Ct-4R7y_UiXouI9jBJLD8nl3d2EZp9BYM3B-CeHW1zVsr2jLwwxIOB-36BijGpVNQWWWvth_YdlkV85-u-bmGe7109JPahI4XcHoLMw4lwY1NAUh8hL1u2oqTomkByMtJ2PWJELiTAfSAckz_QyCtsmmCjgpg_HedsGc9peC4FVhRrpRG6stBWbToisUWdclOFG--Neopw18AFPzYhjfyoBIUu8lvdRGs0qsxOAGQPYXs63YGASKLU_nTqWHHp85CwBD3cbmgDJcH8ncLAQ1Da4utA_7d89NMvznxPYBQKPKj2z7CK5zq3UZHGllnNMGQxrD0NIU6IeL5dV7tVSGHMF6vYAak4tJMhuixohTbomZrvXzovsvRpvgvLEwJbO2oZg0VTWvMZ_wH5o6VoDVJXAfyCinVYNXpTTSR70OLmGQ5CdLQWgX0GU4Ha_rGw_Rj1ZK3bZK-c-ManFBzeezPfX-g1JQJCh56anjaHFwXHd0iOxCJIK1f5YkIZgHgbNhk5iR4qnD1cMm5OCgO5k0-DHYW85_IyRQG8C6Iyk6axgJwgJhf4Gj8u0D0JnLBHcE1oNy8DIN6hY_xhvP4b6V0kuHjOf3HldgnRZYu2T426BT7u4NzON0cRZObWmzheABJNiBd2EtsQEH1AXGD6I_O336iuswYR4pu3ByPp-qTLnHmulXZMVA1N6vNrTK6H8JrGYWvq2qpDOluGwZTfMAYlq8Pb8trg_tkIItB-rQ78YmiHupyNRm4K-rb2DmqJ8hpORtQv5_fUCwgOWF1JuT9ThaqI-Npi-TPfi5RwchUPx9ToLRpZQdt9iwRruTPH8oVTrvg9HHbfLee4pucTJ6vwgB8ksEe65GjPAinjT2VAANnK7cYR_7QwoOwyzclE5ZQ4YTHh1lvSKC2v0AmWP9vuqVPryzO9HYHDn2pQbgrjF_ZVFrVugPRj2ZBCzEBZw7W3ZSh9wcI2bPtpLFLyl_HrSBpNaZNeJdpXX4ZF9lTu_wBPmDq10lYmBrNIOoQqRNjrMf4zGqBPLWnmPyqIVadYn-4Dgg7UurSPp7SUoBh0tPmW6BtAN2_0bzRhqX1HLeXcjgs--Wsml5HUm9pF2oG9JUBty4YInBv_OTcjEfzCClQ0YSiu3_dKfaucqxwhKe1HYAz0He3E4Yh0krEdmQLfB4h7mrDbciVG1RiGdnK2xxl2E12zOOd-hjKaOqJ2ol4wrUuaX7xdKvRr2NJvTYXIchGgfFqyoDoZBqCRpefXaJEEJjhyQqXNIc_iqWc6asCWyuvKArGF8wDryiE7QTzFRAqkYg0YSOetiaaeVnv9_6Pk_DtAXnzqlafMAO0Z415f-nSCse0lFy9G1XBcx7SsjutkCMzx6MrbC2CVJnMHAwWM5gquVCKPDfiWzffkCXxwZIZqoGn5SOeRqZhLOg0rYeQGqH8h3r2d6Z5vPjE2yZ3_avCnNBJ2HvsviYlPAICv0PkkDl9dLBgeH1Q4L6RhIz4vjxUjsNMvq3Zja_WEyoUGr9a9IOmxGbiIPKr9GTDiqZp4MWiAaQaFetU5W75ztsvEyL09FLr5Him0t48IXqo0XMrK1UhPNvHgGU_MO06JMlI8-wGmWY1F7QydSxSXAs2PQKxbqJvI54BPC4Qi8Qjhag1zJxvK4P11c6dWG7GmzalZpL1HCg7ipu8O7bvi3KguN6T4MfqfS387Ikf0RGN0-aMmkyZUkFCEPXac5bT9tv8ED-k_4FN9xlBoHYlXgwIxYHFxmZOSTeido8HJ8MRLl06g7U3eVZ4i1OJlEpmj40QM2rECadIYhrQH3EqnhzQR8C2K2LAraZaIh8yrlzWKrNPzZ81K9-cIaJ58lv2-B-Ho3mX8FJLFOAI8l360lU0io7SmeYVC4q2rRCt39dmw4fzW5RUTz0H9CH8cy19gYEJ5I8palH51clReB46a9v5Tj48C7fr89UESOe62TpHv3e_R_m6MVAZJZhR_1RGl0ih5M5DXYJLqWKNvKrsOT9NIqwSToYXuHM6urgWNCR2znJ6SSiWM6SdJjmAPUrw0Pkc_F4LVc4OSpUsxLGjHFBf6x9urrCJ1_SqH-Bnni6y7MBk1KKKloB6zBzkMAlEg-hUBUCgLSI2ZKRYgUUU3t32Ah6R8sabTxwdkzZWzsqjRURYTQIGrnTcg5_TNKPSJewFHk3cuxHWi6ZhVAut0d1H9B1RZcXH65h84h73qQbddLfnn57RcsvkqobGhyzK3YqQgofWBCxZsf1jX5_TvCjF0EwKExqvm5hsUduIn4JEdTso8OW9Hfdo3DhgRV16LCHjAtkbMFWrUpvcHIXSKkrwB08oetwUO_Is_P4iOU48EYgFvIMpUyRiDmKuZ6ssRGO_UMAnkWPRVpabskXEFwoxaENUuKjYG8nZnUJek3oJyzmMInE6ciAGHGuTMaqLRHSEk8lBm_nBsNsiVsQP6p__jMaUgq&cid=CAASFeRo29qwDSmPrPW_QISBb2LTPgrlMg&rfl=1%2Chttps%253A%252F%252Fwww.mdzol.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:05:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
450
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 08 Aug 2021 03:05:12 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210720/r20110914/ Frame 0DFB 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210720/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BWWMVqo4YwdNGUbd2DtALul7iUrp17r-g-Aco1u_n1ULgZxaqOxJXSzlmfa1uYobmgrdha7-XwEwrn-M5qrFFyfWiTfGe_iUkYVvUAoQPYb96qsZ0yjHk0bemuqo1gTgEZ43fbyaXG6oDJTRQ5b5gPDsqBQQ&dbm_d=AKAmf-A6uTZsu-B0sWW4XLWQAB_CrRVaBovuKiM79opCzsLwJESPFzzlyDephwUAIYwOGZApTihXskFBECROxBBU4oHxnqK_fYPzcaWhRVGxwVSJf2cTestqrZFT0xvPNMgQyuk4Ht-pc9ZMoSyYA72SPWRSNWRktjHetVwXPnecJeV1NcWbycB0ENNvIVaVYZKKjbTxPwE7CK0NHIVrQNJa4yQVHQTSKlnRg-ceL4rznbCKwbHPlFDLa88MUvbH4rlVCt3TOVhAIBKj5_OMan5vjE5fStECjlLg2DQj_gL6CnAK62A8Khtf_urA6wds33uCDF-sQv2e9gzGaGZ3y2EJ0utPMlhrzUfESux868i8UvWkjt0wqAkDL7x0orJ9bMt_F8LxE8a16qT8SoNja0CdNo0iM4oHMpPbfz8b_q55Sh972mcZ66_mNrAphSidx2l72qvX7k34WgxzUe1WACkGEfLE9ckmrWbtMw2SGp8rhoxSSUAvuf0wUsO9XzBmqSSkZFzYXlqcaL23cBTYm7z0tLGHWFjoTS4sr67IOq1ZJng1nX8h8loAggmIKiLYtP3MA-jmyQ-3s5h6ttOyzCzWWaT3vEmIixLgv9h50aGQAaHLpcjil3Y3xsCVHujlh6GyZ8CchYO6LlO7WZw0PLhfkDtBDUkduufQSiKFbJqg5Ct-4R7y_UiXouI9jBJLD8nl3d2EZp9BYM3B-CeHW1zVsr2jLwwxIOB-36BijGpVNQWWWvth_YdlkV85-u-bmGe7109JPahI4XcHoLMw4lwY1NAUh8hL1u2oqTomkByMtJ2PWJELiTAfSAckz_QyCtsmmCjgpg_HedsGc9peC4FVhRrpRG6stBWbToisUWdclOFG--Neopw18AFPzYhjfyoBIUu8lvdRGs0qsxOAGQPYXs63YGASKLU_nTqWHHp85CwBD3cbmgDJcH8ncLAQ1Da4utA_7d89NMvznxPYBQKPKj2z7CK5zq3UZHGllnNMGQxrD0NIU6IeL5dV7tVSGHMF6vYAak4tJMhuixohTbomZrvXzovsvRpvgvLEwJbO2oZg0VTWvMZ_wH5o6VoDVJXAfyCinVYNXpTTSR70OLmGQ5CdLQWgX0GU4Ha_rGw_Rj1ZK3bZK-c-ManFBzeezPfX-g1JQJCh56anjaHFwXHd0iOxCJIK1f5YkIZgHgbNhk5iR4qnD1cMm5OCgO5k0-DHYW85_IyRQG8C6Iyk6axgJwgJhf4Gj8u0D0JnLBHcE1oNy8DIN6hY_xhvP4b6V0kuHjOf3HldgnRZYu2T426BT7u4NzON0cRZObWmzheABJNiBd2EtsQEH1AXGD6I_O336iuswYR4pu3ByPp-qTLnHmulXZMVA1N6vNrTK6H8JrGYWvq2qpDOluGwZTfMAYlq8Pb8trg_tkIItB-rQ78YmiHupyNRm4K-rb2DmqJ8hpORtQv5_fUCwgOWF1JuT9ThaqI-Npi-TPfi5RwchUPx9ToLRpZQdt9iwRruTPH8oVTrvg9HHbfLee4pucTJ6vwgB8ksEe65GjPAinjT2VAANnK7cYR_7QwoOwyzclE5ZQ4YTHh1lvSKC2v0AmWP9vuqVPryzO9HYHDn2pQbgrjF_ZVFrVugPRj2ZBCzEBZw7W3ZSh9wcI2bPtpLFLyl_HrSBpNaZNeJdpXX4ZF9lTu_wBPmDq10lYmBrNIOoQqRNjrMf4zGqBPLWnmPyqIVadYn-4Dgg7UurSPp7SUoBh0tPmW6BtAN2_0bzRhqX1HLeXcjgs--Wsml5HUm9pF2oG9JUBty4YInBv_OTcjEfzCClQ0YSiu3_dKfaucqxwhKe1HYAz0He3E4Yh0krEdmQLfB4h7mrDbciVG1RiGdnK2xxl2E12zOOd-hjKaOqJ2ol4wrUuaX7xdKvRr2NJvTYXIchGgfFqyoDoZBqCRpefXaJEEJjhyQqXNIc_iqWc6asCWyuvKArGF8wDryiE7QTzFRAqkYg0YSOetiaaeVnv9_6Pk_DtAXnzqlafMAO0Z415f-nSCse0lFy9G1XBcx7SsjutkCMzx6MrbC2CVJnMHAwWM5gquVCKPDfiWzffkCXxwZIZqoGn5SOeRqZhLOg0rYeQGqH8h3r2d6Z5vPjE2yZ3_avCnNBJ2HvsviYlPAICv0PkkDl9dLBgeH1Q4L6RhIz4vjxUjsNMvq3Zja_WEyoUGr9a9IOmxGbiIPKr9GTDiqZp4MWiAaQaFetU5W75ztsvEyL09FLr5Him0t48IXqo0XMrK1UhPNvHgGU_MO06JMlI8-wGmWY1F7QydSxSXAs2PQKxbqJvI54BPC4Qi8Qjhag1zJxvK4P11c6dWG7GmzalZpL1HCg7ipu8O7bvi3KguN6T4MfqfS387Ikf0RGN0-aMmkyZUkFCEPXac5bT9tv8ED-k_4FN9xlBoHYlXgwIxYHFxmZOSTeido8HJ8MRLl06g7U3eVZ4i1OJlEpmj40QM2rECadIYhrQH3EqnhzQR8C2K2LAraZaIh8yrlzWKrNPzZ81K9-cIaJ58lv2-B-Ho3mX8FJLFOAI8l360lU0io7SmeYVC4q2rRCt39dmw4fzW5RUTz0H9CH8cy19gYEJ5I8palH51clReB46a9v5Tj48C7fr89UESOe62TpHv3e_R_m6MVAZJZhR_1RGl0ih5M5DXYJLqWKNvKrsOT9NIqwSToYXuHM6urgWNCR2znJ6SSiWM6SdJjmAPUrw0Pkc_F4LVc4OSpUsxLGjHFBf6x9urrCJ1_SqH-Bnni6y7MBk1KKKloB6zBzkMAlEg-hUBUCgLSI2ZKRYgUUU3t32Ah6R8sabTxwdkzZWzsqjRURYTQIGrnTcg5_TNKPSJewFHk3cuxHWi6ZhVAut0d1H9B1RZcXH65h84h73qQbddLfnn57RcsvkqobGhyzK3YqQgofWBCxZsf1jX5_TvCjF0EwKExqvm5hsUduIn4JEdTso8OW9Hfdo3DhgRV16LCHjAtkbMFWrUpvcHIXSKkrwB08oetwUO_Is_P4iOU48EYgFvIMpUyRiDmKuZ6ssRGO_UMAnkWPRVpabskXEFwoxaENUuKjYG8nZnUJek3oJyzmMInE6ciAGHGuTMaqLRHSEk8lBm_nBsNsiVsQP6p__jMaUgq&cid=CAASFeRo29qwDSmPrPW_QISBb2LTPgrlMg&rfl=1%2Chttps%253A%252F%252Fwww.mdzol.com%252F%240
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1130c26caface5cfa7b2d0cdbbb70cdb3004c582e74969d580216f65596c47c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:01:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
688
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9349
x-xss-protection
0
server
cafe
etag
11779355884012761328
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 08 Aug 2021 03:01:14 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 0DFB 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 02:34:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2277
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 25 Jul 2022 02:34:45 GMT
truncated
/ Frame 0DFB 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb8f4cf2fb0edbc29d120b1d8b8edea3a03703fdbb1485ad94fb6b0063d67044

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame C35A 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Sun, 25 Jul 2021 02:31:14 GMT
expires
Mon, 25 Jul 2022 02:31:14 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
2488
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
index.html
s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/ Frame 8116 		37 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/index.html?e=69&leftOffset=0&topOffset=0&c=LwDo9otTol&t=1&renderingType=2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
76786efa923a5bcbb68d5195e2d643d75000c61230fc813f6c67c60cc7756b18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
s0.2mdn.net
:scheme
https
:path
/ads/richmedia/studio/pv2/61473925/20200609012806235/index.html?e=69&leftOffset=0&topOffset=0&c=LwDo9otTol&t=1&renderingType=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
5106
date
Sun, 25 Jul 2021 03:12:42 GMT
expires
Mon, 26 Jul 2021 03:12:42 GMT
cache-control
public, max-age=86400
last-modified
Tue, 09 Jun 2020 08:28:06 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
googleads4.g.doubleclick.net/pcs/ Frame 0DFB 		0
592 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstlqc9SbJmAajK7a3QYzmLILVabEW-jN8nRxShEoBo8cDsVr6ShVFp_UyTFWxJo4UQOKBDFjMtUS4Gq5SbLRsqIzAzCSqBjrGUDtQC7lS_7A5ys_Bio4KVPMA_w3e0GBCn9KzWWXM7bhEV9bOcC7uJhYyxWgqMCHIcO1LzPtynB9J48Ujjqq1omSHHdruUP8JfQf7NcfLa7SHUHJvyat0h4h5VuyHnN92AGQR1HJwSDl6zGXAExKulIlRdNUTDq3p-FrqJEFNSKbniO0D0oR0dFqsw7GHCxTfsY-9GIHmk2H9au9p4tWH75gHln0OZwdvBbiQkmSZry21BTg_RpvLgtZ9mLQoD3TSFlCRSsyPR6zGYCHKkhudjjG31KsaGLVACxkjX7vV0kKq-YLkZ77PTggi07mawIUhZ2NoDyJf5lb-H8sxmaWS8U530wXeKFlUc99hSI5YtrJazB9fJWcc55i-8N6ok4ojJJcI85p_OF_shgqtsfIiagOkyessv2q2H1o_Im7LyxwxbeROSW0uW-Z1qhWRJH6qqSN4_IuawZ_NDuD3FpqJgQ8fkjQ1T82PKcYSPFT1hEo8z3bIFTSB40XULfxFVxPGozcrgAOtD2djU2fz5xTAiioLV5Jfj_eoujNGk6Nv752lmysb9fF4-1OXz-NIWB_2Y1-Uh6R79aDm6ZMKYswszYauF87C-_QIeDs7BAPpg0qM2pXqWlYxaV7FnDQcTsEOPjI1NtHUzw76RE46H1jI88n1R72jqwUjrqgLsyhhHuRp9dvoM5rkc1dwRtT-tdq6TwdEGYbN53y9OrVWd-IVUwl6OMofAUaJ3zJqV5u2TuahSyVI-KHD7RD_w02oZEra2DihKjv0MYg9p3A8AcZ9tfh_eoFOntp3dsseMIype9vGYHNPUsE-PIV-WeSNfXKLoUVKBKcqg6fy2blrgFPq41-XIEPI5DKB6ml0BaZ0DpNL94f02Rq7Z8tYDMyoHJ9tX-xOFx81C8d4HAG0NsJ4R6aHKi6rnuamA5ciaan-FFlMJHKlwoK6xf2kcxWwOqhxLpnBeWd6qngRuoNkJfJsyQVd3HyxEcBfmO9eIt8HzKeGM9SoXF6Pg7kRjlpH-3cOZXN9Sd1m8sK6zuWyJsJ4Plb1vDMzhHURmAbyodZ-O8nyQkqAwBY-h2blK_QiWgZUCA&sai=AMfl-YTfqwXCUIj7Cw6LzU4wUWP33IxLIQSgnPjq54N-mKEtZMHsVzWHL2wsN7-LNBp6uWr2pIqcKFiwRB2_p6Umqwg0zkvPzadOO4dJwGTSfxcoX2T0Dylm9UQzygHyF__zkBqe2Y8TF_FBikwK0xI4cQMMyd5PhF9yaApE-Bs&sig=Cg0ArKJSzM-7lyNeAwEkEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=60&cbvp=1&cstd=55&cisv=r20210720.90458&adurl=
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Sun, 25 Jul 2021 03:12:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
