zi.media Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://zi.media/
Submission: On October 26 via manual (October 26th 2023, 1:50:45 am UTC) from TW — Scanned from NL

Summary HTTP 124 Redirects Links 34 Behaviour Indicators

Summary

This website contacted 52 IPs in 8 countries across 36 domains to perform 124 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is zi.media.
TLS certificate: Issued by GTS CA 1P5 on October 17th 2023. Valid for: 3 months.

This is the only time zi.media was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
9	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	207.241.224.2 207.241.224.2	7941 (INTERNET-...) (INTERNET-ARCHIVE)
17	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2620:1ec:46::67 2620:1ec:46::67	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	207.241.225.195 207.241.225.195	7941 (INTERNET-...) (INTERNET-ARCHIVE)
2	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
6	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.244.138.40 35.244.138.40	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1	18.179.226.88 18.179.226.88	16509 (AMAZON-02) (AMAZON-02)
4 4	54.65.203.202 54.65.203.202	16509 (AMAZON-02) (AMAZON-02)
1 1	139.162.117.143 139.162.117.143	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
2	116.50.36.71 116.50.36.71	18046 (DONGFONG-...) (DONGFONG-TW DongFong Technology Co. Ltd.)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2 3	203.75.214.136 203.75.214.136	3462 (HINET Dat...) (HINET Data Communication Business Group)
1	3.122.214.165 3.122.214.165	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:206... 2600:9000:206f:9c00:15:a9a7:4a80:93a1	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3036::6815:eb9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	104.199.210.210 104.199.210.210	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	104.208.76.145 104.208.76.145	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	104.199.245.202 104.199.245.202	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	35.194.212.25 35.194.212.25	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	3.114.84.80 3.114.84.80	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:3556	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:9000:225... 2600:9000:225b:ba00:a:e047:753:6381	16509 (AMAZON-02) (AMAZON-02)
1	65.9.66.68 65.9.66.68	16509 (AMAZON-02) (AMAZON-02)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	104.18.35.167 104.18.35.167	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:223... 2600:9000:223c:7600:10:dd8:5e40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1 2	34.120.135.53 34.120.135.53	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	34.102.239.73 34.102.239.73	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.229.142.89 35.229.142.89	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	162.19.138.120 162.19.138.120	16276 (OVH) (OVH)
1 3	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	99.81.194.117 99.81.194.117	16509 (AMAZON-02) (AMAZON-02)
6	2606:4700:e0:... 2606:4700:e0::ac40:6518	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:403	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
6	87.248.100.136 87.248.100.136	34010 (YAHOO-IRD) (YAHOO-IRD)
3	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
124	52

9 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

zi.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 207.241.224.2 (Pleasanton, United States)

ASN7941 (INTERNET-ARCHIVE, US)
PTR: www.archive.org

archive.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:46::67 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

a.breaktime.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 207.241.225.195 (Pleasanton, United States)

ASN7941 (INTERNET-ARCHIVE, US)
PTR: analytics2.us.archive.org

analytics.archive.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

power.adhacker.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cell.adbottw.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.138.40 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 40.138.244.35.bc.googleusercontent.com

alliance.breaktime.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.179.226.88 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-179-226-88.ap-northeast-1.compute.amazonaws.com

cdn.lndata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.65.203.202 (Tokyo, Japan) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-65-203-202.ap-northeast-1.compute.amazonaws.com

v.lndata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.162.117.143 (Tokyo, Japan) 1 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1601-143.members.linode.com

gocm.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 116.50.36.71 (Taiwan)

ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW)

cm.lndata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 203.75.214.136 (Taiwan) 2 redirects

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.hinet-ip.hinet.net

t.ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.122.214.165 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-214-165.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:206f:9c00:15:a9a7:4a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

man.vm5apis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::6815:eb9 (United States)

ASN13335 (CLOUDFLARENET, US)

breaktime.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.199.210.210 (Taipei, Taiwan)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 210.210.199.104.bc.googleusercontent.com

vawpro.vm5apis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.208.76.145 (Hong Kong, Hong Kong)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

powerads.breaktime.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.199.245.202 (Taipei, Taiwan)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 202.245.199.104.bc.googleusercontent.com

match-hubble-man.vm5apis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.194.212.25 (Taipei, Taiwan)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 25.212.194.35.bc.googleusercontent.com

pt0.vm5apis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.114.84.80 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-114-84-80.ap-northeast-1.compute.amazonaws.com

s.lndata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3556 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225b:ba00:a:e047:753:6381 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-68.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.35.167 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn-ima.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:7600:10:dd8:5e40:93a1 (United States)

ASN16509 (AMAZON-02, US)

connectid.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

7062c60d79892459149a1d843a69876c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.135.53 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.102.239.73 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 73.239.102.34.bc.googleusercontent.com

t.daexauto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.229.142.89 (Taipei, Taiwan)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 89.142.229.35.bc.googleusercontent.com

iptoweather.vm5apis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.120 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.81.194.117 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-194-117.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:e0::ac40:6518 (United States)

ASN13335 (CLOUDFLARENET, US)

newaddiscover.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:403 (United States)

ASN13335 (CLOUDFLARENET, US)

cm.daexauto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 87.248.100.136 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: o1.ycpi.vip.ir2.yahoo.com

ads.yap.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 7062c60d79892459149a1d843a69876c.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 157	776 KB
11	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42 region1.google-analytics.com — Cisco Umbrella Rank: 2250	144 KB
11	vm5apis.com man.vm5apis.com — Cisco Umbrella Rank: 385050 vawpro.vm5apis.com — Cisco Umbrella Rank: 308951 match-hubble-man.vm5apis.com — Cisco Umbrella Rank: 298189 pt0.vm5apis.com — Cisco Umbrella Rank: 395931 iptoweather.vm5apis.com — Cisco Umbrella Rank: 381611	19 KB
9	zi.media zi.media	94 KB
8	yahoo.com connectid.analytics.yahoo.com — Cisco Umbrella Rank: 5736 ups.analytics.yahoo.com — Cisco Umbrella Rank: 363 ads.yap.yahoo.com — Cisco Umbrella Rank: 19791	11 KB
8	lndata.com 4 redirects cdn.lndata.com — Cisco Umbrella Rank: 435779 v.lndata.com — Cisco Umbrella Rank: 419668 cm.lndata.com — Cisco Umbrella Rank: 139120 s.lndata.com — Cisco Umbrella Rank: 352713	17 KB
6	newaddiscover.com newaddiscover.com — Cisco Umbrella Rank: 681221	16 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	435 KB
6	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 214	139 KB
5	adhacker.online power.adhacker.online — Cisco Umbrella Rank: 335013	23 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 478 mug.criteo.com — Cisco Umbrella Rank: 2541	7 KB
3	daexauto.com t.daexauto.com — Cisco Umbrella Rank: 302354 cm.daexauto.com — Cisco Umbrella Rank: 373695	15 KB
3	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 1906 google-bidout-d.openx.net — Cisco Umbrella Rank: 1919	657 B
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 116	234 B
3	hinet.net 2 redirects t.ssp.hinet.net — Cisco Umbrella Rank: 75985	638 B
3	breaktime.com.tw a.breaktime.com.tw — Cisco Umbrella Rank: 358507 alliance.breaktime.com.tw — Cisco Umbrella Rank: 367468 powerads.breaktime.com.tw — Cisco Umbrella Rank: 400858	31 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1164 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1073	12 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1156 id5-sync.com — Cisco Umbrella Rank: 470	31 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 187	88 KB
2	archive.org archive.org — Cisco Umbrella Rank: 15129 analytics.archive.org — Cisco Umbrella Rank: 40128	5 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	33across.com cdn-ima.33across.com — Cisco Umbrella Rank: 1319	5 KB
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2587	1 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2931	3 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 728	13 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 2118	8 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 373	1 KB
1	adbottw.net cell.adbottw.net — Cisco Umbrella Rank: 382452	446 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	29 KB
1	breaktime.tw breaktime.tw — Cisco Umbrella Rank: 366557	4 KB
1	eyeota.net ps.eyeota.net — Cisco Umbrella Rank: 1189	344 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 402	149 B
1	appier.net 1 redirects gocm.c.appier.net — Cisco Umbrella Rank: 2653	400 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1200	601 B
0	alexametrics.com Failed certify-js.alexametrics.com Failed
0	Failed function sub() { [native code] }. Failed
124	36

	Domain	Requested by
17	pagead2.googlesyndication.com	zi.media pagead2.googlesyndication.com www.googletagmanager.com newaddiscover.com tpc.googlesyndication.com
9	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com newaddiscover.com
9	zi.media	zi.media
6	ads.yap.yahoo.com	newaddiscover.com
6	newaddiscover.com	zi.media
6	www.googletagmanager.com	zi.media www.google-analytics.com breaktime.tw www.googletagmanager.com
5	power.adhacker.online	a.breaktime.com.tw www.googletagmanager.com
4	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
4	v.lndata.com	4 redirects
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	pt0.vm5apis.com	man.vm5apis.com
3	www.facebook.com	zi.media
3	man.vm5apis.com	power.adhacker.online man.vm5apis.com
3	t.ssp.hinet.net	2 redirects zi.media
2	gum.criteo.com	1 redirects static.criteo.net
2	t.daexauto.com	man.vm5apis.com t.daexauto.com
2	oajs.openx.net	1 redirects zi.media
2	match-hubble-man.vm5apis.com	vawpro.vm5apis.com
2	region1.google-analytics.com	www.googletagmanager.com
2	connect.facebook.net	man.vm5apis.com connect.facebook.net
2	vawpro.vm5apis.com	man.vm5apis.com
2	cm.lndata.com	zi.media man.vm5apis.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	www.google.com	tpc.googlesyndication.com
1	google-bidout-d.openx.net	oa.openxcdn.net
1	cm.daexauto.com	man.vm5apis.com
1	ups.analytics.yahoo.com	connectid.analytics.yahoo.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	mug.criteo.com	zi.media
1	id5-sync.com	cdn.id5-sync.com
1	iptoweather.vm5apis.com	man.vm5apis.com
1	7062c60d79892459149a1d843a69876c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	connectid.analytics.yahoo.com	securepubads.g.doubleclick.net
1	cdn-ima.33across.com	securepubads.g.doubleclick.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	cdn.jsdelivr.net	securepubads.g.doubleclick.net
1	s.lndata.com	zi.media
1	cell.adbottw.net	www.googletagmanager.com
1	powerads.breaktime.com.tw	power.adhacker.online
1	www.googletagservices.com	www.googletagmanager.com
1	breaktime.tw	www.googletagmanager.com
1	ps.eyeota.net	zi.media
1	match.adsrvr.org	zi.media
1	gocm.c.appier.net	1 redirects
1	cdn.lndata.com	zi.media
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	alliance.breaktime.com.tw	a.breaktime.com.tw
1	analytics.archive.org	archive.org
1	a.breaktime.com.tw	zi.media
1	archive.org	zi.media
0	certify-js.alexametrics.com Failed	zi.media
0	web.archive.orghttps Failed	zi.media
124	57

This site contains links to these domains. Also see Links.

