zi.media Open in urlscan Pro
35.194.179.75 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://zi.media/
Effective URL:
https://zi.media/
Submission Tags: tranco_l324
Submission: On November 12 via api (November 12th 2021, 4:20:35 am UTC) from DE — Scanned from DE

Summary HTTP 164 Redirects Links 42 Behaviour Indicators

Summary

This website contacted 55 IPs in 7 countries across 33 domains to perform 164 HTTP transactions. The main IP is 35.194.179.75, located in Taipei, Taiwan and belongs to GOOGLE-PRIVATE-CLOUD, US. The main domain is zi.media.
TLS certificate: Issued by Gandi Standard SSL CA 2 on July 16th 2021. Valid for: a year.

This is the only time zi.media was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 23	35.194.179.75 35.194.179.75	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
5	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2620:1ec:bdf::44 2620:1ec:bdf::44	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	142.250.186.104 142.250.186.104	15169 (GOOGLE) (GOOGLE)
1 3	13.32.99.105 13.32.99.105	16509 (AMAZON-02) (AMAZON-02)
1	18.66.97.50 18.66.97.50	16509 (AMAZON-02) (AMAZON-02)
1	18.66.112.116 18.66.112.116	16509 (AMAZON-02) (AMAZON-02)
1	54.187.141.46 54.187.141.46	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700:303... 2606:4700:3036::6815:1c52	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.244.138.40 35.244.138.40	15169 (GOOGLE) (GOOGLE)
9	104.199.207.196 104.199.207.196	15169 (GOOGLE) (GOOGLE)
1	2.16.186.234 2.16.186.234	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	88.221.77.233 88.221.77.233	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::6816:4b44	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 12	34.96.119.68 34.96.119.68	15169 (GOOGLE) (GOOGLE)
5 5	172.104.105.5 172.104.105.5	63949 (LINODE-AP...) (LINODE-AP Linode)
3	13.75.71.72 13.75.71.72	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	35.186.245.165 35.186.245.165	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
3	207.46.146.168 207.46.146.168	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
2	3.37.73.208 3.37.73.208	16509 (AMAZON-02) (AMAZON-02)
6	61.31.170.144 61.31.170.144	9924 (TFN-TW Ta...) (TFN-TW Taiwan Fixed Network)
1	137.116.169.173 137.116.169.173	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	52.68.202.81 52.68.202.81	16509 (AMAZON-02) (AMAZON-02)
4 4	18.182.160.59 18.182.160.59	16509 (AMAZON-02) (AMAZON-02)
2	116.50.36.71 116.50.36.71	18046 (DONGFONG-...) (DONGFONG-TW DongFong Technology Co. Ltd.)
2 2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2 3	203.75.214.136 203.75.214.136	3462 (HINET Dat...) (HINET Data Communication Business Group)
1	3.124.210.90 3.124.210.90	16509 (AMAZON-02) (AMAZON-02)
5	2600:9000:223... 2600:9000:223d:2000:15:a9a7:4a80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	104.199.210.210 104.199.210.210	15169 (GOOGLE) (GOOGLE)
1	3.36.41.122 3.36.41.122	16509 (AMAZON-02) (AMAZON-02)
1 2	211.249.220.158 211.249.220.158	9457 (DREAMX-AS...) (DREAMX-AS DREAMLINE CO.)
2 2	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	3.38.79.221 3.38.79.221	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c07::9b	15169 (GOOGLE) (GOOGLE)
2	104.199.245.202 104.199.245.202	15169 (GOOGLE) (GOOGLE)
2	35.194.212.25 35.194.212.25	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
1 3	142.250.186.70 142.250.186.70	15169 (GOOGLE) (GOOGLE)
1	104.199.250.75 104.199.250.75	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
9	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	34.96.103.78 34.96.103.78	15169 (GOOGLE) (GOOGLE)
1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2	142.250.186.129 142.250.186.129	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::ac43:1ffa	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	142.250.185.97 142.250.185.97	15169 (GOOGLE) (GOOGLE)
3	142.250.185.67 142.250.185.67	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
164	55

23 35.194.179.75 (Taipei, Taiwan) 1 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: 75.179.194.35.bc.googleusercontent.com

zi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::44 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

a.breaktime.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.104 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.99.105 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-105.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.50 (United States)

ASN16509 (AMAZON-02, US)

certify-js.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.116 (United States)

ASN16509 (AMAZON-02, US)

certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.187.141.46 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-187-141-46.us-west-2.compute.amazonaws.com

redirect.prod.experiment.routing.cloudfront.aws.a2z.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3036::6815:1c52 (United States)

ASN13335 (CLOUDFLARENET, US)

power.adhacker.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.138.40 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 40.138.244.35.bc.googleusercontent.com

alliance.breaktime.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.199.207.196 (Taipei, Taiwan)

ASN15169 (GOOGLE, US)
PTR: 196.207.199.104.bc.googleusercontent.com

s.zimedia.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.186.234 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-234.deploy.static.akamaitechnologies.com

pic.pimg.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f98.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.221.77.233 (Munich, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-77-233.deploy.static.akamaitechnologies.com

static.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:4b44 (United States)

ASN13335 (CLOUDFLARENET, US)

api.pvmax.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 34.96.119.68 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 68.119.96.34.bc.googleusercontent.com

apn.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adx.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.104.105.5 (Tokyo, Japan) 5 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1715-5.members.linode.com

gocm.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.75.71.72 (Central, Hong Kong)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

powerads.breaktime.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.245.165 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 165.245.186.35.bc.googleusercontent.com

pvmax.tenmax.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 207.46.146.168 (Central, Hong Kong)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

catalyst.breaktime.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.37.73.208 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-37-73-208.ap-northeast-2.compute.amazonaws.com

api.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 61.31.170.144 (New Taipei, Taiwan)

ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW)
PTR: 61-31-170-144.static.tfn.net.tw

data.breaktime.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 137.116.169.173 (Central, Hong Kong)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

article.adhacker.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.68.202.81 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-68-202-81.ap-northeast-1.compute.amazonaws.com

cdn.lndata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.lndata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.182.160.59 (Tokyo, Japan) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-182-160-59.ap-northeast-1.compute.amazonaws.com

v.lndata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 116.50.36.71 (Taiwan)

ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW)

cm.lndata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 203.75.214.136 (Taipei, Taiwan) 2 redirects

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.hinet-ip.hinet.net

t.ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.210.90 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:223d:2000:15:a9a7:4a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

man.vm5apis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.199.210.210 (Taipei, Taiwan)

ASN15169 (GOOGLE, US)
PTR: 210.210.199.104.bc.googleusercontent.com

vawpro.vm5apis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.36.41.122 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-36-41-122.ap-northeast-2.compute.amazonaws.com

r-log.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 211.249.220.158 (Korea, Republic Of) 1 redirects

ASN9457 (DREAMX-AS DREAMLINE CO., KR)

analytics.ad.daum.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
act.ds.kakao.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.38.79.221 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-38-79-221.ap-northeast-2.compute.amazonaws.com

adx.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.199.245.202 (Taipei, Taiwan)

ASN15169 (GOOGLE, US)
PTR: 202.245.199.104.bc.googleusercontent.com

match-hubble-man.vm5apis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.194.212.25 (Taipei, Taiwan)

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: 25.212.194.35.bc.googleusercontent.com

pt0.vm5apis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.70 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net

11009166.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.199.250.75 (Taipei, Taiwan)

ASN15169 (GOOGLE, US)
PTR: 75.250.199.104.bc.googleusercontent.com

iptoweather.vm5apis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.103.78 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 78.103.96.34.bc.googleusercontent.com

campaign.breaktime.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f1.1e100.net

b1b3f6f8e4c091b94227e3c5ae7a5d28.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:1ffa (United States)

ASN13335 (CLOUDFLARENET, US)

images.zi.org.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.185.97 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.67 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	zi.media 1 redirects zi.media	233 KB
17	appier.net 9 redirects apn.c.appier.net gocm.c.appier.net adx.c.appier.net	7 KB
16	doubleclick.net 4 redirects googleads.g.doubleclick.net cm.g.doubleclick.net stats.g.doubleclick.net 11009166.fls.doubleclick.net securepubads.g.doubleclick.net	181 KB
16	breaktime.com.tw a.breaktime.com.tw alliance.breaktime.com.tw powerads.breaktime.com.tw dc.breaktime.com.tw Failed catalyst.breaktime.com.tw data.breaktime.com.tw campaign.breaktime.com.tw	65 KB
13	googlesyndication.com pagead2.googlesyndication.com b1b3f6f8e4c091b94227e3c5ae7a5d28.safeframe.googlesyndication.com tpc.googlesyndication.com	115 KB
12	vm5apis.com man.vm5apis.com vawpro.vm5apis.com match-hubble-man.vm5apis.com pt0.vm5apis.com iptoweather.vm5apis.com	32 KB
9	zimedia.com.tw s.zimedia.com.tw	299 KB
8	lndata.com 4 redirects cdn.lndata.com v.lndata.com cm.lndata.com s.lndata.com	17 KB
6	google.com 1 redirects www.google.com adservice.google.com	2 KB
6	facebook.com www.facebook.com	585 B
5	ampproject.org cdn.ampproject.org	103 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	45 KB
5	dable.io static.dable.io api.dable.io r-log.dable.io adx.dable.io	35 KB
5	adhacker.online power.adhacker.online article.adhacker.online	24 KB
5	googletagmanager.com www.googletagmanager.com	247 KB
5	googleapis.com fonts.googleapis.com	4 KB
3	hinet.net 2 redirects t.ssp.hinet.net	639 B
3	google.de www.google.de adservice.google.de	1 KB
3	facebook.net connect.facebook.net	200 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
2	adsrvr.org 2 redirects match.adsrvr.org	932 B
2	tenmax.io pvmax.tenmax.io	421 B
2	googletagservices.com www.googletagservices.com	63 KB
2	googleadservices.com www.googleadservices.com	16 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	alexametrics.com certify-js.alexametrics.com certify.alexametrics.com	3 KB
1	zi.org.tw images.zi.org.tw	11 KB
1	kakao.com act.ds.kakao.com	493 B
1	daum.net 1 redirects analytics.ad.daum.net	571 B
1	eyeota.net ps.eyeota.net	344 B
1	pvmax.net api.pvmax.net	25 KB
1	pimg.tw pic.pimg.tw	400 KB
1	a2z.com redirect.prod.experiment.routing.cloudfront.aws.a2z.com	48 B
164	33

	Domain	Requested by
23	zi.media	1 redirects zi.media
9	tpc.googlesyndication.com	b1b3f6f8e4c091b94227e3c5ae7a5d28.safeframe.googlesyndication.com zi.media
9	s.zimedia.com.tw	zi.media
8	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net zi.media
8	adx.c.appier.net	zi.media apn.c.appier.net
6	data.breaktime.com.tw	power.adhacker.online
6	www.facebook.com	zi.media
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	man.vm5apis.com	power.adhacker.online man.vm5apis.com
5	gocm.c.appier.net	5 redirects
5	www.googletagmanager.com	zi.media man.vm5apis.com
5	fonts.googleapis.com	zi.media b1b3f6f8e4c091b94227e3c5ae7a5d28.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4	v.lndata.com	4 redirects
4	www.google.com	1 redirects zi.media b1b3f6f8e4c091b94227e3c5ae7a5d28.safeframe.googlesyndication.com
4	apn.c.appier.net	4 redirects
4	power.adhacker.online	a.breaktime.com.tw www.googletagmanager.com
3	www.gstatic.com	b1b3f6f8e4c091b94227e3c5ae7a5d28.safeframe.googlesyndication.com
3	11009166.fls.doubleclick.net	1 redirects www.googletagmanager.com zi.media
3	t.ssp.hinet.net	2 redirects zi.media
3	catalyst.breaktime.com.tw	a.breaktime.com.tw
3	powerads.breaktime.com.tw	power.adhacker.online
3	connect.facebook.net	zi.media connect.facebook.net
3	sb.scorecardresearch.com	1 redirects zi.media
2	fonts.gstatic.com	fonts.googleapis.com
2	b1b3f6f8e4c091b94227e3c5ae7a5d28.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.com	11009166.fls.doubleclick.net securepubads.g.doubleclick.net
2	pt0.vm5apis.com	man.vm5apis.com
2	match-hubble-man.vm5apis.com	vawpro.vm5apis.com
2	cm.g.doubleclick.net	2 redirects
2	vawpro.vm5apis.com	man.vm5apis.com
2	match.adsrvr.org	2 redirects
2	cm.lndata.com	zi.media
2	api.dable.io	static.dable.io
2	www.google.de	zi.media
2	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com
2	pvmax.tenmax.io	zi.media
2	www.googletagservices.com	www.googletagmanager.com b1b3f6f8e4c091b94227e3c5ae7a5d28.safeframe.googlesyndication.com
2	www.googleadservices.com	www.googletagmanager.com www.googleadservices.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	a.breaktime.com.tw	zi.media
2	pagead2.googlesyndication.com	zi.media
1	images.zi.org.tw	zi.media
1	adservice.google.de	securepubads.g.doubleclick.net
1	campaign.breaktime.com.tw	power.adhacker.online
1	iptoweather.vm5apis.com	man.vm5apis.com
1	s.lndata.com	zi.media
1	stats.g.doubleclick.net	www.google-analytics.com
1	adx.dable.io	zi.media
1	act.ds.kakao.com	zi.media
1	analytics.ad.daum.net	1 redirects
1	r-log.dable.io	static.dable.io
1	ps.eyeota.net	zi.media
1	cdn.lndata.com	zi.media
1	article.adhacker.online	a.breaktime.com.tw
1	api.pvmax.net	zi.media
1	static.dable.io	zi.media
1	pic.pimg.tw	zi.media
1	alliance.breaktime.com.tw	a.breaktime.com.tw
1	redirect.prod.experiment.routing.cloudfront.aws.a2z.com	zi.media
1	certify.alexametrics.com	zi.media
1	certify-js.alexametrics.com	zi.media
0	dc.breaktime.com.tw Failed	zi.media
164	62

This site contains links to these domains. Also see Links.

Domain
wreadit.com
j5903766.pixnet.net
unknown5050.blogspot.com
cutect1688.com
bonnielovelife.tw
themrray.com
www.coolplayers.com.tw
as660707.pixnet.net
www.h540305.idv.tw
www.saydigi.com
phoebelovly.com
bonnie00412.pixnet.net
aalice.co
alicecheng.com
twbear.cc
lotuslin.com
snyelena.com
screenpotatoes.com
nihaoiamhelen.com
sllifetrip.com
www.yplin.ml
imayday.co
partner.breaktime.com.tw

Subject Issuer	Validity	Valid
*.zi.media Gandi Standard SSL CA 2	`2021-07-16` - `2022-08-10`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.breaktime.com.tw Gandi Standard SSL CA 2	`2021-07-16` - `2022-08-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
certify-js.alexametrics.com Amazon	`2021-06-14` - `2022-07-13`	a year	crt.sh
certify.alexametrics.com Amazon	`2021-06-14` - `2022-07-13`	a year	crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com Amazon	`2021-10-13` - `2022-11-11`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-20` - `2022-07-19`	a year	crt.sh
s.zimedia.com.tw Gandi Standard SSL CA 2	`2021-07-16` - `2022-08-10`	a year	crt.sh
*.pimg.tw DigiCert SHA2 Secure Server CA	`2021-09-25` - `2022-09-27`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-08-21` - `2021-11-19`	3 months	crt.sh
static.dable.io R3	`2021-10-19` - `2022-01-17`	3 months	crt.sh
*.tenmax.io Gandi Standard SSL CA 2	`2020-01-30` - `2022-02-05`	2 years	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.dable.io Amazon	`2021-07-11` - `2022-08-09`	a year	crt.sh
*.c.appier.net R3	`2021-10-04` - `2022-01-02`	3 months	crt.sh
*.adhacker.online Gandi Standard SSL CA 2	`2021-07-16` - `2022-08-10`	a year	crt.sh
*.lndata.com GeoTrust RSA CA 2018	`2020-12-01` - `2022-01-01`	a year	crt.sh
man.vm5apis.com Amazon	`2021-02-09` - `2022-03-10`	a year	crt.sh
*.vm5apis.com Sectigo RSA Organization Validation Secure Server CA	`2020-11-26` - `2021-12-03`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://zi.media/
Frame ID: DC6114C6B7BF164CCAFC7D80D37A37C7
Requests: 120 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 2179651C9E6CC2C54098BB9CCFCEE85B
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 366A48800E8B14C2E391C97416C335CC
Requests: 1 HTTP requests in this frame

Frame: https://man.vm5apis.com/dist/persistentID.html
Frame ID: 9F19E63345EA2029BBC850FEEF48B756
Requests: 3 HTTP requests in this frame

Frame: https://11009166.fls.doubleclick.net/activityi;dc_pre=CJ2X67b8kfQCFWbsEQgdl4wA-Q;src=11009166;type=invmedia;cat=logge0;ord=1160235183279;gtm=2odba1;auiddc=1190483480.1636690815;u1=zi_media;u2=2021091301;u3=DOMContentLoaded;u4=%7B%22eventDetails%22%3A%7B%22landingSessionId%22%3A%22d7dc3a17-436f-11ec-88a3-d6f440686dbae334867d-cbf1-4b95-83b2-3116765756271636690817676%22%7D%7D;u5=false;ps=1;~oref=https%3A%2F%2Fzi.media%2F
Frame ID: 2D882F5EC88CF14FFAFAE90D768A64E3
Requests: 2 HTTP requests in this frame

Frame: https://b1b3f6f8e4c091b94227e3c5ae7a5d28.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7730EEE0725FFDDB57E6F30A743E3657
Requests: 1 HTTP requests in this frame

Frame: https://b1b3f6f8e4c091b94227e3c5ae7a5d28.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C1C0C737897B618B39EB841A0FB0A85E
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: E19F518B37A677748A082534D54D5249
Requests: 8 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs
Frame ID: 2DB99F107C31C65D2EC0E95E562B0C82
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211109/r20190131/zrt_lookup.html
Frame ID: 473C8991BC79A8E8AC83BD6104169E2B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Zi 字媒體

Page URL History Show full URLs

http://zi.media/ HTTP 301
https://zi.media/ Page URL

Page Statistics

164
Requests

91 %
HTTPS

31 %
IPv6

33
Domains

62
Subdomains

55
IPs

7
Countries

2142 kB
Transfer

5058 kB
Size

34
Cookies

42 Outgoing links

These are links going to different origins than the main page.

URL: https://wreadit.com/event/recruit
Title: 內容變現

Search URL Search Domain Scan URL

URL: http://j5903766.pixnet.net/blog/post/45494895-%E3%80%90%E7%94%9F%E6%B4%BB%E5%88%86%E4%BA%AB%E3%80%91%E6%96%B0%E7%AB%B9%E5%9C%A8%E5%9C%B012%E5%B9%B4%E7%B6%93%E7%87%9F%E7%9B%B4%E9%81%94%E5%92%96%E5%95%A1%EF%BC%8C%E6%8B%8B
Title: 【生活分享】新竹在地12年經營直達咖啡，拋開庸俗凡塵，願得一杯咖啡香。

Search URL Search Domain Scan URL

URL: http://j5903766.pixnet.net/blog
Title: 林甜蜜TAN MI LADY

Search URL Search Domain Scan URL

URL: https://unknown5050.blogspot.com/2016/04/hairy-amway.html
Title: 【人生】百貨手扶梯上的帥哥奇遇記 | 誰說真相只有一個

Search URL Search Domain Scan URL

URL: http://unknown5050.blogspot.com/
Title: 誰說真相只有一個

Search URL Search Domain Scan URL

URL: https://cutect1688.com/?p=450
Title: [台北美食]生活域所 I A Living Labb | 馬尼麻麻的生活日記

Search URL Search Domain Scan URL

URL: http://cutect1688.com/
Title: 馬尼麻麻的生活日記

Search URL Search Domain Scan URL

URL: https://bonnielovelife.tw/blog/post/well-come
Title: 用品｜居家健身好夥伴「好吉康」雙合金磁控飛輪車SB-318，磁控煞車安全無噪音，底盤附有大滾輪移動超方便 - Bonnie Love Life

Search URL Search Domain Scan URL

URL: https://bonnielovelife.tw/
Title: Bonnie Love Life

Search URL Search Domain Scan URL

URL: https://themrray.com/2018/12/talkskills
Title: 說話的技巧，學會交朋友，如何當一個會聊天的人 | Mr.Ray：創作、分享、交流

Search URL Search Domain Scan URL

URL: http://themrray.com/
Title: Mr.Ray:創作、分享、交流

Search URL Search Domain Scan URL

URL: http://www.coolplayers.com.tw/%e6%97%a5%e6%9c%ac%e5%92%8c%e7%89%9b%e9%96%8b%e6%94%be%e3%80%90%e5%bb%a3%e5%b3%b6%e7%b8%a3%e7%94%a2-a5-bms-10-%e9%a0%82%e7%b4%9a%e9%bb%91%e6%af%9b%e5%92%8c%e7%89%9b%e3%80%91%e5%b0%8f%e5%85%ad%e9%a3%9f/
Title: 日本和牛開放【廣島縣產 A5 BMS 10 頂級黑毛和牛】小六食堂就能吃到超級美味

Search URL Search Domain Scan URL

URL: http://www.coolplayers.com.tw/
Title: 麻吉小兔吃貨旅行團

Search URL Search Domain Scan URL

URL: https://as660707.pixnet.net/blog/post/461038994-taichung
Title: [台中后里景點] 泰安落羽松 & 泰安鐵道文化園區 & 如光山寺落羽松林

Search URL Search Domain Scan URL

URL: http://as660707.pixnet.net/
Title: 小玉兒趴趴走

Search URL Search Domain Scan URL

URL: http://www.h540305.idv.tw/index.php/2019/10/04/greedy-and-ignorant/
Title: 念到心中只有阿彌陀佛，除阿彌陀佛之外什麼都沒有，「能所頓空，即是無住」。 | WordPress 站長愛練功.有架無累

Search URL Search Domain Scan URL

URL: http://www.h540305.idv.tw/
Title: 洪金水

Search URL Search Domain Scan URL

URL: https://www.saydigi.com/2017/11/google-classroom-google-maps-43.html
Title: [Google小教室]如何設定 Google 地圖語言

Search URL Search Domain Scan URL

URL: https://www.saydigi.com/
Title: SayDigi

Search URL Search Domain Scan URL

URL: https://phoebelovly.com/blog/post/%e2%95%91%e7%be%8e%e5%a6%9d%e2%95%91bronxcolors-%e9%80%8f%e8%96%84%e7%84%a1%e7%91%95%e7%b5%b2%e6%84%9f%e7%b2%89%e5%ba%95%e6%b6%b2%e9%80%a3%e6%8e%83
Title: ║美妝║BRONX COLORS ♥ 透薄無瑕絲感粉底液連掃 – PHOEBE'S BLOG

Search URL Search Domain Scan URL

URL: https://phoebelovly.com/
Title: ♥PHOEBE'S BLOG♥ 菲比

Search URL Search Domain Scan URL

URL: http://bonnie00412.pixnet.net/blog/post/185289573-%e3%80%90%e5%9e%83%e5%9c%be%e6%a1%b6%e3%80%91%e4%bb%80%e9%ba%bc%e6%98%af%e7%8d%a8%e7%ab%8b%ef%bc%9f
Title: 【垃圾桶】人生就是妥協？

Search URL Search Domain Scan URL

URL: http://bonnie00412.pixnet.net/blog
Title: 一葉落知天下秋

Search URL Search Domain Scan URL

URL: https://aalice.co/%e5%8c%97%e9%ab%98%e9%9b%84%e7%81%ab%e9%8d%8b%e6%8e%a8%e8%96%a6-2018%e6%b5%b7%e9%ae%ae%e7%81%ab%e9%8d%8b%e6%8e%a8%e8%96%a6
Title: 北高雄火鍋推薦 | 大魔王等級痛風蝦爆海鮮火鍋套餐,美牛和牛舞古賀鍋物專門店 | 低頭族的異想世界

Search URL Search Domain Scan URL

URL: http://alicecheng.com/
Title: 低頭族的異想世界

Search URL Search Domain Scan URL

URL: https://twbear.cc/blog/post/tenda-ac18tw2wanloadblance
Title: [搶先上市前開箱實測]需要2 WAN網路備援不斷線嗎? TENDA AC18台灣特仕版特地為你而生！(含雙網備援實測) - 台灣熊部落格

Search URL Search Domain Scan URL

URL: http://twbear.cc/
Title: 台灣熊的部落格

Search URL Search Domain Scan URL

URL: https://lotuslin.com/blog/post/igiftxmas
Title: 禮物｜愛禮物充滿耶誕氣氛的禮物清單聖誕節交換禮物idea 聖誕節禮物推薦！ - 奇奇一起玩樂趣

Search URL Search Domain Scan URL

URL: http://lotuslin.com/
Title: ❤奇奇一起玩樂趣❤

Search URL Search Domain Scan URL

URL: http://snyelena.com/22176/
Title: 【客製化手機殼】Glitz 集思有溫度客製化商品~把寶貝的畫作或是寵物印在手機殼上隨身帶著走!!!