rC_9MNdzujh4BoSBgapm_dys7sQE8JDGlsbaQBHCCWU.js
pagead2.googlesyndication.com/bg/ Frame C35A 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/rC_9MNdzujh4BoSBgapm_dys7sQE8JDGlsbaQBHCCWU.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac2ffd30d773ba387806848181aa66fddcaceec404f090c696c6da4011c20965
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 00:12:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
10789
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13334
x-xss-protection
0
last-modified
Wed, 14 Jul 2021 07:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 25 Jul 2022 00:12:53 GMT
gwdpage_style.css
s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/ Frame 8116 		55 B
78 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/gwdpage_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/index.html?e=69&leftOffset=0&topOffset=0&c=LwDo9otTol&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/index.html?e=69&leftOffset=0&topOffset=0&c=LwDo9otTol&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 00:30:45 GMT
x-content-type-options
nosniff
last-modified
Tue, 09 Jun 2020 08:28:06 GMT
server
sffe
age
9717
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55
x-xss-protection
0
expires
Mon, 26 Jul 2021 00:30:45 GMT
gwdpagedeck_style.css
s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/ Frame 8116 		731 B
260 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/gwdpagedeck_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/index.html?e=69&leftOffset=0&topOffset=0&c=LwDo9otTol&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/index.html?e=69&leftOffset=0&topOffset=0&c=LwDo9otTol&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 03:25:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85643
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
234
x-xss-protection
0
last-modified
Tue, 09 Jun 2020 08:28:06 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Jul 2021 03:25:19 GMT
gwdgooglead_style.css
s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/ Frame 8116 		24 B
47 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/gwdgooglead_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/index.html?e=69&leftOffset=0&topOffset=0&c=LwDo9otTol&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/index.html?e=69&leftOffset=0&topOffset=0&c=LwDo9otTol&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 01:14:08 GMT
x-content-type-options
nosniff
last-modified
Tue, 09 Jun 2020 08:28:06 GMT
server
sffe
age
7114
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24
x-xss-protection
0
expires
Mon, 26 Jul 2021 01:14:08 GMT
gwdimage_style.css
s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/ Frame 8116 		281 B
184 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/gwdimage_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/index.html?e=69&leftOffset=0&topOffset=0&c=LwDo9otTol&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/index.html?e=69&leftOffset=0&topOffset=0&c=LwDo9otTol&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 11:21:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
57056
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
158
x-xss-protection
0
last-modified
Tue, 09 Jun 2020 08:28:06 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Jul 2021 11:21:46 GMT
gwdtaparea_style.css
s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/ Frame 8116 		157 B
141 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/gwdtaparea_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/index.html?e=69&leftOffset=0&topOffset=0&c=LwDo9otTol&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/index.html?e=69&leftOffset=0&topOffset=0&c=LwDo9otTol&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 22:29:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
16985
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
115
x-xss-protection
0
last-modified
Tue, 09 Jun 2020 08:28:06 GMT
server
sffe
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Jul 2021 22:29:37 GMT
gwdattached_style.css
s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/ Frame 8116 		26 B
49 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/gwdattached_style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/index.html?e=69&leftOffset=0&topOffset=0&c=LwDo9otTol&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fffa14e9a3c576087a9202af54e8f11669f29c37617df0c6f728ca24d95f60bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/index.html?e=69&leftOffset=0&topOffset=0&c=LwDo9otTol&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 22:29:37 GMT
x-content-type-options
nosniff
last-modified
Tue, 09 Jun 2020 08:28:06 GMT
server
sffe
age
16985
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26
x-xss-protection
0
expires
Sun, 25 Jul 2021 22:29:37 GMT
css
fonts.googleapis.com/ Frame 8116 		3 KB
660 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Playfair+Display:600|Open+Sans:regular
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/index.html?e=69&leftOffset=0&topOffset=0&c=LwDo9otTol&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b886b0a2bca92fa6ddfa23737735e087bb5a0f49299a90ece18b1a2d199bfba2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 25 Jul 2021 01:18:18 GMT
server
ESF
date
Sun, 25 Jul 2021 03:12:42 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 25 Jul 2021 03:12:42 GMT
googbase_min.js
s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/ Frame 8116 		247 B
222 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/googbase_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/index.html?e=69&leftOffset=0&topOffset=0&c=LwDo9otTol&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
503621190c75700c18c84fd3ec0977bf31b083d66e331d1009bb9cd17cdb85da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/index.html?e=69&leftOffset=0&topOffset=0&c=LwDo9otTol&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 00:42:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9010
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
196
x-xss-protection
0
last-modified
Tue, 09 Jun 2020 08:28:06 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 26 Jul 2021 00:42:32 GMT
gwd_webcomponents_v1_min.js
s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/ Frame 8116 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/gwd_webcomponents_v1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/index.html?e=69&leftOffset=0&topOffset=0&c=LwDo9otTol&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a1aeb88ed58c56f3881c57c6b7a0233eb71f19beda42803f3dfd1de35d39f5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/index.html?e=69&leftOffset=0&topOffset=0&c=LwDo9otTol&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 04:11:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
82879
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6270
x-xss-protection
0
last-modified
Tue, 09 Jun 2020 08:28:06 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Jul 2021 04:11:23 GMT
gwdpage_min.js
s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/ Frame 8116 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/gwdpage_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/index.html?e=69&leftOffset=0&topOffset=0&c=LwDo9otTol&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
257c9947bb8a45c4a0519f4ddc8769ecc7f889e268a046b0f05c17dfc7912eee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/index.html?e=69&leftOffset=0&topOffset=0&c=LwDo9otTol&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 08:42:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
66628
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1306
x-xss-protection
0
last-modified
Tue, 09 Jun 2020 08:28:06 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Jul 2021 08:42:14 GMT
gwdpagedeck_min.js
s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/ Frame 8116 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/gwdpagedeck_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/index.html?e=69&leftOffset=0&topOffset=0&c=LwDo9otTol&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e8ea46ab2d6105379234115b9cf9a695b9fd85824524b95c43b46f83c8058dbe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/index.html?e=69&leftOffset=0&topOffset=0&c=LwDo9otTol&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 09:48:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62643
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3243
x-xss-protection
0
last-modified
Tue, 09 Jun 2020 08:28:06 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Jul 2021 09:48:39 GMT
Enabler_01_242.js
s0.2mdn.net/879366/ Frame 8116 		107 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_242.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/index.html?e=69&leftOffset=0&topOffset=0&c=LwDo9otTol&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7effa4abb1004ac11058d1fc73b1ebb9cbf993bc96dd96be50ba81ba895bd69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/index.html?e=69&leftOffset=0&topOffset=0&c=LwDo9otTol&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 11:00:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58349
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37452
x-xss-protection
0
last-modified
Thu, 06 Feb 2020 15:49:50 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Jul 2021 11:00:13 GMT
gwdgooglead_min.js
s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/ Frame 8116 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/gwdgooglead_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/index.html?e=69&leftOffset=0&topOffset=0&c=LwDo9otTol&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
319df7260917176a874e840902c5576b028f4ed9e206ad595f8ce5b2c4a738b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/index.html?e=69&leftOffset=0&topOffset=0&c=LwDo9otTol&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 04:36:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
81374
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-doubleclick-media