Domain
screenpotatoes.com
www.soeyewear.com
www.taiwan10000.com
ricelala.com
activists1000.pixnet.net
ajm3.pixnet.net
skyandworldofherbert.blogspot.com
niniandblue.com
angellulu.net
www.kh.inmap.tw
inmap.tw
aalice.co
alicecheng.com
ledog.cc
pei815.pixnet.net
iamee.tw
bookinsky.co
meetfood.com.tw
bonnielovelife.tw

Subject Issuer	Validity	Valid
zi.media GTS CA 1P5	`2023-10-17` - `2024-01-15`	3 months	crt.sh
*.archive.org Go Daddy Secure Certificate Authority - G2	`2023-01-19` - `2024-02-20`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
a.breaktime.com.tw DigiCert TLS RSA SHA256 2020 CA1	`2023-02-03` - `2024-02-03`	a year	crt.sh
adhacker.online E1	`2023-09-15` - `2023-12-14`	3 months	crt.sh
breaktime.com.tw R3	`2023-09-07` - `2023-12-06`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
*.lndata.com GeoTrust RSA CA 2018	`2022-11-23` - `2023-12-24`	a year	crt.sh
man.vm5apis.com Amazon RSA 2048 M02	`2023-02-21` - `2024-02-11`	a year	crt.sh
breaktime.tw GTS CA 1P5	`2023-10-14` - `2024-01-12`	3 months	crt.sh
*.vm5apis.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-29` - `2023-11-29`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-04` - `2023-11-02`	3 months	crt.sh
adbottw.net E1	`2023-09-08` - `2023-12-07`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-09-25` - `2023-12-24`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2023-08-10` - `2023-11-08`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-10-24` - `2024-01-22`	3 months	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-06` - `2024-09-30`	a year	crt.sh
connectid.analytics.yahoo.com GlobalSign ECC OV SSL CA 2018	`2023-08-15` - `2024-02-08`	6 months	crt.sh
t.daexauto.com GTS CA 1D4	`2023-10-02` - `2023-12-31`	3 months	crt.sh
*.id5-sync.com R3	`2023-09-01` - `2023-11-30`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
newaddiscover.com E1	`2023-09-01` - `2023-11-30`	3 months	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2024-01-24`	6 months	crt.sh
daexauto.com GTS CA 1P5	`2023-10-11` - `2024-01-09`	3 months	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.pubgw.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-09-25` - `2023-11-15`	2 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-09` - `2024-01-01`	3 months	crt.sh

This page contains 16 frames:

Primary Page: https://zi.media/
Frame ID: 4FD0635A93202D9497368D7A5287D7EA
Requests: 82 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231024/r20190131/zrt_lookup.html
Frame ID: 1EACA97BEE6BDD149D2A59A083C190A7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9288312993969924&output=html&adk=1812271804&adf=3025194257&lmt=1698277837&plat=4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_l&format=0x0&url=https%3A%2F%2Fzi.media%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698285037125&bpp=2&bdt=2049&idt=456&shv=r20231024&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8389115404712&frm=20&pv=2&ga_vid=108474875.1698285038&ga_sid=1698285038&ga_hid=646990252&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079095%2C44785293%2C44798934%2C44805914%2C44805933%2C44806738%2C31078297%2C31079150%2C21065725&oid=2&pvsid=3284370264882945&tmod=994326959&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=490
Frame ID: 79DB475FFDB64ADE0EF5784833AAEFE8
Requests: 1 HTTP requests in this frame

Frame: https://man.vm5apis.com/dist/persistentID.html
Frame ID: EE8FBB7BD95A00165826170F2FE5BF67
Requests: 5 HTTP requests in this frame

Frame: https://7062c60d79892459149a1d843a69876c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: AA6CE881B61B08FE9E36652DD3691883
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=zi.media
Frame ID: 2B8073D243224ED4017ECC37FABDE3F7
Requests: 2 HTTP requests in this frame

Frame: https://t.daexauto.com/main.html?partner=vmfive&member=7b6a60dc-53a4-4ba0-b0f6-700e71ef6d7c
Frame ID: F2077C397195F74088851EF6D9496CEF
Requests: 2 HTTP requests in this frame

Frame: https://newaddiscover.com/videoads/?ca=41&cb=1698285038
Frame ID: 1133287206FD06B6845E7393D919C4EB
Requests: 4 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: EA9BB3E6B2B93D03D04AF0E80EC3AB73
Requests: 1 HTTP requests in this frame

Frame: https://newaddiscover.com/videoads/?ca=24&cb=1698285038
Frame ID: 0D5379ED1A3665C4B6C6DA4F753C15A5
Requests: 4 HTTP requests in this frame

Frame: https://newaddiscover.com/videoads/?ca=18&cb=1698285038
Frame ID: F586135FF91282C06EFA10BD38A80CAD
Requests: 4 HTTP requests in this frame

Frame: https://newaddiscover.com/videoads/?ca=42&cb=1698285038
Frame ID: 1C51E1126EA5031F20633134FD348FB7
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8D8004CFA683BE162A780AF0A5FD291D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3EA46DA98DB541B010D9C9BAA9038303
Requests: 2 HTTP requests in this frame

Frame: https://newaddiscover.com/videoads/?ca=44&cb=1698285038
Frame ID: 5074FE067B822F786FE561881B53CDAE
Requests: 4 HTTP requests in this frame

Frame: https://newaddiscover.com/videoads/?ca=45&cb=1698285038
Frame ID: AB4E71968A1D0F2993F5E02B09CF2D0F
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Zi 字媒體

Detected technologies

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

124
Requests

94 %
HTTPS

49 %
IPv6

36
Domains

57
Subdomains

52
IPs

8
Countries

1929 kB
Transfer

5841 kB
Size

29
Cookies

34 Outgoing links

These are links going to different origins than the main page.

URL: https://screenpotatoes.com/2019/12/06/%E3%80%90netflix%EF%BD%9C2019%E5%BF%85%E7%9C%8B%E7%BE%8E%E5%8A%87%E3%80%916%E5%80%8B%E5%BF%85%E8%BF%BD%E3%80%8A%E5%88%A5%E4%BA%BA%E7%9C%BC%E4%B8%AD%E7%9A%84%E6%88%91%E5%80%91%E3%80%8B%E7%9A%84/
Title: 【Netflix｜2019必看美劇】6個必追《別人眼中的我們》的原因(無雷) - 你的Netflix觀影筆記本🎬

Search URL Search Domain Scan URL

URL: http://screenpotatoes.com/
Title: Screen potatoes

Search URL Search Domain Scan URL

URL: https://www.soeyewear.com/Article/Detail/1718
Title: 「海璃Helis」眼鏡店：我們比你還重視保護眼睛這件事 | SO! EYEWEAR 搜鏡王 Explore Eyewear Fashion

Search URL Search Domain Scan URL

URL: http://www.soeyewear.com/
Title: 搜鏡王眼鏡資訊網

Search URL Search Domain Scan URL

URL: https://www.taiwan10000.com/?p=8360
Title: 【台灣宜蘭礁溪-住宿優惠】慢半拍民宿一平日訂房1+1、三月假日包棟、假日早鳥包棟最優惠46折起(~05/31) – 必玩台灣10000個景點

Search URL Search Domain Scan URL

URL: http://www.taiwan10000.com/
Title: 台灣10000

Search URL Search Domain Scan URL

URL: http://ricelala.com/dakuaidaixapril8/
Title: 台中西區肆月捌 X Dakuaidai甜室有溫度的老屋餐廳

Search URL Search Domain Scan URL

URL: http://ricelala.com/
Title: 拉拉隨性隨意走走看看

Search URL Search Domain Scan URL

URL: http://activists1000.pixnet.net/blog/post/86722-%E5%A6%82%E4%BD%95%E4%BD%BF%E7%94%A8%E4%BA%A4%E6%98%93%E6%89%80(ace)%E8%B2%B7%E8%B3%A3%E6%AF%94%E7%89%B9%E5%B9%A3(btc)%E3%80%81%E4%B9%99%E5%A4%AA%E5%B9%A3(e
Title: 如何使用交易所(ACE)買賣比特幣(BTC)、乙太幣(ETH)及USDT等等 @ Activists 行動派的部落格 :: 痞客邦 ::

Search URL Search Domain Scan URL

URL: http://activists1000.pixnet.net/blog
Title: 行動派Activists

Search URL Search Domain Scan URL

URL: http://ajm3.pixnet.net/blog/post/325863745-%e3%80%90buy%e3%80%91idi%e5%80%8b%e4%ba%ba%e5%bc%8f%e5%be%ae%e5%9e%8b%e5%86%b7%e6%b0%a3-%e5%86%b7%e5%b0%88%e5%88%a9%e5%be%ae%e5%9e%8b%e6%b0%b4%e5%86%b7%e6%b0%a3
Title: 【BUY】IDI個人式微型冷氣/冷專利微型水冷氣扇~OL吃了誠實麵包之開箱文 @ ♡ OL有話要說 ♡ :: 痞客邦 ::

Search URL Search Domain Scan URL

URL: http://ajm3.pixnet.net/blog
Title: ♡ OL有話要說 ♡

Search URL Search Domain Scan URL

URL: https://skyandworldofherbert.blogspot.com/2020/02/in-2020.html
Title: 花in台北 - 2020鬱見您真好 - 士林捷運站 -士林官邸

Search URL Search Domain Scan URL

URL: https://skyandworldofherbert.blogspot.com/
Title: 一個人的天空兩個人的世界

Search URL Search Domain Scan URL

URL: https://niniandblue.com/blog/post/menu-shojo
Title: Menu| 焼肉ショジョ Yakiniku SHOJO 菜單

Search URL Search Domain Scan URL

URL: https://niniandblue.com/
Title: Nini and Blue 玩樂食記

Search URL Search Domain Scan URL

URL: https://angellulu.net/blog/post/44624
Title: 線上看免費最新電影、韓劇、美劇、日據、動漫、電視劇、短視頻、新聞、直播..，18禁成人影片都在SOC慾望都市 – angellulu 愛分享

Search URL Search Domain Scan URL

URL: http://angellulu.net/
Title: angellulu

Search URL Search Domain Scan URL

URL: https://www.kh.inmap.tw/archives/30259
Title: 【高雄。前金】牛津家｜來自琦玉的清爽淡麗系牛骨拉麵

Search URL Search Domain Scan URL

URL: https://inmap.tw/
Title: 高雄美食地圖

Search URL Search Domain Scan URL

URL: https://aalice.co/%e5%a5%bd%e5%96%9d%e4%bd%95%e5%bf%85%e5%95%8f-%e7%b6%a0%e8%b1%86%e6%b2%99%e7%89%9b%e5%a5%b6%ef%bc%8c%e4%bd%a0%e6%b2%92%e5%96%9d%e9%81%8e%ef%bc%8c%e9%82%a3%e6%88%91%e4%b9%9f%e6%95%91%e4%b8%8d%e4%ba%86
Title: 好喝何必問 |綠豆沙牛奶，你沒喝過，那我也救不了你了！ | 低頭族的異想世界

Search URL Search Domain Scan URL

URL: http://alicecheng.com/
Title: 低頭族的異想世界

Search URL Search Domain Scan URL

URL: https://ledog.cc/%E3%80%90%E8%AE%93%E4%BD%A0%E8%88%87%E8%B2%A1%E5%AF%8C%E8%87%AA%E7%94%B1%E6%9B%B4%E8%BF%91%E4%B8%80%E6%AD%A5-%E5%B9%B4%E5%8C%96%E5%88%A9%E7%8E%8715%E7%9A%84bitfinex%E6%94%BE%E8%B2%B8%E6%95%99/
Title: 【讓你與財富自由更近一步 - 年化利率15%的Bitfinex放貸教學】 - 樂狗日常

Search URL Search Domain Scan URL

URL: http://ledog.cc/
Title: 樂狗

Search URL Search Domain Scan URL

URL: http://pei815.pixnet.net/blog/post/306119402
Title: 新竹暗室微光cafe 大人味布丁、飲品甜點都很優質

Search URL Search Domain Scan URL

URL: http://pei815.pixnet.net/blog
Title: ⑅ 貪吃女158

Search URL Search Domain Scan URL

URL: https://iamee.tw/small_amount_invest/
Title: [理財│新手] 一個月只有3千元可以投資？3種方法存到第一桶金 | 我是EE

Search URL Search Domain Scan URL

URL: https://iamee.tw/
Title: iamee

Search URL Search Domain Scan URL

URL: https://bookinsky.co/2019/04/17/%e3%80%90%e5%a3%bd%e5%8f%b8%e9%83%8e%e3%80%91%e9%ab%98%e9%9b%84%e5%a4%a2%e6%99%82%e4%bb%a3%e7%be%8e%e9%a3%9f-%e6%97%a5%e6%9c%acno-1%e8%bf%b4%e8%bd%89%e5%a3%bd%e5%8f%b8/
Title: 【壽司郎】高雄夢時代美食-日本NO.1迴轉壽司 – 芃澄萬里棧

Search URL Search Domain Scan URL

URL: http://bookinsky.co/
Title: 芃澄萬里棧

Search URL Search Domain Scan URL

URL: https://meetfood.com.tw/2019/07/shangiwang/
Title: 山雞王｜好吃雞肉｜吉林路｜便當推薦｜台北｜中山｜雞肉Q彈-【覓食】

Search URL Search Domain Scan URL

URL: http://meetfood.com.tw/
Title: 【覓食】給你誠實的食記

Search URL Search Domain Scan URL

URL: https://bonnielovelife.tw/blog/post/well-come
Title: 用品｜居家健身好夥伴「好吉康」雙合金磁控飛輪車SB-318，磁控煞車安全無噪音，底盤附有大滾輪移動超方便 - Bonnie Love Life

Search URL Search Domain Scan URL

URL: https://bonnielovelife.tw/
Title: Bonnie Love Life

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://v.lndata.com/i/a80469,b1452937,c4087,i0,m202,h HTTP 302
https://gocm.c.appier.net/lndata?cid=2310260950381563670&sid=0950386959631 HTTP 302
https://cm.lndata.com/?tid=4087&uid=RBQAAnonFCosID20D0AXls51F3YPIu-YgvFljQnH5Xw=