Search URL Search Domain Scan URL

URL: http://snyelena.com/
Title: 哪哪麻

Search URL Search Domain Scan URL

URL: https://screenpotatoes.com/2019/12/04/%E3%80%90%E7%BE%8E%E5%8A%87%EF%BD%9C%E8%A7%80%E5%BE%8C%E6%84%9F%E3%80%91%E5%88%A5%E4%BA%BA%E7%9C%BC%E4%B8%AD%E7%9A%84%E6%88%91%E5%80%91when-they-see-us%EF%BD%9C%E7%AC%AC%E4%BA%8C%E9%9B%86/
Title: 【美劇｜觀後感】別人眼中的我們(When they see us)｜第二集 - 你的Netflix觀影筆記本🎬

Search URL Search Domain Scan URL

URL: http://screenpotatoes.com/
Title: Screen potatoes

Search URL Search Domain Scan URL

URL: https://nihaoiamhelen.com/2017/12/25/%E5%8F%B0%E5%8C%97%E7%BE%8E%E9%A3%9F%E6%88%91%E5%9C%A8%E3%80%8C%E4%BD%A0%E5%BE%8C%E9%9D%A2%E3%80%8D%E5%96%9D%E5%92%96%E5%95%A1/
Title: [台北｜美食]我在「你後面」喝咖啡 - Ni Hao! I am Helen!

Search URL Search Domain Scan URL

URL: http://nihaoiamhelen.com/
Title: Ni Hao!I am Helen!

Search URL Search Domain Scan URL

URL: https://sllifetrip.com/lake-tekapo-lupinus/
Title: 紐西蘭 | 蒂卡波湖 Lake Tekapo | 落在人間天堂中的魯冰花 Lupinus - SL's Life Trip 走跳人生

Search URL Search Domain Scan URL

URL: http://sllifetrip.com/
Title: SL's Life Trip 走跳人生

Search URL Search Domain Scan URL

URL: http://www.yplin.ml/2019/03/05/%E4%B8%8D%E8%AB%96%E4%BD%A0%E4%BF%A1%E4%B8%8D%E4%BF%A1%E5%91%BD%E7%90%86-%EF%BC%8C%E8%AB%87%EF%BC%88%E8%95%AD%E6%95%AC%E9%A8%B0%EF%BC%89/
Title: 不論你信不信命理，談（蕭敬騰） – 台灣網站位於美國西岸

Search URL Search Domain Scan URL

URL: http://www.yplin.ml/
Title: yplin site

Search URL Search Domain Scan URL

URL: https://imayday.co/moneyboxvideo/
Title: 影音作品：Moneybox 錢櫃組合屋 & 台東最美民宿組合屋，早點睡民宿 - 空拍剪輯

Search URL Search Domain Scan URL

URL: http://imayday.co/
Title: Mayday麥帶先生

Search URL Search Domain Scan URL

URL: https://partner.breaktime.com.tw/
Title: 加入字媒體計畫

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://zi.media/ HTTP 301
https://zi.media/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://sb.scorecardresearch.com/b?c1=2&c2=25796225&ns__t=1636690814697&ns_c=UTF-8&cv=3.5&c8=Zi%20%E5%AD%97%E5%AA%92%E9%AB%94&c7=https%3A%2F%2Fzi.media%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=25796225&ns__t=1636690814697&ns_c=UTF-8&cv=3.5&c8=Zi%20%E5%AD%97%E5%AA%92%E9%AB%94&c7=https%3A%2F%2Fzi.media%2F&c9=

Request Chain 43

https://apn.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js?haid=WhWe9301&hzids=WhI6WFOp,WhI6H9Op,WhI6HzOp,WhI6HIOp,WhI6HFOp,WhI6m9Op,WhI6mzOp,WhITW9Op,WhITWzOp,WhITWIOp HTTP 307
https://gocm.c.appier.net/apnnet?haid=WhWe9301&hzids=WhI6WFOp%2CWhI6H9Op%2CWhI6HzOp%2CWhI6HIOp%2CWhI6HFOp%2CWhI6m9Op%2CWhI6mzOp%2CWhITW9Op%2CWhITWzOp%2CWhITWIOp&url=adx.c.appier.net%2Fpb%2F0wHT9JDiP3SORJx%2Fpb.js HTTP 302
https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js?acid=9Njo6KcKB7ea_ipWgOuNYQ&haid=WhWe9301&hzids=WhI6WFOp,WhI6H9Op,WhI6HzOp,WhI6HIOp,WhI6HFOp,WhI6m9Op,WhI6mzOp,WhITW9Op,WhITWzOp,WhITWIOp

Request Chain 44

https://apn.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js?haid=WhWe9301&hzids=WhITWFOp,WhITH9Op,WhITHzOp,WhITHIOp,WhITHFOp,WhITm9Op,WhITmzOp,WhCFW9Op,WhCFWzOp,WhCFWIOp HTTP 307
https://gocm.c.appier.net/apnnet?haid=WhWe9301&hzids=WhITWFOp%2CWhITH9Op%2CWhITHzOp%2CWhITHIOp%2CWhITHFOp%2CWhITm9Op%2CWhITmzOp%2CWhCFW9Op%2CWhCFWzOp%2CWhCFWIOp&url=adx.c.appier.net%2Fpb%2F0wHT9JDiP3SORJx%2Fpb.js HTTP 302
https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js?acid=FbPwsrhNAUmyi1iDgOuNYQ&haid=WhWe9301&hzids=WhITWFOp,WhITH9Op,WhITHzOp,WhITHIOp,WhITHFOp,WhITm9Op,WhITmzOp,WhCFW9Op,WhCFWzOp,WhCFWIOp

Request Chain 45

https://apn.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js?haid=WhWe9301&hzids=WhCFWFOp,WhCFH9Op,WhCFHzOp,WhCFHIOp,WhCFHFOp,WhCFm9Op,WhCFmzOp,WhCJW9Op,WhCJWzOp,WhCJWIOp HTTP 307
https://gocm.c.appier.net/apnnet?haid=WhWe9301&hzids=WhCFWFOp%2CWhCFH9Op%2CWhCFHzOp%2CWhCFHIOp%2CWhCFHFOp%2CWhCFm9Op%2CWhCFmzOp%2CWhCJW9Op%2CWhCJWzOp%2CWhCJWIOp&url=adx.c.appier.net%2Fpb%2F0wHT9JDiP3SORJx%2Fpb.js HTTP 302
https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js?acid=LVSmS3GjAteZEn0igOuNYQ&haid=WhWe9301&hzids=WhCFWFOp,WhCFH9Op,WhCFHzOp,WhCFHIOp,WhCFHFOp,WhCFm9Op,WhCFmzOp,WhCJW9Op,WhCJWzOp,WhCJWIOp

Request Chain 46

https://apn.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js?haid=WhWe9301&hzids=WhCJWFOp,WhCJH9Op,WhCJHzOp,WhCJHIOp,WhCJHFOp HTTP 307
https://gocm.c.appier.net/apnnet?haid=WhWe9301&hzids=WhCJWFOp%2CWhCJH9Op%2CWhCJHzOp%2CWhCJHIOp%2CWhCJHFOp&url=adx.c.appier.net%2Fpb%2F0wHT9JDiP3SORJx%2Fpb.js HTTP 302
https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js?acid=U_tYfCAmCfK7fHVZgOuNYQ&haid=WhWe9301&hzids=WhCJWFOp,WhCJH9Op,WhCJHzOp,WhCJHIOp,WhCJHFOp

Request Chain 62

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/834813731/?random=1436189990&cv=9&fst=1636690815460&num=1&value=1&currency_code=NTD&label=GgEXCMufwHUQo_6IjgM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgba1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fzi.media%2F&tiba=Zi%20%E5%AD%97%E5%AA%92%E9%AB%94&auid=1190483480.1636690815&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=f-uNYfOpINjYgAfm8JnADQ&sscte=1&crd=&eitems=ChAIgJuzjAYQj8zcnYbo57Y_Eh0A5hhaYxBlMykx9Ou5mYifUvE4Ruvqh8PMIsfKFA HTTP 302
https://www.google.com/pagead/1p-conversion/834813731/?random=1436189990&cv=9&fst=1636690815460&num=1&value=1&currency_code=NTD&label=GgEXCMufwHUQo_6IjgM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgba1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fzi.media%2F&tiba=Zi%20%E5%AD%97%E5%AA%92%E9%AB%94&auid=1190483480.1636690815&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=f-uNYfOpINjYgAfm8JnADQ&eitems=ChAIgJuzjAYQj8zcnYbo57Y_Eh0A5hhaY_CBfu9cCAqA3QP6iia5EMoqyLQl-r1ZqA&random=1934714445&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/834813731/?random=1436189990&cv=9&fst=1636690815460&num=1&value=1&currency_code=NTD&label=GgEXCMufwHUQo_6IjgM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgba1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fzi.media%2F&tiba=Zi%20%E5%AD%97%E5%AA%92%E9%AB%94&auid=1190483480.1636690815&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=f-uNYfOpINjYgAfm8JnADQ&eitems=ChAIgJuzjAYQj8zcnYbo57Y_Eh0A5hhaY_CBfu9cCAqA3QP6iia5EMoqyLQl-r1ZqA&random=1934714445&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Request Chain 83

https://v.lndata.com/i/a80469,b1452937,c4087,i0,m202,h HTTP 302
https://gocm.c.appier.net/lndata?cid=2111121220181882992&sid=1220181543914 HTTP 302
https://cm.lndata.com/?tid=4087&uid=QjkN7PoJEDVdEvpdkd0gHUHqCVfn3t6VsNY1EA5F9e0=

Request Chain 84

https://v.lndata.com/i/a80469,b1452936,c4007,i0,m202,h HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_puid=2111121220181619665&ttd_pid=77dj1uh&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_puid=2111121220181619665&ttd_pid=77dj1uh&ttd_tpi=1 HTTP 302
https://cm.lndata.com/?tid=4007&uid=aff64a97-b28e-4207-90da-2ffc1a843e71&ttd_puid=2111121220181619665

Request Chain 85

https://v.lndata.com/i/a80469,b1452938,c4137,i0,m202,h HTTP 302
https://t.ssp.hinet.net/cm?c=035221&cid=2111121220181535686 HTTP 302
https://t.ssp.hinet.net/?next=https%3A%2F%2Ft.ssp.hinet.net%2Fcm%3Fc%3D035221%26cid%3D2111121220181535686%26flag%3D1 HTTP 302
https://t.ssp.hinet.net/cm?c=035221&cid=2111121220181535686&flag=1

Request Chain 86

https://v.lndata.com/i/a80469,b1452939,c4138,i0,m202,h HTTP 302
https://ps.eyeota.net/pixel?pid=673b2cv&t=ajs&uid=2111121220181787412

Request Chain 96

https://analytics.ad.daum.net/match?d=111&uid=33485067.1636690817685 HTTP 307
https://act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220211112%22,%22u%22:%2233485067.1636690817685%22%7D%7D

Request Chain 97

https://cm.g.doubleclick.net/pixel?google_nid=dable&google_cm HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dable&google_cm=&google_tc= HTTP 302
https://adx.dable.io/pixel/google?google_gid=CAESELV-6t-UUF6S2vPcN2ZIL2o&google_cver=1

Request Chain 110

https://11009166.fls.doubleclick.net/activityi;src=11009166;type=invmedia;cat=logge0;ord=1160235183279;gtm=2odba1;auiddc=1190483480.1636690815;u1=zi_media;u2=2021091301;u3=DOMContentLoaded;u4=%7B%22eventDetails%22%3A%7B%22landingSessionId%22%3A%22d7dc3a17-436f-11ec-88a3-d6f440686dbae334867d-cbf1-4b95-83b2-3116765756271636690817676%22%7D%7D;u5=false;ps=1;~oref=https%3A%2F%2Fzi.media%2F HTTP 302
https://11009166.fls.doubleclick.net/activityi;dc_pre=CJ2X67b8kfQCFWbsEQgdl4wA-Q;src=11009166;type=invmedia;cat=logge0;ord=1160235183279;gtm=2odba1;auiddc=1190483480.1636690815;u1=zi_media;u2=2021091301;u3=DOMContentLoaded;u4=%7B%22eventDetails%22%3A%7B%22landingSessionId%22%3A%22d7dc3a17-436f-11ec-88a3-d6f440686dbae334867d-cbf1-4b95-83b2-3116765756271636690817676%22%7D%7D;u5=false;ps=1;~oref=https%3A%2F%2Fzi.media%2F

164 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
zi.media/
Redirect Chain

http://zi.media/
https://zi.media/

138 KB
29 KB

1153ms
624ms

Document
text/html

35.194.179.75
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://zi.media/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.194.179.75 Taipei, Taiwan, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 75.179.194.35.bc.googleusercontent.com
Software: nginx/1.13.7 /
Resource Hash: 8b51b917a9f41e7350e60d82cb68ff43e8f36313acc3ff56bb9d06471ee87192

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx/1.13.7
date: Fri, 12 Nov 2021 04:20:13 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
content-encoding: gzip
x-backend: zimedia_app
x-ua-device: pc
x-user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
cache-control: max-age = 7200
x-varnish: 927754265
age: 0
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes

Redirect headers

Date: Fri, 12 Nov 2021 04:20:12 GMT
Server: Varnish
X-Varnish: 928574552
Location: https://zi.media/
Content-Length: 0
Connection: keep-alive

GET
H2 200 icon
fonts.googleapis.com/ 569 B
830 B 133ms
49ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: zi.media
URL: https://zi.media/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0c5e1da94a728c7a8cc4363b44d961c94459111d362eef8cf7895a9c6234d17c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 12 Nov 2021 04:20:14 GMT
server: ESF
date: Fri, 12 Nov 2021 04:20:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Nov 2021 04:20:14 GMT

GET
H2 200 index-v2.css
zi.media/css/ 153 KB
28 KB 263ms
263ms Stylesheet
text/css 35.194.179.75
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://zi.media/css/index-v2.css?id=4c159c87899d70ce0956
Requested by: Host: zi.media
URL: https://zi.media/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.194.179.75 Taipei, Taiwan, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 75.179.194.35.bc.googleusercontent.com
Software: nginx/1.13.7 /
Resource Hash: 9e1123ff4ab7e97e70425039b8addceceb3c5e24fed71b2dafc96f4c33466490

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:20:14 GMT
content-encoding: gzip
x-backend: zimedia_app
age: 1326
x-cache: HIT
x-ua-device
content-length: 28393
x-user-agent: Mozilla/5.0 (Linux; Android 7.0; HTC_A9u Build/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/93.0.4577.62 Mobile Safari/537.36
last-modified: Wed, 27 Jan 2021 03:03:43 GMT
server: nginx/1.13.7
etag: "6010d80f-26504"
vary: Accept-Encoding
x-varnish: 928574607 929857555
cache-control: max-age = 7200
accept-ranges: bytes
content-type: text/css
x-cache-hits: 204

GET
H2 200 icon-arrow-down.svg
zi.media/images/ 1 KB
1 KB 317ms
315ms Image
image/svg+xml 35.194.179.75
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zi.media/images/icon-arrow-down.svg
Requested by: Host: zi.media
URL: https://zi.media/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.194.179.75 Taipei, Taiwan, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 75.179.194.35.bc.googleusercontent.com
Software: nginx/1.13.7 /
Resource Hash: 07860ac8f7d4a807d627c95ab0289287ade2b8cde63a1b0f127dd16824f6379c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:20:14 GMT
content-encoding: gzip
x-backend: zimedia_app
age: 1451961
x-cache: HIT
x-ua-device
content-length: 619
x-user-agent: Mozilla/5.0 (Linux; Android 8.1.0; CPH1851) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Mobile Safari/537.36
last-modified: Mon, 08 Oct 2018 09:19:03 GMT
server: nginx/1.13.7
etag: "5bbb2107-457"
vary: Accept-Encoding
x-varnish: 929445781 662639216
cache-control: max-age = 2592000
accept-ranges: bytes
content-type: image/svg+xml
x-cache-hits: 699293

GET
H2 200 logo-white.svg
zi.media/images/ 5 KB
3 KB 317ms
315ms Image
image/svg+xml 35.194.179.75
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zi.media/images/logo-white.svg
Requested by: Host: zi.media
URL: https://zi.media/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.194.179.75 Taipei, Taiwan, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 75.179.194.35.bc.googleusercontent.com
Software: nginx/1.13.7 /
Resource Hash: ba6923cfc3ccf637c457aae8fcc156e9d1c5a5ec744717c10ea430f8798f81de

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:20:14 GMT
content-encoding: gzip
x-backend: zimedia_app
age: 1451948
x-cache: HIT
x-ua-device
content-length: 2374
x-user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
last-modified: Wed, 24 Oct 2018 03:11:09 GMT
server: nginx/1.13.7
etag: "5bcfe2cd-12e1"
vary: Accept-Encoding
x-varnish: 929696455 659314731
cache-control: max-age = 2592000
accept-ranges: bytes
content-type: image/svg+xml
x-cache-hits: 596596

GET
H2 200 nologin.js Show response
zi.media/pjs/modal/ 5 KB
2 KB 275ms
275ms Script
application/javascript 35.194.179.75
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://zi.media/pjs/modal/nologin.js?20210528v2
Requested by: Host: zi.media
URL: https://zi.media/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.194.179.75 Taipei, Taiwan, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 75.179.194.35.bc.googleusercontent.com
Software: nginx/1.13.7 /
Resource Hash: a56a8c253db654dd60385e77d12466dfc33f97e2b005d13db9898eccb5402ff3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
content-encoding: gzip
x-backend: zimedia_app
age: 0
date: Fri, 12 Nov 2021 04:20:14 GMT
vary: Accept-Encoding
x-cache: MISS
content-type: application/javascript
x-ua-device
cache-control: no-cache, private
x-varnish: 929445774
accept-ranges: bytes
server: nginx/1.13.7
x-cache-hits: 0

GET
H2 200 app.js Show response
zi.media/pjs/dom/ 2 KB
1 KB 322ms
322ms Script
application/javascript 35.194.179.75
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://zi.media/pjs/dom/app.js?20210528v2
Requested by: Host: zi.media
URL: https://zi.media/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.194.179.75 Taipei, Taiwan, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 75.179.194.35.bc.googleusercontent.com
Software: nginx/1.13.7 /
Resource Hash: 9908f9e3091e5c0d5157d3ded1e792dbbc040c2a44ce2c01a26c9c0b493dfe28

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
content-encoding: gzip
x-backend: zimedia_app
age: 0
date: Fri, 12 Nov 2021 04:20:14 GMT
vary: Accept-Encoding
x-cache: MISS
content-type: application/javascript
x-ua-device
cache-control: no-cache, private
x-varnish: 929768554
accept-ranges: bytes
server: nginx/1.13.7
x-cache-hits: 0

GET
H2 200 index.js Show response
zi.media/js/ 313 KB
107 KB 264ms
262ms Script
application/javascript 35.194.179.75
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://zi.media/js/index.js?20210528v2
Requested by: Host: zi.media
URL: https://zi.media/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.194.179.75 Taipei, Taiwan, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 75.179.194.35.bc.googleusercontent.com
Software: nginx/1.13.7 /
Resource Hash: 97a4fba2014ce7433a13445c2758ba9437dfefdf4b2cd8a070225a59cc8332ee

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:20:14 GMT
content-encoding: gzip
x-backend: zimedia_app
age: 350
x-cache: HIT
x-ua-device
content-length: 109199
x-user-agent: Mozilla/5.0 (Linux; Android 9; HTC U11 Build/PQ2A.190205.003; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/95.0.4638.74 Mobile Safari/537.36
last-modified: Wed, 30 Jun 2021 09:15:39 GMT
server: nginx/1.13.7
etag: "60dc363b-4e416"
vary: Accept-Encoding
x-varnish: 929696453 927954361
cache-control: max-age = 7200
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 57

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 7033ms
4799ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: zi.media
URL: https://zi.media/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

095443ceb179cd63f25348f7522ac6d3c6a78de58ca79cb0a1b9d531822801c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:20:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51434
x-xss-protection: 0
server: cafe
etag: 13029728936667385211
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 12 Nov 2021 04:20:16 GMT

GET
H2 200 au.js Show response
a.breaktime.com.tw/js/ 121 KB
31 KB 343ms
17ms Script
text/javascript 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.breaktime.com.tw/js/au.js?spj=zi
Requested by: Host: zi.media
URL: https://zi.media/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 230652178330f5e462a1ab5c01b64f5dc8be8cbdf9f6693ba7e067ab78e32649

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
x-ms-meta-nick: test
content-encoding: br
etag: 0x8D9993492EB8DA3
x-azure-ref-originshield: 0GeuNYQAAAAAPiHkJpYbdTKR8OtOciQ34QU1TMDRFREdFMTgwOAA4YWFkZGQ1OS0zZWJjLTQyNzEtYWQxMS0wZDMwM2ViNGJjZjQ=
content-md5: UPP5Z39+HprFjgGX7xabhQ==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Wed, 27 Oct 2021 10:28:53 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
date: Fri, 12 Nov 2021 04:20:14 GMT
x-azure-ref: 0fuuNYQAAAAAfEAWinLHqRb9AewdUNteARlJBRURHRTEwMTgAOGFhZGRkNTktM2ViYy00MjcxLWFkMTEtMGQzMDNlYjRiY2Y0
content-type: text/javascript
x-ms-request-id: 81374fe3-001e-002c-387c-d70f76000000
cache-control: public, max-age=300
x-ms-version: 2009-09-19

GET
H2 200 au.js Show response
a.breaktime.com.tw/js/ 121 KB
31 KB 336ms
10ms Script
text/javascript 2620:1ec:bdf::44
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.breaktime.com.tw/js/au.js?spj=YUZ7T18
Requested by: Host: zi.media
URL: https://zi.media/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:bdf::44 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 230652178330f5e462a1ab5c01b64f5dc8be8cbdf9f6693ba7e067ab78e32649

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
x-ms-meta-nick: test
content-encoding: br
etag: 0x8D9993492EB8DA3
x-azure-ref-originshield: 0GeuNYQAAAAAPiHkJpYbdTKR8OtOciQ34QU1TMDRFREdFMTgwOAA4YWFkZGQ1OS0zZWJjLTQyNzEtYWQxMS0wZDMwM2ViNGJjZjQ=
content-md5: UPP5Z39+HprFjgGX7xabhQ==
x-cache: TCP_HIT
x-ms-lease-status: unlocked
last-modified: Wed, 27 Oct 2021 10:28:53 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
date: Fri, 12 Nov 2021 04:20:14 GMT
x-azure-ref: 0fuuNYQAAAACsrUJOlS+YRqBElPp8VTIsRlJBRURHRTEwMTgAOGFhZGRkNTktM2ViYy00MjcxLWFkMTEtMGQzMDNlYjRiY2Y0
content-type: text/javascript
x-ms-request-id: 81374fe3-001e-002c-387c-d70f76000000
cache-control: public, max-age=300
x-ms-version: 2009-09-19

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 272 KB
71 KB 449ms
61ms Script
application/javascript 142.250.186.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M3M938L&gtm_auth=BEecxVYPdzyOi95C8hc5uA&gtm_preview=env-166&gtm_cookies_win=x

Requested by

Host: zi.media
URL: https://zi.media/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

c4a7f7626458e91db9703050660ada7c583fb8459e649d13aa0e5bbbb8ee19cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:20:14 GMT
content-encoding: br
vary: *
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72134
x-xss-protection: 0
pragma: no-cache
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 45ms
11ms Script
application/javascript 13.32.99.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: zi.media
URL: https://zi.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-105.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 03:51:40 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 2525
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: PtfZEKs17GXVqL019dTbnMLB2iQAKZlVwnpYkot3uzpI-YsghN-wLg==