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4434
x-xss-protection
0
last-modified
Tue, 09 Jun 2020 08:28:06 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Jul 2021 04:36:28 GMT
gwdimage_min.js
s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/ Frame 8116 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/gwdimage_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/index.html?e=69&leftOffset=0&topOffset=0&c=LwDo9otTol&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af690ae6affa753d44d5ddcb7e024b7ae988c28dc6a10b8bcb250bc35842df22
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/index.html?e=69&leftOffset=0&topOffset=0&c=LwDo9otTol&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 22:10:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18155
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2003
x-xss-protection
0
last-modified
Tue, 09 Jun 2020 08:28:06 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Jul 2021 22:10:07 GMT
gwdtaparea_min.js
s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/ Frame 8116 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/gwdtaparea_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/index.html?e=69&leftOffset=0&topOffset=0&c=LwDo9otTol&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d477d1c8b478b0668d6378b66c6d5226c5fbb2f695304288d6c3e70ab2cb70fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/index.html?e=69&leftOffset=0&topOffset=0&c=LwDo9otTol&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 07:40:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
70307
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1996
x-xss-protection
0
last-modified
Tue, 09 Jun 2020 08:28:06 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Jul 2021 07:40:55 GMT
gwdgpadataprovider_min.js
s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/ Frame 8116 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/gwdgpadataprovider_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/index.html?e=69&leftOffset=0&topOffset=0&c=LwDo9otTol&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fabe68b63d6140786250c4aa8afb26bd1d69d2b7af3527be611e3e70ed2ff6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/index.html?e=69&leftOffset=0&topOffset=0&c=LwDo9otTol&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 20:18:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24860
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1285
x-xss-protection
0
last-modified
Tue, 09 Jun 2020 08:28:06 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Jul 2021 20:18:22 GMT
gwdattached_min.js
s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/ Frame 8116 		1 KB
618 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/gwdattached_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/index.html?e=69&leftOffset=0&topOffset=0&c=LwDo9otTol&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b1b78dc0bec6c4c5e65036a6d67c15a91ae2fc807f61ddab5ddccc3483cb9c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/index.html?e=69&leftOffset=0&topOffset=0&c=LwDo9otTol&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 03:25:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
85643
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
587
x-xss-protection
0
last-modified
Tue, 09 Jun 2020 08:28:06 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Jul 2021 03:25:19 GMT
gwdtexthelper_min.js
s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/ Frame 8116 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/gwdtexthelper_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/index.html?e=69&leftOffset=0&topOffset=0&c=LwDo9otTol&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d118591eca7d386c165d0c746a16a250be028528bb261ae78377794249f10b58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/index.html?e=69&leftOffset=0&topOffset=0&c=LwDo9otTol&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 06:58:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
72826
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2864
x-xss-protection
0
last-modified
Tue, 09 Jun 2020 08:28:06 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Jul 2021 06:58:56 GMT
gwddatabinder_min.js
s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/ Frame 8116 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/gwddatabinder_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/index.html?e=69&leftOffset=0&topOffset=0&c=LwDo9otTol&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f94da61df33854f21c6df7a5ef4574368905bd23ac88229b69478bf87ea4a84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/index.html?e=69&leftOffset=0&topOffset=0&c=LwDo9otTol&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 01:14:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7099
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2320
x-xss-protection
0
last-modified
Tue, 09 Jun 2020 08:28:06 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 26 Jul 2021 01:14:23 GMT
gwd-dynamic-binders.js
s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/ Frame 8116 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/gwd-dynamic-binders.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/index.html?e=69&leftOffset=0&topOffset=0&c=LwDo9otTol&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4e39de12542590b5be053cdcf0ef6c0ab336ba1c66c6d344b27cc492a6688d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/index.html?e=69&leftOffset=0&topOffset=0&c=LwDo9otTol&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 07:19:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71596
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10230
x-xss-protection
0
last-modified
Tue, 09 Jun 2020 08:28:06 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Jul 2021 07:19:26 GMT
nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKebunDXbtM.woff2
fonts.gstatic.com/s/playfairdisplay/v22/ Frame 8116 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/playfairdisplay/v22/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKebunDXbtM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display:600|Open+Sans:regular
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a0edd4f585d41eb0c9eec07d706bec3e0df65f9a9b59928a86157e565f10934
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 12:23:29 GMT
x-content-type-options
nosniff
age
398953
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29972
x-xss-protection
0
last-modified
Thu, 28 Jan 2021 20:29:45 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 12:23:29 GMT
mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v20/ Frame 8116 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v20/mem8YaGs126MiZpBA-UFVZ0b.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Playfair+Display:600|Open+Sans:regular
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://s0.2mdn.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Jul 2021 18:26:10 GMT
x-content-type-options
nosniff
age
463592
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14440
x-xss-protection
0
last-modified
Tue, 18 May 2021 21:21:19 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Jul 2022 18:26:10 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 0DFB 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstlqc9SbJmAajK7a3QYzmLILVabEW-jN8nRxShEoBo8cDsVr6ShVFp_UyTFWxJo4UQOKBDFjMtUS4Gq5SbLRsqIzAzCSqBjrGUDtQC7lS_7A5ys_Bio4KVPMA_w3e0GBCn9KzWWXM7bhEV9bOcC7uJhYyxWgqMCHIcO1LzPtynB9J48Ujjqq1omSHHdruUP8JfQf7NcfLa7SHUHJvyat0h4h5VuyHnN92AGQR1HJwSDl6zGXAExKulIlRdNUTDq3p-FrqJEFNSKbniO0D0oR0dFqsw7GHCxTfsY-9GIHmk2H9au9p4tWH75gHln0OZwdvBbiQkmSZry21BTg_RpvLgtZ9mLQoD3TSFlCRSsyPR6zGYCHKkhudjjG31KsaGLVACxkjX7vV0kKq-YLkZ77PTggi07mawIUhZ2NoDyJf5lb-H8sxmaWS8U530wXeKFlUc99hSI5YtrJazB9fJWcc55i-8N6ok4ojJJcI85p_OF_shgqtsfIiagOkyessv2q2H1o_Im7LyxwxbeROSW0uW-Z1qhWRJH6qqSN4_IuawZ_NDuD3FpqJgQ8fkjQ1T82PKcYSPFT1hEo8z3bIFTSB40XULfxFVxPGozcrgAOtD2djU2fz5xTAiioLV5Jfj_eoujNGk6Nv752lmysb9fF4-1OXz-NIWB_2Y1-Uh6R79aDm6ZMKYswszYauF87C-_QIeDs7BAPpg0qM2pXqWlYxaV7FnDQcTsEOPjI1NtHUzw76RE46H1jI88n1R72jqwUjrqgLsyhhHuRp9dvoM5rkc1dwRtT-tdq6TwdEGYbN53y9OrVWd-IVUwl6OMofAUaJ3zJqV5u2TuahSyVI-KHD7RD_w02oZEra2DihKjv0MYg9p3A8AcZ9tfh_eoFOntp3dsseMIype9vGYHNPUsE-PIV-WeSNfXKLoUVKBKcqg6fy2blrgFPq41-XIEPI5DKB6ml0BaZ0DpNL94f02Rq7Z8tYDMyoHJ9tX-xOFx81C8d4HAG0NsJ4R6aHKi6rnuamA5ciaan-FFlMJHKlwoK6xf2kcxWwOqhxLpnBeWd6qngRuoNkJfJsyQVd3HyxEcBfmO9eIt8HzKeGM9SoXF6Pg7kRjlpH-3cOZXN9Sd1m8sK6zuWyJsJ4Plb1vDMzhHURmAbyodZ-O8nyQkqAwBY-h2blK_QiWgZUCA&sai=AMfl-YTfqwXCUIj7Cw6LzU4wUWP33IxLIQSgnPjq54N-mKEtZMHsVzWHL2wsN7-LNBp6uWr2pIqcKFiwRB2_p6Umqwg0zkvPzadOO4dJwGTSfxcoX2T0Dylm9UQzygHyF__zkBqe2Y8TF_FBikwK0xI4cQMMyd5PhF9yaApE-Bs&sig=Cg0ArKJSzM-7lyNeAwEkEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=185&vt=11&dtpt=125&dett=3&cstd=55&cisv=r20210720.90458&adurl=
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Sun, 25 Jul 2021 03:12:42 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012107130206000/ Frame 4F4E 		188 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1caacdebd86c67f86ab89cdbd30b056a8c1141638aafdd35ec453c4bae91692b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
222462
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55160
x-xss-protection
0
server
sffe
date
Thu, 22 Jul 2021 13:25:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"b724d3ee8cec1601"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Jul 2022 13:25:00 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012107130206000/v0/ Frame 4F4E 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012107130206000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b16e9c1da7045c9057350282766a114be2070b065e5e8a42ae635d0610ba6d0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
222463
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4795
x-xss-protection
0
server
sffe
date