Request Chain 30

https://v.lndata.com/i/a80469,b1452936,c4007,i0,m202,h HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_puid=2310260950381227852&ttd_pid=77dj1uh&ttd_tpi=1

Request Chain 31

https://v.lndata.com/i/a80469,b1452938,c4137,i0,m202,h HTTP 302
https://t.ssp.hinet.net/cm?c=035221&cid=2310260950391424313 HTTP 302
https://t.ssp.hinet.net/?next=https%3A%2F%2Ft.ssp.hinet.net%2Fcm%3Fc%3D035221%26cid%3D2310260950391424313%26flag%3D1 HTTP 302
https://t.ssp.hinet.net/cm?c=035221&cid=2310260950391424313&flag=1

Request Chain 32

https://v.lndata.com/i/a80469,b1452939,c4138,i0,m202,h HTTP 302
https://ps.eyeota.net/pixel?pid=673b2cv&t=ajs&uid=2310260950381617849

Request Chain 73

https://oajs.openx.net/esp?url=https%3A%2F%2Fzi.media%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fzi.media%2F&rid=esp&cc=1

Request Chain 81

https://gum.criteo.com/sid/json?origin=publishertagids&domain=zi.media&sn=ChromeSyncframe&so=0&topUrl=zi.media&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=h0aUM3xsREpvcW5zYmQrSkRNT1dVbVUyQTAvaWM5N2h5NU43Sm0yNTRZVk1KbGR3d1NnOERpYzlwdGthbldYTDhDeFJQTHcwektuTDlNZG5mS2lqNEREMGxyc3ZmSnlxQlRsVE52eGUzODNOdGMyWEUyZTI0UUNMTzc3Szh0OXZ5RDNlM2Raandzc05YUy9YOVNIODdUbmJrV1g2V2N3ajhGUUFSTEFrdmZtcm51Y0hCcDVIZFdUcGhDSU10M0EyYi9HOFI0cEFGMy9wcWpCNzdWY0dyVm1hU3lMd3RZM0YxQW9hbUVwTFI3ZitVRGZubjJDRExmMis0NXNnc3ZKeGlYclpjQ0hBdXFyTEpWcVRlM2ZxUWo3bFkwQT09fA&cppv=2

124 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
zi.media/ 125 KB
21 KB 1153ms
1063ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zi.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23e3c4927e5a13daf2ba90bde62ac2e2b6c8860fdbfbf707738fdda9497eeb1d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 0
alt-svc: h3=":443"; ma=86400
cache-control: max-age = 7200
cf-cache-status: DYNAMIC
cf-ray: 81bf0c96ac3d0e68-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 26 Oct 2023 01:50:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BvG4xA1bsHIOzsLqeBd5EyugT%2Bvz1KrAsNvOupEJWEGzmg4bMkLWFPgLtLiz%2FdQEPeAofkoiRWtsHIPJI9rFQ0j%2BiR0YyqW4NXa%2BFJ%2BLcQ%2BXvM8uEnj7NlUqHZZ%2BysVIIeBiYPysog%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-backend: zimedia_app
x-cache: MISS
x-cache-hits: 0
x-ua-device: pc
x-user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
x-varnish: 146125299

GET
H2 200 analytics.js Show response
archive.org/includes/ 15 KB
5 KB 531ms
172ms Script
application/x-javascript 207.241.224.2
INTERNET-ARCHIVE

General

Check archive.org

Show headers Download Go to

Full URL

https://archive.org/includes/analytics.js?v=cf34f82

Requested by

Host: zi.media
URL: https://zi.media/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

207.241.224.2 Pleasanton, United States, ASN7941 (INTERNET-ARCHIVE, US),

Reverse DNS

www.archive.org

Software

nginx/1.25.1 /

Resource Hash

a1f3d3be0af279c2da371163d037a3d46569453a855cf91aceca0f3695c57017

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:50:35 GMT
strict-transport-security: max-age=15724800
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 21 Jul 2023 14:49:30 GMT
server: nginx/1.25.1
content-encoding: gzip
etag: W/"64ba9afa-3b1a"
content-type: application/x-javascript
cache-control: max-age=21600
expires: Thu, 26 Oct 2023 07:50:35 GMT

GET
H2 200 bundle-playback.js Show response
zi.media/_static/js/ 125 KB
21 KB 1806ms
1804ms Script
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zi.media/_static/js/bundle-playback.js?v=rQCmsv02
Requested by: Host: zi.media
URL: https://zi.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23e3c4927e5a13daf2ba90bde62ac2e2b6c8860fdbfbf707738fdda9497eeb1d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:50:36 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-backend: zimedia_app
x-cache: HIT
x-ua-device
alt-svc: h3=":443"; ma=86400
x-user-agent: Mozilla/5.0 (Linux; Android 12; SM-A715F Build/SP1A.210812.016; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/109.0.5414.85 Mobile Safari/537.36
last-modified: Tue, 24 Oct 2023 19:12:06 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XsHBDX3DjEakhWI732MMFBc%2BxvS6b0%2BlJUgQzww1cpKnArjlEuEHE%2BKjCI6LpXQw554lzBQdICCC8PtDBL9eU%2FCAJWvVfZjbS1I4HY%2FLZBCO5wYx6M7qrgntT%2FRNAPwK%2BF6ontt0Cg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 146090794 146159384
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
cf-ray: 81bf0c9d58820e68-AMS
x-cache-hits: 10

GET
H2 200 wombat.js Show response
zi.media/_static/js/ 125 KB
21 KB 1579ms
1578ms Script
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zi.media/_static/js/wombat.js?v=UHAOicsW
Requested by: Host: zi.media
URL: https://zi.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23e3c4927e5a13daf2ba90bde62ac2e2b6c8860fdbfbf707738fdda9497eeb1d

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:50:36 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-backend: zimedia_app
x-cache: HIT
x-ua-device
alt-svc: h3=":443"; ma=86400
x-user-agent: Mozilla/5.0 (Linux; Android 11; vivo 1819 Build/RP1A.200720.012; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/117.0.0.0 Mobile Safari/537.36
last-modified: Wed, 25 Oct 2023 01:27:17 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J9bLFNMR%2BTUCVAwdJVx5A99h8Bcqi5%2BcowJTA%2Blrbf69YDbsWATWMxJN%2FMubxtF0SJrG82AU1%2BFukVDIhs2YacnuLqnk10iUKUIHGGIc192yCT9TXiYXGDkbSP%2B5mRtut9oQVkW2cQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish: 146125307 146159361
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
cf-ray: 81bf0c9d58830e68-AMS
x-cache-hits: 8

GET icon
web.archive.orghttps//fonts.googleapis.com/ 0
0

GET
H2 200 index-v2.css
zi.media/css/ 153 KB
22 KB 1795ms
1795ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zi.media/css/index-v2.css?id=4c159c87899d70ce0956
Requested by: Host: zi.media
URL: https://zi.media/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e1123ff4ab7e97e70425039b8addceceb3c5e24fed71b2dafc96f4c33466490

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:50:36 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-backend: zimedia_app
x-cache: HIT
x-ua-device
alt-svc: h3=":443"; ma=86400
x-user-agent: Mozilla/5.0 (Linux; Android 11; vivo 1819 Build/RP1A.200720.012; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/117.0.0.0 Mobile Safari/537.36
last-modified: Wed, 27 Jan 2021 03:03:43 GMT
server: cloudflare
etag: W/"6010d80f-26504"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TCTHNL5RFRPo3eu8pjYHN1LLhlRsyapgS%2FZVvacAZJpJuEvbexz5lrdwfr3Y8qzXaBw7HwQjSXifLioa3I2svNGtuTtbuDwiCVW%2FPAgd2zhZ1gbsifv0UXjhr5B94D94UIyUOQ7Oqg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
x-varnish: 146125305 146086554
cache-control: max-age=14400
cf-ray: 81bf0c9d58840e68-AMS
x-cache-hits: 10

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
50 KB 334ms
243ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9288312993969924

Requested by

Host: zi.media
URL: https://zi.media/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38e9c75c472d206bbd08761630773831ea7b4dcf16a2bef0d766d9d10103d71a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zi.media/
Origin: https://zi.media
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:50:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51302
x-xss-protection: 0
server: cafe
etag: 15128246308860118519
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 26 Oct 2023 01:50:37 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
50 KB 127ms
51ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4457659720163747

Requested by

Host: zi.media
URL: https://zi.media/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3d618abb01bc1c948f5b00de5e3ddfa505c1ba4e6d260921d3d954731b1fcbb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zi.media/
Origin: https://zi.media
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:50:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51016
x-xss-protection: 0
server: cafe
etag: 9236697456091324279
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 26 Oct 2023 01:50:37 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
50 KB 197ms
125ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9971112908193088

Requested by

Host: zi.media
URL: https://zi.media/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0557b34d2a820ff2d9c455e5c66ccf62ec22045f327f843dc4d548ebbb073964

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zi.media/
Origin: https://zi.media
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:50:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51072
x-xss-protection: 0
server: cafe
etag: 17227929106490651811
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 26 Oct 2023 01:50:37 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
50 KB 325ms
254ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8159605047480614

Requested by

Host: zi.media
URL: https://zi.media/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8a5161c07ab898309064bb523789045a3e9e3e60eeede0c5e5f9be0e9f1b648

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zi.media/
Origin: https://zi.media
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:50:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51355
x-xss-protection: 0
server: cafe
etag: 8064033643168055295
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 26 Oct 2023 01:50:37 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
50 KB 157ms
86ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3759316399267377

Requested by

Host: zi.media
URL: https://zi.media/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

850c995b50deb27451cd4b7b1cf3aa76c1001510b55e9b0ede72da3522ec0518

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zi.media/
Origin: https://zi.media
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:50:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51315
x-xss-protection: 0
server: cafe
etag: 7610770129235118905
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 26 Oct 2023 01:50:37 GMT

GET
H2 200 au.js Show response
a.breaktime.com.tw/js/ 114 KB
30 KB 175ms
30ms Script
text/javascript 2620:1ec:46::67
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://a.breaktime.com.tw/js/au.js?spj=M1QyQUwyT1lTNkhCRk1QWjJGRTIz
Requested by: Host: zi.media
URL: https://zi.media/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:46::67 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 1fe73b5cbe63fba9da27a2870372c6733ddd2e78e5fe556bb4b37dca6891311f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Thu, 26 Oct 2023 01:50:36 GMT
content-encoding: br
last-modified: Tue, 20 Jun 2023 01:51:40 GMT
content-md5: pDlqdaUNk4svyJ5zwZH/+Q==
etag: 0x8DB7130E47CB579
x-azure-ref: 07cU5ZQAAAADAdVY9xEtrQZbVCAgGPhdmQU1TMDRFREdFMTgxMQA4YWFkZGQ1OS0zZWJjLTQyNzEtYWQxMS0wZDMwM2ViNGJjZjQ=
x-cache: TCP_HIT
content-type: text/javascript
x-ms-request-id: 7a06bf0e-001e-00a4-61aa-07b7af000000
cache-control: public, max-age=1800
x-ms-version: 2009-09-19

GET
H3 200 track.js Show response
zi.media/js/ 2 KB
1 KB 1047ms
1047ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zi.media/js/track.js?cb=1
Requested by: Host: zi.media
URL: https://zi.media/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1244d6703800ddb33d6382482265ea91cc68fae650bfcc89c06f4de355de7aca

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:50:37 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-backend: zimedia_app
x-cache: HIT
x-ua-device
alt-svc: h3=":443"; ma=86400
x-user-agent: Mozilla/5.0 (Linux; Android 4.0.4; Galaxy Nexus Build/IMM76B) AppleWebKit/537.36 (KHTML, like Gecko; Mediapartners-Google) Chrome/117.0.5938.132 Mobile Safari/537.36
last-modified: Thu, 15 Sep 2022 19:28:00 GMT
server: cloudflare
etag: W/"63237cc0-79d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4PMIAc6zpA8GUxawZMd8QmCU9XTDpaLpcpnTfscumeMTpSBoxu7oeMLojWjKzcV6UbL34MoegozerEaAN9P6HcH0SRz9YzJkVeDZN9YWDNi5ZoOuDCCxkkDxYBXAMDExt7qgDF2yfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-varnish: 127610056 127597006
cache-control: max-age=14400
cf-ray: 81bf0ca8da2c655f-AMS
x-cache-hits: 29

GET
H3 200 icon-arrow-down.svg
zi.media/images/ 1 KB
1 KB 1059ms
1059ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zi.media/images/icon-arrow-down.svg
Requested by: Host: zi.media
URL: https://zi.media/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 07860ac8f7d4a807d627c95ab0289287ade2b8cde63a1b0f127dd16824f6379c