GET
H/1.1 200
OK atrk.js Show response
certify-js.alexametrics.com/ 4 KB
2 KB 44ms
11ms Script
application/javascript 18.66.97.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://certify-js.alexametrics.com/atrk.js
Requested by: Host: zi.media
URL: https://zi.media/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 18:07:27 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
Server: AmazonS3
Age: 17143968
ETag: W/"d89453438fbf10dcf4c13265c40d5160"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 7ed0982309781d390a105a3ead66dbfb.cloudfront.net (CloudFront)
Cache-Control: max-age=26920000
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA56-P2
X-Amz-Cf-Id: SJxhVdr_sns6bg5JCBz2yCgYZxpz59vvwUuPoFS6UqYYF0BSATGqVg==

GET
H2 200 index-bgPath.svg
zi.media/images/ 3 KB
2 KB 308ms
308ms Image
image/svg+xml 35.194.179.75
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zi.media/images/index-bgPath.svg
Requested by: Host: zi.media
URL: https://zi.media/css/index-v2.css?id=4c159c87899d70ce0956
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.194.179.75 Taipei, Taiwan, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 75.179.194.35.bc.googleusercontent.com
Software: nginx/1.13.7 /
Resource Hash: 61118867a3cec289e2ae2f8849b6e8d9ce655add14ae3df076e8a782b8b92531

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/css/index-v2.css?id=4c159c87899d70ce0956
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:20:14 GMT
content-encoding: gzip
x-backend: zimedia_app
age: 1451914
x-cache: HIT
x-ua-device
content-length: 1643
x-user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148
last-modified: Wed, 24 Oct 2018 03:11:09 GMT
server: nginx/1.13.7
etag: "5bcfe2cd-b88"
vary: Accept-Encoding
x-varnish: 929768557 662126221
cache-control: max-age = 2592000
accept-ranges: bytes
content-type: image/svg+xml
x-cache-hits: 175085

GET
H2 200 user-v2.svg
zi.media/images/ 1 KB
924 B 308ms
307ms Image
image/svg+xml 35.194.179.75
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zi.media/images/user-v2.svg
Requested by: Host: zi.media
URL: https://zi.media/css/index-v2.css?id=4c159c87899d70ce0956
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.194.179.75 Taipei, Taiwan, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 75.179.194.35.bc.googleusercontent.com
Software: nginx/1.13.7 /
Resource Hash: f8f83b2d89f2887f3e03585cfce8c273099314fbf5b8d50a7672b3027758fffd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/css/index-v2.css?id=4c159c87899d70ce0956
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:20:14 GMT
content-encoding: gzip
x-backend: zimedia_app
age: 1451914
x-cache: HIT
x-ua-device
content-length: 529
x-user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 14_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148
last-modified: Wed, 24 Oct 2018 03:11:09 GMT
server: nginx/1.13.7
etag: "5bcfe2cd-443"
vary: Accept-Encoding
x-varnish: 929696457 662513786
cache-control: max-age = 2592000
accept-ranges: bytes
content-type: image/svg+xml
x-cache-hits: 174341

GET
H2 200 icon-fb.svg
zi.media/images/ 1 KB
1 KB 387ms
387ms Image
image/svg+xml 35.194.179.75
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zi.media/images/icon-fb.svg?20210528v2
Requested by: Host: zi.media
URL: https://zi.media/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.194.179.75 Taipei, Taiwan, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 75.179.194.35.bc.googleusercontent.com
Software: nginx/1.13.7 /
Resource Hash: 4e27f18f8bb12adbbfbe3a85f73f75bc9bc6dc3690dd8ffaebe3d3e6629c4ec9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:20:14 GMT
content-encoding: gzip
x-backend: zimedia_app
age: 1451948
x-cache: HIT
x-ua-device
content-length: 663
x-user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
last-modified: Mon, 08 Oct 2018 09:19:03 GMT
server: nginx/1.13.7
etag: "5bbb2107-481"
vary: Accept-Encoding
x-varnish: 929445783 662385659
cache-control: max-age = 2592000
accept-ranges: bytes
content-type: image/svg+xml
x-cache-hits: 574531

GET
H2 200 icon-line.png
zi.media/images/ 20 KB
21 KB 388ms
387ms Image
image/png 35.194.179.75
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zi.media/images/icon-line.png?20210528v2
Requested by: Host: zi.media
URL: https://zi.media/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.194.179.75 Taipei, Taiwan, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 75.179.194.35.bc.googleusercontent.com
Software: nginx/1.13.7 /
Resource Hash: 7f5c2822569d153d4e231df73b5b2fd91bf9336617fdab490b23887cc8e40995

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.81 Safari/537.36
etag: "5bbb2107-51bd"
last-modified: Mon, 08 Oct 2018 09:19:03 GMT
server: nginx/1.13.7
age: 1451945
date: Fri, 12 Nov 2021 04:20:14 GMT
x-cache: HIT
content-type: image/png
x-ua-device
cache-control: max-age = 2592000
x-varnish: 928930307 659314744
accept-ranges: bytes
x-backend: zimedia_app
content-length: 20925
x-cache-hits: 574320

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=25796225&ns__t=1636690814697&ns_c=UTF-8&cv=3.5&c8=Zi%20%E5%AD%97%E5%AA%92%E9%AB%94&c7=https%3A%2F%2Fzi.media%2F&c9=
https://sb.scorecardresearch.com/b2?c1=2&c2=25796225&ns__t=1636690814697&ns_c=UTF-8&cv=3.5&c8=Zi%20%E5%AD%97%E5%AA%92%E9%AB%94&c7=https%3A%2F%2Fzi.media%2F&c9=

64 B
331 B

10ms
9ms

Image
image/gif

13.32.99.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=25796225&ns__t=1636690814697&ns_c=UTF-8&cv=3.5&c8=Zi%20%E5%AD%97%E5%AA%92%E9%AB%94&c7=https%3A%2F%2Fzi.media%2F&c9=
Requested by: Host: zi.media
URL: https://zi.media/
Protocol: H2
Server: 13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-105.fra60.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:20:14 GMT
via: 1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: 310tF-GTXV5-RyHtwjd3b2UBSRyicdXJoXKL4BJSyYm06U7LQSyFzQ==

Redirect headers

date: Fri, 12 Nov 2021 04:20:14 GMT
via: 1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=25796225&ns__t=1636690814697&ns_c=UTF-8&cv=3.5&c8=Zi%20%E5%AD%97%E5%AA%92%E9%AB%94&c7=https%3A%2F%2Fzi.media%2F&c9=
content-length: 181
x-amz-cf-id: I-VFK4jBXpXdZqy9rW3eJ36RyoWD4YqkcJjRZP4q5JFUQS-z2CFXGQ==

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
551 B 35ms
7ms Image
image/gif 18.66.112.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Zi%20%E5%AD%97%E5%AA%92%E9%AB%94&time=1636690814698&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fzi.media%2F&random_number=12294393536&sess_cookie=9695566417d125fe6ea7a828243&sess_cookie_flag=1&user_cookie=9695566417d125fe6ea7a828243&user_cookie_flag=1&dynamic=true&domain=zi.media&account=Zh/Fp1IW1d10bm&jsv=20130128&user_lang=en-US
Requested by: Host: zi.media
URL: https://zi.media/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 12 Nov 2021 03:11:38 GMT
Via: 1.1 07a6f7d6fd9710cbcfc60fa67d44f04e.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 4116
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: FRA56-P5
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: vsu7icCraQQMfMWWa24ZLP83SOInNn7rdPBjDtr3JB8Wri0PfMTiUQ==

GET
H2 204 x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 0
48 B 540ms
169ms Image
text/plain 54.187.141.46
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by: Host: zi.media
URL: https://zi.media/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.141.46 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-187-141-46.us-west-2.compute.amazonaws.com
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:20:15 GMT
server: Server

GET
H2 200 18.svg
zi.media/images/ 14 KB
7 KB 266ms
266ms Image
image/svg+xml 35.194.179.75
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zi.media/images/18.svg?20210528v2
Requested by: Host: zi.media
URL: https://zi.media/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.194.179.75 Taipei, Taiwan, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 75.179.194.35.bc.googleusercontent.com
Software: nginx/1.13.7 /
Resource Hash: d2e80f9ff7276cf9bc2bfd9248b7550f8885290db418fe516ab7dccb968091b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:20:15 GMT
content-encoding: gzip
x-backend: zimedia_app
age: 1451945
x-cache: HIT
x-ua-device
content-length: 6353
x-user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.81 Safari/537.36
last-modified: Mon, 08 Oct 2018 09:19:03 GMT
server: nginx/1.13.7
etag: "5bbb2107-3821"
vary: Accept-Encoding
x-varnish: 924183809 661409719
cache-control: max-age = 2592000
accept-ranges: bytes
content-type: image/svg+xml
x-cache-hits: 578151

GET
H2 200 gl.js Show response
power.adhacker.online/general/ 47 KB
14 KB 43ms
14ms Script
application/javascript 2606:4700:3036::6815:1c52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://power.adhacker.online/general/gl.js?spj=YUZ7T18
Requested by: Host: a.breaktime.com.tw
URL: https://a.breaktime.com.tw/js/au.js?spj=zi
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1c52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25aff3a4b54bd174fe81fb7e421890b6523ab063aa1d45f53fbfc8e26b477926

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=zuyjyQ==, md5=87aaNnqmB8cStvUFeYoKew==
date: Fri, 12 Nov 2021 04:20:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4065
x-guploader-uploadid: ADPycduJVt8CK6m77quP_FmmoN0tAqyTzl4xrFs9Vodg4ObNspM0RyaziCwr0_cgUJ_OFzIxkUFQFg05JFWEodrmdNM
x-goog-storage-class: REGIONAL
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-goog-meta-
last-modified: Mon, 02 Aug 2021 01:10:47 GMT
server: cloudflare
etag: W/"f3b69a367aa607c712b6f505798a0a7b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BmAPb%2Feaq4Bi0FcpWBeW%2FSrMv0EL07Dfi7bLJLTXZyVQLWWjMiXnJL%2Fc2NTUGXnFgznBRfbHiWNfHI%2FVuVh9dQZny7W6ZuqIBn0M38mtIhq%2Fq0BcBwrTOqHfULdKI9rLPsGdF1nmrtkSCl4bjHtuPxtpn8g%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1627866647639755
access-control-allow-origin: *
content-type: application/javascript
access-control-expose-headers: Content-Type
cache-control: public, max-age=1800
x-goog-stored-content-length: 12929
cf-ray: 6accf77ad95c4dc4-FRA
expires: Fri, 12 Nov 2021 04:50:15 GMT

GET
H2 200 / Show response
alliance.breaktime.com.tw/api/check/service/YUZ7T18/zi.media/ 119 B
367 B 367ms
328ms Fetch
application/json 35.244.138.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://alliance.breaktime.com.tw/api/check/service/YUZ7T18/zi.media/

Requested by

Host: a.breaktime.com.tw
URL: https://a.breaktime.com.tw/js/au.js?spj=zi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.138.40 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

40.138.244.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

01e528d681a3d30cef73d5bd5d24d140e9115caf02a775985c6b4c03e2427bbe

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:20:15 GMT
via: 1.1 varnish (Varnish/5.0), 1.1 google
age: 0
x-cache: Miss
alt-svc: clear
content-length: 119
allow: GET, HEAD, OPTIONS
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept, Accept-Language, Cookie
content-language: zh-hant
x-varnish: 177717011
access-control-allow-origin: *
accept-ranges: bytes
content-type: application/json
x-cache-hits: 0

GET
H2 200 icon-arrow-left-white.svg
zi.media/images/ 1 KB
1 KB 273ms
272ms Image
image/svg+xml 35.194.179.75
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zi.media/images/icon-arrow-left-white.svg
Requested by: Host: zi.media
URL: https://zi.media/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.194.179.75 Taipei, Taiwan, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 75.179.194.35.bc.googleusercontent.com
Software: nginx/1.13.7 /
Resource Hash: 9c33f70b4cb7aafdfed064f3d8bdabbc6b3ed12cdf0eafdf3f39d3989c988736

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:20:15 GMT
content-encoding: gzip
x-backend: zimedia_app
age: 1451955
x-cache: HIT
x-ua-device
content-length: 620
x-user-agent: Mozilla/5.0 (Linux; Android 6.0.1; HTC_D825u Build/MMB29M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/91.0.4472.120 Mobile Safari/537.36
last-modified: Mon, 08 Oct 2018 09:19:03 GMT
server: nginx/1.13.7
etag: "5bbb2107-42b"
vary: Accept-Encoding
x-varnish: 929833644 660715136
cache-control: max-age = 2592000
accept-ranges: bytes
content-type: image/svg+xml
x-cache-hits: 166358

GET
H2 200 icon-arrow-right-white.svg
zi.media/images/ 1 KB
1 KB 273ms
273ms Image
image/svg+xml 35.194.179.75
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zi.media/images/icon-arrow-right-white.svg
Requested by: Host: zi.media
URL: https://zi.media/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.194.179.75 Taipei, Taiwan, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 75.179.194.35.bc.googleusercontent.com
Software: nginx/1.13.7 /
Resource Hash: 5c0923c4d6b655194aed99fe6b7f3f1f35c00286b0972704f52730c260316d8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:20:15 GMT
content-encoding: gzip
x-backend: zimedia_app
age: 1451955
x-cache: HIT
x-ua-device
content-length: 609
x-user-agent: Mozilla/5.0 (Linux; Android 6.0.1; HTC_D825u Build/MMB29M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/91.0.4472.120 Mobile Safari/537.36
last-modified: Mon, 08 Oct 2018 09:19:03 GMT
server: nginx/1.13.7
etag: "5bbb2107-42c"
vary: Accept-Encoding
x-varnish: 929768573 660103557
cache-control: max-age = 2592000
accept-ranges: bytes
content-type: image/svg+xml
x-cache-hits: 166007

GET
H2 200 zi-wf-logo.png
zi.media/images/ 3 KB
3 KB 271ms
271ms Image
image/png 35.194.179.75
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zi.media/images/zi-wf-logo.png
Requested by: Host: zi.media
URL: https://zi.media/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.194.179.75 Taipei, Taiwan, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 75.179.194.35.bc.googleusercontent.com
Software: nginx/1.13.7 /
Resource Hash: de7597dfbfc39bdba53be7ecebe52a9c8a859623e8d4fb47e4e2cc5869180c8f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 12_3_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.1.1 Mobile/15E148 Safari/604.1
etag: "5bcfe2cd-aa5"
last-modified: Wed, 24 Oct 2018 03:11:09 GMT
server: nginx/1.13.7
age: 1451967
date: Fri, 12 Nov 2021 04:20:15 GMT
x-cache: HIT
content-type: image/png
x-ua-device
cache-control: max-age = 2592000
x-varnish: 929833646 659314581
accept-ranges: bytes
x-backend: zimedia_app
content-length: 2725
x-cache-hits: 601171

GET
H2 200 icon-wf-search.svg
zi.media/images/ 25 KB
10 KB 272ms
271ms Image
image/svg+xml 35.194.179.75
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zi.media/images/icon-wf-search.svg
Requested by: Host: zi.media
URL: https://zi.media/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.194.179.75 Taipei, Taiwan, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 75.179.194.35.bc.googleusercontent.com
Software: nginx/1.13.7 /
Resource Hash: 46c18a182577a54bf76fd47d775f1f4bb034e9138f45d3f2ced08394cfcbf300

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:20:15 GMT
content-encoding: gzip
x-backend: zimedia_app
age: 1451967
x-cache: HIT
x-ua-device
content-length: 9525
x-user-agent: Mozilla/5.0 (Linux; Android 11; SM-A217F Build/RP1A.200720.012; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/92.0.4515.115 Mobile Safari/537.36
last-modified: Mon, 08 Oct 2018 09:19:03 GMT
server: nginx/1.13.7
etag: "5bbb2107-63e8"
vary: Accept-Encoding
x-varnish: 929768575 641659581
cache-control: max-age = 2592000
accept-ranges: bytes
content-type: image/svg+xml
x-cache-hits: 1967226

GET
H2 200 icon-wf-login.svg
zi.media/images/ 25 KB
10 KB 274ms
274ms Image
image/svg+xml 35.194.179.75
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zi.media/images/icon-wf-login.svg
Requested by: Host: zi.media
URL: https://zi.media/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.194.179.75 Taipei, Taiwan, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 75.179.194.35.bc.googleusercontent.com
Software: nginx/1.13.7 /
Resource Hash: 7047d1b319e2914bd30144af502706162af7222e5cc65d1a619e422eb48032e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:20:15 GMT
content-encoding: gzip
x-backend: zimedia_app
age: 1451967
x-cache: HIT
x-ua-device
content-length: 9341
x-user-agent: Mozilla/5.0 (Linux; Android 11; SM-A217F Build/RP1A.200720.012; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/92.0.4515.115 Mobile Safari/537.36
last-modified: Mon, 08 Oct 2018 09:19:03 GMT
server: nginx/1.13.7
etag: "5bbb2107-620f"
vary: Accept-Encoding
x-varnish: 929833648 641659583
cache-control: max-age = 2592000
accept-ranges: bytes
content-type: image/svg+xml
x-cache-hits: 1962714

GET
H2 200 icon-inx2-slider.svg
zi.media/images/ 1 KB
1 KB 273ms
273ms Image
image/svg+xml 35.194.179.75
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zi.media/images/icon-inx2-slider.svg
Requested by: Host: zi.media
URL: https://zi.media/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.194.179.75 Taipei, Taiwan, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 75.179.194.35.bc.googleusercontent.com
Software: nginx/1.13.7 /
Resource Hash: 14ac8c5f3c58c2326d6e97bd4abeb8e14c676fd9d7a67e30bdaba972529dbba4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:20:15 GMT
content-encoding: gzip
x-backend: zimedia_app
age: 1451956
x-cache: HIT
x-ua-device
content-length: 673
x-user-agent: Mozilla/5.0 (Linux; Android 6.0.1; HTC_D825u Build/MMB29M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/91.0.4472.120 Mobile Safari/537.36
last-modified: Wed, 24 Oct 2018 03:11:09 GMT
server: nginx/1.13.7
etag: "5bcfe2cd-5f6"
vary: Accept-Encoding
x-varnish: 928594691 662025252
cache-control: max-age = 2592000
accept-ranges: bytes
content-type: image/svg+xml
x-cache-hits: 104825

GET
H2 200 icon-user-wf.svg
zi.media/images/ 1 KB
1 KB 273ms
273ms Image
image/svg+xml 35.194.179.75
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zi.media/images/icon-user-wf.svg
Requested by: Host: zi.media
URL: https://zi.media/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.194.179.75 Taipei, Taiwan, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 75.179.194.35.bc.googleusercontent.com
Software: nginx/1.13.7 /
Resource Hash: 2f5d0dd59fda22cf391b8409c8e82542a82d686f9f7fc3ef1553ce57a92b0f5b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:20:15 GMT
content-encoding: gzip
x-backend: zimedia_app
age: 1451902
x-cache: HIT
x-ua-device
content-length: 765
x-user-agent: Mozilla/5.0 (Linux; Android 10; Nokia 3.1 Plus Build/QP1A.190711.020; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/94.0.4606.85 Mobile Safari/537.36
last-modified: Wed, 24 Oct 2018 03:11:09 GMT
server: nginx/1.13.7
etag: "5bcfe2cd-5bd"
vary: Accept-Encoding
x-varnish: 929600365 662153630
cache-control: max-age = 2592000
accept-ranges: bytes
content-type: image/svg+xml
x-cache-hits: 38856

GET
H2 200 GPJj3Y
s.zimedia.com.tw/c/ 40 KB
40 KB 842ms
263ms Image
image/jpeg 104.199.207.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.zimedia.com.tw/c/GPJj3Y
Requested by: Host: zi.media
URL: https://zi.media/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.199.207.196 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 196.207.199.104.bc.googleusercontent.com
Software: nginx/1.13.8 /
Resource Hash: 3c187b0e2f71ee1d26d3496abad732d1bed6d5c073aaadc0ac09f135d3ae3e38

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: public
date: Fri, 12 Nov 2021 04:20:15 GMT
x-cache-name-l2: image-02
server: nginx/1.13.8
x-cache-status: HIT
content-type: image/jpeg
cache-control: public
x-cache-status-l2: MISS
content-length: 40727
expires: Fri, 19 Nov 2021 09:42:53 GMT

GET
H2 200 GVtE9D
s.zimedia.com.tw/c/ 13 KB
13 KB 1368ms
790ms Image
image/jpeg 104.199.207.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.zimedia.com.tw/c/GVtE9D
Requested by: Host: zi.media
URL: https://zi.media/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.199.207.196 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 196.207.199.104.bc.googleusercontent.com
Software: nginx/1.13.8 /
Resource Hash: f14c988345ee6f2996c7e4b1aa6206e9f71a939f8fa94a7b60b9166a50b3ea82

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: public
date: Fri, 12 Nov 2021 04:20:15 GMT
x-cache-name-l2: image-02
server: nginx/1.13.8
x-cache-status: HIT
content-type: image/jpeg
cache-control: public
x-cache-status-l2: MISS
content-length: 13524
expires: Fri, 26 Nov 2021 02:13:50 GMT

GET
H2 200 rWWeU4
s.zimedia.com.tw/c/ 29 KB
29 KB 1630ms
1052ms Image
image/jpeg 104.199.207.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.zimedia.com.tw/c/rWWeU4
Requested by: Host: zi.media
URL: https://zi.media/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.199.207.196 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 196.207.199.104.bc.googleusercontent.com
Software: nginx/1.13.8 /
Resource Hash: 326e200f07f5cf2ce07b49d8be75bc108a55eada006969026b5211518d1df8db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 04:20:16 GMT
x-cache-name-l2: image-01
server: nginx/1.13.8
x-cache-status: MISS
content-type: image/jpeg
cache-control: no-cache
x-cache-status-l2: MISS
content-length: 29853
expires: Sat, 13 Nov 2021 04:20:16 GMT

GET
H2 200 1635476757-105288559-g_n.png
pic.pimg.tw/psvice/ 399 KB
400 KB 67ms
16ms Image
image/png 2.16.186.234
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pic.pimg.tw/psvice/1635476757-105288559-g_n.png

Requested by

Host: zi.media
URL: https://zi.media/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.234 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-234.deploy.static.akamaitechnologies.com

Software

Resource Hash

6d636f5f719c4f6ada3e77ac0332edb818b1d4a0e29c90032204057229e58798

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000
cache-control: public, max-age=31525978
etag: W/"408858-b3cc15731a2a926d322ad22ff7e7b72db0536908"
date: Fri, 12 Nov 2021 04:20:15 GMT
content-length: 408858
content-type: image/png

GET
H2 200 aZwqEX
s.zimedia.com.tw/c/ 51 KB
51 KB 1369ms
791ms Image
image/jpeg 104.199.207.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.zimedia.com.tw/c/aZwqEX
Requested by: Host: zi.media
URL: https://zi.media/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.199.207.196 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 196.207.199.104.bc.googleusercontent.com
Software: nginx/1.13.8 /
Resource Hash: 8f38393fa369a1535da74ee86ba3c12069fad9d83882816fd0769ff933b6f5cf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: public
date: Fri, 12 Nov 2021 04:20:15 GMT
x-cache-name-l2: image-02
server: nginx/1.13.8
x-cache-status: HIT
content-type: image/jpeg
cache-control: public
x-cache-status-l2: MISS
content-length: 51778
expires: Thu, 02 Dec 2021 06:50:01 GMT

GET
H2 200 23GuHW
s.zimedia.com.tw/c/ 40 KB
40 KB 1629ms
1051ms Image
image/jpeg 104.199.207.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.zimedia.com.tw/c/23GuHW
Requested by: Host: zi.media
URL: https://zi.media/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.199.207.196 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 196.207.199.104.bc.googleusercontent.com
Software: nginx/1.13.8 /
Resource Hash: 9ab103467f6fe59429d8cb4a7a9598277fceb1b965e390dc0a4954cce0a73ad7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: public
date: Fri, 12 Nov 2021 04:20:15 GMT
x-cache-name-l2: image-02
server: nginx/1.13.8
x-cache-status: HIT
content-type: image/jpeg
cache-control: public
x-cache-status-l2: MISS
content-length: 40801
expires: Sun, 12 Dec 2021 00:30:04 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 1043ms
210ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3M938L&gtm_auth=BEecxVYPdzyOi95C8hc5uA&gtm_preview=env-166&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1150
date: Fri, 12 Nov 2021 04:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 12 Nov 2021 06:01:06 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
15 KB 214ms
69ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3M938L&gtm_auth=BEecxVYPdzyOi95C8hc5uA&gtm_preview=env-166&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