Thu, 22 Jul 2021 13:24:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"392d0f0d5f27c169"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Jul 2022 13:24:59 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012107130206000/v0/ Frame 4F4E 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012107130206000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
faf5e994ddbada86a873b5d14c1bc0f449a097e61e6fbe0c04e0691b70ec5644
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
222462
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27843
x-xss-protection
0
server
sffe
date
Thu, 22 Jul 2021 13:25:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"f120bcb28bbafed0"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Jul 2022 13:25:00 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012107130206000/v0/ Frame 4F4E 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012107130206000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d398520ac47945ab429cf02b444202f4db1cf7fee5b5335cf98fb009ce56ab8e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
222463
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1658
x-xss-protection
0
server
sffe
date
Thu, 22 Jul 2021 13:24:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"6fba3cabb8cd86f8"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Jul 2022 13:24:59 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012107130206000/v0/ Frame 4F4E 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012107130206000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29d096500cc94cbe347c613cb34199c274da1fe8b5df04fdb49ee75ace5edbec
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
222462
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12840
x-xss-protection
0
server
sffe
date
Thu, 22 Jul 2021 13:25:00 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"6d4edf2414c2591f"
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Jul 2022 13:25:00 GMT
es.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4F4E 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/es.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f86391f8f5e12c3838b2bb51d1910da2a1a2aa975e44bfc3e189dc8bccdc0549
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Jul 2021 23:14:39 GMT
x-content-type-options
nosniff
server
cafe
age
14283
etag
15820072736840818134
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2687
x-xss-protection
0
expires
Sun, 25 Jul 2021 23:14:39 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4F4E 		295 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Jul 2021 12:37:33 GMT
x-content-type-options
nosniff
server
cafe
age
52509
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sun, 25 Jul 2021 12:37:33 GMT
truncated
/ Frame 4F4E 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
30aa9dd34b4c3544c0f8ae82ebb7fdd1e5f0b79b9ee8ba3c4dc1d4de8ba9323f

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
10899466442344071644
tpc.googlesyndication.com/simgad/ Frame 4F4E 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10899466442344071644?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qkelZ_1fV9XoaFRhL-rEWc8bc8dNw
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d2acda6f2d773c066151d9118f114ea085318aa6b9cda9ec289cdfba710d281b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Jul 2021 22:25:52 GMT
x-content-type-options
nosniff
last-modified
Tue, 08 Jun 2021 12:44:42 GMT
server
sffe
age
276410
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38608
x-xss-protection
0
expires
Thu, 21 Jul 2022 22:25:52 GMT
l
www.google.com/ads/measurement/ Frame 4F4E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR1TFK2Nu74gp2t6F4e05Aeg-pwh7MeT2Vyk2Cq0pCM9Y7Br1cmrDGW_Up2gHtJ5sJUQCr91vRbE-JN2cKskd6FbnXEIA
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 4F4E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CDPNVqtb8YJjDAcSKjuwP356i6AyU57ruY7GS9JGhDtbO3vD3JRABIIjopn1glQKgAZjLu8ACyAECqQL_IT8AkOR-PuACAKgDAcgDCKoE8wFP0OoXYvvvdRuqCfeO656GxANYH9768W7E9hS24vMkWzTQG_Bm0B2ymw_QRiuXCXTRA82kL5BeExjtwFDJeGWd9_LiJAu1AXMoigJf8F-2xp9qwLCw32UGI8nYsI7vY0RycDjewgdVJ0Mizv4BcikIEtp5agx1uD5swk7vFRm6zrt2pjS6FpC4NrJwlUYEkql5kyC7pYkd0l-ifxefXGipjJHaICwRjUyW9GEzsSb_JC7TOTy4HIN8Nn3TIw4escbFQOLnkEYty3agwzdla4IcxCPe-jejVhNok8-RYMrWkL9Hejku0L_Vf0Xdwi0SBL8slkXABInd39vPA-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAezxI7AAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBDOwgLSCAkIiOGAEBABGB2ACgPICwHYEw3QFQGAFwGyFxoKGAgAEhRwdWItMjU5MDQ1MTI2NDA0Mjg0Mg&sigh=WJc6tbhHQ90
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
23720825_20181114064403354_IB_728x90_transparente.png
s0.2mdn.net/ads/richmedia/studio/23720825/ Frame 8116 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/23720825/23720825_20181114064403354_IB_728x90_transparente.png
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0181a002d68f1652f5dcff100c944d0bf0cc1db15a4467b7a140e48b4ea586c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/index.html?e=69&leftOffset=0&topOffset=0&c=LwDo9otTol&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 03:51:59 GMT
x-content-type-options
nosniff
last-modified
Wed, 14 Nov 2018 14:44:03 GMT
server
sffe
age
84043
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1418
x-xss-protection
0
expires
Sun, 25 Jul 2021 03:51:59 GMT
23720825_20210512034421463_728x90.jpg
s0.2mdn.net/ads/richmedia/studio/23720825/ Frame 8116 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/23720825/23720825_20210512034421463_728x90.jpg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60aa19fa536ea224402c9e2a8c8c1bef669185737f900cdbfb87e2045a5b8583
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/index.html?e=69&leftOffset=0&topOffset=0&c=LwDo9otTol&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 01:19:14 GMT
x-content-type-options
nosniff
last-modified
Wed, 12 May 2021 10:44:21 GMT
server
sffe
age
6808
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31868
x-xss-protection
0
expires
Mon, 26 Jul 2021 01:19:14 GMT
logo_general_vertical.svg
s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/ Frame 8116 		10 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/logo_general_vertical.svg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
53eaefbf301a6d658dd0363fe203587e44be23315c23f283967679a3d6dae7c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/index.html?e=69&leftOffset=0&topOffset=0&c=LwDo9otTol&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 04:12:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
82813
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3721
x-xss-protection
0
last-modified
Tue, 09 Jun 2020 08:28:06 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Jul 2021 04:12:29 GMT
23720825_20210128010521601_20_DE.svg
s0.2mdn.net/ads/richmedia/studio/23720825/__version__/1/ Frame 8116 		12 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/23720825/__version__/1/23720825_20210128010521601_20_DE.svg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
956ac0a82ae81e911ff3423e40a00bfdd6ee0e806e3410116e2f1a1aec836173
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/index.html?e=69&leftOffset=0&topOffset=0&c=LwDo9otTol&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 22:04:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18478
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3194
x-xss-protection
0
last-modified
Wed, 31 Mar 2021 11:21:48 GMT
server
sffe
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 25 Jul 2021 22:04:44 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 4F4E
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Sun, 25 Jul 2021 03:12:42 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
truncated
/ Frame 8116 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
23720825_20210512034421463_728x90.jpg
s0.2mdn.net/ads/richmedia/studio/23720825/ Frame 8116 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/ads/richmedia/studio/23720825/23720825_20210512034421463_728x90.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/index.html?e=69&leftOffset=0&topOffset=0&c=LwDo9otTol&t=1&renderingType=2
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60aa19fa536ea224402c9e2a8c8c1bef669185737f900cdbfb87e2045a5b8583
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/ads/richmedia/studio/pv2/61473925/20200609012806235/index.html?e=69&leftOffset=0&topOffset=0&c=LwDo9otTol&t=1&renderingType=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 01:19:14 GMT
x-content-type-options
nosniff
last-modified
Wed, 12 May 2021 10:44:21 GMT
server
sffe
age
6808
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31868
x-xss-protection
0
expires
Mon, 26 Jul 2021 01:19:14 GMT
10899466442344071644
tpc.googlesyndication.com/simgad/ Frame 4F4E 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10899466442344071644?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qkelZ_1fV9XoaFRhL-rEWc8bc8dNw
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d2acda6f2d773c066151d9118f114ea085318aa6b9cda9ec289cdfba710d281b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Jul 2021 22:25:52 GMT
x-content-type-options
nosniff
last-modified
Tue, 08 Jun 2021 12:44:42 GMT
server
sffe
age
276410
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38608
x-xss-protection
0
expires
Thu, 21 Jul 2022 22:25:52 GMT
es.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4F4E 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/es.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f86391f8f5e12c3838b2bb51d1910da2a1a2aa975e44bfc3e189dc8bccdc0549
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Jul 2021 23:14:39 GMT
x-content-type-options
nosniff
server
cafe
age
14283
etag
15820072736840818134
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2687
x-xss-protection
0
expires
Sun, 25 Jul 2021 23:14:39 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4F4E 		295 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Jul 2021 12:37:33 GMT
x-content-type-options
nosniff
server
cafe
age
52509