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:50:36 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-backend: zimedia_app
x-cache: HIT
x-ua-device
alt-svc: h3=":443"; ma=86400
x-user-agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/15E148
last-modified: Mon, 08 Oct 2018 09:19:03 GMT
server: cloudflare
etag: W/"5bbb2107-457"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eciFMU4zvT8IZ%2BGqvNsWe3GYKiiyfGyEzBsparEqvRKPdTIAWtv0w5rygEoRtq30P0IZ%2B4SG1EL2mt2RcgV9jpnxVyHpYpJ8u4Q1%2Fo0OCQdRlBl3QZfPcs9bSho6ruG9LLQ%2FhdiIKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
x-varnish: 119565781 112501643
cache-control: max-age=14400
cf-ray: 81bf0ca21cf8655f-AMS
x-cache-hits: 5283

GET
H3 200 logo-white.svg
zi.media/images/ 5 KB
3 KB 1045ms
1045ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zi.media/images/logo-white.svg
Requested by: Host: zi.media
URL: https://zi.media/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba6923cfc3ccf637c457aae8fcc156e9d1c5a5ec744717c10ea430f8798f81de

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:50:36 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-backend: zimedia_app
x-cache: HIT
x-ua-device
alt-svc: h3=":443"; ma=86400
x-user-agent: Mozilla/5.0 (Linux; Android 8.1.0; CPH1851) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Mobile Safari/537.36
last-modified: Wed, 24 Oct 2018 03:11:09 GMT
server: cloudflare
etag: W/"5bcfe2cd-12e1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q6InDww6zNwpAp56OgpnQRve6fWvWG558Xb3dZCm%2F2xn8%2BPM%2FXNeeg9ibunPJPrdZLtNE9m5TzcblF96H0LMSyqSp2PIQX6mEI7KMYDrcaoDtZPwBb78kMfGjip9WgdRAV0UB4Ck7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
x-varnish: 122405395 112383537
cache-control: max-age=14400
cf-ray: 81bf0ca21cf9655f-AMS
x-cache-hits: 7143

GET atrk.js
certify-js.alexametrics.com/ 0
0

GET
H3 200 index-bgPath.svg
zi.media/images/ 3 KB
2 KB 1042ms
1041ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zi.media/images/index-bgPath.svg
Requested by: Host: zi.media
URL: https://zi.media/css/index-v2.css?id=4c159c87899d70ce0956
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61118867a3cec289e2ae2f8849b6e8d9ce655add14ae3df076e8a782b8b92531

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zi.media/css/index-v2.css?id=4c159c87899d70ce0956
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:50:37 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-backend: zimedia_app
x-cache: HIT
x-ua-device
alt-svc: h3=":443"; ma=86400
x-user-agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm) Chrome/112.0.0.0 Safari/537.36
last-modified: Wed, 24 Oct 2018 03:11:09 GMT
server: cloudflare
etag: W/"5bcfe2cd-b88"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B3JlSfYuLP54ygcXpIseNDbe2gsQPJprqyXUwqBSMqMddEhar0rAptRXq6x%2Bi2fpN2UcXSrwcILh2iP42BubObwrSlV6MRHeuQDGVm%2BsdTVUTlSIxaC7mYcsu2wx4Gp%2BymEjgq9puA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
x-varnish: 146125328 144226440
cache-control: max-age=14400
cf-ray: 81bf0ca8ea37655f-AMS
x-cache-hits: 489

GET
H3 200 user-v2.svg
zi.media/images/ 1 KB
1 KB 1065ms
1064ms Image
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zi.media/images/user-v2.svg
Requested by: Host: zi.media
URL: https://zi.media/css/index-v2.css?id=4c159c87899d70ce0956
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8f83b2d89f2887f3e03585cfce8c273099314fbf5b8d50a7672b3027758fffd

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zi.media/css/index-v2.css?id=4c159c87899d70ce0956
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:50:37 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-backend: zimedia_app
x-cache: HIT
x-ua-device
alt-svc: h3=":443"; ma=86400
x-user-agent: Mozilla/5.0 (Linux; Android 8.1.0; HTC U12 life Build/OPM1.171019.026; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/117.0.0.0 Mobile Safari/537.36
last-modified: Wed, 24 Oct 2018 03:11:09 GMT
server: cloudflare
etag: W/"5bcfe2cd-443"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KRY5gpfLIcmjvAjz2IBIc2J9tIu5KF%2FP%2B%2BAf252dzVal8O6VNMaDMV3nH1b4A0g4qtGz5X5OdjbZs%2FqzLjJeYGvJ1kRzJE8HlHeWDW5JUKPn%2FEjweTcGTA3ZvC8qUGQSuGnlsnGbfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
x-varnish: 146090815 144256771
cache-control: max-age=14400
cf-ray: 81bf0ca8fa3a655f-AMS
x-cache-hits: 483

POST
H2 200 0.gif
analytics.archive.org/ 35 B
243 B 590ms
171ms Ping
image/gif 207.241.225.195
INTERNET-ARCHIVE

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.archive.org/0.gif?service=wb&server_name=wwwb-app204.us.archive.org&server_ms=298&kind=pageview&timediff=2&locale=en-US&referrer=-&loadtime=1909&nav_to_done_ms=3066&iaprop_fontSize=25.6px&iaprop_devicePixelRatio=1&version=2&count=13

Requested by

Host: archive.org
URL: https://archive.org/includes/analytics.js?v=cf34f82

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

207.241.225.195 Pleasanton, United States, ASN7941 (INTERNET-ARCHIVE, US),

Reverse DNS

analytics2.us.archive.org

Software

nginx/1.25.1 /

Resource Hash

218320160a6ad3f75f66cf16bfc2736582f4c38b72b6fe3ac6f62334d4c29bef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:50:37 GMT
strict-transport-security: max-age=15724800
last-modified: Wed, 31 May 2023 20:54:53 GMT
server: nginx/1.25.1
etag: "6477b41d-23"
content-type: image/gif
cache-control: max-age=21600
accept-ranges: bytes
content-length: 35
expires: Thu, 26 Oct 2023 07:50:37 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/ 395 KB
134 KB 310ms
103ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9288312993969924&plah=zi.media&bust=31079150

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4457659720163747

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

880be84ee4c47dd2900cf3c8fbbbb05bb25ed1d2b978d065af122c5ec0d71b9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:50:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137222
x-xss-protection: 0
server: cafe
etag: 10121993467352720421
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 26 Oct 2023 01:50:37 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231024/r20190131/ Frame 1EAC 10 KB
5 KB 254ms
58ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231024/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4457659720163747

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zi.media/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 80999
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4480
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 Oct 2023 03:20:38 GMT
etag: 4569948109300706969
expires: Wed, 08 Nov 2023 03:20:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 gl.js Show response
power.adhacker.online/general/ 44 KB
13 KB 1203ms
1078ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://power.adhacker.online/general/gl.js?spj=M1QyQUwyT1lTNkhCRk1QWjJGRTIz
Requested by: Host: a.breaktime.com.tw
URL: https://a.breaktime.com.tw/js/au.js?spj=M1QyQUwyT1lTNkhCRk1QWjJGRTIz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47c16416da729fa31f12f29e7e1fe15979ffd5e62835a069976cd39558b4a189

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:50:38 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycdvMMYjuzD_3R-XSxaVwSDNrnrafJLzJJake6yfW8VPhp5rvg7PbrWialLiQu4MooKNnYDQ9SPgexs9yhZAwA4wtkQkcMOTI
x-goog-storage-class: REGIONAL
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 4
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400
x-goog-meta-
last-modified: Tue, 08 Mar 2022 06:49:09 GMT
server: cloudflare
etag: W/"32b3e2f8bc858fef8667539f0d56bb03"
vary: Accept-Encoding
x-goog-generation: 1646722149345795
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=S+qufA==, md5=MrPi+LyFj++GZ1OfDVa7Aw==
access-control-expose-headers: Content-Type
cache-control: public, max-age=1200
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DeY8kvr9V4%2BG1WA4WycyNC2VCXOc2bLS8ryAVyA%2By%2Fx%2FOOjc6aad%2Fc3vguAXnhPU0kYEPoYSmI5YcyEFnvF0bNzUHvdlvj4q0XigzTRvxZ6HbRijC%2B4sNH5pQ9Hglm2Lbbk%2Bz6qt9WRi4400ytU4Bx6x1y8%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 12217
cf-ray: 81bf0cab0b7166a6-AMS
expires: Thu, 26 Oct 2023 02:10:38 GMT

GET
H2 200 / Show response
alliance.breaktime.com.tw/api/check/service/M1QyQUwyT1lTNkhCRk1QWjJGRTIz/zi.media/ 142 B
422 B 454ms
334ms Fetch
application/json 35.244.138.40
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://alliance.breaktime.com.tw/api/check/service/M1QyQUwyT1lTNkhCRk1QWjJGRTIz/zi.media/

Requested by

Host: a.breaktime.com.tw
URL: https://a.breaktime.com.tw/js/au.js?spj=M1QyQUwyT1lTNkhCRk1QWjJGRTIz

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.138.40 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

40.138.244.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

8992fc003274783c94d8e0b72a5b244bfb86ef46263e2ac9cfed7549d6e12aa1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:50:37 GMT
via: 1.1 varnish (Varnish/5.0), 1.1 google
age: 0
x-cache: Miss
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 142
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept, Accept-Language, Cookie
content-language: zh-hant
access-control-allow-origin: *
content-type: application/json
allow: GET, HEAD, OPTIONS
x-varnish: 936662052
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 383 B
601 B 115ms
41ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=zi.media&callback=_gfp_s_&client=ca-pub-9288312993969924

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310240101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9288312993969924&plah=zi.media&bust=31079150

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab6a1bcc0d0ad21e749eb86f14aad4cdbef2def38a89f935bf2e3d7b8102de79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:50:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 79DB 6 KB
983 B 141ms
140ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9288312993969924&output=html&adk=1812271804&adf=3025194257&lmt=1698277837&plat=4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_l&format=0x0&url=https%3A%2F%2Fzi.media%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1698285037125&bpp=2&bdt=2049&idt=456&shv=r20231024&mjsv=m202310240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8389115404712&frm=20&pv=2&ga_vid=108474875.1698285038&ga_sid=1698285038&ga_hid=646990252&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079095%2C44785293%2C44798934%2C44805914%2C44805933%2C44806738%2C31078297%2C31079150%2C21065725&oid=2&pvsid=3284370264882945&tmod=994326959&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=490

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8fd6f53666e92a00d5fdf78b4e278307ab0ae21b1417bb872332d028d15c0053

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zi.media/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 783
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 26 Oct 2023 01:50:37 GMT
expires: Thu, 26 Oct 2023 01:50:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 GTM-TBM6RMK.js Show response
power.adhacker.online/ps/excl/ 72 B
644 B 1088ms
1088ms Script
text/plain 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://power.adhacker.online/ps/excl/GTM-TBM6RMK.js
Requested by: Host: a.breaktime.com.tw
URL: https://a.breaktime.com.tw/js/au.js?spj=M1QyQUwyT1lTNkhCRk1QWjJGRTIz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6fac87a6c47841000f3671db689a4ff243d8e674199d6bc236c7a32e143648e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:50:38 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ABPtcPqBSWJ9lU1H50qYcZH2YgWCUfy7uEmb-d0iSLdiFAiAn_vwvgsXVC8POPVK4IhOcJvhug8rdpDKrMNSQXgtCJhy4g
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 20 Oct 2023 13:00:55 GMT
server: cloudflare
etag: W/"61a138921c394460a1d0c39b02131b7e"
vary: Accept-Encoding
x-goog-generation: 1697806855724796
content-type: text/plain
access-control-allow-origin: *
x-goog-hash: crc32c=KZhPgg==, md5=YaE4khw5RGCh0MObAhMbfg==
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tzaNHxWgzx7zA%2FGIQPln%2FWyrMeNFuBMEFYzWbSkNmFRbv5aynGo90bYJQobRMfPXy%2Fsx6XgJMEy5obUlaH1AvBWVdou4N2ln%2BwXeTk3TWai2WPvSdZ6vg5HZZUfBrhTxGx1EaRDGs5Pp4x06mQiNpUw%2BleY%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 72
cf-ray: 81bf0cad3cb166a6-AMS
expires: Thu, 26 Oct 2023 02:50:38 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 213 KB
76 KB 182ms
57ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W9CRLDW

Requested by

Host: zi.media
URL: https://zi.media/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8a9dd10029a20918de46e1b60145a720b5d7c4de88d03caa480fa833029633b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:50:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77403
x-xss-protection: 0
last-modified: Thu, 26 Oct 2023 00:14:09 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 26 Oct 2023 01:50:37 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 191 KB
66 KB 239ms
115ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TBM6RMK