7f0690cc7aa3e0a4f7ad0894766c1db5c291fb1d4840bfe4ab91cb393b77a608

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:20:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14377
x-xss-protection: 0
server: cafe
etag: 16570183496300854077
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 12 Nov 2021 04:20:15 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 31ms
10ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: zi.media
URL: https://zi.media/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: 5w615qdHKO74b7xmBThkGl8i75mw9de0hB+/UnpTzUHuqy34LBBwm+YPj769RZs99zza4/fabtg8bJ1OFMRiLA==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 12 Nov 2021 04:20:15 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK plugin.min.js Show response
static.dable.io/dist/ 107 KB
34 KB 140ms
37ms Script
application/javascript 88.221.77.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dable.io/dist/plugin.min.js
Requested by: Host: zi.media
URL: https://zi.media/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.77.233 Munich, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a88-221-77-233.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d1fbf473619b8b5338799d2aed30ea621afa8da1a03cccc61f9d40d1ee2b6424

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: Japja0dj4GEqhKm8dMvGbd9AQbJBSHgN
Content-Encoding: gzip
Last-Modified: Thu, 21 Oct 2021 05:48:51 GMT
Server: Apache
x-amz-request-id: S3S0YJTF671NCBC1
ETag: "0471fe00bdffea65fcdae08652e5ba33"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=69934
Date: Fri, 12 Nov 2021 04:20:15 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33932
x-amz-id-2: po97UvTIKbYDKMg2i6+GoAFHcizspUZ9vdenGFUQgwvlOeCaWvq3pDMQVD5/qVuuH8F6IcTEE38=

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 78 KB
27 KB 5456ms
540ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3M938L&gtm_auth=BEecxVYPdzyOi95C8hc5uA&gtm_preview=env-166&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f045a02ac49edc45abbfaf1b3c260c7ac7e0193456be4f1dc81b345c0d7a507

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:20:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1041 / 570 of 1000 / last-modified: 1636672001"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26943
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 12 Nov 2021 04:20:20 GMT

GET
H2 200 pmp_ads.js Show response
power.adhacker.online/pmp/ 993 B
977 B 16ms
16ms Script
text/javascript 2606:4700:3036::6815:1c52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://power.adhacker.online/pmp/pmp_ads.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3M938L&gtm_auth=BEecxVYPdzyOi95C8hc5uA&gtm_preview=env-166&gtm_cookies_win=x
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1c52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5123ebcdf73f832310531a03ba253496737d1d005b3d4e41fc5a7d4f6179677

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=9Dah1Q==, md5=thTCe7v1Lc8hGhxnXW1D6g==
date: Fri, 12 Nov 2021 04:20:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2513
x-guploader-uploadid: ADPycdsgJB5kYrQ7awRAAiz4mzm7_fglI7qeKBBVg3dKJRDjiqJtidz6bftiTHpow4zriQS-58OkIBPAUXPxtBb6wQk
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 28 Dec 2020 03:30:28 GMT
server: cloudflare
etag: W/"b614c27bbbf52dcf211a1c675d6d43ea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AmpdMOW7gT3%2BlH6Lq5hTvSk%2FlJn1Ko8V69TjzaSQ5ksL35hYpiXLtne6Amczmp9o0Qgclo%2BIZLaYK9eel85H5up861b935lyZhOBpq8jmXLWtYkQJjH5hUGM9Hr3oZfFCKld6mAwP5foYaOehQrT3mjrpbM%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1609126228631610
access-control-allow-origin: *
content-type: text/javascript
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 993
cf-ray: 6accf77b29914dc4-FRA
expires: Fri, 12 Nov 2021 05:20:15 GMT

GET
H2 200 pvmax.js Show response
api.pvmax.net/v1.0/ 77 KB
25 KB 63ms
27ms Script
application/javascript 2606:4700:10::6816:4b44
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.pvmax.net/v1.0/pvmax.js
Requested by: Host: zi.media
URL: https://zi.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:4b44 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa70ba5d38e5e05f0befc6a7e1b3e6c790d5c402cfe43677547c712a092bf864

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:20:15 GMT
content-encoding: gzip
cf-cache-status: HIT
x-goog-meta-goog-reserved-file-mtime: 1608105949
age: 151
cf-polished: origSize=79048
x-guploader-uploadid: ADPycdshKfB78wq5-zVINyAnrsCHHLm7qjGvbC4UQGRT4V82YErWp_ZJCNvqqedNGpsh44EB6uKxN4J1OK0pVzM9uik
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
content-type: application/javascript
expires: Fri, 12 Nov 2021 05:17:43 GMT
last-modified: Wed, 16 Dec 2020 08:05:56 GMT
server: cloudflare
etag: W/"b9b7aef9f8d3775ac5c77a0700706f3e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=D+80vg==, md5=ubeu+fjTd1rFx3oHAHBvPg==
x-goog-generation: 1608105956342227
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 79048
cf-ray: 6accf77b78a4d729-FRA
cf-bgj: minify

GET
H2

200

pb.js Show response
adx.c.appier.net/pb/0wHT9JDiP3SORJx/
Redirect Chain

https://apn.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js?haid=WhWe9301&hzids=WhI6WFOp,WhI6H9Op,WhI6HzOp,WhI6HIOp,WhI6HFOp,WhI6m9Op,WhI6mzOp,WhITW9Op,WhITWzOp,WhITWIOp
https://gocm.c.appier.net/apnnet?haid=WhWe9301&hzids=WhI6WFOp%2CWhI6H9Op%2CWhI6HzOp%2CWhI6HIOp%2CWhI6HFOp%2CWhI6m9Op%2CWhI6mzOp%2CWhITW9Op%2CWhITWzOp%2CWhITWIOp&url=adx.c.appier.net%2Fpb%2F0wHT9JDi...
https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js?acid=9Njo6KcKB7ea_ipWgOuNYQ&haid=WhWe9301&hzids=WhI6WFOp,WhI6H9Op,WhI6HzOp,WhI6HIOp,WhI6HFOp,WhI6m9Op,WhI6mzOp,WhITW9Op,WhITWzOp,WhITWIOp

461 B
388 B

270ms
267ms

Script
text/html

34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js?acid=9Njo6KcKB7ea_ipWgOuNYQ&haid=WhWe9301&hzids=WhI6WFOp,WhI6H9Op,WhI6HzOp,WhI6HIOp,WhI6HFOp,WhI6m9Op,WhI6mzOp,WhITW9Op,WhITWzOp,WhITWIOp
Requested by: Host: zi.media
URL: https://zi.media/
Protocol: H2
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: f5b799d5bfdaa0a9ec8efc988405448d9bf908ff999dbdc3660302f6e205ca67

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:20:16 GMT
via: 1.1 google
server: nginx/1.19.0
content-encoding: gzip
alt-svc: clear
vary: Accept-Encoding
content-type: text/html; charset=utf-8

Redirect headers

location: https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js?acid=9Njo6KcKB7ea_ipWgOuNYQ&haid=WhWe9301&hzids=WhI6WFOp,WhI6H9Op,WhI6HzOp,WhI6HIOp,WhI6HFOp,WhI6m9Op,WhI6mzOp,WhITW9Op,WhITWzOp,WhITWIOp
date: Fri, 12 Nov 2021 04:20:16 GMT
cache-control: no-store
server: nginx
content-type: text/html; charset=utf-8
content-length: 218
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H2

200

pb.js Show response
adx.c.appier.net/pb/0wHT9JDiP3SORJx/
Redirect Chain

https://apn.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js?haid=WhWe9301&hzids=WhITWFOp,WhITH9Op,WhITHzOp,WhITHIOp,WhITHFOp,WhITm9Op,WhITmzOp,WhCFW9Op,WhCFWzOp,WhCFWIOp
https://gocm.c.appier.net/apnnet?haid=WhWe9301&hzids=WhITWFOp%2CWhITH9Op%2CWhITHzOp%2CWhITHIOp%2CWhITHFOp%2CWhITm9Op%2CWhITmzOp%2CWhCFW9Op%2CWhCFWzOp%2CWhCFWIOp&url=adx.c.appier.net%2Fpb%2F0wHT9JDi...
https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js?acid=FbPwsrhNAUmyi1iDgOuNYQ&haid=WhWe9301&hzids=WhITWFOp,WhITH9Op,WhITHzOp,WhITHIOp,WhITHFOp,WhITm9Op,WhITmzOp,WhCFW9Op,WhCFWzOp,WhCFWIOp

461 B
406 B

275ms
264ms

Script
text/html

34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js?acid=FbPwsrhNAUmyi1iDgOuNYQ&haid=WhWe9301&hzids=WhITWFOp,WhITH9Op,WhITHzOp,WhITHIOp,WhITHFOp,WhITm9Op,WhITmzOp,WhCFW9Op,WhCFWzOp,WhCFWIOp
Requested by: Host: zi.media
URL: https://zi.media/
Protocol: H2
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 90a54256264f2aaa771bf3bb717a5e5b0f7a336c06bcf36ba624c7d5f5c5f3c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:20:16 GMT
via: 1.1 google
server: nginx/1.19.0
content-encoding: gzip
alt-svc: clear
vary: Accept-Encoding
content-type: text/html; charset=utf-8

Redirect headers

location: https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js?acid=FbPwsrhNAUmyi1iDgOuNYQ&haid=WhWe9301&hzids=WhITWFOp,WhITH9Op,WhITHzOp,WhITHIOp,WhITHFOp,WhITm9Op,WhITmzOp,WhCFW9Op,WhCFWzOp,WhCFWIOp
date: Fri, 12 Nov 2021 04:20:16 GMT
cache-control: no-store
server: nginx
content-type: text/html; charset=utf-8
content-length: 218
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H2

200

pb.js Show response
adx.c.appier.net/pb/0wHT9JDiP3SORJx/
Redirect Chain

https://apn.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js?haid=WhWe9301&hzids=WhCFWFOp,WhCFH9Op,WhCFHzOp,WhCFHIOp,WhCFHFOp,WhCFm9Op,WhCFmzOp,WhCJW9Op,WhCJWzOp,WhCJWIOp
https://gocm.c.appier.net/apnnet?haid=WhWe9301&hzids=WhCFWFOp%2CWhCFH9Op%2CWhCFHzOp%2CWhCFHIOp%2CWhCFHFOp%2CWhCFm9Op%2CWhCFmzOp%2CWhCJW9Op%2CWhCJWzOp%2CWhCJWIOp&url=adx.c.appier.net%2Fpb%2F0wHT9JDi...
https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js?acid=LVSmS3GjAteZEn0igOuNYQ&haid=WhWe9301&hzids=WhCFWFOp,WhCFH9Op,WhCFHzOp,WhCFHIOp,WhCFHFOp,WhCFm9Op,WhCFmzOp,WhCJW9Op,WhCJWzOp,WhCJWIOp

461 B
388 B

273ms
265ms

Script
text/html

34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js?acid=LVSmS3GjAteZEn0igOuNYQ&haid=WhWe9301&hzids=WhCFWFOp,WhCFH9Op,WhCFHzOp,WhCFHIOp,WhCFHFOp,WhCFm9Op,WhCFmzOp,WhCJW9Op,WhCJWzOp,WhCJWIOp
Requested by: Host: zi.media
URL: https://zi.media/
Protocol: H2
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 5326620de3fa85a8df4be659426ab978a6bb4a581ec292808014aa8625cb84fe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:20:16 GMT
via: 1.1 google
server: nginx/1.19.0
content-encoding: gzip
alt-svc: clear
vary: Accept-Encoding
content-type: text/html; charset=utf-8

Redirect headers

location: https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js?acid=LVSmS3GjAteZEn0igOuNYQ&haid=WhWe9301&hzids=WhCFWFOp,WhCFH9Op,WhCFHzOp,WhCFHIOp,WhCFHFOp,WhCFm9Op,WhCFmzOp,WhCJW9Op,WhCJWzOp,WhCJWIOp
date: Fri, 12 Nov 2021 04:20:16 GMT
cache-control: no-store
server: nginx
content-type: text/html; charset=utf-8
content-length: 218
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H2

200

pb.js Show response
adx.c.appier.net/pb/0wHT9JDiP3SORJx/
Redirect Chain

https://apn.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js?haid=WhWe9301&hzids=WhCJWFOp,WhCJH9Op,WhCJHzOp,WhCJHIOp,WhCJHFOp
https://gocm.c.appier.net/apnnet?haid=WhWe9301&hzids=WhCJWFOp%2CWhCJH9Op%2CWhCJHzOp%2CWhCJHIOp%2CWhCJHFOp&url=adx.c.appier.net%2Fpb%2F0wHT9JDiP3SORJx%2Fpb.js
https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js?acid=U_tYfCAmCfK7fHVZgOuNYQ&haid=WhWe9301&hzids=WhCJWFOp,WhCJH9Op,WhCJHzOp,WhCJHIOp,WhCJHFOp

416 B
377 B

277ms
266ms

Script
text/html

34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js?acid=U_tYfCAmCfK7fHVZgOuNYQ&haid=WhWe9301&hzids=WhCJWFOp,WhCJH9Op,WhCJHzOp,WhCJHIOp,WhCJHFOp
Requested by: Host: zi.media
URL: https://zi.media/
Protocol: H2
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 10adba5df8bb57bbee4bc05dbef5574714d5e26582bd18c24c2b9da56334efd3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:20:16 GMT
via: 1.1 google
server: nginx/1.19.0
content-encoding: gzip
alt-svc: clear
vary: Accept-Encoding
content-type: text/html; charset=utf-8

Redirect headers

location: https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js?acid=U_tYfCAmCfK7fHVZgOuNYQ&haid=WhWe9301&hzids=WhCJWFOp,WhCJH9Op,WhCJHzOp,WhCJHIOp,WhCJHFOp
date: Fri, 12 Nov 2021 04:20:16 GMT
cache-control: no-store
server: nginx
content-type: text/html; charset=utf-8
content-length: 173
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 77 KB
30 KB 75ms
74ms Script
application/javascript 142.250.186.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NF4C356

Requested by

Host: zi.media
URL: https://zi.media/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

046646018e143c9891f835b7f371b8da490c99fb9afc8d1e193a97dde4a86d2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:20:15 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31035
x-xss-protection: 0
last-modified: Fri, 12 Nov 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 12 Nov 2021 04:20:15 GMT

GET
H2 200 YxtpMs
s.zimedia.com.tw/c/ 29 KB
29 KB 1446ms
1051ms Image
image/jpeg 104.199.207.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.zimedia.com.tw/c/YxtpMs
Requested by: Host: zi.media
URL: https://zi.media/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.199.207.196 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 196.207.199.104.bc.googleusercontent.com
Software: nginx/1.13.8 /
Resource Hash: 326e200f07f5cf2ce07b49d8be75bc108a55eada006969026b5211518d1df8db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 04:20:16 GMT
x-cache-name-l2: image-01
server: nginx/1.13.8
x-cache-status: MISS
content-type: image/jpeg
cache-control: no-cache
x-cache-status-l2: MISS
content-length: 29853
expires: Sat, 13 Nov 2021 04:20:16 GMT

GET
H2 200 hLCQcv
s.zimedia.com.tw/c/ 29 KB
29 KB 963ms
962ms Image
image/jpeg 104.199.207.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.zimedia.com.tw/c/hLCQcv
Requested by: Host: zi.media
URL: https://zi.media/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.199.207.196 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 196.207.199.104.bc.googleusercontent.com
Software: nginx/1.13.8 /
Resource Hash: 326e200f07f5cf2ce07b49d8be75bc108a55eada006969026b5211518d1df8db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 04:20:16 GMT
x-cache-name-l2: image-01
server: nginx/1.13.8
x-cache-status: MISS
content-type: image/jpeg
cache-control: no-cache
x-cache-status-l2: MISS
content-length: 29853
expires: Sat, 13 Nov 2021 04:20:16 GMT

GET
H2 200 23
zi.media/images/avatar/a/classycg/ 900 B
1 KB 270ms
270ms Image
image/jpeg 35.194.179.75
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zi.media/images/avatar/a/classycg/23?20210528v2
Requested by: Host: zi.media
URL: https://zi.media/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.194.179.75 Taipei, Taiwan, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 75.179.194.35.bc.googleusercontent.com
Software: nginx/1.13.7 /
Resource Hash: 3d4c882c95ff8dcdd77aa176c0f9d23fd613ceddf733b7ba67c509031a3fb373

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-user-agent: Mozilla/5.0 (Linux; Android 8.0.0; SM-G965F Build/R16NW; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/95.0.4638.74 Mobile Safari/537.36
server: nginx/1.13.7
age: 2557
date: Fri, 12 Nov 2021 04:20:15 GMT
x-cache: HIT
content-type: image/jpeg
x-ua-device
cache-control: max-age = 7200
x-varnish: 928594695 928636244
accept-ranges: bytes
x-backend: zimedia_app
content-length: 900
x-cache-hits: 71

GET
H2 200 config Show response
powerads.breaktime.com.tw/v1/bt/ 628 B
847 B 622ms
202ms Fetch
application/json 13.75.71.72
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerads.breaktime.com.tw/v1/bt/config?domain=zi.media&pid=YUZ7T18&device=desktop

Requested by

Host: power.adhacker.online
URL: https://power.adhacker.online/general/gl.js?spj=YUZ7T18

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.75.71.72 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

093d4b9ddcc48e314c1e44f2942518b068399445c28e3ef979a4719c7b40265d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:20:15 GMT
vary: Origin
content-type: application/json
access-control-allow-origin: https://zi.media
cache-control: s-maxage=0, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 628

GET
H3 200 173410919898550 Show response
connect.facebook.net/signals/config/ 306 KB
87 KB 46ms
25ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/173410919898550?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0e0aa1fce6767711db5df8e96c3173c6484a7c550ea8fd34318acea8f9a561d1

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 89268
x-xss-protection: 0
pragma: public
x-fb-debug: LIe+3yP4NsxdUklsTIPWmhG+YEYT/WRbfAnA0Z6F2lFYaV8tIjesb0+GDDteP1Ngo4A3fXHOSvrCQJ7oeuXr9g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 12 Nov 2021 04:20:15 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 peek
pvmax.tenmax.io/kiangi/ 0
235 B 1355ms
266ms Image
application/json 35.186.245.165
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pvmax.tenmax.io/kiangi/peek?siteId=d5fbf2f1-63c4-4cd2-9ea7-9f37adc08d23&ref=https://zi.media/&canonical=https%3A%2F%2Fzi.media%2F&ogurl=https%3A%2F%2Fzi.media%2F&cacheBuster=1636690815314
Requested by: Host: zi.media
URL: https://zi.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.245.165 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 165.245.186.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 12 Nov 2021 04:20:16 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
content-type: application/json;charset=UTF-8

POST cv
dc.breaktime.com.tw/dc/ 0
0

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 20ms
9ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=173410919898550&ev=PageView&dl=https%3A%2F%2Fzi.media%2F&rl=&if=false&ts=1636690815364&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1636690815363.1785248991&it=1636690815270&coo=false&rqm=GET

Requested by

Host: zi.media
URL: https://zi.media/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:20:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Fri, 12 Nov 2021 04:20:16 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 20ms
8ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=173410919898550&ev=ViewContent&dl=https%3A%2F%2Fzi.media%2F&rl=&if=false&ts=1636690815366&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1636690815363.1785248991&it=1636690815270&coo=false&rqm=GET

Requested by

Host: zi.media
URL: https://zi.media/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:20:16 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Fri, 12 Nov 2021 04:20:16 GMT

GET
H3 200 / Show response
www.googleadservices.com/pagead/conversion/834813731/ 2 KB
1 KB 108ms
57ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/834813731/?random=1636690815460&cv=9&fst=1636690815460&num=1&value=1&currency_code=NTD&label=GgEXCMufwHUQo_6IjgM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgba1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fzi.media%2F&tiba=Zi%20%E5%AD%97%E5%AA%92%E9%AB%94&auid=1190483480.1636690815&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f98.1e100.net

Software

cafe /

Resource Hash

fd30ceeef1168f77eb1c624a498bc1d36a3c39eab2d79e5fa07f5fcc867a6145

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 04:20:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1213
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 GTM-M3M938L.js Show response
power.adhacker.online/ps/excl/ 72 B
1018 B 22ms
21ms Script
text/plain 2606:4700:3036::6815:1c52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://power.adhacker.online/ps/excl/GTM-M3M938L.js
Requested by: Host: a.breaktime.com.tw
URL: https://a.breaktime.com.tw/js/au.js?spj=zi
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:1c52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6fac87a6c47841000f3671db689a4ff243d8e674199d6bc236c7a32e143648e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=KZhPgg==, md5=YaE4khw5RGCh0MObAhMbfg==
date: Fri, 12 Nov 2021 04:20:15 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4064
x-guploader-uploadid: ADPycdvh2LsDG1N3ikGPXIP6_Xa6NOCsuY2KLKAGUT_T9EVq9VPWpbdQOa9OyanDQJ-cQpNOMK8lUaGPPLR0e1htO32P1PydxQ
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sun, 07 Nov 2021 13:00:11 GMT
server: cloudflare
etag: W/"61a138921c394460a1d0c39b02131b7e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y71PVIpZmV9myMhmMx8eSe8D3aS75Tm71gSGk8T9wUE3cCEsJTzp%2BshWKk3myY80oxJZbKZowOKp43oAv%2Fcgu%2FBM6zBSqlBLm9yrV2KC4qMrukWEXapE60HLtW2YF4VaDlkSYubEUxRlP7JL4HrGPmcSCFc%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1636030812710537
access-control-allow-origin: *
content-type: text/plain
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 72
cf-ray: 6accf77cfc914a8b-FRA
expires: Fri, 12 Nov 2021 05:20:15 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 115 KB
40 KB 1094ms
1094ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W9CRLDW

Requested by

Host: zi.media
URL: https://zi.media/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8e04ef7c020413231d04732a8537de5c9af935cf1811a53c01ffca360eb34ace

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:20:15 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40860
x-xss-protection: 0
last-modified: Fri, 12 Nov 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 12 Nov 2021 04:20:15 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 272 KB
70 KB 1094ms
1094ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M3M938L

Requested by

Host: zi.media
URL: https://zi.media/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

25985cac67315f25831707ee28cb44e3fdfefa28aa3246175dbc7f17f4e49973

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:20:15 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72035
x-xss-protection: 0
last-modified: Fri, 12 Nov 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 12 Nov 2021 04:20:15 GMT

GET
H/1.1 200
OK cat_trid Show response
catalyst.breaktime.com.tw/v1/ 83 B
569 B 605ms
197ms Fetch
application/json 207.46.146.168
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://catalyst.breaktime.com.tw/v1/cat_trid
Requested by: Host: a.breaktime.com.tw
URL: https://a.breaktime.com.tw/js/au.js?spj=zi
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 207.46.146.168 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.13.12 /
Resource Hash: 057837e0eabd6539ec78cdaa7f784d1d879f84786387e784c58f7328dbda05c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 12 Nov 2021 04:20:16 GMT
Server: nginx/1.13.12
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://zi.media
Cache-Control: s-maxage=0, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 83

GET
H2

200

/
www.google.de/pagead/1p-conversion/834813731/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/834813731/?random=1436189990&cv=9&fst=1636690815460&num=1&value=1&currency_code=NTD&label=GgEXCMufwHUQo_6IjgM&guid=ON&resp=GooglemKT...
https://www.google.com/pagead/1p-conversion/834813731/?random=1436189990&cv=9&fst=1636690815460&num=1&value=1&currency_code=NTD&label=GgEXCMufwHUQo_6IjgM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=...
https://www.google.de/pagead/1p-conversion/834813731/?random=1436189990&cv=9&fst=1636690815460&num=1&value=1&currency_code=NTD&label=GgEXCMufwHUQo_6IjgM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1...