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sun, 25 Jul 2021 12:37:33 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame C35A 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BzrJNqtb8YJnIB4Kr3gOU25yQDgAAAAA4AeAEAg&bg=!X1ylXBjNAAbnC78O5ws7ACkAdvg8Wvaef-tAgMG9GmXuRHfqBFQtdQfG5BMjneXE78D1R5s7aG2xBQIAAAEDUgAAAA1oAQeZAtRN08gdqZm4e8u_Ep4BujgCQyUQdDJoLzSJvwXl0mZUFVIKGuoP8w1oNWr-32I9jysYglI7IN1NTFgz4ocB2BXyxLx2Vkh_uvXXg69rwqrzzBe7P7iAXkHeVLfrU6kHSqFLQpw8XKrYKSzkmhbDjtTdybM1LZSUnsjUq765GcAVF50fNVOgYIoagiwpBpG-yBlfhecrOvQQ3CEPhn6iB7oYxcyQqpleTERwNjOw69XwdtOr3grl99uSNsnDE8_IzqHx1R4iuev-Lr5nLNCp-6xaRkcCuBGqwU8RdBd-Idnn6eCZFfokGYpN8HU_1JKBSDOayKUi23LJ8cdouA_HCZWBU4d-fBOVWwkzLnBbcy_Sd-BA4vevL2vka9OrqREEAPDibvFmXLZY_1YGd06fyln5-jb0BREEAfZNlu6dNxfTy7daUGuAsnPwAPP_uO06NHHx9AQ6X58aR9CyuuLI1A1fYqYIq9eGn1i28I9Z7H662paQKmwihPbaM9mY0gF01FbM1pALV7YMgGxXYqd-_8u72L3GxUcV2ZvgKYKgVD1kSschpdSdvPyoDFXUb5n0yyoJfjPolBfzyzFp6mmiFIPY-YtNSnSKGvFXp6BF4J7nXDPhbO0x5qS0HlBZ97I8_iWgCyackLpO1WmZDWB3_tk3TIYRdbKqW5RnvavmWR2HxLlrFRWjR0TxeQu420NMpBQGI086SPOaRriPWLxE85Bp4w5HXGIyqioXPjEKzvPa7KkiAIkfSOENEkoxdhbRaYzzCBiDC9dD3NvxYQl0d6IBuJDRC_9CZ3mZCm-_OzZqmPfy-z4Thu3zFbHxOjDU1KgSS2iuWJM0ZSqDUA2lMJQ8GrgngpRpvY4rqUX9w7z-GTyckiD-i2ZUawgAyO0pHaT-Ao3-yWDIRVl2iubexvFJ5jI04oHniw7TAN8zcA3sm5L0egt13w0ElDd7T3TvZtn1i_FV
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Jul 2021 03:12:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/022107130206000/ Frame 6622 		188 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/022107130206000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bfe67e924ac653a908db8fbf0a22d657ea0b46a6aad9ad00cc1b6e1d7bada88d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
367439
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
55151
x-xss-protection
0
server
sffe
date
Tue, 20 Jul 2021 21:08:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"242da2d233c5bab0"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 21:08:43 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/022107130206000/v0/ Frame 6622 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/022107130206000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b16e9c1da7045c9057350282766a114be2070b065e5e8a42ae635d0610ba6d0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
367439
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4795
x-xss-protection
0
server
sffe
date
Tue, 20 Jul 2021 21:08:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"392d0f0d5f27c169"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 21:08:43 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/022107130206000/v0/ Frame 6622 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/022107130206000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
faf5e994ddbada86a873b5d14c1bc0f449a097e61e6fbe0c04e0691b70ec5644
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
367439
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27843
x-xss-protection
0
server
sffe
date
Tue, 20 Jul 2021 21:08:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"f120bcb28bbafed0"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 21:08:43 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/022107130206000/v0/ Frame 6622 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/022107130206000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d398520ac47945ab429cf02b444202f4db1cf7fee5b5335cf98fb009ce56ab8e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
367439
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1658
x-xss-protection
0
server
sffe
date
Tue, 20 Jul 2021 21:08:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"6fba3cabb8cd86f8"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 21:08:43 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/022107130206000/v0/ Frame 6622 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/022107130206000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29d096500cc94cbe347c613cb34199c274da1fe8b5df04fdb49ee75ace5edbec
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
367439
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12840
x-xss-protection
0
server
sffe
date
Tue, 20 Jul 2021 21:08:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"6d4edf2414c2591f"
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 21:08:43 GMT
es.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6622 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/es.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f86391f8f5e12c3838b2bb51d1910da2a1a2aa975e44bfc3e189dc8bccdc0549
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Jul 2021 23:14:39 GMT
x-content-type-options
nosniff
server
cafe
age
14283
etag
15820072736840818134
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2687
x-xss-protection
0
expires
Sun, 25 Jul 2021 23:14:39 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6622 		295 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Jul 2021 12:37:33 GMT
x-content-type-options
nosniff
server
cafe
age
52509
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sun, 25 Jul 2021 12:37:33 GMT
truncated
/ Frame 6622 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d72613170046f11a9068a8a58bfe1b8741d7726adb0307c4511f47191fe12c15

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
14808479693444298616
tpc.googlesyndication.com/simgad/ Frame 6622 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14808479693444298616?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmH1ScUL2Xid_6WL-xEmliyYqABcA
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d2b0429cb9782b689936d57ad407cf12a490b2da634ea5b1cfce481e01e2ff1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 09:12:16 GMT
x-content-type-options
nosniff
last-modified
Mon, 21 Jun 2021 12:01:57 GMT
server
sffe
age
410426
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58223
x-xss-protection
0
expires
Wed, 20 Jul 2022 09:12:16 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 6622 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CvMW2qtb8YJScFcHv3wO2_YHgD4ysn-1jp8fuy4EOrajP-tElEAEgiOimfWCVAqABwq7UnQLIAQKpAszqBFBLt6g-4AIAqAMByAMIqgT1AU_QdSTPGS0X80yB7oEFrlxQDmqy8zIF_A-kZpFtvOkaBlEOHIuf8Zutv0wFcDZ4QD8aoG_g7zZgneHeUxoNHMe70sYdyEQMfkO4BmwskgRcApD05avARMvVW8wTVTufLxTpgMb01lliZ9MoAnnt8CpxmHX-G6TRIoCKvVeFmUdT13qD26i5ogx3uEwia5ATE6coPpZtx_a7OLoxUSHeBW0xizfn7koXF2uWIsRE17-QJpvBlm4MV0rzWaXr5YXo8EDILy4iyPbdOq4xNBs-3ndmu2USHPdKdmMNYiyNOc4jJf2Ez1DgFuZMGI-3Rv-DB_pI6KuKwAS4gIv_zgPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAHptGr4gGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwMQ8C7SCAkIiOGAEBABGB2ACgPICwHYEw3QFQGAFwGyFxoKGAgAEhRwdWItMjU5MDQ1MTI2NDA0Mjg0Mg&sigh=5mzfYoSux6E
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
si
googleads.g.doubleclick.net/pagead/drt/ Frame 6622
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date
Sun, 25 Jul 2021 03:12:42 GMT
x-content-type-options
nosniff
server
safe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
14808479693444298616
tpc.googlesyndication.com/simgad/ Frame 6622 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14808479693444298616?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmH1ScUL2Xid_6WL-xEmliyYqABcA
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/022107130206000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6d2b0429cb9782b689936d57ad407cf12a490b2da634ea5b1cfce481e01e2ff1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 09:12:16 GMT
x-content-type-options
nosniff
last-modified
Mon, 21 Jun 2021 12:01:57 GMT
server
sffe
age
410426
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
58223
x-xss-protection
0
expires
Wed, 20 Jul 2022 09:12:16 GMT
es.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6622 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/es.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/022107130206000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f86391f8f5e12c3838b2bb51d1910da2a1a2aa975e44bfc3e189dc8bccdc0549
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Jul 2021 23:14:39 GMT
x-content-type-options
nosniff
server
cafe
age
14283
etag
15820072736840818134
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2687
x-xss-protection
0
expires
Sun, 25 Jul 2021 23:14:39 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 6622 		295 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/022107130206000/amp4ads-v0.mjs
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.mdzol.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 24 Jul 2021 12:37:33 GMT
x-content-type-options
nosniff
server
cafe
age
52509
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Sun, 25 Jul 2021 12:37:33 GMT
container.html
2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4025 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.mdzol.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.mdzol.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Sun, 25 Jul 2021 03:12:38 GMT
expires
Mon, 25 Jul 2022 03:12:38 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
css
fonts.googleapis.com/ Frame 4025 		2 KB
531 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 25 Jul 2021 01:50:23 GMT
server
ESF
date
Sun, 25 Jul 2021 03:12:43 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 25 Jul 2021 03:12:43 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame 4025 		1 KB
871 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
830
x-xss-protection
0
server
cafe
etag
3558876194914413708
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 08 Aug 2021 03:12:19 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 4025 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cv0ddqtb8YND4Jo6SrASY9IXYAt6sz4pi7_SqyfwK3t2pkp0dEAEgiOimfWCVAqABj-Dy0QLIAQmpAjXhxKEswLM-4AIAqAMByAObBKoE8gFP0N1V37qvKqVDOO9aCbgQCq38S9-wkIQERgX8oFpJAQYFzrvvgakZp26gVTwSVmKKKCTnjIuoiQjFGM5paQD9WjpfhMLGhKBir54Qv1WAzec3lfcNWnx-AXbKrTIP8h6vGApt2xO-RGUzEJ0qE062fo1vyNa9PlFC-fWYE94WgVjfdK9rwhT--MbFnpV2cg6nuMzHR1K2U4ji0mottbVk_rSw9TuDQsUs3MIFo5-bVXKRjaQH19njc8k77RVY7ASKzuyIVN4J3M2NG0wZrKBdLg8B436p2-uVu52cVZdHS_9bSUWxSU96S4FnWEl73v97mMAEmqCCq7IC4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB9mfja4BqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCWpAHSCAkIiOGAEBABGB2ACgPICwHYEw2IFATQFQGAFwGyFxoKGAgAEhRwdWItMjU5MDQ1MTI2NDA0Mjg0Mg&sigh=dCgZUgBhtcI&template_id=494