Requested by

Host: zi.media
URL: https://zi.media/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

42b5df502359cdb452fbfe7e78921cb0ec9630a08ec2a1de22114870a7e9204a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:50:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67394
x-xss-protection: 0
last-modified: Thu, 26 Oct 2023 00:14:09 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 26 Oct 2023 01:50:37 GMT

GET
H2 200 bttp.js Show response
power.adhacker.online/general/ 20 KB
8 KB 37ms
37ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://power.adhacker.online/general/bttp.js
Requested by: Host: a.breaktime.com.tw
URL: https://a.breaktime.com.tw/js/au.js?spj=M1QyQUwyT1lTNkhCRk1QWjJGRTIz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d806fbf706d44e3f70c84eb278b8eccfbb6f746a9da03fc8e8e8807c2d788f42

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:50:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6787
x-guploader-uploadid: ADPycdudeAEq6_rAfPA5WOxn5kxYovtm_89Yn3HoVIt6CsD05dqx0jlzkF9vboHLxudtk2h_DvyDB4SDiUBlvqVBTZgu6mkURbdS
x-goog-storage-class: REGIONAL
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=86400
x-goog-meta-
last-modified: Mon, 26 Jul 2021 01:41:08 GMT
server: cloudflare
etag: W/"4c1ad9b189d5f0ec0a687e464bb0c987"
vary: Accept-Encoding
x-goog-generation: 1627263668774739
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=KqZV5Q==, md5=TBrZsYnV8OwKaH5GS7DJhw==
access-control-expose-headers: Content-Type
cache-control: public, max-age=1800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=st8UxCqrh8jaJ39bEoi7Sm6bvrzqNPF8g%2FFvTowGZtReETWsFhZ8xQ%2FPa6Niucoe5jcYxbL6IPMajAZ7VUN8BS%2FWf2Sqri5wc8%2ByWz7lW87WCAGHj%2FRiePmvsycpQ35oXzPhw%2Fk3RgCDolbfw3Znkon9LYA%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 6780
cf-ray: 81bf0caddd3b66a6-AMS
expires: Thu, 26 Oct 2023 02:20:37 GMT

GET
H/1.1 200
OK collect.js Show response
cdn.lndata.com/ 11 KB
12 KB 1133ms
261ms Script
application/javascript 18.179.226.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.lndata.com/collect.js
Requested by: Host: zi.media
URL: https://zi.media/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.179.226.88 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-179-226-88.ap-northeast-1.compute.amazonaws.com
Software: nginx/1b169d980faf9653a22d037cf2666728c94ed7a0 U2FsdGVkX1+zbRS3xfUfTYrdPkzbVQuTxasqTEqpISU= /
Resource Hash: 1b365cf68a59081dacb89c77857b5fd991d1691c9fe16c952534b26053214355

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Thu, 26 Oct 2023 01:50:38 GMT
Last-Modified: Mon, 10 Sep 2018 09:34:12 GMT
Server: nginx/1b169d980faf9653a22d037cf2666728c94ed7a0 U2FsdGVkX1+zbRS3xfUfTYrdPkzbVQuTxasqTEqpISU=
ETag: "5b963a94-2c56"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11350

GET
H/1.1

200
OK

/
cm.lndata.com/
Redirect Chain

https://v.lndata.com/i/a80469,b1452937,c4087,i0,m202,h
https://gocm.c.appier.net/lndata?cid=2310260950381563670&sid=0950386959631
https://cm.lndata.com/?tid=4087&uid=RBQAAnonFCosID20D0AXls51F3YPIu-YgvFljQnH5Xw=

35 B
470 B

563ms
339ms

Image
image/gif

116.50.36.71
DONGFONG-TW DongF...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lndata.com/?tid=4087&uid=RBQAAnonFCosID20D0AXls51F3YPIu-YgvFljQnH5Xw=
Requested by: Host: zi.media
URL: https://zi.media/
Protocol: HTTP/1.1
Server: 116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software: TornadoServer/1.2.1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/gif
Date: Thu, 26 Oct 2023 01:50:40 GMT
Server: TornadoServer/1.2.1
Connection: keep-alive
Etag: "0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR

Redirect headers

date: Thu, 26 Oct 2023 01:50:39 GMT
server: nginx
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.lndata.com/?tid=4087&uid=RBQAAnonFCosID20D0AXls51F3YPIu-YgvFljQnH5Xw=
content-type: text/html; charset=utf-8
cache-control: no-store
content-length: 107

GET
H2

200

generic
match.adsrvr.org/track/cmf/
Redirect Chain

https://v.lndata.com/i/a80469,b1452936,c4007,i0,m202,h
https://match.adsrvr.org/track/cmf/generic?ttd_puid=2310260950381227852&ttd_pid=77dj1uh&ttd_tpi=1

70 B
149 B

134ms
42ms

Image
image/gif

15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_puid=2310260950381227852&ttd_pid=77dj1uh&ttd_tpi=1
Requested by: Host: zi.media
URL: https://zi.media/
Protocol: H2
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:50:38 GMT
server: Kestrel
content-length: 70
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Thu, 26 Oct 2023 01:50:38 GMT
Server: nginx/cd14e69012e8f12f0d1671598153433632dba0bc
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
Location: https://match.adsrvr.org/track/cmf/generic?ttd_puid=2310260950381227852&ttd_pid=77dj1uh&ttd_tpi=1
Content-Type: text/html
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, no-transform, max-age=0
Connection: keep-alive
Content-Length: 0

GET
H2

200

cm
t.ssp.hinet.net/
Redirect Chain

https://v.lndata.com/i/a80469,b1452938,c4137,i0,m202,h
https://t.ssp.hinet.net/cm?c=035221&cid=2310260950391424313
https://t.ssp.hinet.net/?next=https%3A%2F%2Ft.ssp.hinet.net%2Fcm%3Fc%3D035221%26cid%3D2310260950391424313%26flag%3D1
https://t.ssp.hinet.net/cm?c=035221&cid=2310260950391424313&flag=1

0
125 B

253ms
252ms

Image
image/png

203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.ssp.hinet.net/cm?c=035221&cid=2310260950391424313&flag=1

Requested by

Host: zi.media
URL: https://zi.media/

Protocol

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:50:41 GMT
cache-control: no-cache, private
strict-transport-security: max-age=0
server: nginx
vary: Origin
content-type: image/png

Redirect headers

location: https://t.ssp.hinet.net/cm?c=035221&cid=2310260950391424313&flag=1
date: Thu, 26 Oct 2023 01:50:41 GMT
cache-control: no-cache, private
strict-transport-security: max-age=0
server: nginx
vary: Origin
content-type: text/html; charset=UTF-8

GET
H/1.1

200
OK

pixel
ps.eyeota.net/
Redirect Chain

https://v.lndata.com/i/a80469,b1452939,c4138,i0,m202,h
https://ps.eyeota.net/pixel?pid=673b2cv&t=ajs&uid=2310260950381617849

0
344 B

203ms
92ms

Image
text/plain

3.122.214.165
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/pixel?pid=673b2cv&t=ajs&uid=2310260950381617849
Requested by: Host: zi.media
URL: https://zi.media/
Protocol: HTTP/1.1
Server: 3.122.214.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-214-165.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Thu, 26 Oct 2023 01:50:39 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Pragma: no-cache
Date: Thu, 26 Oct 2023 01:50:38 GMT
Server: nginx/cd14e69012e8f12f0d1671598153433632dba0bc
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
Location: https://ps.eyeota.net/pixel?pid=673b2cv&t=ajs&uid=2310260950381617849
Content-Type: text/html
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, no-transform, max-age=0
Connection: keep-alive
Content-Length: 0

GET
H2 200 vmfiveLogger_zi_media.js Show response
man.vm5apis.com/dist/vmfiveLogger/ 26 KB
7 KB 145ms
34ms Script
application/javascript 2600:9000:206f:9c00:15:a9a7:4a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://man.vm5apis.com/dist/vmfiveLogger/vmfiveLogger_zi_media.js
Requested by: Host: power.adhacker.online
URL: https://power.adhacker.online/general/bttp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:9c00:15:a9a7:4a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 473a4194e9afde1d6fd0fe00cb1dd4194496d1e62d822da736a0823771fd163f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 05:58:33 GMT
content-encoding: gzip
via: 1.1 f358cf5f46d10c349187abd5e20e06ce.cloudfront.net (CloudFront)
last-modified: Fri, 14 Apr 2023 09:03:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 71525
etag: W/"ae589449a706f123176616318714beba"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: k6gjTR5YV98NoIhB3_qbXoqAKNEw2spARl4sUkfZom3-d8-viMZX3Q==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 107ms
33ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9CRLDW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 25 Oct 2023 23:51:33 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 7145
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 26 Oct 2023 01:51:33 GMT

GET
H2 200 / Show response
breaktime.tw/affiliation/ 12 KB
4 KB 707ms
620ms Script
text/html 2606:4700:3036::6815:eb9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://breaktime.tw/affiliation/
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9CRLDW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:eb9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94e9ee9b451685dc7a3c4d97c97229e0642fbfbb6aab4aaec90864c4068ffdfb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:50:38 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kQeXyDt7GompHrwISiYwDRHTtMOKylOJYfz0Gmt8eu5TSBUb95bz0QDLx7G3je0Z86fh%2F5EU9aUvTKI%2F8lBXAyiKP6MpumYE%2Bu8xkS%2BxAZSFHmYQXYu0Ze1NECXqPB9CLnserudw4Wj1qLo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 81bf0cafac960be0-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 pmp_ads_cfg.js Show response
power.adhacker.online/pmp/ 107 B
631 B 33ms
32ms Script
text/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://power.adhacker.online/pmp/pmp_ads_cfg.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBM6RMK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73fcf5092d5dbb7f06cf2ca7e0ff38522bb27cde183d53c522143f6aa4d35c4e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:50:37 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4838
x-guploader-uploadid: ADPycdsiTIE4NjUKa6tnhYiG3jdxXbM5YKKUDnA7hsSizUXKz2_FEm0iBDCAmL8vX2c0qbHaxDofbjAPxnspzu2O0K8SIg
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 18 May 2022 10:18:21 GMT
server: cloudflare
etag: W/"fdd79f0570565c33347a76493d27dec5"
vary: Accept-Encoding
x-goog-hash: crc32c=v6ttTg==, md5=/defBXBWXDM0enZJPSfexQ==
x-goog-generation: 1652869101996357
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=96%2Bwh9UKxKTBba6%2Bz1w1hgNtiKHOXCTQDTswBv3SXoWqK8BU5aUd%2FPlQIJf0akd1L40YLZ7cigN%2Bq4%2Fh4XKTZ%2FwXFRlskkVyv84as0Jz3daVUYxSaUVPcOyDyx5DtqxV%2FcVpP4oZzw1GTR%2FWKL9neIcTDd4%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 107
cf-ray: 81bf0caf2de666a6-AMS
expires: Thu, 26 Oct 2023 02:50:37 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
50 KB 89ms
89ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBM6RMK

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9f9a9157eeab2175c368ba3e64dc443035b3d87c4c778324b59a02443f12349

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:50:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51089
x-xss-protection: 0
server: cafe
etag: 1150515038619795006
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 26 Oct 2023 01:50:37 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 89 KB
29 KB 132ms
57ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBM6RMK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8058c062c006f6d3c760a1a1796f8e7316979cf5ada758deacbcc338bf11f0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:50:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29463
x-xss-protection: 0
server: cafe
etag: 890 / 19656 / m202310190101 / config-hash: 14305054982963340007
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 26 Oct 2023 01:50:38 GMT

GET
H/1.1 200
OK man.js Show response
vawpro.vm5apis.com/ 5 KB
3 KB 873ms
285ms Script
application/javascript 104.199.210.210
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://vawpro.vm5apis.com/man.js

Requested by

Host: man.vm5apis.com
URL: https://man.vm5apis.com/dist/vmfiveLogger/vmfiveLogger_zi_media.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.199.210.210 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

210.210.199.104.bc.googleusercontent.com

Software

nginx/1.19.5 /

Resource Hash

36e2f189b8c181a0f4903edb464652dbe1eaa0112744cd460c827ec976424aba

Security Headers

Name	Value
Strict-Transport-Security	max-age=15638400
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Thu, 26 Oct 2023 01:50:38 GMT
Strict-Transport-Security: max-age=15638400
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: nginx/1.19.5
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag
Cache-Control: private, max-age=3600
Connection: keep-alive