42 B
154 B

236ms
103ms

Image
image/gif

2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/834813731/?random=1436189990&cv=9&fst=1636690815460&num=1&value=1&currency_code=NTD&label=GgEXCMufwHUQo_6IjgM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgba1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fzi.media%2F&tiba=Zi%20%E5%AD%97%E5%AA%92%E9%AB%94&auid=1190483480.1636690815&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=f-uNYfOpINjYgAfm8JnADQ&eitems=ChAIgJuzjAYQj8zcnYbo57Y_Eh0A5hhaY_CBfu9cCAqA3QP6iia5EMoqyLQl-r1ZqA&random=1934714445&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Requested by

Host: zi.media
URL: https://zi.media/

Protocol

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 04:20:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 12 Nov 2021 04:20:19 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/834813731/?random=1436189990&cv=9&fst=1636690815460&num=1&value=1&currency_code=NTD&label=GgEXCMufwHUQo_6IjgM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgba1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fzi.media%2F&tiba=Zi%20%E5%AD%97%E5%AA%92%E9%AB%94&auid=1190483480.1636690815&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=f-uNYfOpINjYgAfm8JnADQ&eitems=ChAIgJuzjAYQj8zcnYbo57Y_Eh0A5hhaY_CBfu9cCAqA3QP6iia5EMoqyLQl-r1ZqA&random=1934714445&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 peek
pvmax.tenmax.io/kiangi/ 0
186 B 283ms
282ms Image
application/json 35.186.245.165
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pvmax.tenmax.io/kiangi/peek?siteId=d5fbf2f1-63c4-4cd2-9ea7-9f37adc08d23&ref=https://zi.media/&canonical=https%3A%2F%2Fzi.media%2F&ogurl=https%3A%2F%2Fzi.media%2F&cacheBuster=1636690815614
Requested by: Host: zi.media
URL: https://zi.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.245.165 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 165.245.186.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 12 Nov 2021 04:20:16 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK prefs2 Show response
api.dable.io/plugin/services/zi.media/ 515 B
937 B 1073ms
259ms Script
text/javascript 3.37.73.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dable.io/plugin/services/zi.media/prefs2?cached_uid=&callback=dbljson1

Requested by

Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.37.73.208 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-37-73-208.ap-northeast-2.compute.amazonaws.com

Software

nginx /

Resource Hash

89d70d41fdf2cec32156f641b7832d94fad8340b5dade01192d1dc31c7e51623

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 12 Nov 2021 04:20:17 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
ETag: W/"203-68CC0yIdoYDOOghpuBQDOFPkUZ8"
Content-Type: text/javascript; charset=utf-8
Connection: keep-alive
Content-Length: 323

POST
H2 200 / Show response
www.facebook.com/tr/ Frame 2179 0
215 B 66ms
38ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: zi.media
URL: https://zi.media/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://zi.media
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/

Response headers

content-type: text/plain
access-control-allow-origin: https://zi.media
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
date: Fri, 12 Nov 2021 04:20:15 GMT

OPTIONS
H2 200 /
data.breaktime.com.tw/track/events/ Frame 0
0 1128ms
257ms Preflight 61.31.170.144
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.breaktime.com.tw/track/events/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 61.31.170.144 New Taipei, Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS: 61-31-170-144.static.tfn.net.tw
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://zi.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 12 Nov 2021 04:12:02 GMT
vary: Origin
access-control-allow-origin: https://zi.media
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Connection,User-Agent
access-control-allow-methods: POST
access-control-max-age: 604800
content-length: 0

OPTIONS
H2 200 ad
powerads.breaktime.com.tw/v1/bt/ Frame 0
0 211ms
211ms Preflight
text/html 13.75.71.72
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerads.breaktime.com.tw/v1/bt/ad

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.75.71.72 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://zi.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 12 Nov 2021 04:20:16 GMT
content-type: text/html; charset=utf-8
content-length: 0
allow: OPTIONS, POST
access-control-allow-origin: https://zi.media
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
vary: Origin
cache-control: s-maxage=0, max-age=0
strict-transport-security: max-age=15724800; includeSubDomains

POST
H2 200 / Show response
data.breaktime.com.tw/track/events/ 26 B
176 B 265ms
262ms Fetch
application/json 61.31.170.144
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.breaktime.com.tw/track/events/
Requested by: Host: power.adhacker.online
URL: https://power.adhacker.online/general/gl.js?spj=YUZ7T18
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 61.31.170.144 New Taipei, Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS: 61-31-170-144.static.tfn.net.tw
Software: nginx /
Resource Hash: b0c181c1fa5b679c11dc2f0d3de4e2643435fd2734b93f75643b43f7787b1b39

Request headers

Referer: https://zi.media/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: https://zi.media
date: Fri, 12 Nov 2021 04:20:17 GMT
access-control-allow-credentials: true
server: nginx
content-length: 26
vary: Origin
content-type: application/json

POST
H2 200 ad Show response
powerads.breaktime.com.tw/v1/bt/ 391 B
609 B 207ms
207ms Fetch
application/json 13.75.71.72
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerads.breaktime.com.tw/v1/bt/ad

Requested by

Host: power.adhacker.online
URL: https://power.adhacker.online/general/gl.js?spj=YUZ7T18

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

13.75.71.72 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

f7c7032de327a2a1f998bc2d37802af7d6d21b4b95da606daad3c58df8977cbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://zi.media/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
content-type: application/json

Response headers

date: Fri, 12 Nov 2021 04:20:16 GMT
vary: Origin
content-type: application/json
access-control-allow-origin: https://zi.media
cache-control: s-maxage=0, max-age=0
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 391

POST
H/1.1 200
OK footprint Show response
catalyst.breaktime.com.tw/v1/ 55 B
349 B 199ms
199ms Fetch
application/json 207.46.146.168
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://catalyst.breaktime.com.tw/v1/footprint
Requested by: Host: a.breaktime.com.tw
URL: https://a.breaktime.com.tw/js/au.js?spj=zi
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 207.46.146.168 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.13.12 /
Resource Hash: 4acd291f2b55be3565725a92fe860029f609fecdd649bdb0a82cb4042255c575

Request headers

Referer: https://zi.media/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json

Response headers

Date: Fri, 12 Nov 2021 04:20:17 GMT
Server: nginx/1.13.12
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://zi.media
Cache-Control: s-maxage=0, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 55

OPTIONS
H/1.1 200
OK footprint
catalyst.breaktime.com.tw/v1/ Frame 0
0 639ms
208ms Preflight
application/json 207.46.146.168
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://catalyst.breaktime.com.tw/v1/footprint
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 207.46.146.168 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.13.12 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://zi.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Date: Fri, 12 Nov 2021 04:20:16 GMT
Content-Type: application/json
Content-Length: 0
Connection: keep-alive
Server: nginx/1.13.12
Allow: POST, OPTIONS
Access-Control-Allow-Origin: https://zi.media
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
Vary: Origin
Cache-Control: s-maxage=0, max-age=0

OPTIONS
H2 200 /
data.breaktime.com.tw/track/events/ Frame 0
0 707ms
258ms Preflight 61.31.170.144
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.breaktime.com.tw/track/events/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 61.31.170.144 New Taipei, Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS: 61-31-170-144.static.tfn.net.tw
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://zi.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 12 Nov 2021 04:12:02 GMT
vary: Origin
access-control-allow-origin: https://zi.media
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Connection,User-Agent
access-control-allow-methods: POST
access-control-max-age: 604800
content-length: 0

POST
H2 200 / Show response
data.breaktime.com.tw/track/events/ 26 B
176 B 264ms
262ms Fetch
application/json 61.31.170.144
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.breaktime.com.tw/track/events/
Requested by: Host: power.adhacker.online
URL: https://power.adhacker.online/general/gl.js?spj=YUZ7T18
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 61.31.170.144 New Taipei, Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS: 61-31-170-144.static.tfn.net.tw
Software: nginx /
Resource Hash: b0c181c1fa5b679c11dc2f0d3de4e2643435fd2734b93f75643b43f7787b1b39

Request headers

Referer: https://zi.media/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: https://zi.media
date: Fri, 12 Nov 2021 04:20:17 GMT
access-control-allow-credentials: true
server: nginx
content-length: 26
vary: Origin
content-type: application/json

POST
H2 200 / Show response
data.breaktime.com.tw/track/events/ 26 B
176 B 264ms
263ms Fetch
application/json 61.31.170.144
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.breaktime.com.tw/track/events/
Requested by: Host: power.adhacker.online
URL: https://power.adhacker.online/general/gl.js?spj=YUZ7T18
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 61.31.170.144 New Taipei, Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS: 61-31-170-144.static.tfn.net.tw
Software: nginx /
Resource Hash: b0c181c1fa5b679c11dc2f0d3de4e2643435fd2734b93f75643b43f7787b1b39

Request headers

Referer: https://zi.media/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: https://zi.media
date: Fri, 12 Nov 2021 04:20:17 GMT
access-control-allow-credentials: true
server: nginx
content-length: 26
vary: Origin
content-type: application/json

OPTIONS
H2 200 /
data.breaktime.com.tw/track/events/ Frame 0
0 706ms
258ms Preflight 61.31.170.144
TFN-TW Taiwan Fix...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.breaktime.com.tw/track/events/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 61.31.170.144 New Taipei, Taiwan, ASN9924 (TFN-TW Taiwan Fixed Network, Telco and Network Service Provider., TW),
Reverse DNS: 61-31-170-144.static.tfn.net.tw
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://zi.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 12 Nov 2021 04:12:02 GMT
vary: Origin
access-control-allow-origin: https://zi.media
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Connection,User-Agent
access-control-allow-methods: POST
access-control-max-age: 604800
content-length: 0

GET
H2 200 pb.bid Show response
adx.c.appier.net/pb/0wHT9JDiP3SORJx/ 5 KB
810 B 285ms
284ms Script
text/html 34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/pb.bid?acid=U_tYfCAmCfK7fHVZgOuNYQ&haid=WhWe9301&hzids=WhITWFOp,WhITH9Op,WhITHzOp,WhITHIOp,WhITHFOp,WhITm9Op,WhITmzOp,WhCFW9Op,WhCFWzOp,WhCFWIOp
Requested by: Host: apn.c.appier.net
URL: https://apn.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js?haid=WhWe9301&hzids=WhITWFOp,WhITH9Op,WhITHzOp,WhITHIOp,WhITHFOp,WhITm9Op,WhITmzOp,WhCFW9Op,WhCFWzOp,WhCFWIOp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 599a9083caebee4c059389fa9b90d97658e2f600d407f2f720e372cc82de9f23

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:20:16 GMT
via: 1.1 google
server: nginx/1.19.0
content-encoding: gzip
alt-svc: clear
content-type: text/html; charset=utf-8

GET
H2 200 pb.bid Show response
adx.c.appier.net/pb/0wHT9JDiP3SORJx/ 5 KB
805 B 268ms
268ms Script
text/html 34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/pb.bid?acid=LVSmS3GjAteZEn0igOuNYQ&haid=WhWe9301&hzids=WhCFWFOp,WhCFH9Op,WhCFHzOp,WhCFHIOp,WhCFHFOp,WhCFm9Op,WhCFmzOp,WhCJW9Op,WhCJWzOp,WhCJWIOp
Requested by: Host: apn.c.appier.net
URL: https://apn.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js?haid=WhWe9301&hzids=WhCFWFOp,WhCFH9Op,WhCFHzOp,WhCFHIOp,WhCFHFOp,WhCFm9Op,WhCFmzOp,WhCJW9Op,WhCJWzOp,WhCJWIOp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 110b3bf8b6fbb7db563e47643f0fded3b1ecfd100fe613989a6c850163088457

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:20:16 GMT
via: 1.1 google
server: nginx/1.19.0
content-encoding: gzip
alt-svc: clear
content-type: text/html; charset=utf-8

GET
H2 200 pb.bid Show response
adx.c.appier.net/pb/0wHT9JDiP3SORJx/ 3 KB
727 B 265ms
264ms Script
text/html 34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/pb.bid?acid=U_tYfCAmCfK7fHVZgOuNYQ&haid=WhWe9301&hzids=WhCJWFOp,WhCJH9Op,WhCJHzOp,WhCJHIOp,WhCJHFOp
Requested by: Host: apn.c.appier.net
URL: https://apn.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js?haid=WhWe9301&hzids=WhCJWFOp,WhCJH9Op,WhCJHzOp,WhCJHIOp,WhCJHFOp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 6d5f2825361c53b9c61afc9ab48126aeed2350ca3515f7f2e58e6912e03f1713

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:20:16 GMT
via: 1.1 google
server: nginx/1.19.0
content-encoding: gzip
alt-svc: clear
content-type: text/html; charset=utf-8

GET
H2 200 pb.bid Show response
adx.c.appier.net/pb/0wHT9JDiP3SORJx/ 5 KB
804 B 267ms
267ms Script
text/html 34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/pb.bid?acid=9Njo6KcKB7ea_ipWgOuNYQ&haid=WhWe9301&hzids=WhI6WFOp,WhI6H9Op,WhI6HzOp,WhI6HIOp,WhI6HFOp,WhI6m9Op,WhI6mzOp,WhITW9Op,WhITWzOp,WhITWIOp
Requested by: Host: apn.c.appier.net
URL: https://apn.c.appier.net/pb/0wHT9JDiP3SORJx/pb.js?haid=WhWe9301&hzids=WhI6WFOp,WhI6H9Op,WhI6HzOp,WhI6HIOp,WhI6HFOp,WhI6m9Op,WhI6mzOp,WhITW9Op,WhITWzOp,WhITWIOp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: bf29f16d3ac4001fd28f9e2e2ef8c355203c15935007fcdca4cfe1c2416126cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:20:16 GMT
via: 1.1 google
server: nginx/1.19.0
content-encoding: gzip
alt-svc: clear
content-type: text/html; charset=utf-8

GET
H2 200 async
article.adhacker.online/v1/content/ 37 B
0 600ms
198ms Fetch
application/json 137.116.169.173
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://article.adhacker.online/v1/content/async?url=https%3A%2F%2Fzi.media%2F&partner_id=YUZ7T18&page_id=13fe791fdcd25797c7e17a5380a52724f6819eef

Requested by

Host: a.breaktime.com.tw
URL: https://a.breaktime.com.tw/js/au.js?spj=zi

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

137.116.169.173 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:20:17 GMT
x-content-type-options: nosniff
vary: Origin
content-type: application/json
access-control-allow-origin: https://zi.media
cache-control: s-maxage=0, max-age=0, private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 37

GET
H3 200 bttp.js Show response
power.adhacker.online/general/ 20 KB
8 KB 16ms
15ms Script
application/javascript 2606:4700:3036::6815:1c52
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://power.adhacker.online/general/bttp.js
Requested by: Host: a.breaktime.com.tw
URL: https://a.breaktime.com.tw/js/au.js?spj=zi
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:1c52 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d806fbf706d44e3f70c84eb278b8eccfbb6f746a9da03fc8e8e8807c2d788f42

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-goog-hash: crc32c=KqZV5Q==, md5=TBrZsYnV8OwKaH5GS7DJhw==
date: Fri, 12 Nov 2021 04:20:17 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2708
x-guploader-uploadid: ADPycdtr5v2-MEBLCGsSBZnkaadfmkUSkcfLVmU2Gi-WVTe1NB-YpznAADUG2Ql67pHjKHCjKtiqixuYSxDsnPRk_Wx3ZtW6yw
x-goog-storage-class: REGIONAL
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-goog-meta-
last-modified: Mon, 26 Jul 2021 01:41:08 GMT
server: cloudflare
etag: W/"4c1ad9b189d5f0ec0a687e464bb0c987"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=17DPNiCQM%2FuHTzWxa0KLYoSzMM64XoIxuys4rXgPlhxGPrzIHb%2Fd0u6fqdDZwHDSukCdwOg68pY26YjOCYkoLtKDX5kWz7Ab83esjIKYa3o5Gu%2Fzxqf8GxksDDiGP0%2BMvvR3TQtJ7rjkz2C83kQNEsAQJKU%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1627263668774739
access-control-allow-origin: *
content-type: application/javascript
access-control-expose-headers: Content-Type
cache-control: public, max-age=1800
x-goog-stored-content-length: 6780
cf-ray: 6accf7871ad44a8b-FRA
expires: Fri, 12 Nov 2021 04:50:17 GMT

GET
H/1.1 200
OK collect.js Show response
cdn.lndata.com/ 11 KB
12 KB 1032ms
248ms Script
application/javascript 52.68.202.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.lndata.com/collect.js
Requested by: Host: zi.media
URL: https://zi.media/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.68.202.81 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-68-202-81.ap-northeast-1.compute.amazonaws.com
Software: nginx/1b169d980faf9653a22d037cf2666728c94ed7a0 U2FsdGVkX1+zbRS3xfUfTYrdPkzbVQuTxasqTEqpISU= /
Resource Hash: 1b365cf68a59081dacb89c77857b5fd991d1691c9fe16c952534b26053214355

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 12 Nov 2021 04:20:18 GMT
Last-Modified: Mon, 10 Sep 2018 09:32:46 GMT
Server: nginx/1b169d980faf9653a22d037cf2666728c94ed7a0 U2FsdGVkX1+zbRS3xfUfTYrdPkzbVQuTxasqTEqpISU=
ETag: "5b963a3e-2c56"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11350

GET
H/1.1

200
OK

/
cm.lndata.com/
Redirect Chain

https://v.lndata.com/i/a80469,b1452937,c4087,i0,m202,h
https://gocm.c.appier.net/lndata?cid=2111121220181882992&sid=1220181543914
https://cm.lndata.com/?tid=4087&uid=QjkN7PoJEDVdEvpdkd0gHUHqCVfn3t6VsNY1EA5F9e0=

35 B
470 B

1068ms
264ms

Image
image/gif

116.50.36.71
DONGFONG-TW DongF...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lndata.com/?tid=4087&uid=QjkN7PoJEDVdEvpdkd0gHUHqCVfn3t6VsNY1EA5F9e0=
Requested by: Host: zi.media
URL: https://zi.media/
Protocol: HTTP/1.1
Server: 116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software: TornadoServer/1.2.1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 12 Nov 2021 04:20:19 GMT
Server: TornadoServer/1.2.1
Connection: keep-alive
Content-Type: image/gif
Etag: "0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR

Redirect headers

location: https://cm.lndata.com/?tid=4087&uid=QjkN7PoJEDVdEvpdkd0gHUHqCVfn3t6VsNY1EA5F9e0=
date: Fri, 12 Nov 2021 04:20:18 GMT
cache-control: no-store
server: nginx
content-type: text/html; charset=utf-8
content-length: 107
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H/1.1

200
OK

/
cm.lndata.com/
Redirect Chain

https://v.lndata.com/i/a80469,b1452936,c4007,i0,m202,h
https://match.adsrvr.org/track/cmf/generic?ttd_puid=2111121220181619665&ttd_pid=77dj1uh&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_puid=2111121220181619665&ttd_pid=77dj1uh&ttd_tpi=1
https://cm.lndata.com/?tid=4007&uid=aff64a97-b28e-4207-90da-2ffc1a843e71&ttd_puid=2111121220181619665

35 B
470 B

1045ms
256ms

Image
image/gif

116.50.36.71
DONGFONG-TW DongF...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lndata.com/?tid=4007&uid=aff64a97-b28e-4207-90da-2ffc1a843e71&ttd_puid=2111121220181619665
Requested by: Host: zi.media
URL: https://zi.media/
Protocol: HTTP/1.1
Server: 116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software: TornadoServer/1.2.1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 12 Nov 2021 04:20:19 GMT
Server: TornadoServer/1.2.1
Connection: keep-alive
Content-Type: image/gif
Etag: "0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR

Redirect headers

pragma: no-cache
date: Fri, 12 Nov 2021 04:20:18 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.lndata.com/?tid=4007&uid=aff64a97-b28e-4207-90da-2ffc1a843e71&ttd_puid=2111121220181619665
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 233

GET
H2

200

cm
t.ssp.hinet.net/
Redirect Chain

https://v.lndata.com/i/a80469,b1452938,c4137,i0,m202,h
https://t.ssp.hinet.net/cm?c=035221&cid=2111121220181535686
https://t.ssp.hinet.net/?next=https%3A%2F%2Ft.ssp.hinet.net%2Fcm%3Fc%3D035221%26cid%3D2111121220181535686%26flag%3D1
https://t.ssp.hinet.net/cm?c=035221&cid=2111121220181535686&flag=1

0
125 B

206ms
205ms

Image
image/png

203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.ssp.hinet.net/cm?c=035221&cid=2111121220181535686&flag=1

Requested by

Host: zi.media
URL: https://zi.media/

Protocol

Server

203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:20:19 GMT
cache-control: no-cache, private
vary: Origin
server: nginx
strict-transport-security: max-age=0
content-type: image/png

Redirect headers

location: https://t.ssp.hinet.net/cm?c=035221&cid=2111121220181535686&flag=1
date: Fri, 12 Nov 2021 04:20:19 GMT
cache-control: no-cache, private
vary: Origin
server: nginx
strict-transport-security: max-age=0
content-type: text/html; charset=UTF-8

GET
H/1.1

200
OK

pixel
ps.eyeota.net/
Redirect Chain

https://v.lndata.com/i/a80469,b1452939,c4138,i0,m202,h
https://ps.eyeota.net/pixel?pid=673b2cv&t=ajs&uid=2111121220181787412

0
344 B

40ms
7ms

Image
text/plain

3.124.210.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/pixel?pid=673b2cv&t=ajs&uid=2111121220181787412
Requested by: Host: zi.media
URL: https://zi.media/
Protocol: HTTP/1.1
Server: 3.124.210.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 12 Nov 2021 04:20:18 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Pragma: no-cache
Date: Fri, 12 Nov 2021 04:20:18 GMT
Server: nginx/cd14e69012e8f12f0d1671598153433632dba0bc
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
Location: https://ps.eyeota.net/pixel?pid=673b2cv&t=ajs&uid=2111121220181787412
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, no-transform, max-age=0
Connection: keep-alive
Content-Type: text/html
Content-Length: 0

GET
H2 200 vmfiveLogger_zi_media.js Show response
man.vm5apis.com/dist/vmfiveLogger/ 17 KB
6 KB 64ms
9ms Script
application/javascript 2600:9000:223d:2000:15:a9a7:4a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://man.vm5apis.com/dist/vmfiveLogger/vmfiveLogger_zi_media.js
Requested by: Host: power.adhacker.online
URL: https://power.adhacker.online/general/bttp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:2000:15:a9a7:4a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d3df8b19169ad50a9424c1d46772cef389ba0536e5425016a059a441314070df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 05:26:21 GMT
content-encoding: gzip
last-modified: Mon, 13 Sep 2021 09:21:36 GMT
server: AmazonS3
age: 82437
etag: W/"177f8ad4c82e87669caefd4102e904e7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bfad099b4e1fa2ec7d21876e0293dc20.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: MOLfya6IJuwj2c0KQNW5vBUHwyqcvkhMKIF2LzKp9GQO9y3UZZEbGQ==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 543ms
332ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1431718242&t=pageview&_s=1&dl=https%3A%2F%2Fzi.media%2F&ul=en-us&de=UTF-8&dt=Zi%20%E5%AD%97%E5%AA%92%E9%AB%94&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1180891146&gjid=540157286&cid=2049386619.1636690818&tid=UA-104415826-1&_gid=510507839.1636690818&_r=1&gtm=2wgba1M3M938L&z=333638811

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://zi.media/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 04:20:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://zi.media
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1666593263493412 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 9ms
9ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1666593263493412?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5cc004e6d3e9b6658ffc7eb4ccd3d87f35de3c30205ecf44bb0d51b1cff6a0f4

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 88921
x-xss-protection: 0
pragma: public
x-fb-debug: OWuaXTWryKVUJQVGtxUvDRdlgDbgRLiONmDzCZJIm013/czrS4UJPE5eEggB9QCLbf3hlSwZR5N0v8Hfpq4oDw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 12 Nov 2021 04:20:17 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 87 KB
35 KB 50ms
50ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-11009166

Requested by

Host: man.vm5apis.com
URL: https://man.vm5apis.com/dist/vmfiveLogger/vmfiveLogger_zi_media.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3ece1cae744c9a2699854ee9e77c2cea78e3acb6f185f3e68df674efe1038eeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:20:17 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35973
x-xss-protection: 0
last-modified: Fri, 12 Nov 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 12 Nov 2021 04:20:17 GMT

GET
H/1.1 200
OK man.js Show response
vawpro.vm5apis.com/ 4 KB
5 KB 816ms
264ms Script
application/javascript 104.199.210.210
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://vawpro.vm5apis.com/man.js

Requested by

Host: man.vm5apis.com
URL: https://man.vm5apis.com/dist/vmfiveLogger/vmfiveLogger_zi_media.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.199.210.210 Taipei, Taiwan, ASN15169 (GOOGLE, US),

Reverse DNS

210.210.199.104.bc.googleusercontent.com

Software

nginx/1.14.0 /

Resource Hash

a40aded1ace4cb06d26141d9f8871c98b424d8be43dd9a7079fc3edb704e6749

Security Headers

Name	Value
Strict-Transport-Security	max-age=15638400
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 12 Nov 2021 04:20:18 GMT
X-Content-Type-Options: nosniff
Server: nginx/1.14.0
Etag: d7dc3a17-436f-11ec-88a3-d6f440686dbae334867d-cbf1-4b95-83b2-311676575627
Strict-Transport-Security: max-age=15638400
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 raf.js Show response
man.vm5apis.com/dist/ 4 KB
2 KB 10ms
10ms Script
application/javascript 2600:9000:223d:2000:15:a9a7:4a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://man.vm5apis.com/dist/raf.js
Requested by: Host: man.vm5apis.com
URL: https://man.vm5apis.com/dist/vmfiveLogger/vmfiveLogger_zi_media.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:2000:15:a9a7:4a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 946178d46f833ea76fe4aa24f899e1250a6ccbd4769d17abd792cf90109c07ed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 02:31:37 GMT
content-encoding: br
last-modified: Wed, 29 Apr 2020 06:37:23 GMT
server: AmazonS3
age: 6691
etag: W/"576fe06b0feca7cc7facc9092066e2a4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bfad099b4e1fa2ec7d21876e0293dc20.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: 5s2rsHKkUTF0-pk4AUvm9yk7vZc_muSULCrX5DyQgB0b3x5WVQpUhQ==