Requested by
Host: www.mdzol.com
URL: https://www.mdzol.com/
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/ Frame 4025 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/abg_lite_fy2019.js
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7438cd6d98fc8e372c9a87e319ab965229ce2ba37798db808c8408f791db86ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:06:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
357
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7622
x-xss-protection
0
server
cafe
etag
16178317465966918049
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 08 Aug 2021 03:06:46 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame 4025 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/window_focus_fy2019.js
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:03:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
574
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 08 Aug 2021 03:03:09 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4025 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4409f886851d18b5071cc08d25845e0d959d51fd1e9eec92118d0f12a44e5eeb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:12:43 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1627039891503395"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38153
x-xss-protection
0
expires
Sun, 25 Jul 2021 03:12:43 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame 4025 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1b1a4081a8a32bc714fbb7a2509141683bc3eb707a421c0db556ed856f6d8e99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 03:07:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
288
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6195
x-xss-protection
0
server
cafe
etag
10716856519410487149
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 08 Aug 2021 03:07:55 GMT
l
www.google.com/ads/measurement/ Frame 4025 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTVfCCK4CTONAcfkz7IpZTH0dt9cEaLkGN9Ydp8LJtI7YdkoRg_4cfaSwy3Z91tGYUcbcugRE57Rfj5j-zShIQ60_-a0w
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
4661e2b537cafc373934756b83790a75.js
www.gstatic.com/mysidia/ Frame 4025 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/4661e2b537cafc373934756b83790a75.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d450db79b0f7039b6486a399d93ebe1efa7a81e0f7b1170931b8b3dddf4a31d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 02:23:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2931
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10780
x-xss-protection
0
last-modified
Tue, 20 Jul 2021 05:53:23 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sat, 23 Oct 2021 02:23:52 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 4025 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSt8h8jKVfyQ2UL482fhlj3hVNKgtMQ251uH9qxeEWDvjrhCBO1EY_8Nus3aw&usqp=CAI
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a3d4b847babd625738fab334f4d2b4ce8cff00ea0c8647a0719e830c6e61747
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 05:56:18 GMT
x-content-type-options
nosniff
last-modified
Tue, 04 May 2021 01:18:46 GMT
server
sffe
age
422185
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10324
x-xss-protection
0
expires
Wed, 20 Jul 2022 05:56:18 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame 4025 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRYNPesl2OiLIBkRLg-W6D0jM2IuefHWWuPZXQf7z_GmS_XWa3HIvqqVxIFhOc&usqp=CAI
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
42a1f4f79fd6bfc07e44674e3777785e4f9cf92b0f3ab50bd7c2da0d8e757ba7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Jul 2021 06:18:54 GMT
x-content-type-options
nosniff
last-modified
Sat, 20 Feb 2021 16:41:58 GMT
server
sffe
age
593629
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8846
x-xss-protection
0
expires
Mon, 18 Jul 2022 06:18:54 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame 4025 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTe5r8IF7w_CKtQGFxIrldPBnzj7GqSW18z9a1vAcwFxdppvgmSAAx4DZNLzQ&usqp=CAI
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b02922261555aa2bd56acd76d47e25c2a4c6e290b2646e741e73262de3d81b07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 06:14:18 GMT
x-content-type-options
nosniff
last-modified
Thu, 29 Oct 2020 13:46:37 GMT
server
sffe
age
421105
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8863
x-xss-protection
0
expires
Wed, 20 Jul 2022 06:14:18 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 4025 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSTfBkBpOn3AaeclJ3B9NNB4OhivxFWqJ5SZd9JqxzzGfNosTog2T3RrCdcAA&usqp=CAI
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
491e562409eb651592deb8c0c306a1347e517bafee9b0474039995c2ee040487
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 07:52:53 GMT
x-content-type-options
nosniff
last-modified
Thu, 24 Dec 2020 01:19:19 GMT
server
sffe
age
415190
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
content-type
image/jpeg
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10992
x-xss-protection
0
expires
Wed, 20 Jul 2022 07:52:53 GMT
10961211485099542529
tpc.googlesyndication.com/simgad/ Frame 4025
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnz8L0mAEQwAIYwAIyCKmt_0JLcgDt
  • https://tpc.googlesyndication.com/simgad/10961211485099542529
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10961211485099542529
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
125a7792f218e4f2535cf90eb39ab5465d7ea509386143fc06b8cc0f60df957a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 19 Jul 2021 22:47:08 GMT
x-content-type-options
nosniff
age
447935
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8555
x-xss-protection
0
last-modified
Thu, 24 Oct 2019 10:11:39 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Jul 2022 22:47:08 GMT

Redirect headers

timing-allow-origin
*
date
Sat, 24 Jul 2021 03:40:25 GMT
x-content-type-options
nosniff
server
cafe
age
84738
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/10961211485099542529
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 23 Aug 2021 03:40:25 GMT
truncated
/ Frame 4025 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
280d867dcf00a8bc6a0f40cfb1f444b9a57a3b32f9c8b861ee1402dbb84ed594

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame 4025 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Jul 2021 16:30:42 GMT
x-content-type-options
nosniff
age
384121
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20900
x-xss-protection
0
last-modified
Mon, 19 Apr 2021 22:53:16 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 16:30:42 GMT
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame 4025 		56 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: 2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
URL: https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
fed0923bd1965b88eab76311c0c4b87958be5801b53e58c33ddf448e22e3c88c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 02:18:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3249
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21535
x-xss-protection
0
server
cafe
etag
8625046641350230874
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Sun, 25 Jul 2021 03:18:34 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4025 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=urind
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 25 Jul 2021 03:12:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 4025 		0
348 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~krimlrgn&e=21068133&ctx=2&qqid=CND1tJSg_fECFQ4JiwodGHoBKw&met.4=fb.1x~lb.37~ol.3m~idt.-38p~dt.-3hv&met.3=555.3f~556.3f~749.3j_3~735.3p_1~113.43_5~112.42_6&met.1=1.krimlrcl~6.1~7.1~8.1~9.1~10.1~12.2~13.7~14.1b~15.1f~16.38~17.38~18.38~19.3j~20.3j~21.3m&met.7=CBsQCBgBMC84ggFoAXAHeL0YgAGkGIgBzi-wAQG4AQM~CBIQBxgBIEYoRjBWOBBoRnBVeJMEgAH4A4gBzg2qARkKF0dvb2dsZSBTYW5zIERpc3BsYXk6NDAwsAEBuAED~CBwQChgBIEcoRzBOOAdoSHBOeOcGgAG-BogB_wqwAQG4AQM~CCEQBBgBIEgoSDBaOBM~CAkQChgBIEgoSDBPOAdoSXBOeO87gAHGO4gBgpIBsAEBuAED~CB4QChgBIEgoSDBQOAdoSnBPeOQKgAG7CogB4ROwAQG4AQM~CCoQChgBIEkoSTBbOBI~CBwQChgBIEkoSTBROAhoSnBReNwwgAGzMIgB_G-wAQG4AQM~CBsQBhgBIEkoSTBaOBE~CBsQChgBIEkoSTBROAg~CBsQAhgBIEsoSzBhOBc~CBsQAhgBIEsoSzBTOAg~CBsQAhgBIEsoSzBnOBw~CBsQAhgBIEsoSzBhOBY~CAQQAhgBIEsoVDBbOBBoVXBbeKxDgAHrQogB60KQAUuYAVKwAQG4AQM~CBMQAhgBIHcodzB9OAdod3B9eL-jAYABpKMBiAGkowGqARcKEWdvb2dsZXNhbnNkaXNwbGF5EA8YArABAbgBAw~CCgQChgBIIcBKIcBMI8BOAhohwFwjgF4u6gBgAGfqAGIAYS_A7ABAbgBAw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4001:c05::5e Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 25 Jul 2021 03:12:43 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMImcWVlKD98QIVgpV3Ch2ULQfiEAAYACC9nc4_QhMI98H8k6D98QIVc4CDBx0BoQx3;met=1;&timestamp=1627182772413;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 0DFB 		42 B
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMImcWVlKD98QIVgpV3Ch2ULQfiEAAYACC9nc4_QhMI98H8k6D98QIVc4CDBx0BoQx3;met=1;&timestamp=1627182772413;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Jul 2021 03:12:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

104 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| leida_a object| gptadslots object| googletag function| fbq function| _fbq string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| ggeac object| google_js_reporting_queue object| AMP object| global object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS string| __AMP_DEFAULT_BOOTSTRAP_SUBDOMAIN function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| __AMP_AUTOPLAY function| isAdmin object| core object| firebase object| config object| mdzolConfig object| publicWebpackJsonp object| __cfBeacon function| isMobileDevice function| UserLogin function| wfLazyLoadOptions object| WfLazyLoadInstance object| Slider object| SuscribeHorizontal object| Share function| Fixabox function| Poll object| PollSimple object| PollVersus object| Header object| SuscribeVertical function| ModalShare object| Alerts object| Fixed object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| ampInaboxIframes object| ampInaboxPendingMessages function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| GoogleGcLKhOms object| google_image_requests