GET
H2 200 raf.js Show response
man.vm5apis.com/dist/ 4 KB
2 KB 33ms
33ms Script
application/javascript 2600:9000:206f:9c00:15:a9a7:4a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://man.vm5apis.com/dist/raf.js
Requested by: Host: man.vm5apis.com
URL: https://man.vm5apis.com/dist/vmfiveLogger/vmfiveLogger_zi_media.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:9c00:15:a9a7:4a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 946178d46f833ea76fe4aa24f899e1250a6ccbd4769d17abd792cf90109c07ed

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 00:56:43 GMT
content-encoding: br
via: 1.1 f358cf5f46d10c349187abd5e20e06ce.cloudfront.net (CloudFront)
last-modified: Wed, 29 Apr 2020 06:37:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 3235
etag: W/"576fe06b0feca7cc7facc9092066e2a4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 1UTyVRkyQQP1bp-WoGb-b6kk_MZFt58M_5toMQutJxURKNqqybKuqQ==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 199 KB
53 KB 192ms
122ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: man.vm5apis.com
URL: https://man.vm5apis.com/dist/vmfiveLogger/vmfiveLogger_zi_media.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0ec8bc3ef1eb0c6ff43a2f94234c9487df3bf5e5f6b511693ca32cbb89bb665d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 26 Oct 2023 01:50:38 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53588
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: JfqmPFqEGL0feO+syD7Vd0atx4ww5lOHebL8IaQ64+0B5sD9/UF6YnNqxV+Got27DypYslqOxMoPxczdIoJJ0Q==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
216 B 40ms
40ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=646990252&t=pageview&_s=1&dl=https%3A%2F%2Fzi.media%2F&ul=en-us&de=UTF-8&dt=Zi%20%E5%AD%97%E5%AA%92%E9%AB%94&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAAABAAAAAC~&jid=1533165881&gjid=567247212&cid=108474875.1698285038&tid=UA-135689988-1&_gid=1114821017.1698285038&_r=1&_slc=1&gtm=45He3an0n81W9CRLDWv79320947&gcd=11l1l1l1l1&z=1418290317

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3d1cc19c30936ba91c00ecde3eea5bd2fa034cff3e3b68b5ae9106f0e1291f13

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://zi.media/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 26 Oct 2023 01:50:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://zi.media
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 226 KB
81 KB 126ms
126ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3DCCEXXFQP&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e4c6c3776e859eceac9b186ea05db2f0a3ff0026a4ebcd597d0f76114f8b4699

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:50:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82484
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 26 Oct 2023 01:50:38 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
249 B 83ms
29ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3DCCEXXFQP&gtm=45je3an0v9125256186&_p=646990252&gcd=11l1l1l1l2&ul=en-us&sr=1600x1200&cid=108474875.1698285038&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Fzi.media%2F&dt=Zi%20%E5%AD%97%E5%AA%92%E9%AB%94&sid=1698285038&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3DCCEXXFQP&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Oct 2023 01:50:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://zi.media
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1666593263493412 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 224ms
223ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1666593263493412?v=2.9.135&r=stable&domain=zi.media

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

23c97a2bb4f13d0e0ba5ec46d4b99efd1d501cd9cd38677e027ac3894c3d31ba

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 26 Oct 2023 01:50:38 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: cD8bxep2D+Fwk2P0jgXk7L7lq41izXphzZ/fVcfzBoxWCTflC6FFNqHn/e5PbzDPwVPfasNMf+k7bHz3zKxllA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK config Show response
powerads.breaktime.com.tw/v1/bt/ 44 B
425 B 914ms
226ms Fetch
application/json 104.208.76.145
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://powerads.breaktime.com.tw/v1/bt/config?domain=zi.media&pid=M1QyQUwyT1lTNkhCRk1QWjJGRTIz&device=desktop

Requested by

Host: power.adhacker.online
URL: https://power.adhacker.online/general/gl.js?spj=M1QyQUwyT1lTNkhCRk1QWjJGRTIz

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.208.76.145 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

nginx/1.12.2 /

Resource Hash

38a4c9c784a1d9353ecc55139cda30814e0727d08a3a92a36f480d814c1225c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Thu, 26 Oct 2023 01:50:39 GMT
X-Content-Type-Options: nosniff
Server: nginx/1.12.2
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://zi.media
Cache-Control: s-maxage=0, max-age=0, private, max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 44

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 98ms
32ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1666593263493412&ev=PageView&dl=https%3A%2F%2Fzi.media%2F&rl=&if=false&ts=1698285038561&sw=1600&sh=1200&v=2.9.135&r=stable&ec=0&o=30&fbp=fb.1.1698285038560.822218221&ler=empty&it=1698285038311&coo=false&tm=2&rqm=GET

Requested by

Host: zi.media
URL: https://zi.media/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 26 Oct 2023 01:50:38 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 185 KB
67 KB 47ms
46ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-230439076-1

Requested by

Host: breaktime.tw
URL: https://breaktime.tw/affiliation/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a5745a4cb4cd4b442fff8ea9202b88e9a49298eeb281559af5d86aeec4b5f9c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:50:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68655
x-xss-protection: 0
last-modified: Thu, 26 Oct 2023 00:14:09 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 26 Oct 2023 01:50:38 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 185 KB
67 KB 51ms
51ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-230439076-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9CRLDW

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6b570fdfda901fd253d4ec31cc5d5b03264fa1fe754098065e79de29acde7afa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:50:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68625
x-xss-protection: 0
last-modified: Thu, 26 Oct 2023 00:14:09 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 26 Oct 2023 01:50:38 GMT

GET
H2 200 / Show response
cell.adbottw.net/affiliation/ 0
446 B 625ms
548ms Script
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cell.adbottw.net/affiliation/
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W9CRLDW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:50:39 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0KNGDS6a6%2FzsjbF3legWO3ExEd2V3jtSWOi8fy%2B6dSAb6MLsTjU54QAMbN9I9wpSaYQM%2BSsd7xomm%2FuHU6xm342lvYm29rbPq3xqA2yieddhdAVwaaoEq1gyr%2Fe%2B150bqs%2BOjgLVTa9MK3d4%2BHpB"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 81bf0cb40eca6633-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 pmp_ads.js Show response
power.adhacker.online/pmp/ 63 B
910 B 38ms
37ms Script
text/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://power.adhacker.online/pmp/pmp_ads.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBM6RMK
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9dee97292cc74b3c842dc63337e243c5e89996aabce32593be1e36d494573f0f

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:50:38 GMT
content-encoding: br
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ADPycdumSwSy_3T2DzwCkjWiFsZVD6MuakJLZ0c5FqcgL467zvMKioitdiE_GDy5o_t9Bxq8rp4Lk-4QZvMKKeZy8qwhgeJR5bg5
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 18 May 2022 10:18:21 GMT
server: cloudflare
etag: W/"90e3755e0f60542fe1ef74ba1639e239"
vary: Accept-Encoding
x-goog-hash: crc32c=ySZKkQ==, md5=kON1Xg9gVC/h73S6FjniOQ==
x-goog-generation: 1652869101997911
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hQ0BOLArWuGjK9jDWhBM9QzNUBMPGP48vuhgiGMRDi1NCXj79Nj60qKZj6DPPnp6E8NejB%2BOuSFixON9WCXIVV%2FSG9ptvd9wReBy2VjOr9cuxouM3SZFx52ZDWSuscH4ZhwbENFRQwtAg0lpfnM3HWuijhU%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 63
cf-ray: 81bf0cb38e8d0a54-AMS
expires: Thu, 26 Oct 2023 02:50:38 GMT

GET
H2 200 pubads_impl_fy2012.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/ 422 KB
133 KB 183ms
58ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl_fy2012.js?cb=31078824

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49db66ae1889e3ae58a38124422c4d6648b19cf9f233b12412db9b565b5d85b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 14:36:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 40444
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135316
x-xss-protection: 0
server: cafe
etag: 9779678222609117831
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 24 Oct 2024 14:36:34 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 222 KB
79 KB 48ms
47ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NCBMBRV2DM&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-230439076-1&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1dea1955b028be104dff5ea8495c57a8fd30862fd7d00bdcf36032e454d27629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:50:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80582
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 26 Oct 2023 01:50:38 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 40ms
39ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=646990252&t=pageview&_s=1&dl=https%3A%2F%2Fzi.media%2F&ul=en-us&de=UTF-8&dt=Zi%20%E5%AD%97%E5%AA%92%E9%AB%94&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aAjAAUABAAAAACAAI~&jid=1946455626&gjid=2100485580&cid=108474875.1698285038&tid=UA-230439076-1&_gid=1114821017.1698285038&_r=1&gtm=457e3an0&gcd=11l1l1l1l1&jsscut=1&z=271738130

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://zi.media/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 26 Oct 2023 01:50:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://zi.media
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ip Show response
match-hubble-man.vm5apis.com/ 0
192 B 1162ms
286ms XHR
application/octet-stream 104.199.245.202
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://match-hubble-man.vm5apis.com/ip?webBrowserid=2e3a92de-b9ce-410b-9f82-fd3b890bc9a2
Requested by: Host: vawpro.vm5apis.com
URL: https://vawpro.vm5apis.com/man.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.199.245.202 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 202.245.199.104.bc.googleusercontent.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 26 Oct 2023 01:50:39 GMT
Server: nginx/1.6.2
Connection: keep-alive
Content-Length: 0
Content-Type: application/octet-stream

GET
H2 200 persistentID.html Show response
man.vm5apis.com/dist/ Frame EE8F 8 KB
2 KB 34ms
33ms Document
text/html 2600:9000:206f:9c00:15:a9a7:4a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://man.vm5apis.com/dist/persistentID.html
Requested by: Host: man.vm5apis.com
URL: https://man.vm5apis.com/dist/vmfiveLogger/vmfiveLogger_zi_media.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:9c00:15:a9a7:4a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c3a9dccde007203effef205b831e4d12dbccde7ec61a0d1ae336251ab101d80a

Request headers

Referer: https://zi.media/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

age: 74094
content-encoding: gzip
content-type: text/html
date: Wed, 25 Oct 2023 17:37:56 GMT
etag: W/"76ad014071673508950b9f0395151cf8"
last-modified: Tue, 07 Feb 2023 10:42:21 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 f358cf5f46d10c349187abd5e20e06ce.cloudfront.net (CloudFront)
x-amz-cf-id: yRn54tYn23Uk6vc9dDOPpxd2VipCOVk7KJiS2AxUuTFmk2lqL2iDpQ==
x-amz-cf-pop: FRA56-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront

POST
H/1.1 200
OK pixel
pt0.vm5apis.com/api/v2/ 35 B
449 B 880ms
299ms Ping
image/gif 35.194.212.25
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://pt0.vm5apis.com/api/v2/pixel

Requested by

Host: man.vm5apis.com
URL: https://man.vm5apis.com/dist/vmfiveLogger/vmfiveLogger_zi_media.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.194.212.25 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

25.212.194.35.bc.googleusercontent.com

Software

nginx/1.19.5 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=15638400
X-Content-Type-Options	nosniff

Request headers

Referer: https://zi.media/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 26 Oct 2023 01:50:39 GMT
Strict-Transport-Security: max-age=15638400
X-Content-Type-Options: nosniff
Server: nginx/1.19.5
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://zi.media
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 35

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 32ms
32ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1666593263493412&ev=DOMContentLoaded&dl=https%3A%2F%2Fzi.media%2F&rl=&if=false&ts=1698285038806&cd[webBrowserId]=2e3a92de-b9ce-410b-9f82-fd3b890bc9a2&cd[webRef]=&cd[webPage]=https%3A%2F%2Fzi.media%2F&cd[hostURL]=https%253A%252F%252Fzi.media%252F&cd[landingId]=2e3a92de-b9ce-410b-9f82-fd3b890bc9a21698285037928&cd[landingSessionId]=2e3a92de-b9ce-410b-9f82-fd3b890bc9a21698285037928&cd[adisonSessionId]=2e3a92de-b9ce-410b-9f82-fd3b890bc9a21698285037928&cd[event]=DOMContentLoaded&cd[inventoryCompany]=Breaktime&cd[contentCatNielsen]=&cd[provider]=-&cd[loggerName]=zi_media&cd[loggerVer]=2023041401&cd[eventDetails]=%7B%22landingSessionId%22%3A%222e3a92de-b9ce-410b-9f82-fd3b890bc9a21698285037928%22%2C%22adisonSessionId%22%3A%222e3a92de-b9ce-410b-9f82-fd3b890bc9a21698285037928%22%7D&cd[FromVMFiveAds]=false&sw=1600&sh=1200&v=2.9.135&r=stable&ec=1&o=30&fbp=fb.1.1698285038560.822218221&ler=empty&it=1698285038311&coo=false&tm=2&rqm=GET