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
8ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1666593263493412&ev=PageView&dl=https%3A%2F%2Fzi.media%2F&rl=&if=false&ts=1636690817701&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1636690815363.1785248991&it=1636690815270&coo=false&tm=2&rqm=GET

Requested by

Host: zi.media
URL: https://zi.media/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:20:17 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Fri, 12 Nov 2021 04:20:17 GMT

GET
H/1.1 200
OK visit Show response
api.dable.io/logs/services/zi.media/users/33485067.1636690817685/ 54 B
285 B 262ms
262ms Script
text/javascript 3.37.73.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dable.io/logs/services/zi.media/users/33485067.1636690817685/visit?url=https%3A%2F%2Fzi.media%2F&ref=&lang=en-US&cid=33485067.1636690817685&z=634023&callback=dbljson2

Requested by

Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.37.73.208 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-37-73-208.ap-northeast-2.compute.amazonaws.com

Software

nginx /

Resource Hash

ee4cfb80dd25cc2c164efef4ebc1b0ba0e31627dcb02eca8a726bb49347ceeb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 12 Nov 2021 04:20:17 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Connection: keep-alive
Content-Length: 67
Content-Type: text/javascript; charset=utf-8

GET
H2 200 visit Show response
r-log.dable.io/s/zi.media/u/33485067.1636690817685/ 4 B
124 B 822ms
262ms Script
application/json 3.36.41.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r-log.dable.io/s/zi.media/u/33485067.1636690817685/visit?url=https%3A%2F%2Fzi.media%2F&ref=&lang=en-US&cid=33485067.1636690817685&z=634023&callback=dbljson3
Requested by: Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.36.41.122 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-36-41-122.ap-northeast-2.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: 98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 12 Nov 2021 04:20:18 GMT
server: nginx/1.20.0
content-length: 4
content-type: application/json; charset=utf-8

GET
H2

200

match2
act.ds.kakao.com/
Redirect Chain

https://analytics.ad.daum.net/match?d=111&uid=33485067.1636690817685
https://act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220211112%22,%22u%22:%2233485067.1636690817685%22%7D%7D

0
493 B

1580ms
254ms

Image
text/plain

211.249.220.158
DREAMX-AS DREAMLI...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220211112%22,%22u%22:%2233485067.1636690817685%22%7D%7D

Requested by

Host: zi.media
URL: https://zi.media/

Protocol

Server

211.249.220.158 , Korea, Republic Of, ASN9457 (DREAMX-AS DREAMLINE CO., KR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 04:20:20 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate
strict-transport-security: max-age=15724800; includeSubDomains
content-type: text/plain;charset=UTF-8
content-length: 0
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 12 Nov 2021 04:20:19 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
location: https://act.ds.kakao.com/match2?DSPR=%7B%22v%22:1,%22dr%22:%7B%22t%22:%2220211112%22,%22u%22:%2233485067.1636690817685%22%7D%7D
cache-control: no-cache, no-store, must-revalidate
strict-transport-security: max-age=15724800; includeSubDomains
content-length: 0
expires: 0

GET
H2

200

google
adx.dable.io/pixel/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=dable&google_cm
https://cm.g.doubleclick.net/pixel?google_nid=dable&google_cm=&google_tc=
https://adx.dable.io/pixel/google?google_gid=CAESELV-6t-UUF6S2vPcN2ZIL2o&google_cver=1

35 B
208 B

816ms
257ms

Image
image/gif

3.38.79.221
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adx.dable.io/pixel/google?google_gid=CAESELV-6t-UUF6S2vPcN2ZIL2o&google_cver=1
Requested by: Host: zi.media
URL: https://zi.media/
Protocol: H2
Server: 3.38.79.221 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-38-79-221.ap-northeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:20:19 GMT
server: nginx
content-length: 35
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 12 Nov 2021 04:20:18 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adx.dable.io/pixel/google?google_gid=CAESELV-6t-UUF6S2vPcN2ZIL2o&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 287
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
437 B 58ms
19ms XHR
text/plain 2a00:1450:400c:c07::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-104415826-1&cid=2049386619.1636690818&jid=1180891146&gjid=540157286&_gid=510507839.1636690818&_u=YEBAAEAAAAAAAC~&z=1811158554

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zi.media/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 12 Nov 2021 04:20:18 GMT
content-type: text/plain
access-control-allow-origin: https://zi.media
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK p.gif
s.lndata.com/ 43 B
708 B 1004ms
248ms Image
image/gif 52.68.202.81
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.lndata.com/p.gif?type=pageview&sid=1a70edf&uid=618deb82.1043c722&url=https%3A%2F%2Fzi.media%2F&tl=Zi%20%E5%AD%97%E5%AA%92%E9%AB%94&cs=utf-8&rl=&sr=1600x1200&sc=24&sp=0&vh=1200&pt=2273&_=78341620

Requested by

Host: zi.media
URL: https://zi.media/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.68.202.81 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-68-202-81.ap-northeast-1.compute.amazonaws.com

Software

nginx/1b169d980faf9653a22d037cf2666728c94ed7a0 U2FsdGVkX1+zbRS3xfUfTYrdPkzbVQuTxasqTEqpISU= /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 12 Nov 2021 04:20:19 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 21 Jan 2004 19:51:30 GMT
Server: nginx/1b169d980faf9653a22d037cf2666728c94ed7a0 U2FsdGVkX1+zbRS3xfUfTYrdPkzbVQuTxasqTEqpISU=
Age: 197808
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 19 Apr 2000 11:43:00 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame 366A 0
15 B 12ms
8ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: zi.media
URL: https://zi.media/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://zi.media
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/

Response headers

content-type: text/plain
access-control-allow-origin: https://zi.media
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Fri, 12 Nov 2021 04:20:18 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 721ms
97ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-104415826-1&cid=2049386619.1636690818&jid=1180891146&_u=YEBAAEAAAAAAAC~&z=387838138

Requested by

Host: zi.media
URL: https://zi.media/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 04:20:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 600ms
102ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-104415826-1&cid=2049386619.1636690818&jid=1180891146&_u=YEBAAEAAAAAAAC~&z=387838138

Requested by

Host: zi.media
URL: https://zi.media/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 04:20:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 r8HPTD
s.zimedia.com.tw/c/ 19 KB
19 KB 270ms
270ms Image
image/jpeg 104.199.207.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.zimedia.com.tw/c/r8HPTD
Requested by: Host: zi.media
URL: https://zi.media/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.199.207.196 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 196.207.199.104.bc.googleusercontent.com
Software: nginx/1.13.8 /
Resource Hash: d960af79426abcbfbc04adc56daee837acdc5ab3fe266bde740aefc745c16b85

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: public
date: Fri, 12 Nov 2021 04:20:18 GMT
x-cache-name-l2: image-02
server: nginx/1.13.8
x-cache-status: HIT
content-type: image/jpeg
cache-control: public
x-cache-status-l2: MISS
content-length: 19608
expires: Sat, 11 Dec 2021 23:49:02 GMT

GET
H2 200 23
zi.media/images/avatar/a/starryeagle/ 877 B
1 KB 264ms
264ms Image
image/jpeg 35.194.179.75
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zi.media/images/avatar/a/starryeagle/23?20210528v2
Requested by: Host: zi.media
URL: https://zi.media/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.194.179.75 Taipei, Taiwan, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 75.179.194.35.bc.googleusercontent.com
Software: nginx/1.13.7 /
Resource Hash: 560a7cf3074931bfadc71b2816fd1ee73c6033b740ff9c1651aaa66e85bf4f6a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-user-agent: Mozilla/5.0 (Linux; Android 9; vivo 2010 Build/PPR1.180610.011; wv) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.84 Mobile Safari/537.36 VivoBrowser/7.12.0.0
server: nginx/1.13.7
age: 3113
date: Fri, 12 Nov 2021 04:20:18 GMT
x-cache: HIT
content-type: image/jpeg
x-ua-device
cache-control: max-age = 7200
x-varnish: 929696516 929113350
accept-ranges: bytes
x-backend: zimedia_app
content-length: 877
x-cache-hits: 55

GET
H/1.1 200
OK ip Show response
match-hubble-man.vm5apis.com/ 0
192 B 1063ms
262ms XHR
application/octet-stream 104.199.245.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://match-hubble-man.vm5apis.com/ip?webBrowserid=d7dc3a17-436f-11ec-88a3-d6f440686dbae334867d-cbf1-4b95-83b2-311676575627
Requested by: Host: vawpro.vm5apis.com
URL: https://vawpro.vm5apis.com/man.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.199.245.202 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 202.245.199.104.bc.googleusercontent.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 12 Nov 2021 04:20:19 GMT
Server: nginx/1.6.2
Connection: keep-alive
Content-Length: 0
Content-Type: application/octet-stream

GET
H2 200 persistentID.html Show response
man.vm5apis.com/dist/ Frame 9F19 7 KB
2 KB 11ms
10ms Document
text/html 2600:9000:223d:2000:15:a9a7:4a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://man.vm5apis.com/dist/persistentID.html
Requested by: Host: man.vm5apis.com
URL: https://man.vm5apis.com/dist/vmfiveLogger/vmfiveLogger_zi_media.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:2000:15:a9a7:4a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 58d110ae5bfe40d3bef656be983a66a9199cb292847a63d8df2e6bbaa40b44db

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/

Response headers

content-type: text/html
last-modified: Mon, 24 Aug 2020 06:59:10 GMT
server: AmazonS3
content-encoding: gzip
date: Fri, 12 Nov 2021 02:44:32 GMT
etag: W/"368a1c7ea0d884d0de5da9b3814c6a68"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 bfad099b4e1fa2ec7d21876e0293dc20.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: KwT3qhNx3qeIWaWfpSrVw51xpNPJ3sa7RWTriwBy1Q00WJe_h4mxUg==
age: 6589

GET
H2 200 fingerprint2.min.js Show response
man.vm5apis.com/dist/fingerprintjs2/2.1.0/ 29 KB
10 KB 10ms
9ms Script
application/javascript 2600:9000:223d:2000:15:a9a7:4a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://man.vm5apis.com/dist/fingerprintjs2/2.1.0/fingerprint2.min.js
Requested by: Host: man.vm5apis.com
URL: https://man.vm5apis.com/dist/vmfiveLogger/vmfiveLogger_zi_media.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:2000:15:a9a7:4a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8ebd85faed203134cfade0a7b48a55aa695538c58666ce6ccc85c41eab38d393

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 02:31:41 GMT
content-encoding: br
last-modified: Wed, 29 Apr 2020 06:27:23 GMT
server: AmazonS3
age: 6705
etag: W/"990a1d19fba7eacaa42f27df1c145e35"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bfad099b4e1fa2ec7d21876e0293dc20.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: Tv472ytE3HE_X3wAz9XsLlz4Oo8Vq_l4W848MoPyE43oWFz29wQlTA==

GET
H2 200 md5.min.js Show response
man.vm5apis.com/dist/blueimp-md5/2.10.0/js/ 4 KB
2 KB 11ms
10ms Script
application/javascript 2600:9000:223d:2000:15:a9a7:4a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://man.vm5apis.com/dist/blueimp-md5/2.10.0/js/md5.min.js
Requested by: Host: man.vm5apis.com
URL: https://man.vm5apis.com/dist/vmfiveLogger/vmfiveLogger_zi_media.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223d:2000:15:a9a7:4a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 623398d62a29ec9a079fad9daba0cfdf03c1acba6581c8a2d658ed0ecb5d7ada

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 02:33:25 GMT
content-encoding: br
last-modified: Wed, 29 Apr 2020 06:46:43 GMT
server: AmazonS3
age: 6705
etag: W/"f4f3104e2c0b34c08773c0a96f458338"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bfad099b4e1fa2ec7d21876e0293dc20.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
x-amz-cf-id: SxYlniw_Op0bYgGaPmzIeCNs4Wqypz3AH-S3ihSvDhYzePOmSRiMnw==

GET
H/1.1 200
OK pixel Show response
pt0.vm5apis.com/api/v2/ 35 B
449 B 819ms
280ms XHR
image/gif 35.194.212.25
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://pt0.vm5apis.com/api/v2/pixel?&eventValue=null&eventSubtype=null&eventDetails=%7B%22landingSessionId%22%3A%22d7dc3a17-436f-11ec-88a3-d6f440686dbae334867d-cbf1-4b95-83b2-3116765756271636690817676%22%7D&webBrowserId=d7dc3a17-436f-11ec-88a3-d6f440686dbae334867d-cbf1-4b95-83b2-311676575627&webRef=&webPage=https%3A%2F%2Fzi.media%2F&hostURL=https%253A%252F%252Fzi.media%252F&requestId=null&landingId=d7dc3a17-436f-11ec-88a3-d6f440686dbae334867d-cbf1-4b95-83b2-3116765756271636690817676&landingSessionId=d7dc3a17-436f-11ec-88a3-d6f440686dbae334867d-cbf1-4b95-83b2-3116765756271636690817676&event=DOMContentLoaded&inventoryCompany=Breaktime&contentCatNielsen=&provider=-&loggerName=zi_media&loggerVer=2021091301

Requested by

Host: man.vm5apis.com
URL: https://man.vm5apis.com/dist/vmfiveLogger/vmfiveLogger_zi_media.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.194.212.25 Taipei, Taiwan, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),

Reverse DNS

25.212.194.35.bc.googleusercontent.com

Software

nginx/1.19.5 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=15638400
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 12 Nov 2021 04:20:19 GMT
X-Content-Type-Options: nosniff
Server: nginx/1.19.5
Strict-Transport-Security: max-age=15638400
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://zi.media
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 35

GET
H3

200

activityi;dc_pre=CJ2X67b8kfQCFWbsEQgdl4wA-Q;src=11009166;type=invmedia;cat=logge0;ord=1160235183279;gtm=2odba1;auiddc=1190483480.1636690815;u1=zi_media;u2=2021091301;u3=DOMContentLoaded;u4=%7B%22ev... Show response
11009166.fls.doubleclick.net/ Frame 2D88
Redirect Chain

https://11009166.fls.doubleclick.net/activityi;src=11009166;type=invmedia;cat=logge0;ord=1160235183279;gtm=2odba1;auiddc=1190483480.1636690815;u1=zi_media;u2=2021091301;u3=DOMContentLoaded;u4=%7B%2...
https://11009166.fls.doubleclick.net/activityi;dc_pre=CJ2X67b8kfQCFWbsEQgdl4wA-Q;src=11009166;type=invmedia;cat=logge0;ord=1160235183279;gtm=2odba1;auiddc=1190483480.1636690815;u1=zi_media;u2=20210...

600 B
491 B

106ms
59ms

Document
text/html

142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11009166.fls.doubleclick.net/activityi;dc_pre=CJ2X67b8kfQCFWbsEQgdl4wA-Q;src=11009166;type=invmedia;cat=logge0;ord=1160235183279;gtm=2odba1;auiddc=1190483480.1636690815;u1=zi_media;u2=2021091301;u3=DOMContentLoaded;u4=%7B%22eventDetails%22%3A%7B%22landingSessionId%22%3A%22d7dc3a17-436f-11ec-88a3-d6f440686dbae334867d-cbf1-4b95-83b2-3116765756271636690817676%22%7D%7D;u5=false;ps=1;~oref=https%3A%2F%2Fzi.media%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-11009166

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

2b681be4e6c00ddd36aa6cc7ec4717b14e4f4de2e4bdac87f3d7a00996452585

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 12 Nov 2021 04:20:18 GMT
expires: Fri, 12 Nov 2021 04:20:18 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 468
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 12 Nov 2021 04:20:18 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://11009166.fls.doubleclick.net/activityi;dc_pre=CJ2X67b8kfQCFWbsEQgdl4wA-Q;src=11009166;type=invmedia;cat=logge0;ord=1160235183279;gtm=2odba1;auiddc=1190483480.1636690815;u1=zi_media;u2=2021091301;u3=DOMContentLoaded;u4=%7B%22eventDetails%22%3A%7B%22landingSessionId%22%3A%22d7dc3a17-436f-11ec-88a3-d6f440686dbae334867d-cbf1-4b95-83b2-3116765756271636690817676%22%7D%7D;u5=false;ps=1;~oref=https%3A%2F%2Fzi.media%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
8ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1666593263493412&ev=DOMContentLoaded&dl=https%3A%2F%2Fzi.media%2F&rl=&if=false&ts=1636690818501&cd[webBrowserId]=d7dc3a17-436f-11ec-88a3-d6f440686dbae334867d-cbf1-4b95-83b2-311676575627&cd[webRef]=&cd[webPage]=https%3A%2F%2Fzi.media%2F&cd[hostURL]=https%253A%252F%252Fzi.media%252F&cd[landingId]=d7dc3a17-436f-11ec-88a3-d6f440686dbae334867d-cbf1-4b95-83b2-3116765756271636690817676&cd[landingSessionId]=d7dc3a17-436f-11ec-88a3-d6f440686dbae334867d-cbf1-4b95-83b2-3116765756271636690817676&cd[event]=DOMContentLoaded&cd[inventoryCompany]=Breaktime&cd[contentCatNielsen]=&cd[provider]=-&cd[loggerName]=zi_media&cd[loggerVer]=2021091301&cd[eventDetails]=%7B%22landingSessionId%22%3A%22d7dc3a17-436f-11ec-88a3-d6f440686dbae334867d-cbf1-4b95-83b2-3116765756271636690817676%22%7D&cd[FromVMFiveAds]=false&sw=1600&sh=1200&v=2.9.48&r=stable&ec=2&o=30&fbp=fb.1.1636690815363.1785248991&it=1636690815270&coo=false&tm=2&rqm=GET

Requested by

Host: zi.media
URL: https://zi.media/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:20:18 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Fri, 12 Nov 2021 04:20:18 GMT

GET
H3 200 activityi;register_conversion=1;src=11009166;type=invmedia;cat=logge0;ord=1160235183279;gtm=2odba1;auiddc=1190483480.1636690815;u1=zi_media;u2=2021091301;u3=DOMContentLoaded;u4=%7B%22eventDetails%2...
11009166.fls.doubleclick.net/ 0
0 48ms
48ms Image
text/html 142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://11009166.fls.doubleclick.net/activityi;register_conversion=1;src=11009166;type=invmedia;cat=logge0;ord=1160235183279;gtm=2odba1;auiddc=1190483480.1636690815;u1=zi_media;u2=2021091301;u3=DOMContentLoaded;u4=%7B%22eventDetails%22%3A%7B%22landingSessionId%22%3A%22d7dc3a17-436f-11ec-88a3-d6f440686dbae334867d-cbf1-4b95-83b2-3116765756271636690817676%22%7D%7D;u5=false;ps=1;~oref=https%3A%2F%2Fzi.media%2F?
Requested by: Host: zi.media
URL: https://zi.media/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.70 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f6.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 addr.json Show response
iptoweather.vm5apis.com/ 26 B
116 B 800ms
263ms Fetch
application/json 104.199.250.75
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://iptoweather.vm5apis.com/addr.json
Requested by: Host: man.vm5apis.com
URL: https://man.vm5apis.com/dist/vmfiveLogger/vmfiveLogger_zi_media.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.199.250.75 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 75.250.199.104.bc.googleusercontent.com
Software: nginx /
Resource Hash: 10dd6b0f41f0834bb7acf8a29c0e0e34f7c8ad7d84d503417aa552ded9b16b61

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 12 Nov 2021 04:20:19 GMT
server: nginx
content-length: 26
content-type: application/json

GET
H/1.1 200
OK man.js Show response
vawpro.vm5apis.com/ Frame 9F19 4 KB
5 KB 263ms
263ms Script
application/javascript 104.199.210.210
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://vawpro.vm5apis.com/man.js

Requested by

Host: man.vm5apis.com
URL: https://man.vm5apis.com/dist/persistentID.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.199.210.210 Taipei, Taiwan, ASN15169 (GOOGLE, US),

Reverse DNS

210.210.199.104.bc.googleusercontent.com

Software

nginx/1.14.0 /

Resource Hash

84b82392e751de5fff0223a0848ae4f62b73a8b4b9e402f0c21e9bb9785a3bb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15638400
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://man.vm5apis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 12 Nov 2021 04:20:18 GMT
X-Content-Type-Options: nosniff
Server: nginx/1.14.0
Etag: d80997e5-436f-11ec-88a3-d6f440686dbaade022ef-f0d0-4613-b616-9c154e61efa9
Strict-Transport-Security: max-age=15638400
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK ip Show response
match-hubble-man.vm5apis.com/ Frame 9F19 0
192 B 1006ms
262ms XHR
application/octet-stream 104.199.245.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://match-hubble-man.vm5apis.com/ip?webBrowserid=d80997e5-436f-11ec-88a3-d6f440686dbaade022ef-f0d0-4613-b616-9c154e61efa9
Requested by: Host: vawpro.vm5apis.com
URL: https://vawpro.vm5apis.com/man.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.199.245.202 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 202.245.199.104.bc.googleusercontent.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://man.vm5apis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 12 Nov 2021 04:20:19 GMT
Server: nginx/1.6.2
Connection: keep-alive
Content-Length: 0
Content-Type: application/octet-stream

GET
H2 200 dc_pre=CJ2X67b8kfQCFWbsEQgdl4wA-Q;src=11009166;type=invmedia;cat=logge0;ord=1160235183279;gtm=2odba1;auiddc=*;u1=zi_media;u2=2021091301;u3=DOMContentLoaded;u4=%7B%22eventDetails%22%3A%7B%22landingS...
adservice.google.com/ddm/fls/z/ Frame 2D88 42 B
494 B 1438ms
199ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJ2X67b8kfQCFWbsEQgdl4wA-Q;src=11009166;type=invmedia;cat=logge0;ord=1160235183279;gtm=2odba1;auiddc=*;u1=zi_media;u2=2021091301;u3=DOMContentLoaded;u4=%7B%22eventDetails%22%3A%7B%22landingSessionId%22%3A%22d7dc3a17-436f-11ec-88a3-d6f440686dbae334867d-cbf1-4b95-83b2-3116765756271636690817676%22%7D%7D;u5=false;ps=1;~oref=https%3A%2F%2Fzi.media%2F