2 Cookies

Domain/Path Name / Value
.mdzol.com/ Name: __gads
Value: ID=ccfaa71742e82708-2212ba058cc800dd:T=1627182758:S=ALNI_MYHC1ojoC7xC2VVuaO7L495pL4-sg
.mdzol.com/ Name: _fbp
Value: fb.1.1627182758699.1542157851

6 Console Messages

Source Level URL
Text
console-api info URL: https://cdn.ampproject.org/v0.js(Line 6)
Message:
Powered by AMP ⚡ HTML – Version 2107092322000 https://www.mdzol.com/
console-api log URL: https://www.mdzol.com/a/plantillas/p/mdz/js/0.b6de541692a2f4f36600.chunk.js(Line 1)
Message:
Your browser does not support push notifications
console-api info URL: https://cdn.ampproject.org/rtv/032107200040000/amp4ads-v0.mjs(Line 6)
Message:
Powered by AMP ⚡ HTML – Version 2107200040000 https://www.mdzol.com/
console-api info URL: https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs(Line 6)
Message:
Powered by AMP ⚡ HTML – Version 2107130206000 https://www.mdzol.com/
console-api info URL: https://cdn.ampproject.org/rtv/012107130206000/amp4ads-v0.mjs(Line 6)
Message:
Powered by AMP ⚡ HTML – Version 2107130206000 https://www.mdzol.com/
console-api info URL: https://cdn.ampproject.org/rtv/022107130206000/amp4ads-v0.mjs(Line 6)
Message:
Powered by AMP ⚡ HTML – Version 2107130206000 https://www.mdzol.com/

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2cdc875fe46c5395f767976b2bdfe891.safeframe.googlesyndication.com
3p.ampproject.net
5994599.fls.doubleclick.net
ad.ad-srv.net
ad12.ad-srv.net
ad4m.at
ade.googlesyndication.com
ads.yahoo.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
as.ad4m.at
asset.conrad.com
assets.ad4m.at
bid.g.doubleclick.net
cdn.ampproject.org
cdn.contentspread.net
choices.trustarc.com
choices.truste.com
cm.g.doubleclick.net
connect.facebook.net
csi.gstatic.com
d-13005548613403204316.ampproject.net
de1-bid.adsrvr.org
dsum-sec.casalemedia.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hal9000.redintelligence.net
hal90006.redintelligence.net
ib.adnxs.com
imasdk.googleapis.com
lenovo.7eer.net
m.exactag.com
mdzol.com
pagead2.googlesyndication.com
pubads.g.doubleclick.net
s0.2mdn.net
securepubads.g.doubleclick.net
static.cloudflareinsights.com
staticsig.inversorglobal.com
stats.g.doubleclick.net
sync.search.spotxchange.com
sync.teads.tv
telemet.xyz
tpc.googlesyndication.com
us-u.openx.net
videos.mdzol.com
www.awin1.com
www.conrad.de
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagservices.com
www.gstatic.com
www.inversorglobal.com
www.mdzol.com
www.ojrq.net
104.111.239.217
104.111.242.245
13.226.145.126
13.226.145.23
138.201.63.117
138.201.63.164
142.250.181.226
142.250.184.194
142.250.184.226
142.250.186.66
142.250.186.70
145.239.2.103
172.217.16.130
178.79.227.54
185.33.220.243
185.94.180.125
2.18.234.21
2606:4700:20::ac43:4a81
2606:4700:3031::ac43:b70b
2606:4700:3032::6815:14bd
2606:4700::6810:5e41
2606:4700::6812:18c2
2606:4700::6812:19c2
2606:4700::6812:7e05
2607:f8b0:4001:c05::5e
2a00:1288:80:800::7000
2a00:1450:4001:800::2001
2a00:1450:4001:800::2003
2a00:1450:4001:801::2001
2a00:1450:4001:803::2002
2a00:1450:4001:808::2002
2a00:1450:4001:808::200e
2a00:1450:4001:809::2002
2a00:1450:4001:809::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:812::2004
2a00:1450:4001:813::200e
2a00:1450:4001:827::2003
2a00:1450:4001:827::2004
2a00:1450:4001:827::200a
2a00:1450:4001:827::200e
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2006
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:4001:831::200a
2a00:1450:400c:c08::9c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.95.127.121
35.186.240.205
35.244.159.8
64.233.166.155
76.223.26.175
78.46.23.46
85.14.248.71
94.130.102.164
0181a002d68f1652f5dcff100c944d0bf0cc1db15a4467b7a140e48b4ea586c9
0395877c31c618a393691246c1ee89ac6760f0e196fa3202e5d99a0274e95cce
0683e84a63df9c6846a76e74d4369f554600cf9da19031d7351c2e226b6fb18d
0689243aa4d9f3bac29825ae72d77e55d23bfeb9a5b1542decae480f0f62fe1f
06a0cd2a1f1c2f5843988bea917cf6f949b7258ed1c0ae1f308ca45433b36a42
08a205d48c6c16c652d3dcc880a5d4888c1414664012cae07a13e749ed76601f
093d94d4b660253c55e87d4503dffcb6cedc8f222f9d85d1faa68ff619ac9d3e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0d17b8a38d3dce6f7357bbc8da105d92c21b6cf1c4b92351ce2b1861b065f2c5
0d97f24e612757fad03449e480b8910ceca1b1e3d27809d965caf57adfd2a2c9
0e567066985125e7974f68b42914dcb134e3c38373a4a3d668bdb38a3e55f299
0e59bfa0880348b10f27aff2806f307c5b7ddf40a72279979b0056b173ba1873
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0edea0255414148efb1cc9af5e4c70962a865eb8e053e1b173050a5a6fed0e26
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1130c26caface5cfa7b2d0cdbbb70cdb3004c582e74969d580216f65596c47c1
125a7792f218e4f2535cf90eb39ab5465d7ea509386143fc06b8cc0f60df957a
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
16fe7e3c96650fa4b8e8da4e93070e1d323afce0bad720938770734eedf442c9
172ecde3db13e66cf99995d63de308e2d6e3fdeb1a99dfaeec136f4862eb1573
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a0edd4f585d41eb0c9eec07d706bec3e0df65f9a9b59928a86157e565f10934
1a3d4b847babd625738fab334f4d2b4ce8cff00ea0c8647a0719e830c6e61747
1b01c027cbc7e13b52ffaa499af67ac7793e34cf68b5caf4c490450512b4eb7c
1b16e9c1da7045c9057350282766a114be2070b065e5e8a42ae635d0610ba6d0
1b1a4081a8a32bc714fbb7a2509141683bc3eb707a421c0db556ed856f6d8e99
1caacdebd86c67f86ab89cdbd30b056a8c1141638aafdd35ec453c4bae91692b
1f202225a1657614f1b41888b81aa2102e8b5047f6968ccfcb644dc0c858d0bf
1f73fc9ed3e1a51f35cb5a7e2f4b1c091975e54f64a15ab5e47088ba01afaf5f
2012a175ba1a5319868ac22c14861ca5d95ea113589f93849cc8bb270b7df322
20160b923de864cdf44fa26bfd6281a9e0aba7eb800fac86804d9a41a93c2394
212d57fba34d9277022e5675f1507c45441cacc7d33789be6c04c9fe782d146d
2166f5784977dacac50008132b064d2ab35205f3abe4f3b0f2d53516ee1ba53b
217335bea519c6428d9c9a7571b989d0e12e3497c829d350a000692b906f1993
2197172f2168715cd5bc0aebf55485cc5e6ef993ee6394a494b1b4c3be69d0e1
231da5020a407f8936f72ded333d33ae714659051784b119f0ffe90460b8b1c2
2405bd02584cae91a0a4c434fec3e72f392d07e1bedc993c3b16baa7800bbdfd
257c9947bb8a45c4a0519f4ddc8769ecc7f889e268a046b0f05c17dfc7912eee
26b05d464a9903a0597b14f9a1452a8599db78bf51f197e4f74b85426ceecdc6
277e0e5da0df9785d0d1978c41a6b40ddce651f67bbd54d5650c347f267ab0a0
280d867dcf00a8bc6a0f40cfb1f444b9a57a3b32f9c8b861ee1402dbb84ed594
28b234f39f81b1c81631c30f5b162de18c1206d091e1324e991ce0809279b728
29d096500cc94cbe347c613cb34199c274da1fe8b5df04fdb49ee75ace5edbec
2a23c66a61e031b78959955ed3681550ddf8235b618f09cc7c561c1cd00f5967
2a599831402a036dbe178104ad16f5184469bfc7fb25d4f611ddafb651b43dc1
2a78ae3eee23681542192eacd70236330ed4374400e7a1a92c66419014cf946a
2afb3cf38deea01d461f29b961c8aab0da4f121a84a9c843f49dc7cced99b6a5
2c37551b16fe3a49b92d7572c0b7bcd7e943a1318ae32ba9d35712359e14bdd2
2e95ec92b46b9be9c829b2886bdafc6015a2f4bea0ed9dcf643e4bcb2137c332
2eb5b3768979d3e309a56e268d5f7836bad7deec3ed3743b812fe0a6b2ebcea3
2f0a1047ba4ea8aa5c36d8c3f0e9b085a2e6ab2b1fcb4150cc6718c16eb4d70a
2f347a6ec75fc96cb8847a81074c37f27fa9e3600d962404ce874f80166f0b51
2f598b22dd02b7275beada4e0c4c0b24f52f588114b6528b953342db757c5549
30aa9dd34b4c3544c0f8ae82ebb7fdd1e5f0b79b9ee8ba3c4dc1d4de8ba9323f
310472726eba9558f3c205e0e90943c9d7e404b4e3e2cc3661d9f49112a72137
319df7260917176a874e840902c5576b028f4ed9e206ad595f8ce5b2c4a738b2
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3333371be24b10ed2a213fc3a2f63346d5f050ea0c6865be5548d54251377ace
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
353e392aed49fb4ae0f81d03d4178941c620b723296931b6caaedfc2d2f61f07
3774cc25ae0b69f3bb7018432617be6bf74376b3c13b3500fe67ecda62475323
3974624ff80521dbd81d3ed32f8ec10c7baef11c272f46626a6284538e90e44b
3adc08a17403677336564af378fad63adc1e44f6c7577348229e70c20b818c71
3b03904c5f4d8915450dc2f92afb0cb5e229873b9c6776037eabdae869807b5f
3b1b78dc0bec6c4c5e65036a6d67c15a91ae2fc807f61ddab5ddccc3483cb9c5
3ca19e57c9a2465ae4df271316ba4d29e7ff7f113a2a2c5297780c0b7a0ac09d
3d3251d937d209def48e958bfeec683ca39dc0f15eb22f99bc3e7035995cd552
3d85e802bb8f41747e865bd3005cc09d7b4ddcf746c2e48141b59f7537bab951
3da3fcb8ef7dd2f5111a889bf8d900aa62c1259b9815cfe05822154289eec355
3deddd3f41fe0ddcbf961b95cc4f26218271b306557421d944bfdb5f1343bba0
3e5575bcd4f0b6ab76842c7529c6283a58d95abcded480e4370b0e96a0e345e4
40b83f2e0a3ed83a553c5da988c4a8d7fa70860eff0847ee3f7eaceda6c87b02
41ae6a4881ebeebcadfdeef1a7726ffa8fdcb26ffbf49b90e9d307e363832652
42a1f4f79fd6bfc07e44674e3777785e4f9cf92b0f3ab50bd7c2da0d8e757ba7
43c70c5f3b7a3a6ea577f5c5536a4a515e8723e81e749935e9e8385894256959
43d1edb4fbc575033c7cbf8d8ded481f574da2c8c1548d35cba86db1706b4ebb
4409f886851d18b5071cc08d25845e0d959d51fd1e9eec92118d0f12a44e5eeb
4624c33a17177b381047e3a6340ae817e388c3cb4a157bc61fddc1f5069d769b
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
491e562409eb651592deb8c0c306a1347e517bafee9b0474039995c2ee040487
499e68e56e0ff786e03711cdc04d8c1584318e2c9c76fa7fa6169e842ea989f9
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b8682ff7b92654c85bef498e13e018e47fa27dff707ab2216ae3c0043cd649f
4cf1b81478b10bb6840a367df7387144fbaf211b781b7769a101988d6f901489
4d3ff252082ac311a937540e9e74c401081402a1217d78ed1e73797e15f53dd3
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eb285ca31a3d0daeb7148c69fbff3debca2f3f5ab7bc25432e4827215de2e66
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4fabe68b63d6140786250c4aa8afb26bd1d69d2b7af3527be611e3e70ed2ff6f
4fd72c46281e418a795e36792a29f67be9743c63e1fd8477b052b1eb6767befe
500c46e67d0cc6b3424c494939d1014c338374b7888335af229bf4e05ed95acd
503621190c75700c18c84fd3ec0977bf31b083d66e331d1009bb9cd17cdb85da
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5057f7beaa08450682a5418bdce93e9783bd704527406843fb019ea0a52778d4