Requested by

Host: zi.media
URL: https://zi.media/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 26 Oct 2023 01:50:38 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK man.js Show response
vawpro.vm5apis.com/ Frame EE8F 5 KB
3 KB 286ms
285ms Script
application/javascript 104.199.210.210
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://vawpro.vm5apis.com/man.js

Requested by

Host: man.vm5apis.com
URL: https://man.vm5apis.com/dist/persistentID.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.199.210.210 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

210.210.199.104.bc.googleusercontent.com

Software

nginx/1.19.5 /

Resource Hash

2b7b2a16b4dae9bb3f29b758b96879f0805e7515a641a985bd86dce816546503

Security Headers

Name	Value
Strict-Transport-Security	max-age=15638400
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://man.vm5apis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Thu, 26 Oct 2023 01:50:38 GMT
Strict-Transport-Security: max-age=15638400
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: nginx/1.19.5
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag
Cache-Control: private, max-age=3600
Connection: keep-alive

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 29ms
29ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-NCBMBRV2DM&gtm=45je3an0v9126077342&_p=646990252&gcd=11l1l1l1l1&cid=108474875.1698285038&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1698285038&sct=1&seg=0&dl=https%3A%2F%2Fzi.media%2F&dt=Zi%20%E5%AD%97%E5%AA%92%E9%AB%94&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NCBMBRV2DM&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Oct 2023 01:50:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://zi.media
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK p.gif
s.lndata.com/ 43 B
708 B 1069ms
260ms Image
image/gif 3.114.84.80
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.lndata.com/p.gif?type=pageview&sid=1a70edf&uid=6539c5ee.29c3e7e6&url=https%3A%2F%2Fzi.media%2F&tl=Zi%20%E5%AD%97%E5%AA%92%E9%AB%94&cs=utf-8&rl=&sr=1600x1200&sc=24&tz=2&sp=0&vh=1200&pt=3071&_=80657812

Requested by

Host: zi.media
URL: https://zi.media/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.114.84.80 Tokyo, Japan, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-114-84-80.ap-northeast-1.compute.amazonaws.com

Software

nginx/1b169d980faf9653a22d037cf2666728c94ed7a0 U2FsdGVkX1+zbRS3xfUfTYrdPkzbVQuTxasqTEqpISU= /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 26 Oct 2023 01:50:39 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 21 Jan 2004 19:51:30 GMT
Server: nginx/1b169d980faf9653a22d037cf2666728c94ed7a0 U2FsdGVkX1+zbRS3xfUfTYrdPkzbVQuTxasqTEqpISU=
Age: 197808
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR
Content-Type: image/gif
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection: keep-alive
Content-Length: 43
Expires: Wed, 19 Apr 2000 11:43:00 GMT

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 90ms
34ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl_fy2012.js?cb=31078824

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:50:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 13104
x-jsd-version: master
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230042-FRA, cache-jnb7023-JNB
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L2u7RTLdzMaryR3qis2RhQQC61%2Bk8y9nZjKNy1OJBpE5llobnwjQ6nJ3InJ%2FxVViZzC%2FZ6GJ9RzYlrp%2BVKZqlcdIsLevWCJfxsuTvIa%2BvP%2BNyQLq%2B9NMtouA%2FSOcBzsMnSBdo5FJNh%2B1OODdao4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 81bf0cb6690f66e2-AMS

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 143 KB
31 KB 97ms
40ms Script
text/javascript 2606:4700:10::6816:3556
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl_fy2012.js?cb=31078824

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:3556 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fab57543f51269755c854c09e1a361e6a3c04ae97b28b483ae00f13de630e9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:50:39 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 24 Oct 2023 08:11:43 GMT
server: cloudflare
x-amz-request-id: B8SSWBC0N02C1SWS
age: 3127
etag: W/"8a9ad568d94062c0186983f6aac0be50"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 81bf0cb66b600e10-AMS
x-amz-id-2: du6iNBYufNL57e36v6PhyijOZ9b/gTUioXG7TrNwfMfZjHSNSn63jXerlSSGjt8mEaeIZCuPVjY=

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 86ms
26ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl_fy2012.js?cb=31078824
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 27 Sep 2023 04:08:06 GMT
content-encoding: gzip
age: 2497353
x-guploader-uploadid: ADPycdvbRy62debeuap5d2X_nL0IA_diTxUlLVjzCe57950pX-t7YrXJ8wYXRaQQII6P20H4VGYSQ4HjVG7QKouB4behPw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Thu, 26 Sep 2024 04:08:06 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 104ms
51ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl_fy2012.js?cb=31078824

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

5a0e0bff8aff490cd3817c0f945e120780bd2148eb66f8179899bb4c999fc762

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:50:39 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 11 Oct 2023 08:53:04 GMT
server: nginx
etag: W/"65266270-a892"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 27 Oct 2023 01:50:39 GMT

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 134ms
38ms Script
text/javascript 2600:9000:225b:ba00:a:e047:753:6381
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl_fy2012.js?cb=31078824
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:ba00:a:e047:753:6381 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

x-amz-version-id: KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date: Wed, 25 Oct 2023 06:40:14 GMT
Via: 1.1 cabdd49d8331afa937d15ebb470ea716.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: MUC50-P1
Age: 71987
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: PENDING
Connection: keep-alive
Content-Length: 2776
Last-Modified: Thu, 19 Oct 2023 06:40:11 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: f7IBdpwekKQ1rdpEZIhGVdJESN2P1HO2z3rTS0l3n8xYB7ixhD65hw==

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 120ms
36ms Script
text/javascript 65.9.66.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl_fy2012.js?cb=31078824
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-68.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 03:07:00 GMT
content-encoding: gzip
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 81820
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: qwLr5gSqXek_NN3sPnJeqeIIZDDp8kVlPgqU827hUjYQtZ3yhx9j2A==

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 110ms
46ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl_fy2012.js?cb=31078824
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:50:39 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: 52532ef3ce137cf26cd7886415c4f002
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H2 200 ob.js Show response
cdn-ima.33across.com/ 14 KB
5 KB 103ms
32ms Script
application/javascript 104.18.35.167
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-ima.33across.com/ob.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl_fy2012.js?cb=31078824
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.35.167 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75f98edec0ef29b310fbefe51576305d171a3a93594169645d2490e8e317a167

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:50:39 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 18 Sep 2023 17:20:48 GMT
server: cloudflare
age: 201359
etag: W/"650886f0-39ac"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 81bf0cb71f90b742-AMS
expires: Sun, 29 Oct 2023 01:50:39 GMT

GET
H2 200 connectId-gpt.js Show response
connectid.analytics.yahoo.com/ 9 KB
9 KB 157ms
35ms Script
application/javascript 2600:9000:223c:7600:10:dd8:5e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://connectid.analytics.yahoo.com/connectId-gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl_fy2012.js?cb=31078824

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:223c:7600:10:dd8:5e40:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:17:48 GMT
via: 1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'
x-amz-cf-pop: FRA56-P2
age: 1972
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 8730
x-amz-expiration: expiry-date="Tue, 17 Oct 2028 00:00:00 GMT", rule-id="webapp-standard-lifecycle"
last-modified: Tue, 17 Oct 2023 13:17:45 GMT
server: AmazonS3
etag: "c46e30de24d0f12167e302e9e32ff4a5"
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: Y3SppoD5lkYyxvkD6Zv-U6ExD29ap_TvvdL6DrkNtzvsphS2ISMV3w==

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 376 B
644 B 193ms
192ms Fetch
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl_fy2012.js?cb=31078824

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a11335ef0708b1ae62a97d701a9892f9a4c0ef3c8ab8b8b7eb2c6b110bd0be83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:50:39 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://zi.media
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
7062c60d79892459149a1d843a69876c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame AA6C 6 KB
3 KB 204ms
67ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7062c60d79892459149a1d843a69876c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl_fy2012.js?cb=31078824

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zi.media/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 26 Oct 2023 01:50:39 GMT
expires: Fri, 25 Oct 2024 01:50:39 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fzi.media%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fzi.media%2F&rid=esp&cc=1

85 B
194 B

127ms
127ms

Fetch
application/json

34.120.135.53
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fzi.media%2F&rid=esp&cc=1
Requested by: Host: zi.media
URL: https://zi.media/
Protocol: H2
Server: 34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 53.135.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 917a0535f677ea3aa8b6e76107bfd5f8d363bc127f2d6a9fcc6478e675b48454

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:50:39 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-M3bnxmgJFAN7NgaCJNJ8YzxPn5o"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://zi.media
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Thu, 26 Oct 2023 01:50:39 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://zi.media
location: /esp?url=https%3A%2F%2Fzi.media%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK ip Show response
match-hubble-man.vm5apis.com/ Frame EE8F 0
192 B 1099ms
289ms XHR
application/octet-stream 104.199.245.202
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://match-hubble-man.vm5apis.com/ip?webBrowserid=7b6a60dc-53a4-4ba0-b0f6-700e71ef6d7c
Requested by: Host: vawpro.vm5apis.com
URL: https://vawpro.vm5apis.com/man.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.199.245.202 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 202.245.199.104.bc.googleusercontent.com
Software: nginx/1.6.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://man.vm5apis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Thu, 26 Oct 2023 01:50:40 GMT
Server: nginx/1.6.2
Connection: keep-alive
Content-Length: 0
Content-Type: application/octet-stream

GET
H2 200 cm.js Show response
t.daexauto.com/ Frame EE8F 2 KB
1 KB 90ms
26ms Script
application/javascript 34.102.239.73
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.daexauto.com/cm.js
Requested by: Host: man.vm5apis.com
URL: https://man.vm5apis.com/dist/persistentID.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.239.73 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 73.239.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 4d84cc0c5ddeec8192c92f9abf5cce58c54a5deeea8fb635da4aacedd00ec510

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://man.vm5apis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:22:55 GMT
content-encoding: gzip
age: 1664
x-guploader-uploadid: ABPtcPoxXmKJpRqnL3GBvuRSUKk3Hb3jNjSaReCoapX-d1RJ39oVmyIlj72BkNp9dFv9VnruyIbly_WrZuVFOsaU1ky5Pw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 605
last-modified: Tue, 20 Sep 2022 03:01:56 GMT
server: UploadServer
etag: "5cc302c71332a6e8596d563d8e1d4412"
x-goog-generation: 1663642916783214
x-goog-hash: crc32c=fEiJzw==, md5=XMMCxxMypuhZbVY9jh1EEg==
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: no-transform
x-goog-stored-content-length: 605
accept-ranges: bytes
content-type: application/javascript
expires: Fri, 25 Oct 2024 01:22:55 GMT

GET
H/1.1 200
OK /
cm.lndata.com/ Frame EE8F 35 B
470 B 1277ms
251ms Image
image/gif 116.50.36.71
DONGFONG-TW DongF...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lndata.com/?tid=4027&uid=7b6a60dc-53a4-4ba0-b0f6-700e71ef6d7c
Requested by: Host: man.vm5apis.com
URL: https://man.vm5apis.com/dist/persistentID.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software: TornadoServer/1.2.1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://man.vm5apis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Content-Type: image/gif
Date: Thu, 26 Oct 2023 01:50:40 GMT
Server: TornadoServer/1.2.1
Connection: keep-alive
Etag: "0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR

GET
H2 200 addr.json Show response
iptoweather.vm5apis.com/ 25 B
115 B 856ms
281ms Fetch
application/json 35.229.142.89
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://iptoweather.vm5apis.com/addr.json
Requested by: Host: man.vm5apis.com
URL: https://man.vm5apis.com/dist/vmfiveLogger/vmfiveLogger_zi_media.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.229.142.89 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 89.142.229.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: d2db0616ed3a4d08b72fb5ccc7a254d52adf08a785f99804a8d4a391800bd3a9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 26 Oct 2023 01:50:39 GMT
server: nginx
content-length: 25
content-type: application/json

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
224 B 106ms
34ms XHR
text/plain 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://zi.media/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://zi.media
date: Thu, 26 Oct 2023 01:50:38 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 2B80 15 KB
6 KB 86ms
28ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=zi.media

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://zi.media/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 26 Oct 2023 01:50:38 GMT
server: Kestrel
server-processing-duration-in-ticks: 308861
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 main.html Show response
t.daexauto.com/ Frame F207 32 KB
13 KB 141ms
139ms Document
text/html 34.102.239.73
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://t.daexauto.com/main.html?partner=vmfive&member=7b6a60dc-53a4-4ba0-b0f6-700e71ef6d7c
Requested by: Host: t.daexauto.com
URL: https://t.daexauto.com/cm.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.239.73 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 73.239.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: d62bec0ab5bd64a839531c99dc00e11790d51dda21ab62d2a1fa3b81b8175b26

Request headers

Referer: https://man.vm5apis.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-transform
content-encoding: gzip
content-length: 13194
content-type: text/html
date: Thu, 26 Oct 2023 01:50:39 GMT
etag: "eaab32de7850de7dd79c63e84f311fa1"
expires: Fri, 25 Oct 2024 01:50:39 GMT
last-modified: Tue, 20 Sep 2022 03:03:06 GMT
server: UploadServer
x-goog-generation: 1663642986084651
x-goog-hash: crc32c=ixrhRQ== md5=6qsy3nhQ3n3XnGPoTzEfoQ==
x-goog-metageneration: 1
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 13194
x-guploader-uploadid: ABPtcPrRvskQT4N7ojp-5PTir9V5T6DQZx8_qDQRWwdKJ26WynVAzArkYDXI2zZVprlfqaO6TIXpzqZjzSZjWy7IAjjpog

GET
H2

200

sid Show response
mug.criteo.com/ Frame 2B80
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=zi.media&sn=ChromeSyncframe&so=0&topUrl=zi.media&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=h0aUM3xsREpvcW5zYmQrSkRNT1dVbVUyQTAvaWM5N2h5NU43Sm0yNTRZVk1KbGR3d1NnOERpYzlwdGthbldYTDhDeFJQTHcwektuTDlNZG5mS2lqNEREMGxyc3ZmSnlxQlRsVE52eGUzODNOdGMyWEUyZTI0UUNMTzc3Sz...