Requested by

Host: 11009166.fls.doubleclick.net
URL: https://11009166.fls.doubleclick.net/activityi;dc_pre=CJ2X67b8kfQCFWbsEQgdl4wA-Q;src=11009166;type=invmedia;cat=logge0;ord=1160235183279;gtm=2odba1;auiddc=1190483480.1636690815;u1=zi_media;u2=2021091301;u3=DOMContentLoaded;u4=%7B%22eventDetails%22%3A%7B%22landingSessionId%22%3A%22d7dc3a17-436f-11ec-88a3-d6f440686dbae334867d-cbf1-4b95-83b2-3116765756271636690817676%22%7D%7D;u5=false;ps=1;~oref=https%3A%2F%2Fzi.media%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://11009166.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 04:20:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pixel Show response
pt0.vm5apis.com/api/v2/ 35 B
449 B 277ms
277ms XHR
image/gif 35.194.212.25
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL

https://pt0.vm5apis.com/api/v2/pixel?event=fingerprint&provider=-&webBrowserId=d80997e5-436f-11ec-88a3-d6f440686dbaade022ef-f0d0-4613-b616-9c154e61efa9&eventDetails=%7B%22browser_id%22%3A%22d80997e5-436f-11ec-88a3-d6f440686dbaade022ef-f0d0-4613-b616-9c154e61efa9%22%2C%22ip%22%3A%22185.213.155.166%22%2C%22fingerprint%22%3A%2262e92cbaba7c269b1b235043fa79137e%22%2C%22component_userAgent%22%3A%22%5C%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F95.0.4638.54%20Safari%2F537.36%5C%22%22%2C%22component_webdriver%22%3A%22false%22%2C%22component_language%22%3A%22%5C%22en-US%5C%22%22%2C%22component_colorDepth%22%3A%2224%22%2C%22component_deviceMemory%22%3A%228%22%2C%22component_hardwareConcurrency%22%3A%224%22%2C%22component_screenResolution%22%3A%22%5B1600%2C1200%5D%22%2C%22component_availableScreenResolution%22%3A%22%5B1600%2C1200%5D%22%2C%22component_timezoneOffset%22%3A%220%22%2C%22component_timezone%22%3A%22%5C%22Etc%2FUnknown%5C%22%22%2C%22component_sessionStorage%22%3A%22true%22%2C%22component_localStorage%22%3A%22true%22%2C%22component_indexedDb%22%3A%22true%22%2C%22component_addBehavior%22%3A%22false%22%2C%22component_openDatabase%22%3A%22false%22%2C%22component_cpuClass%22%3A%22%5C%22not%20available%5C%22%22%2C%22component_platform%22%3A%22%5C%22Linux%20x86_64%5C%22%22%2C%22component_plugins%22%3A%22%5B%5B%5C%22Chrome%20PDF%20Plugin%5C%22%2C%5C%22Portable%20Document%20Format%5C%22%2C%5B%5B%5C%22application%2Fx-google-chrome-pdf%5C%22%2C%5C%22pdf%5C%22%5D%5D%5D%2C%5B%5C%22Chrome%20PDF%20Viewer%5C%22%2C%5C%22%5C%22%2C%5B%5B%5C%22application%2Fpdf%5C%22%2C%5C%22pdf%5C%22%5D%5D%5D%2C%5B%5C%22Native%20Client%5C%22%2C%5C%22%5C%22%2C%5B%5B%5C%22application%2Fx-nacl%5C%22%2C%5C%22%5C%22%5D%2C%5B%5C%22application%2Fx-pnacl%5C%22%2C%5C%22%5C%22%5D%5D%5D%5D%22%2C%22component_canvas%22%3A%22%5C%22384c7b2fc604d817f7552f8ca80b6522%5C%22%22%2C%22component_webgl%22%3A%22%5C%222c9224a0a710132a033396f01cd84b85%5C%22%22%2C%22component_webglVendorAndRenderer%22%3A%22%5C%22Intel%20Inc.~Intel%20Iris%20OpenGL%20Engine%5C%22%22%2C%22component_adBlock%22%3A%22false%22%2C%22component_hasLiedLanguages%22%3A%22false%22%2C%22component_hasLiedResolution%22%3A%22false%22%2C%22component_hasLiedOs%22%3A%22true%22%2C%22component_hasLiedBrowser%22%3A%22false%22%2C%22component_touchSupport%22%3A%22%5B0%2Cfalse%2Cfalse%5D%22%2C%22component_fonts%22%3A%22%5B%5C%22Andale%20Mono%5C%22%2C%5C%22Arial%5C%22%2C%5C%22Arial%20Black%5C%22%2C%5C%22Comic%20Sans%20MS%5C%22%2C%5C%22Courier%5C%22%2C%5C%22Courier%20New%5C%22%2C%5C%22Georgia%5C%22%2C%5C%22Helvetica%5C%22%2C%5C%22Impact%5C%22%2C%5C%22Times%5C%22%2C%5C%22Times%20New%20Roman%5C%22%2C%5C%22Trebuchet%20MS%5C%22%2C%5C%22Verdana%5C%22%5D%22%2C%22component_audio%22%3A%22%5C%22124.04347527516074%5C%22%22%7D

Requested by

Host: man.vm5apis.com
URL: https://man.vm5apis.com/dist/vmfiveLogger/vmfiveLogger_zi_media.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.194.212.25 Taipei, Taiwan, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),

Reverse DNS

25.212.194.35.bc.googleusercontent.com

Software

nginx/1.19.5 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=15638400
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Fri, 12 Nov 2021 04:20:19 GMT
X-Content-Type-Options: nosniff
Server: nginx/1.19.5
Strict-Transport-Security: max-age=15638400
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://zi.media
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 35

GET
H2 200 pubads_impl_2021110901.js Show response
securepubads.g.doubleclick.net/gpt/ 344 KB
116 KB 144ms
54ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js?31063704

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

290cb5d09439fb608eeeb01483d09a76d15f0056e3ff581a1a3d645f5ce9fb21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:20:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118212
x-xss-protection: 0
last-modified: Tue, 09 Nov 2021 09:34:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 12 Nov 2021 04:20:21 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 202 B
755 B 140ms
51ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=zi.media

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

0fc4c175565ba2c1dee4193d6431a6cee6a37373f8370101fa8819760fcc3d5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Nov 2021 04:20:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119
x-xss-protection: 0
expires: Fri, 12 Nov 2021 04:20:21 GMT

GET
H2 200 campaign Show response
campaign.breaktime.com.tw/ 25 B
313 B 307ms
267ms XHR
application/json 34.96.103.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://campaign.breaktime.com.tw/campaign?url=https://zi.media/

Requested by

Host: power.adhacker.online
URL: https://power.adhacker.online/pmp/pmp_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.103.78 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

78.103.96.34.bc.googleusercontent.com

Software

nginx/1.13.2 /

Resource Hash

08b6b4397d4c9e815835e6019591402a48a8b32de5192723c9c4f9db0113ca82

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 04:20:21 GMT
via: 1.1 google
x-content-type-options: nosniff, nosniff
alt-svc: clear
server: nginx/1.13.2
x-frame-options: DENY
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, must-revalidate
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-xss-protection: 1; mode=block
expires: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 460ms
45ms Script
application/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=zi.media

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js?31063704

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Nov 2021 04:20:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
317 B 2152ms
1849ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=zi.media

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js?31063704

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 12 Nov 2021 04:20:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 120 KB
32 KB 286ms
237ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3175579548371093&correlator=2917184722913132&output=ldjh&impl=fifs&eid=31063213%2C31063406%2C31063704%2C44754276&vrg=2021110901&ptt=17&sc=1&sfv=1-0-38&ecs=20211112&iu_parts=21697024903%2CBT_Interstitial&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ists=1&fas=8&prev_scp=zi-web%3Dzi.media%26zi-path%3D%252F%26zi-partner%3DYUZ7T18&cookie_enabled=1&bc=31&abxe=1&lmt=1636690821&dt=1636690821697&dlt=1636690814011&idt=7657&frm=20&biw=1600&bih=1200&oid=2&adxs=-9&adys=-9&adks=2267895058&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fzi.media%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=2049386619.1636690818&ga_sid=1636690822&ga_hid=1431718242&ga_fc=true&fws=2&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js?31063704

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

9a62c1b38d0b32063f6aed4307c34fc7660654f67682b46d22a80a2f10bab92f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:20:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32455
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://zi.media
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
b1b3f6f8e4c091b94227e3c5ae7a5d28.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7730 6 KB
4 KB 464ms
50ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b1b3f6f8e4c091b94227e3c5ae7a5d28.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js?31063704

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 12 Nov 2021 04:20:22 GMT
expires: Sat, 12 Nov 2022 04:20:22 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 pubads_impl_page_level_ads_2021110901.js Show response
securepubads.g.doubleclick.net/gpt/ 36 KB
13 KB 96ms
49ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2021110901.js?cb=31063704

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js?31063704

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

b10b7cef548974d25fa454cd1224a00611988013e2232d6445190372ec6c6931

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:20:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13474
x-xss-protection: 0
last-modified: Tue, 09 Nov 2021 09:34:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 12 Nov 2021 04:20:21 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 48 KB
11 KB 482ms
443ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3175579548371093&correlator=2917184722913132&output=ldjh&impl=fifs&eid=31063213%2C31063406%2C31063704%2C44754276&vrg=2021110901&ptt=17&sc=1&sfv=1-0-38&ecs=20211112&iu_parts=21697024903%2CBT_a_H&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C1x1%7C970x90%7C970x250%7C728x90%7C580x133%7C400x150%7C336x280%7C320x100%7C320x50%7C300x250&fluid=height&prev_scp=zi-forbid%3DGeneral%26zi-web%3Dzi.media%26zi-path%3D%252F%26zi-partner%3DYUZ7T18%26zi-curation%3Dnone%26zi-cwidth%3DMedium&cookie_enabled=1&bc=31&abxe=1&lmt=1636690821&dt=1636690821709&dlt=1636690814011&idt=7657&frm=20&biw=1600&bih=1200&oid=2&adxs=300&adys=90&adks=2020079222&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fzi.media%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x-1&msz=970x-1&ga_vid=2049386619.1636690818&ga_sid=1636690822&ga_hid=1431718242&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js?31063704

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

8dbcdcb68d2aa7d03aa3ab9e334639dd0363a742c3b5a503ae1fc0570f890857

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:20:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11245
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://zi.media
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 422 B
246 B 121ms
84ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3175579548371093&correlator=2917184722913132&output=ldjh&impl=fifs&eid=31063213%2C31063406%2C31063704%2C44754276&vrg=2021110901&ptt=17&sc=1&sfv=1-0-38&ecs=20211112&iu_parts=21721238339%2CAll_Float&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ists=1&prev_scp=ZiWeb%3Dzi.media%26ZiPath%3D%252F%26ZiPartner%3DYUZ7T18&cookie_enabled=1&bc=31&abxe=1&lmt=1636690821&dt=1636690821712&dlt=1636690814011&idt=7657&frm=20&biw=1600&bih=1200&oid=2&adxs=0&adys=0&adks=2519500136&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fzi.media%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x7124&msz=1600x0&ga_vid=2049386619.1636690818&ga_sid=1636690822&ga_hid=1431718242&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js?31063704

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

77f93a6bca52e2f06b493b2016d0e68401a0050e2202a394e2780a1ef76332d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:20:21 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 217
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://zi.media
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 424 B
246 B 115ms
80ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3175579548371093&correlator=2917184722913132&output=ldjh&impl=fifs&eid=31063213%2C31063406%2C31063704%2C44754276&vrg=2021110901&ptt=17&sc=1&sfv=1-0-38&ecs=20211112&iu_parts=21721238339%2CYPA_a_Fl_SD&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ists=1&prev_scp=ZiWeb%3Dzi.media%26ZiPath%3D%252F%26ZiPartner%3DYUZ7T18&cookie_enabled=1&bc=31&abxe=1&lmt=1636690821&dt=1636690821714&dlt=1636690814011&idt=7657&frm=20&biw=1600&bih=1200&oid=2&adxs=0&adys=0&adks=3890521010&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fzi.media%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x7124&msz=1600x0&ga_vid=2049386619.1636690818&ga_sid=1636690822&ga_hid=1431718242&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js?31063704

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

636a45d7126ae3939d9b4fdc09b524031693ac48ebff7d6146b96cd0ba7ce387

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:20:21 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 217
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://zi.media
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1611109023-ffe59de03a681e734033a6b1b4aae3cc.png
images.zi.org.tw/starryeagle/2021/02/20101703/ 11 KB
11 KB 47ms
18ms Image
image/webp 2606:4700:10::ac43:1ffa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.zi.org.tw/starryeagle/2021/02/20101703/1611109023-ffe59de03a681e734033a6b1b4aae3cc.png

Requested by

Host: zi.media
URL: https://zi.media/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:1ffa , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4273a6fad0e2377729108baea8c9a1ad9cebd4e7d2c9903617d757c2dc0140b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:20:22 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 525615
cf-polished: origFmt=png, origSize=26113
cf-ray: 6accf7a59d3a4309-FRA
content-disposition: inline; filename="1611109023-ffe59de03a681e734033a6b1b4aae3cc.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10960
x-amz-id-2: B9riIyBUXmbWAiG0wuE64ZGU9N5Zd6QSXimz7UyLv9RKpqAf20SVd8KCqOKFiWpgttgMKPp7qls=
expires: Thu, 20 Jan 2022 02:17:03 GMT
last-modified: Wed, 20 Jan 2021 02:17:04 GMT
server: cloudflare
etag: "0b5fc1fc41a810f652ea011f9ce8d49e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; preload
x-amz-request-id: FNSSF8AKB4H8XWY2
vary: Accept
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

GET
H2 200 container.html Show response
b1b3f6f8e4c091b94227e3c5ae7a5d28.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C1C0 6 KB
3 KB 136ms
52ms Document
text/html 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b1b3f6f8e4c091b94227e3c5ae7a5d28.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js?31063704

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 12 Nov 2021 04:20:22 GMT
expires: Sat, 12 Nov 2022 04:20:22 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 css2
fonts.googleapis.com/ Frame C1C0 4 KB
729 B 2166ms
1865ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: b1b3f6f8e4c091b94227e3c5ae7a5d28.safeframe.googlesyndication.com
URL: https://b1b3f6f8e4c091b94227e3c5ae7a5d28.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b1b3f6f8e4c091b94227e3c5ae7a5d28.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 12 Nov 2021 04:04:30 GMT
server: ESF
date: Fri, 12 Nov 2021 04:20:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Nov 2021 04:20:22 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E19F 3 KB
651 B 2155ms
1855ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: b1b3f6f8e4c091b94227e3c5ae7a5d28.safeframe.googlesyndication.com
URL: https://b1b3f6f8e4c091b94227e3c5ae7a5d28.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b1b3f6f8e4c091b94227e3c5ae7a5d28.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 12 Nov 2021 03:58:25 GMT
server: ESF
date: Fri, 12 Nov 2021 04:20:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Nov 2021 04:20:22 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame E19F 1 KB
961 B 496ms
85ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: b1b3f6f8e4c091b94227e3c5ae7a5d28.safeframe.googlesyndication.com
URL: https://b1b3f6f8e4c091b94227e3c5ae7a5d28.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b1b3f6f8e4c091b94227e3c5ae7a5d28.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 00:25:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14083
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Nov 2021 00:25:39 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/ Frame E19F 19 KB
8 KB 450ms
39ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/abg_lite_fy2019.js

Requested by

Host: b1b3f6f8e4c091b94227e3c5ae7a5d28.safeframe.googlesyndication.com
URL: https://b1b3f6f8e4c091b94227e3c5ae7a5d28.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

cb80b0237cf3343b0495e0db33b4ccbbf005b6155bb62f53b9312c3ec7e9a3bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b1b3f6f8e4c091b94227e3c5ae7a5d28.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 03:30:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2998
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7878
x-xss-protection: 0
server: cafe
etag: 10809069374711699201
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Nov 2021 03:30:24 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame E19F 2 KB
1 KB 499ms
89ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/window_focus_fy2019.js

Requested by

Host: b1b3f6f8e4c091b94227e3c5ae7a5d28.safeframe.googlesyndication.com
URL: https://b1b3f6f8e4c091b94227e3c5ae7a5d28.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

9bc961b22032cf0f2172453970fa236676981a171bb2b46dae5cde1de946aab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b1b3f6f8e4c091b94227e3c5ae7a5d28.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:02:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1063
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1337
x-xss-protection: 0
server: cafe
etag: 17605089983984592854
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Nov 2021 04:02:39 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E19F 119 KB
36 KB 254ms
66ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: b1b3f6f8e4c091b94227e3c5ae7a5d28.safeframe.googlesyndication.com
URL: https://b1b3f6f8e4c091b94227e3c5ae7a5d28.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b1b3f6f8e4c091b94227e3c5ae7a5d28.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:20:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 12 Nov 2021 04:20:22 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/ Frame E19F 15 KB
6 KB 457ms
47ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: b1b3f6f8e4c091b94227e3c5ae7a5d28.safeframe.googlesyndication.com
URL: https://b1b3f6f8e4c091b94227e3c5ae7a5d28.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

9dcc85f59fe0fea452da8e3af9bc354752364edc4d6a32d5c2f875e174fb2c06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b1b3f6f8e4c091b94227e3c5ae7a5d28.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 02:32:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6477
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6461
x-xss-protection: 0
server: cafe
etag: 1157727964977547826
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Nov 2021 02:32:25 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame E19F 0
0 346ms
44ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTcoOn9w-0nS7G1a2DVzPWsJVR35DjlEzDOEdVahxIKSEQ0pS6TmIy7D7385Tr_irU-3J6m
Requested by: Host: b1b3f6f8e4c091b94227e3c5ae7a5d28.safeframe.googlesyndication.com
URL: https://b1b3f6f8e4c091b94227e3c5ae7a5d28.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b1b3f6f8e4c091b94227e3c5ae7a5d28.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 c5d443f94f59031b290788a54ae3dbc2.js Show response
www.gstatic.com/mysidia/ Frame E19F 27 KB
12 KB 429ms
40ms Script
text/javascript 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c5d443f94f59031b290788a54ae3dbc2.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: b1b3f6f8e4c091b94227e3c5ae7a5d28.safeframe.googlesyndication.com
URL: https://b1b3f6f8e4c091b94227e3c5ae7a5d28.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

01a10be28bdad9ed81f9a7f1e09f4913d314f13abc7a7bb2d52be9666eff599d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b1b3f6f8e4c091b94227e3c5ae7a5d28.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 10 Nov 2021 08:43:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 156996
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11508
x-xss-protection: 0
last-modified: Tue, 09 Nov 2021 03:19:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 08 Feb 2022 08:43:46 GMT

GET
H2 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211108/r20110914/elements/html/ Frame C1C0 18 KB
8 KB 488ms
81ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211108/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: b1b3f6f8e4c091b94227e3c5ae7a5d28.safeframe.googlesyndication.com
URL: https://b1b3f6f8e4c091b94227e3c5ae7a5d28.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

ad286edc01d412b681126058e8943593d32b62b8dbacd2c901d9ee02cc2653b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b1b3f6f8e4c091b94227e3c5ae7a5d28.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 00:50:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12571
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8114
x-xss-protection: 0
server: cafe
etag: 920690405916455778
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Nov 2021 00:50:51 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C1C0 205 B
295 B 439ms
53ms Image
image/png 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: b1b3f6f8e4c091b94227e3c5ae7a5d28.safeframe.googlesyndication.com
URL: https://b1b3f6f8e4c091b94227e3c5ae7a5d28.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b1b3f6f8e4c091b94227e3c5ae7a5d28.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 20:30:40 GMT
x-content-type-options: nosniff
age: 28182
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 11 Nov 2022 20:30:40 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame C1C0 604 B
919 B 435ms
50ms Image
image/png 142.250.185.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: b1b3f6f8e4c091b94227e3c5ae7a5d28.safeframe.googlesyndication.com
URL: https://b1b3f6f8e4c091b94227e3c5ae7a5d28.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f3.1e100.net

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://b1b3f6f8e4c091b94227e3c5ae7a5d28.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 17:30:29 GMT
x-content-type-options: nosniff
age: 38993
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 11 Nov 2022 17:30:29 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012110042008000/ Frame 2DB9 190 KB
55 KB 471ms
54ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js?31063704

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

be32eb2045a4d0a5eeb1fbe7a87ec822ba313b1f8c5f3faf2f31ee8235dd3486

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 303178
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55667
x-xss-protection: 0
server: sffe
date: Mon, 08 Nov 2021 16:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "11904075b70ba1a0"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Nov 2022 16:07:24 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 2DB9 13 KB
5 KB 541ms
124ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js?31063704

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

ddd0010a6f9f8edd8b545aa47b63a3ace7f81621e62c8b2b9e5453e326946576

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 303178
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4996
x-xss-protection: 0
server: sffe
date: Mon, 08 Nov 2021 16:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "01e91d40c144b6bf"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Nov 2022 16:07:24 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 2DB9 89 KB
28 KB 545ms
129ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js?31063704

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

77c0d53ad7a44dadf518e9960ec49dd00fa3859ecbaf646bb215d33e0b5f4658

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 303178
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28494
x-xss-protection: 0
server: sffe
date: Mon, 08 Nov 2021 16:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a5e24beaf7c9a504"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Nov 2022 16:07:24 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 2DB9 4 KB
2 KB 570ms
153ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js?31063704

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

b18e90729452c8796f604d2f022f8b1e259a28e648c8ce9b7e06dbab25ad3eb8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 303178
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1635
x-xss-protection: 0
server: sffe
date: Mon, 08 Nov 2021 16:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "dff2522b082c9ee5"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Nov 2022 16:07:24 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012110042008000/v0/ Frame 2DB9 40 KB
13 KB 571ms
155ms Script
text/javascript 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012110042008000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js?31063704

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

06c0b9cd46f53c57c3ebc3531be56f50ca25c2bd7bb672eaa8b033c134957c6e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 303178
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12816
x-xss-protection: 0
server: sffe
date: Mon, 08 Nov 2021 16:07:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "6a05f1a8ea5ea134"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 08 Nov 2022 16:07:24 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 2DB9 4 KB
690 B 5850ms
5549ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&lang=zh-CN

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js?31063704

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 12 Nov 2021 04:20:22 GMT
server: ESF
date: Fri, 12 Nov 2021 04:20:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Nov 2021 04:20:22 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 2DB9 4 KB
690 B 6168ms
5867ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&text=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110901.js?31063704

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 12 Nov 2021 03:56:46 GMT
server: ESF
date: Fri, 12 Nov 2021 04:20:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Nov 2021 04:20:22 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/1646260010015520368/ Frame 2DB9 27 KB
27 KB 493ms
98ms Image
image/jpeg 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1646260010015520368/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoIzgIQrwEYASABLQAAAD8wzgI4rwFFAACAPw&rs=AOga4qlajEXSX4zyT8p-4Q3eRItYi6shSw

Requested by

Host: zi.media
URL: https://zi.media/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

9dd1222815e7d3c9ec2630fb0d2ae2a6e3f5bdbb15cf7b5fd84b67d7c0a78a0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 04:20:22 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27572
x-xss-protection: 0
last-modified: Fri, 05 Nov 2021 09:53:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 12 Nov 2022 04:20:22 GMT

GET
H2 200 40933678460698624
tpc.googlesyndication.com/simgad/ Frame 2DB9 1 KB
1 KB 479ms
84ms Image
image/svg+xml 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/40933678460698624

Requested by

Host: zi.media
URL: https://zi.media/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

sffe /

Resource Hash

09fba596f1ba572cf4b3ceb9c1f3962d1b75bbb4a6d6d7707f1f93e2fe889aee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 11 Nov 2021 14:35:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49471
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 728
x-xss-protection: 0
last-modified: Thu, 26 Oct 2017 18:18:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 11 Nov 2022 14:35:51 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 2DB9 0
0 72ms
71ms Image
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CEaeIheuNYdTEONqi7gPx7LvwAtTkubRmg82f4eoOmZmmzbYQEAEgtbHcZWCV4pCCoAegAaTZsdcByAEG4AIAqAMByAMKqgTdAU_QrM8NpFsJtLLB2l1q6oOLDOUXe0XJ4LJsVu4H2l4hC2QhnfrAJxih6pCGwZOfvVsS_z9QtT1tFV32CG16a4osq1R6q78FnRfS_EhxXkOB5jZuitoy0cHavfYKGxpzGsgYBXhoICy2rxYWD8ugnCw5DVUG4Z5pqVYbsxsrUsgAAl76adL7REFf27v_JJ0UqBEW6dVMNKDjfbRk9cCzVtC9zu6EABQ4bd6pYvRVk82FACz6FvT41mmfnOh7LeVg4sB0VTEKx-K6b6A5wdDyJsRk9LKSrRQN1mfT1btBwATvyc7TzQPgBAGSBQQIBBgBkgUECAUYBKAGN4AH5tO23QKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCs9iHSCAkIgOGAcBABGB2ACgPICwHYEwzQFQGAFwGyFx4KHAgAEhRwdWItNzk2ODE0NjUyNTU5Nzk3Nhj2lGw&sigh=dKILswgINiM&uach_m=[UACH]&template_id=492&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: zi.media
URL: https://zi.media/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 204 l
www.google.com/ads/measurement/ Frame 2DB9 0
0 711ms
410ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTQEpixb7-qIf6F8eA2OFCn2Gu_6h4O54FJquYEiUq4rV_zfmulI9HfE3i6Zw6EY5Kxc05I
Requested by: Host: zi.media
URL: https://zi.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2DB9 3 KB
3 KB 480ms
86ms Image
image/png 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png

Requested by

Host: zi.media
URL: https://zi.media/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Nov 2021 13:47:51 GMT
x-content-type-options: nosniff
server: cafe
age: 52351
etag: 7688947696963022458
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3430
x-xss-protection: 0
expires: Fri, 12 Nov 2021 13:47:51 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 2DB9 344 B
474 B 479ms
85ms Image
image/png 142.250.185.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: zi.media
URL: https://zi.media/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f1.1e100.net

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Nov 2021 07:25:45 GMT
x-content-type-options: nosniff
server: cafe
age: 75277
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Fri, 12 Nov 2021 07:25:45 GMT

GET
DATA 200
OK truncated
/ Frame 2DB9 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0042a552642b2c7b0593b86a6a13fb35b81f2702d70baa272093b8b2bc40efe6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET ui
www.google.com/pagead/drt/ Frame 2DB9 0
0