5073fab4fddb9f037315ac9c663dce6681b03976250cab681638dfe17475466f
511aa2500a4de011ff1c2f58ecd4102763f122446104b758d7d04fb1320ea866
5395eb769fbabeadbde9eaa1c29dc8d5912ada4a771d8cfe7313d7fe3e37ef25
53eaefbf301a6d658dd0363fe203587e44be23315c23f283967679a3d6dae7c2
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55b61bb491d81d60e6c1aa84b59bfc94e96cbbf510138720c2e1536c7ebd1ba8
55e1e466133efcfc0d2c5c089bf7e7a58a1f443caab6b45ecc8a6df18e8ad780
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485
5a1693f96a4de53b2bd7d58b3443ad912b70d1baf1e4e4c8b848e977011e5b6b
5a97c142901e6148affb01a849efc3ec6d3b1d9cecadb3d597194a73aa3c962d
5c64a0ab0cbc91f0b36fa4ac96a0195843869a8d50a6bf163b4de0a392e6e0a5
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
5df654f9b59dd3322a2b8703682b1ee78559832b7a6c02803c0cb8ef94587389
5e8870a9e5eab1bf60396d325bc0912e1b16599e6ace2295aea67e822c3447b7
5eefd5e38ba75af9279acba05c9de9510c605dc5dd5c2313e5d6835350f16cd8
5fc1c90bb8fbd7b04b7298c5bc49b2b2585d4388d62c40017b05a13060901244
600bb9fa592c1c5945892bfb7fe9c01e26f889f7fe9bab409fea6884ff2c3486
602ff4c71559293f587f6819faa2881c15f21da62f3ff9f0de91958e4cc24083
60aa19fa536ea224402c9e2a8c8c1bef669185737f900cdbfb87e2045a5b8583
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
63987d8663c5b621d56ad833f0e4567288f988db62c5a4b2cc79ff7897f3273a
65506c87a4e71875a107df7ca37f45ccfd40688cf8e01f65c7e71792dbd6818c
67c2b625a62944f95c1411933bfddbdaa83f2050b13012e4f1383fa7862834bc
67ca74ce2f1d7ed0717814f55d2bfe2bcaee3241af4f0d6d71de383f4c9bfb94
695be856611d9d209b70e4b7356594bd123af15d79843a3711289bf90e3525b1
69a3831c082fc105b56c53865cc797fa90b83d920fb2f9f6875b00ad83a18174
69dc3329c00eca4a5e80971ac9eb5d003400597b9568f682c4e1baac5bcb242a
6b4f1f72b78c93a6cdf32fbce758cc76e353e589296975f8491a265167cfdb0c
6bf65017f076ca561646c6472693c86c0b3faf52705b8172482c67a9fa4e7114
6c86fc7f03f22143db49f573e85d84bc4d4d5ec3112eff8bfc1bca7681f45209
6d2b0429cb9782b689936d57ad407cf12a490b2da634ea5b1cfce481e01e2ff1
6de93ac968047ecaceaa1c413b31ddf90910f208419128a49963630acb1ef858
6f94da61df33854f21c6df7a5ef4574368905bd23ac88229b69478bf87ea4a84
6faebceb718b6e9d3911598273244145b17784ed94ad3dd80b5ea67dce58643b
70d66362ef9dbad3cde72b2fce9afb58261a6c73236bc9a92b7152510879b255
7194240894faa25b57748d906c2eb75810640e60b3a398cd0191064b828c1616
72e734a300145adffa1bc4eb86c3b415e0d8340d4966ee85cc32c76d29ec8e9c
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
7438cd6d98fc8e372c9a87e319ab965229ce2ba37798db808c8408f791db86ca
76786efa923a5bcbb68d5195e2d643d75000c61230fc813f6c67c60cc7756b18
777acd32e792ef70f60b68d8d4d27100992cc38088392c6a920fa7f738a223fb
77a1a956b92bedb582d8194e150fe430a778db2802fb3802659b26c40adfadd9
77b4a8683f3383908c69af7c19e1f852303a920f42fac75265d9123b1e520f22
7a949fb3f520a050dc0aa8b88da80bd6bca253a52d05614fc6055666389e491b
7b33f974f975e54d1a12be33cd5bf74266d69b1274b9d4be98049c1cb8265941
7c478f60af5c54b33a0a755bf710ec6731feb1e605e348b9fb90c1b97072f91f
7ee5bb7f5c7d3e8ed3f68976e13779205c288b5f596bd8c2f7d4bd3435a12999
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8187123a5cdd334d624225a62e455a9f13c3024714cd74f9b24ff419a2cde4ba
821262a8c32b52639f97ddf4f34c494e82156651752608fa6a23ffa3df2f84b1
83c0005e3b667c5e449f02973549615995485004dab354a231f54e7ff87ebbd7
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
852c4602692714abeab6573e278c21ee246d353f5adea60b4ff4b010e3ae8c80
87ef2968ed9e28c0a74ea82850515ac4387351b507deb3cc4091599861707af7
88c0b19cd331c3b314e8a019ff30133a78f78d38fda2d06d093b9af45a72862f
8b00f7fda091cb4bc22d6425405fc1dbfd54284e2495d3ffc725799bc4e45ebd
8b0680051b97518936ab7ce2471f3bf599f8706d53836806c8ee96002d5e8788
8babe596e3df81de63b4b74beb1a0b1baf99005b9a06588ad9e713b11487fa15
8cdb51889deec1c7cbbdf19e4eabe7e51b4a10e5c27f6c4dad5e789f231f9980
8d450db79b0f7039b6486a399d93ebe1efa7a81e0f7b1170931b8b3dddf4a31d
8ebec7366236d66d326611f9c885116c612b7fe36ff0b65b55924c666383d4d8
90163eabc62808d2b65007d44bd94f209ee37c2ed0cd7083aefc873c595c3e25
908c9a15674ab7422a18d0cea98a7c42291d3281fb2a3963c984e177fde2cd31
90cecdccf9575dbb07ad70ce29971df83ad49d1b2af9739aef01b5ab721d8370
9384e15deb923196d26651ae71a3b21666e653fd81f186bf30491b2818998069
940b6a1efbac7b1076b981e30fe0ab20d3bb1453e30222f919ec379fa23fb796
9455ee79d03d3262de042233c2d243c9fa3ffdca059e071685c96bf8ceea1962
945709883ec26c0aad76042d31544e59e2bb6719e6b6651aaf47e88baa3fc446
9562db09aa32ff7b74c262aaffaeaad9ca3f9fcde39929ac952746d7ce30217e
956ac0a82ae81e911ff3423e40a00bfdd6ee0e806e3410116e2f1a1aec836173
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
979f253373045cc0d8f959b907caf16c033fd5ae3f411a5a64f337c45c1194f5
9861a682443676e2d781076d5875aa031f618b8802a4c15aedbff1807b064e21
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9a1aeb88ed58c56f3881c57c6b7a0233eb71f19beda42803f3dfd1de35d39f5b
9c0e86ce5701b47263e7bbfb5945f20db80efdccc7373428b45fd10dba3a709f
9d25b11dbd5fd6288b437118f6e7c0f170fe8b475c1cfdc41af8ff78190332ab
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a06771058ba3a1d053d0d1a37aabecf454414fc274507ad9f49348390e6bd87b
a0795632016f69453c85182bb7fc3cf6d0c776c620b1b99f9710033171820293
a0c3f2e5825816bcac42e686f0c3aa76e1aa566f71a437d8768702d4a3a45875
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a17c8349de38ba508b42d307c4ce6e66b70b8dfb617c61831df8bae85e4d0420
a42f2ec73409f2753ef17d737714c86303fa45fc3a3d484a9b0c8ed28ef0fd6b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a95a97e578d4cd9b4798e1db832bf4c8800cfd5c5693c1377464903aca85f15f
aad918e70fbc0a100a446924f594ee20dec7fdffd5aff126172b8fcfa5d4a40c
ac2ffd30d773ba387806848181aa66fddcaceec404f090c696c6da4011c20965
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af1b31951e61b0065b656029358c16e900be866e22a08573109b7687708750d1
af690ae6affa753d44d5ddcb7e024b7ae988c28dc6a10b8bcb250bc35842df22
af9c43c4245a11083fd6ccb171f10a182613de3fee9031c51ab8648968e73972
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
aff2992741df89d656a471b587d577314875970c5fa5882a243557343d6b40ef
b02922261555aa2bd56acd76d47e25c2a4c6e290b2646e741e73262de3d81b07
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b16dba310a91d49b790fd7c6d99895faf66efe05aae9815589a02006f30b50a6
b1f5610a7fba0a600eb8351d2a283ac818c72b29ffff7c4cc2892c24aeb39645
b37848499137c91967a323dfb734c9f1d8d3d4b017ba886405f0ca4ae15f6635
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b74c5b6414abf63b8df414f93c90a037e37c8a6877d4ac165b75cd915bceaa6f
b886b0a2bca92fa6ddfa23737735e087bb5a0f49299a90ece18b1a2d199bfba2
b8e86743608a4ea40b139f26a858ec4a96c6592f1a27d81ab172a2c9ddbe5200
bb8f4cf2fb0edbc29d120b1d8b8edea3a03703fdbb1485ad94fb6b0063d67044
bfe67e924ac653a908db8fbf0a22d657ea0b46a6aad9ad00cc1b6e1d7bada88d
bffdecfcb89b4e0df53beea60d61adeff13cae71cbca25dceb74faf1f9ddd0a2
c16b5e0a7baf923398f1a497be1d4cd389abd3352b5e148eaa24354fb6a66a21
c35529095f6b1a1b2f9345e8d7e86532048ffbfdd082f03ed114be88865388df
c4e1d9d1502865bc43d7c3560c2c3e8ce18e4349e945700cf9615be2fe39b2e4
c4e39de12542590b5be053cdcf0ef6c0ab336ba1c66c6d344b27cc492a6688d5
c8bb6bcf03df743bff50abb1fa3deeae4910d4ed5b4168ec3a6722378acf7431
cbd9f14bb70584199ea4367d885c6670ea977c596c4dbfb66a6942b7b7d53e5d
ccb6a01c67dc986326b9cc6bbeee81e9a45d29d36064b55096f39a8e16215fa4
ce98128d93751d0664a68fe128a34ac024d5f4fc21522a9f7527596b71cd24e6
d069648ddf49a606c25feca74c3732aaecbd5138ded045adc296b2444e9f9b69
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d118591eca7d386c165d0c746a16a250be028528bb261ae78377794249f10b58
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d198b2d4656349bbb6d80442b98bbdc0ad331b3632668426d6329e1e55cb6419
d2acda6f2d773c066151d9118f114ea085318aa6b9cda9ec289cdfba710d281b
d398520ac47945ab429cf02b444202f4db1cf7fee5b5335cf98fb009ce56ab8e
d400cf4d7e7083c3553804f6a44149014292d457650f1d2bef299f6f9bbb07b3
d477d1c8b478b0668d6378b66c6d5226c5fbb2f695304288d6c3e70ab2cb70fd
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d6bac329445a4ebd4eeb02db7a741cee116b07414b85674ac6ae6bea0437ff50
d72613170046f11a9068a8a58bfe1b8741d7726adb0307c4511f47191fe12c15
d7effa4abb1004ac11058d1fc73b1ebb9cbf993bc96dd96be50ba81ba895bd69
d96c6bc1c7e76ac25c2272dace2b412f31a392583bf8f634bf5cce48d0b71d3c
da58adb064d7684b1a22c7f1a37b9d16fa291a674a0801fbb918aa6bba24a65a
dc8a48b98748c347c065626b07152cd74a389e5cc02c3798636cdc367da5f223
e15a095adc9899b592ceccdd4885a3be3674a6bf6ec4be762566360424deb1f3
e2f126a8957c32db99e94d1bf7c9ed09fcd38ba99bd632ebd048f01f9c5f9c9b
e2f8b6ac53c76f5ab9aef84fe4cff95ea6d18baab5ffdd847c55fe57bb90541a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a37ceca755265b121a604484e994dabd38d5061fbf524b7fbff789e7ae5423
e52ad60cf8269c44381d5e0833e69b9b8f3b9f9346b7066b1dc5a52b390feedc
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e657199383deee88220875199a44b8e6c97e0aeb09ef88afd75782a3fd914e08
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
e8ea46ab2d6105379234115b9cf9a695b9fd85824524b95c43b46f83c8058dbe
ead4403643b1b670a82a28523e3b091e3b4d66543507b5b12607c19a045458ea
ec34cd386427fe6deacf99f4fdbeea4b1d1ed25f505411650d7ceaa843a7fc63
ed1d262cf5adb6385127f0fd555b2bacf4712fbd627489a62c81ea2d9eed1b75
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef497a3cfc62c3bad692dcb17692eaca96e4d9b9e438f288b6613327d1bc0e1c
f1f3a4ddee0d6d4cbe4e98d95684a7b61562747ee8009c0996a1a09dd0e5c110
f3350463bb90e56d773a683fc42347b1540bc3f14fdc27ae371e742f27b1c763
f3c06cf6c6f3f942af77d5576d2dc7e73c9759f8903685adb0f11ef347b621f2
f554d2f09272c6f71447ebfe4532d3b1dd1959bce669f9a5ccc99e64ef511729
f5b97e17077cff8fe3c8471d37ca02b9490aa7393a3505481c66e631f4082c96
f86391f8f5e12c3838b2bb51d1910da2a1a2aa975e44bfc3e189dc8bccdc0549
f9557761cc64eb87792e327000ad323a82f4e67817d827b9905e43676665acaa
faf5e994ddbada86a873b5d14c1bc0f449a097e61e6fbe0c04e0691b70ec5644
fbe1583d8642d89d0c349b00c0125e485dd55976282165a6b5f2d29ea9d44549
fed0923bd1965b88eab76311c0c4b87958be5801b53e58c33ddf448e22e3c88c
ff483cf8394f0ec60e70b371399ace7a252839af83b6e26a1cf1b1157af72924
ffeb7e8a3408c4a76177afaeb19faa9846b03f8b2beb420e26c4414a29dbb578
fffa14e9a3c576087a9202af54e8f11669f29c37617df0c6f728ca24d95f60bc