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 2DB9 42 B
64 B 63ms
62ms Image
image/gif 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstmCu_du13F_nLN2bH8BpAzMqfLJAkK2uAIgpqfHj_Tz_sDlt6rPFc57MDXAmI7FLxdzUsZstLzV_Xh_le9GTCf4NXUS4YLm6aiyJ10LXGFiYPPhGiuEA&sai=AMfl-YSxIiqyOrYJK18115IVEdOBiJhPUJqInwxPskKROMiPWWB58GJke1JV8oIPjC40qAuVIBCerDFdF-r7jjYeew9kMYkpWK1L3DwRIEOBVYe02xEDkjriHkqAyp4btbuB&sig=Cg0ArKJSzIY9U5Kk-KVVEAE&cid=CAASQORo21QoqXU7YZti3NI37Xg28IQN2i-s_6z_w4UdNaFd7ZmvcvEO_HyXuMOimQXzMmWRYZ57qNLWNlmag2xU9vE&id=ampim&o=617,90&d=336,280&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=92&tls=1092&g=100&h=100&tt=1092&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=2020079222

Requested by

Host: zi.media
URL: https://zi.media/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Nov 2021 04:20:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cjjIgT
s.zimedia.com.tw/c/ 47 KB
47 KB 526ms
526ms Image
image/jpeg 104.199.207.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.zimedia.com.tw/c/cjjIgT
Requested by: Host: zi.media
URL: https://zi.media/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.199.207.196 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS: 196.207.199.104.bc.googleusercontent.com
Software: nginx/1.13.8 /
Resource Hash: 7210193c52c3da0d11df7e82e43f6ea3d8d1ecfe0d14371a169120d9ee459437

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: public
date: Fri, 12 Nov 2021 04:20:25 GMT
x-cache-name-l2: image-02
server: nginx/1.13.8
x-cache-status: HIT
content-type: image/jpeg
cache-control: public
x-cache-status-l2: MISS
content-length: 48323
expires: Sat, 11 Dec 2021 15:06:54 GMT

GET
H2 200 23
zi.media/images/avatar/a/livefordelicacyblogspotcom/ 759 B
1 KB 264ms
264ms Image
image/jpeg 35.194.179.75
GOOGLE-PRIVATE-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zi.media/images/avatar/a/livefordelicacyblogspotcom/23?20210528v2
Requested by: Host: zi.media
URL: https://zi.media/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.194.179.75 Taipei, Taiwan, ASN396982 (GOOGLE-PRIVATE-CLOUD, US),
Reverse DNS: 75.179.194.35.bc.googleusercontent.com
Software: nginx/1.13.7 /
Resource Hash: 252a8e9af07c3d3bee5dcfeac91de7c5f81d9691531e772f1aa4a91079c5935c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-user-agent: Mozilla/5.0 (Linux; Android 7.0; SM-G9287 Build/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/95.0.4638.74 Mobile Safari/537.36
server: nginx/1.13.7
age: 632
date: Fri, 12 Nov 2021 04:20:25 GMT
x-cache: HIT
content-type: image/jpeg
x-ua-device
cache-control: max-age = 7200
x-varnish: 927711301 929316620
accept-ranges: bytes
x-backend: zimedia_app
content-length: 759
x-cache-hits: 4

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 2DB9 16 KB
16 KB 2487ms
195ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=zh-CN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://zi.media
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 12 Nov 2021 02:46:35 GMT
x-content-type-options: nosniff
age: 5635
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 12 Nov 2022 02:46:35 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 2DB9 15 KB
15 KB 2695ms
405ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=zh-CN

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://zi.media
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 21:11:56 GMT
x-content-type-options: nosniff
age: 284914
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 08 Nov 2022 21:11:56 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211109/r20190131/ Frame 473C 11 KB
5 KB 319ms
151ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211109/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://zi.media/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 11 Nov 2021 08:31:43 GMT
expires: Thu, 25 Nov 2021 08:31:43 GMT
content-type: text/html; charset=UTF-8
etag: 16478831307880631077
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4883
x-xss-protection: 0
age: 71328
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: dc.breaktime.com.tw
URL: https://dc.breaktime.com.tw/dc/cv

Domain: www.google.com
URL: https://www.google.com/pagead/drt/ui

Verdicts & Comments Add Verdict or Comment

129 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
man.vm5apis.com/dist	1978-01-11 21:31:40	Name: VM5AD_BROWSER_ID_COOKIE_TIMESTAMP Value: 1636690818793
man.vm5apis.com/dist	1978-01-11 21:31:40	Name: VM5AD_BROWSER_ID_COOKIE Value: d80997e5-436f-11ec-88a3-d6f440686dbaade022ef-f0d0-4613-b616-9c154e61efa9
.zi.media/	1970-01-19 22:38:12	Name: __asc Value: 9695566417d125fe6ea7a828243
.zi.media/	1970-01-20 07:25:13	Name: __auc Value: 9695566417d125fe6ea7a828243
.scorecardresearch.com/	1970-01-20 15:54:58	Name: UID Value: 1IVFK4JBXPXDZQY9RW3EJ3g1636690815
.zi.media/	1970-01-20 07:23:46	Name: zimedia_frontend_session Value: eyJpdiI6InRsM3RJUkFiallJT0JIMU1HbFAzQnc9PSIsInZhbHVlIjoiV21ma1BwVkVSa1U5V3crcEZwaXZkSytSd0ZaV29FODhFdlYxN1BYUHdlZ0hTa3duQVZjbitkclkrSU1RN0FDQ3JJME1Obkl6V1wvUnhzaUNSQlNSQTZ3PT0iLCJtYWMiOiIwMDExY2JiNmU0ODg4YmRkNGQxOGM2ZDVlMmIzMDQxMjhlYWU0NDE4ZjVhYzA0MTE4OWU1YzczZmZmY2FlYTRhIn0%3D
zi.media/	1970-02-25 10:38:10	Name: zimedia_guid Value: f46d39c8-42d5-416f-dea4-d8b50ed15f04
.zi.media/	1970-01-20 00:47:46	Name: _gcl_au Value: 1.1.1190483480.1636690815
.zi.media/	1970-01-20 00:47:46	Name: _fbp Value: fb.1.1636690815363.1785248991
.breaktime.com.tw/	1970-01-20 16:09:22	Name: cat_trid Value: 5632f9af-df22-404e-a190-d7390984866a.1636690816.0241282
.zi.media/	1970-01-19 22:39:37	Name: cat_trid Value: 5632f9af-df22-404e-a190-d7390984866a.1636690816.0241282
.c.appier.net/	1970-01-20 07:23:46	Name: _auid Value: 9Njo6KcKB7ea_ipWgOuNYQ
.tenmax.io/	1970-01-20 15:54:58	Name: uid Value: d6fb3160-436f-11ec-9b07-b3f88ddab3d6
.zi.media/	1970-01-20 16:09:22	Name: _ga Value: GA1.2.2049386619.1636690818
.zi.media/	1970-01-19 22:39:37	Name: _gid Value: GA1.2.510507839.1636690818
.zi.media/	1970-01-19 22:38:10	Name: _gat_UA-104415826-1 Value: 1
.dable.io/	1970-01-20 01:02:10	Name: uid Value: 33485067.1636690817685
.dable.io/	1970-01-19 22:39:21	Name: _skp Value: 1
.dable.io/	1970-01-19 22:56:38	Name: _gg_ck_match Value: 1
.zi.media/	1970-01-20 16:09:22	Name: dable_uid Value: 33485067.1636690817685
.lndata.com/	1970-01-20 07:24:15	Name: admckid Value: 2111121220181787412
.lndata.com/	1969-12-31 23:59:59	Name: admses Value: 1220189781840
.lndata.com/	1970-01-20 07:24:15	Name: mapping_hist Value: szeJ.T00utTM0vSdQ.NDM2M7M0sDC0AAA4qgUi
.lndata.com/	1970-01-20 07:24:15	Name: viewlist Value: szeJwNx8ERADAIArCNOKkWYf_F2vwCuEYB5550UKBaSpkGf5vcdWfnAby4CKA*
.zi.media/	1970-01-20 15:54:58	Name: _smt_uid Value: 618deb82.1043c722
.eyeota.net/	1970-01-19 22:38:11	Name: SERVERID Value: 23532~DM
.adsrvr.org/	1970-01-20 07:23:46	Name: TDID Value: aff64a97-b28e-4207-90da-2ffc1a843e71
.adsrvr.org/	1970-01-20 07:23:46	Name: TDCPM Value: CAEYBSABKAIyCwjO5ODxzueSOhAFOAE.
.doubleclick.net/	1970-01-20 07:59:46	Name: IDE Value: AHWqTUkXD3rrFEvE0JXIoGyhvq6XYfw8Qn9n-twcVVjekQUD39MR6FA3LeycN3iUqFY
zi.media/	1970-01-19 22:38:11	Name: vmfive_landing_session_info Value: {"id":"d7dc3a17-436f-11ec-88a3-d6f440686dbae334867d-cbf1-4b95-83b2-3116765756271636690817676","requestId":null,"utm_source":null}
.ad.daum.net/	1970-01-20 00:47:46	Name: DSPR Value: %7B%22v%22%3A1%2C%22dr%22%3A%7B%22t%22%3A%2220211112%22%2C%22u%22%3A%2233485067.1636690817685%22%7D%7D
.hinet.net/	1970-01-20 16:09:22	Name: uuid Value: 202f81f0-9856-40c3-9575-7fe372ab6622
.ds.kakao.com/	1970-01-20 00:47:46	Name: DSPR Value: %7B%22v%22%3A1%2C%22dr%22%3A%7B%22t%22%3A%2220211112%22%2C%22u%22%3A%2233485067.1636690817685%22%7D%7D
.zi.media/	1970-01-20 07:59:46	Name: __gads Value: ID=dbda24ff0e52bba8:T=1636690821:S=ALNI_MZA8vmOcPsGYv6t2bFg1eF-tadAYA

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.googleadservices.com/pagead/conversion_async.js(Line 22) Message: Unrecognized feature: 'conversion-measurement'.
other	warning	URL: https://www.googleadservices.com/pagead/conversion_async.js(Line 22) Message: Unrecognized feature: 'attribution-reporting'.
deprecation	warning	URL: https://power.adhacker.online/pmp/pmp_ads.js(Line 2) Message: Synchronous XMLHttpRequest on the main thread is deprecated because of its detrimental effects to the end user's experience. For more help, check https://xhr.spec.whatwg.org/.
other	warning	URL: https://cdn.ampproject.org/rtv/012110042008000/v0/amp-ad-exit-0.1.mjs(Line 2) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11009166.fls.doubleclick.net
a.breaktime.com.tw
act.ds.kakao.com
adservice.google.com
adservice.google.de
adx.c.appier.net
adx.dable.io
alliance.breaktime.com.tw
analytics.ad.daum.net
api.dable.io
api.pvmax.net
apn.c.appier.net
article.adhacker.online
b1b3f6f8e4c091b94227e3c5ae7a5d28.safeframe.googlesyndication.com
campaign.breaktime.com.tw
catalyst.breaktime.com.tw
cdn.ampproject.org
cdn.lndata.com
certify-js.alexametrics.com
certify.alexametrics.com
cm.g.doubleclick.net
cm.lndata.com
connect.facebook.net
data.breaktime.com.tw
dc.breaktime.com.tw
fonts.googleapis.com
fonts.gstatic.com
gocm.c.appier.net
googleads.g.doubleclick.net
images.zi.org.tw
iptoweather.vm5apis.com
man.vm5apis.com
match-hubble-man.vm5apis.com
match.adsrvr.org
pagead2.googlesyndication.com
pic.pimg.tw
power.adhacker.online
powerads.breaktime.com.tw
ps.eyeota.net
pt0.vm5apis.com
pvmax.tenmax.io
r-log.dable.io
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
s.lndata.com
s.zimedia.com.tw
sb.scorecardresearch.com
securepubads.g.doubleclick.net
static.dable.io
stats.g.doubleclick.net
t.ssp.hinet.net
tpc.googlesyndication.com
v.lndata.com
vawpro.vm5apis.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
zi.media
dc.breaktime.com.tw
www.google.com
104.199.207.196
104.199.210.210
104.199.245.202
104.199.250.75
116.50.36.71
13.32.99.105
13.75.71.72
137.116.169.173
142.250.185.67
142.250.185.97
142.250.186.104
142.250.186.129
142.250.186.130
142.250.186.66
142.250.186.70
142.250.186.98
172.104.105.5
172.217.18.98
18.182.160.59
18.66.112.116
18.66.97.50
2.16.186.234
203.75.214.136
207.46.146.168
211.249.220.158
2600:9000:223d:2000:15:a9a7:4a80:93a1
2606:4700:10::6816:4b44
2606:4700:10::ac43:1ffa
2606:4700:3036::6815:1c52
2620:1ec:bdf::44
2a00:1450:4001:808::2002
2a00:1450:4001:808::2003
2a00:1450:4001:80e::2003
2a00:1450:4001:810::200a
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::2004
2a00:1450:4001:829::2008
2a00:1450:4001:82a::200e
2a00:1450:400c:c07::9b
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
3.124.210.90
3.36.41.122
3.37.73.208
3.38.79.221
34.96.103.78
34.96.119.68
35.186.245.165
35.194.179.75
35.194.212.25
35.244.138.40
35.71.131.137
52.68.202.81
54.187.141.46
61.31.170.144
88.221.77.233
0042a552642b2c7b0593b86a6a13fb35b81f2702d70baa272093b8b2bc40efe6
01a10be28bdad9ed81f9a7f1e09f4913d314f13abc7a7bb2d52be9666eff599d
01e528d681a3d30cef73d5bd5d24d140e9115caf02a775985c6b4c03e2427bbe
046646018e143c9891f835b7f371b8da490c99fb9afc8d1e193a97dde4a86d2f
057837e0eabd6539ec78cdaa7f784d1d879f84786387e784c58f7328dbda05c5
06c0b9cd46f53c57c3ebc3531be56f50ca25c2bd7bb672eaa8b033c134957c6e
07860ac8f7d4a807d627c95ab0289287ade2b8cde63a1b0f127dd16824f6379c
08b6b4397d4c9e815835e6019591402a48a8b32de5192723c9c4f9db0113ca82
093d4b9ddcc48e314c1e44f2942518b068399445c28e3ef979a4719c7b40265d
095443ceb179cd63f25348f7522ac6d3c6a78de58ca79cb0a1b9d531822801c6
09fba596f1ba572cf4b3ceb9c1f3962d1b75bbb4a6d6d7707f1f93e2fe889aee
0c5e1da94a728c7a8cc4363b44d961c94459111d362eef8cf7895a9c6234d17c
0e0aa1fce6767711db5df8e96c3173c6484a7c550ea8fd34318acea8f9a561d1
0fc4c175565ba2c1dee4193d6431a6cee6a37373f8370101fa8819760fcc3d5a
10adba5df8bb57bbee4bc05dbef5574714d5e26582bd18c24c2b9da56334efd3
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10dd6b0f41f0834bb7acf8a29c0e0e34f7c8ad7d84d503417aa552ded9b16b61
110b3bf8b6fbb7db563e47643f0fded3b1ecfd100fe613989a6c850163088457
14ac8c5f3c58c2326d6e97bd4abeb8e14c676fd9d7a67e30bdaba972529dbba4
1b365cf68a59081dacb89c77857b5fd991d1691c9fe16c952534b26053214355
230652178330f5e462a1ab5c01b64f5dc8be8cbdf9f6693ba7e067ab78e32649
252a8e9af07c3d3bee5dcfeac91de7c5f81d9691531e772f1aa4a91079c5935c
25985cac67315f25831707ee28cb44e3fdfefa28aa3246175dbc7f17f4e49973
25aff3a4b54bd174fe81fb7e421890b6523ab063aa1d45f53fbfc8e26b477926
290cb5d09439fb608eeeb01483d09a76d15f0056e3ff581a1a3d645f5ce9fb21
2b681be4e6c00ddd36aa6cc7ec4717b14e4f4de2e4bdac87f3d7a00996452585
2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27
2f5d0dd59fda22cf391b8409c8e82542a82d686f9f7fc3ef1553ce57a92b0f5b
326e200f07f5cf2ce07b49d8be75bc108a55eada006969026b5211518d1df8db
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
3c187b0e2f71ee1d26d3496abad732d1bed6d5c073aaadc0ac09f135d3ae3e38
3d4c882c95ff8dcdd77aa176c0f9d23fd613ceddf733b7ba67c509031a3fb373
3ece1cae744c9a2699854ee9e77c2cea78e3acb6f185f3e68df674efe1038eeb
4273a6fad0e2377729108baea8c9a1ad9cebd4e7d2c9903617d757c2dc0140b3
46c18a182577a54bf76fd47d775f1f4bb034e9138f45d3f2ced08394cfcbf300
4acd291f2b55be3565725a92fe860029f609fecdd649bdb0a82cb4042255c575
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e27f18f8bb12adbbfbe3a85f73f75bc9bc6dc3690dd8ffaebe3d3e6629c4ec9
5326620de3fa85a8df4be659426ab978a6bb4a581ec292808014aa8625cb84fe
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
560a7cf3074931bfadc71b2816fd1ee73c6033b740ff9c1651aaa66e85bf4f6a
58d110ae5bfe40d3bef656be983a66a9199cb292847a63d8df2e6bbaa40b44db
599a9083caebee4c059389fa9b90d97658e2f600d407f2f720e372cc82de9f23
5c0923c4d6b655194aed99fe6b7f3f1f35c00286b0972704f52730c260316d8a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cc004e6d3e9b6658ffc7eb4ccd3d87f35de3c30205ecf44bb0d51b1cff6a0f4
5cedd5abd94d64b07e3779451d057665572b89caa8b445a5e9efa42bad9c4274
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
5f045a02ac49edc45abbfaf1b3c260c7ac7e0193456be4f1dc81b345c0d7a507
61118867a3cec289e2ae2f8849b6e8d9ce655add14ae3df076e8a782b8b92531
623398d62a29ec9a079fad9daba0cfdf03c1acba6581c8a2d658ed0ecb5d7ada
636a45d7126ae3939d9b4fdc09b524031693ac48ebff7d6146b96cd0ba7ce387
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d5f2825361c53b9c61afc9ab48126aeed2350ca3515f7f2e58e6912e03f1713
6d636f5f719c4f6ada3e77ac0332edb818b1d4a0e29c90032204057229e58798
7047d1b319e2914bd30144af502706162af7222e5cc65d1a619e422eb48032e3
7210193c52c3da0d11df7e82e43f6ea3d8d1ecfe0d14371a169120d9ee459437
77c0d53ad7a44dadf518e9960ec49dd00fa3859ecbaf646bb215d33e0b5f4658
77f93a6bca52e2f06b493b2016d0e68401a0050e2202a394e2780a1ef76332d9
7f0690cc7aa3e0a4f7ad0894766c1db5c291fb1d4840bfe4ab91cb393b77a608
7f5c2822569d153d4e231df73b5b2fd91bf9336617fdab490b23887cc8e40995
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84b82392e751de5fff0223a0848ae4f62b73a8b4b9e402f0c21e9bb9785a3bb2
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89d70d41fdf2cec32156f641b7832d94fad8340b5dade01192d1dc31c7e51623
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
8b51b917a9f41e7350e60d82cb68ff43e8f36313acc3ff56bb9d06471ee87192
8dbcdcb68d2aa7d03aa3ab9e334639dd0363a742c3b5a503ae1fc0570f890857
8e04ef7c020413231d04732a8537de5c9af935cf1811a53c01ffca360eb34ace
8ebd85faed203134cfade0a7b48a55aa695538c58666ce6ccc85c41eab38d393
8f38393fa369a1535da74ee86ba3c12069fad9d83882816fd0769ff933b6f5cf
90a54256264f2aaa771bf3bb717a5e5b0f7a336c06bcf36ba624c7d5f5c5f3c2
946178d46f833ea76fe4aa24f899e1250a6ccbd4769d17abd792cf90109c07ed
97a4fba2014ce7433a13445c2758ba9437dfefdf4b2cd8a070225a59cc8332ee
98c4922bb641c65c7a30b7bcafdf230b9b00b6693631c56146ab25b2786ee4a3
9908f9e3091e5c0d5157d3ded1e792dbbc040c2a44ce2c01a26c9c0b493dfe28
9a62c1b38d0b32063f6aed4307c34fc7660654f67682b46d22a80a2f10bab92f
9ab103467f6fe59429d8cb4a7a9598277fceb1b965e390dc0a4954cce0a73ad7
9bc961b22032cf0f2172453970fa236676981a171bb2b46dae5cde1de946aab2
9c33f70b4cb7aafdfed064f3d8bdabbc6b3ed12cdf0eafdf3f39d3989c988736
9dcc85f59fe0fea452da8e3af9bc354752364edc4d6a32d5c2f875e174fb2c06
9dd1222815e7d3c9ec2630fb0d2ae2a6e3f5bdbb15cf7b5fd84b67d7c0a78a0d
9e1123ff4ab7e97e70425039b8addceceb3c5e24fed71b2dafc96f4c33466490
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a40aded1ace4cb06d26141d9f8871c98b424d8be43dd9a7079fc3edb704e6749
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5123ebcdf73f832310531a03ba253496737d1d005b3d4e41fc5a7d4f6179677
a56a8c253db654dd60385e77d12466dfc33f97e2b005d13db9898eccb5402ff3
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ad286edc01d412b681126058e8943593d32b62b8dbacd2c901d9ee02cc2653b0
b0c181c1fa5b679c11dc2f0d3de4e2643435fd2734b93f75643b43f7787b1b39
b10b7cef548974d25fa454cd1224a00611988013e2232d6445190372ec6c6931
b18e90729452c8796f604d2f022f8b1e259a28e648c8ce9b7e06dbab25ad3eb8
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
ba6923cfc3ccf637c457aae8fcc156e9d1c5a5ec744717c10ea430f8798f81de
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
be32eb2045a4d0a5eeb1fbe7a87ec822ba313b1f8c5f3faf2f31ee8235dd3486
bf29f16d3ac4001fd28f9e2e2ef8c355203c15935007fcdca4cfe1c2416126cd
c4a7f7626458e91db9703050660ada7c583fb8459e649d13aa0e5bbbb8ee19cc
cb80b0237cf3343b0495e0db33b4ccbbf005b6155bb62f53b9312c3ec7e9a3bb
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1fbf473619b8b5338799d2aed30ea621afa8da1a03cccc61f9d40d1ee2b6424
d2e80f9ff7276cf9bc2bfd9248b7550f8885290db418fe516ab7dccb968091b5
d3df8b19169ad50a9424c1d46772cef389ba0536e5425016a059a441314070df
d6fac87a6c47841000f3671db689a4ff243d8e674199d6bc236c7a32e143648e
d806fbf706d44e3f70c84eb278b8eccfbb6f746a9da03fc8e8e8807c2d788f42
d960af79426abcbfbc04adc56daee837acdc5ab3fe266bde740aefc745c16b85
ddd0010a6f9f8edd8b545aa47b63a3ace7f81621e62c8b2b9e5453e326946576
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de7597dfbfc39bdba53be7ecebe52a9c8a859623e8d4fb47e4e2cc5869180c8f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee4cfb80dd25cc2c164efef4ebc1b0ba0e31627dcb02eca8a726bb49347ceeb3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f14c988345ee6f2996c7e4b1aa6206e9f71a939f8fa94a7b60b9166a50b3ea82
f5b799d5bfdaa0a9ec8efc988405448d9bf908ff999dbdc3660302f6e205ca67
f7c7032de327a2a1f998bc2d37802af7d6d21b4b95da606daad3c58df8977cbe
f8f83b2d89f2887f3e03585cfce8c273099314fbf5b8d50a7672b3027758fffd
fa70ba5d38e5e05f0befc6a7e1b3e6c790d5c402cfe43677547c712a092bf864
fd30ceeef1168f77eb1c624a498bc1d36a3c39eab2d79e5fa07f5fcc867a6145

zi.media Open in urlscan Pro 35.194.179.75 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

164 Requests

91 %HTTPS

31 %IPv6

33 Domains

62 Subdomains

55 IPs

7 Countries

2142 kBTransfer

5058 kBSize

34 Cookies

42 Outgoing links

Page URL History

Redirected requests

164 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

zi.media Open in urlscan Pro
35.194.179.75 Public Scan

Screenshot
Live screenshot

Full Image

164
Requests

91 %
HTTPS

31 %
IPv6

33
Domains

62
Subdomains

55
IPs

7
Countries

2142 kB
Transfer

5058 kB
Size

34
Cookies

164 HTTP transactions
1 data transactions