415 B
644 B

28ms
27ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=h0aUM3xsREpvcW5zYmQrSkRNT1dVbVUyQTAvaWM5N2h5NU43Sm0yNTRZVk1KbGR3d1NnOERpYzlwdGthbldYTDhDeFJQTHcwektuTDlNZG5mS2lqNEREMGxyc3ZmSnlxQlRsVE52eGUzODNOdGMyWEUyZTI0UUNMTzc3Szh0OXZ5RDNlM2Raandzc05YUy9YOVNIODdUbmJrV1g2V2N3ajhGUUFSTEFrdmZtcm51Y0hCcDVIZFdUcGhDSU10M0EyYi9HOFI0cEFGMy9wcWpCNzdWY0dyVm1hU3lMd3RZM0YxQW9hbUVwTFI3ZitVRGZubjJDRExmMis0NXNnc3ZKeGlYclpjQ0hBdXFyTEpWcVRlM2ZxUWo3bFkwQT09fA&cppv=2

Requested by

Host: zi.media
URL: https://zi.media/

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e290febb83652102d748aaa3d360cb6f4ef173ba8bc93dd5031107ea2b134320

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 26 Oct 2023 01:50:38 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1047879
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 26 Oct 2023 01:50:38 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=h0aUM3xsREpvcW5zYmQrSkRNT1dVbVUyQTAvaWM5N2h5NU43Sm0yNTRZVk1KbGR3d1NnOERpYzlwdGthbldYTDhDeFJQTHcwektuTDlNZG5mS2lqNEREMGxyc3ZmSnlxQlRsVE52eGUzODNOdGMyWEUyZTI0UUNMTzc3Szh0OXZ5RDNlM2Raandzc05YUy9YOVNIODdUbmJrV1g2V2N3ajhGUUFSTEFrdmZtcm51Y0hCcDVIZFdUcGhDSU10M0EyYi9HOFI0cEFGMy9wcWpCNzdWY0dyVm1hU3lMd3RZM0YxQW9hbUVwTFI3ZitVRGZubjJDRExmMis0NXNnc3ZKeGlYclpjQ0hBdXFyTEpWcVRlM2ZxUWo3bFkwQT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 241021
content-length: 0
expires: 0

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
330 B 156ms
42ms XHR
application/json 99.81.194.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.81.194.117 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-194-117.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 1072f78177a2bfa518cd686241c44dfdb5a46d026c214910ec96243acd5fb003

Request headers

Referer: https://zi.media/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 26 Oct 2023 01:50:39 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://zi.media
cache-control: no-cache
x-server: 10.45.26.106
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2 200 / Show response
newaddiscover.com/videoads/ Frame 1133 7 KB
3 KB 1134ms
1059ms Document
text/html 2606:4700:e0::ac40:6518
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newaddiscover.com/videoads/?ca=41&cb=1698285038
Requested by: Host: zi.media
URL: https://zi.media/js/track.js?cb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6518 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bfe277d874705171583384d1ca996020d6db2a090463edcb10c15c6cf84f24a8

Request headers

Referer: https://zi.media/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 81bf0cb80e9bb936-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 26 Oct 2023 01:50:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qEpoOXVagG1wL%2BIV46eOhS13aGq6CTkhEk%2F%2FmPrmSDWKv0wtBByCjFWq5NgEUcpC8YiNB6aFQC4wHlKA1xPj2RrYPxm9nnDwqSJZoe3EkLUnDFr2cxrSKyM7TtTLg9Gg46eNAmgX%2B6ryx7hvXwi%2BGw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 304 B
156 B 66ms
66ms Fetch
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3284370264882945&correlator=1173961975745449&eid=31078824%2C21065725&output=ldjh&gdfp_req=1&vrg=202310190101&ptt=17&impl=fifs&iu_parts=21697024903%3A22544901757%2CBT_a_F1&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C728x90%7C336x280%7C320x100%7C300x250&ifi=3&didk=1061932178&sfv=1-0-40&sc=1&cookie=ID%3De0922c3e0795b1f0-22e74f3e0ce30068%3AT%3D1698285037%3ART%3D1698285037%3AS%3DALNI_MZWuCk8PKGWh24ls8xATJxDP5VEYw&gpic=UID%3D00000ca42fad60a0%3AT%3D1698285037%3ART%3D1698285037%3AS%3DALNI_MZrTnJHQ_u2_ezVvD6GdMk9PcKshg&abxe=1&dt=1698285039275&lmt=1698277839&adxs=300&adys=6642&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fzi.media%2F&vis=1&psz=1000x0&msz=1000x0&fws=0&ohw=0&ga_vid=108474875.1698285038&ga_sid=1698285038&ga_hid=646990252&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYr9u0zbYxSABSAghkEhsKDDMzYWNyb3NzLmNvbRiv27TNtjFIAFICCGQSGQoKcHViY2lkLm9yZxiT3LTNtjFIAFICCGoSGAoJeWFob28uY29tGK_btM22MUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRiv27TNtjFIAFICCGQSFwoIcnRiaG91c2UYgd20zbYxSABSAghqEhQKBW9wZW54GK_btM22MUgAUgIIZBIZCgp1aWRhcGkuY29tGK_btM22MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Ylt20zbYxSABSAghq&dlt=1698285035076&idt=3928&prev_scp=zi-web%3Dzi.media%26zi-path%3D%252F%26zi-partner%3DFZFHS22%26zi-cwidth%3DLarge&adks=62839635&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl_fy2012.js?cb=31078824

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c319c6311aa8295e4dcdf465d3797a055e072fc83d26e011f4dfec69cfb76a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:50:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://zi.media
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 303 B
155 B 66ms
66ms Fetch
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3284370264882945&correlator=1173961975745449&eid=31078824%2C21065725&output=ldjh&gdfp_req=1&vrg=202310190101&ptt=17&impl=fifs&iu_parts=21697024903%3A22544901757%2CBT_a_H1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1%7C970x90%7C970x250%7C728x90%7C336x280%7C300x250&ifi=4&didk=3850745391&sfv=1-0-40&sc=1&cookie=ID%3De0922c3e0795b1f0-22e74f3e0ce30068%3AT%3D1698285037%3ART%3D1698285037%3AS%3DALNI_MZWuCk8PKGWh24ls8xATJxDP5VEYw&gpic=UID%3D00000ca42fad60a0%3AT%3D1698285037%3ART%3D1698285037%3AS%3DALNI_MZrTnJHQ_u2_ezVvD6GdMk9PcKshg&abxe=1&dt=1698285039279&lmt=1698277839&adxs=300&adys=108&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fzi.media%2F&vis=1&psz=1000x-1&msz=1000x-1&fws=0&ohw=0&ga_vid=108474875.1698285038&ga_sid=1698285038&ga_hid=646990252&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQYr9u0zbYxSABSAghkEhsKDDMzYWNyb3NzLmNvbRiv27TNtjFIAFICCGQSGQoKcHViY2lkLm9yZxiT3LTNtjFIAFICCGoSGAoJeWFob28uY29tGK_btM22MUgAUgIIZBIdCg5lc3AuY3JpdGVvLmNvbRiv27TNtjFIAFICCGQSFwoIcnRiaG91c2UYgd20zbYxSABSAghqEhQKBW9wZW54GK_btM22MUgAUgIIZBIZCgp1aWRhcGkuY29tGK_btM22MUgAUgIIZBIbCgxpZDUtc3luYy5jb20Ylt20zbYxSABSAghq&dlt=1698285035076&idt=3928&prev_scp=zi-web%3Dzi.media%26zi-path%3D%252F%26zi-partner%3DFZFHS22%26zi-cwidth%3DLarge&adks=3463185270&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310190101/pubads_impl_fy2012.js?cb=31078824

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

33a1ac6754700d34ab739d69e5009b5347e6f1c63111ec69a2a7b51f1e473ca1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:50:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://zi.media
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fed Show response
ups.analytics.yahoo.com/ups/58813/ 2 B
207 B 127ms
36ms XHR
application/json 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ups.analytics.yahoo.com/ups/58813/fed?gpp_sid=-1&v=1&url=https%3A%2F%2Fzi.media%2F

Requested by

Host: connectid.analytics.yahoo.com
URL: https://connectid.analytics.yahoo.com/connectId-gpt.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.87 /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:50:39 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.87
age: 0
vary: Origin
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin: https://zi.media
content-type: application/json
access-control-allow-credentials: true

GET
H2 204 cm.php
cm.daexauto.com/ Frame F207 0
409 B 475ms
399ms Image
text/html 2606:4700:20::681a:403
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.daexauto.com/cm.php?daex_id=e082edceb7d7f9e477e6a8ebbeb83cd0&partner=vmfive&partner_id=7b6a60dc-53a4-4ba0-b0f6-700e71ef6d7c&z=87601255
Requested by: Host: man.vm5apis.com
URL: https://man.vm5apis.com/dist/persistentID.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:403 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://t.daexauto.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:50:39 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PE9qPzFatcB%2BtLTkzVoXLCSEgYb77lpUxXnAAsfBQ66SrxewHmWJ05o0wyrSwwlZP%2BIFKfFqBTtYOPNd%2FkR14AIH0Dy1RYqam%2BTgDRnctDhRPyS6liDXsbcumPNcYlObz37v%2Br0XEJwxGXBiTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 81bf0cb8eef00e3b-AMS

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame EA9B 0
176 B 92ms
32ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://zi.media/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Thu, 26 Oct 2023 01:50:39 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1 200
OK pixel
pt0.vm5apis.com/api/v2/ 35 B
0 892ms
319ms Fetch
image/gif 35.194.212.25
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://pt0.vm5apis.com/api/v2/pixel?event=id_sync&provider=-&webBrowserId=7b6a60dc-53a4-4ba0-b0f6-700e71ef6d7c&eventDetails=%7B%22browser_id%22%3A%227b6a60dc-53a4-4ba0-b0f6-700e71ef6d7c%22%2C%22browser_id_shared%22%3A%227b6a60dc-53a4-4ba0-b0f6-700e71ef6d7c%22%2C%22browser_id_timestamp_shared%22%3A1698285039130%2C%22browser_id_cookie_shared%22%3A%227b6a60dc-53a4-4ba0-b0f6-700e71ef6d7c%22%2C%22browser_id_cookie_timestamp_shared%22%3A1698285039130%2C%22browser_id_local%22%3A%227b6a60dc-53a4-4ba0-b0f6-700e71ef6d7c%22%2C%22browser_id_timestamp_local%22%3A%221698285039130%22%2C%22browser_id_cookie_local%22%3A%227b6a60dc-53a4-4ba0-b0f6-700e71ef6d7c%22%2C%22browser_id_cookie_timestamp_local%22%3A%221698285039130%22%2C%22referrer%22%3A%22%22%2C%22request_source%22%3A%22https%3A%2F%2Fzi.media%2F%22%2C%22user_agent%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F118.0.5993.88%20Safari%2F537.36%22%2C%22platform%22%3A%22Win32%22%2C%22language%22%3A%22en-US%22%2C%22ip%22%3A%2231.204.153.185%22%7D

Requested by

Host: man.vm5apis.com
URL: https://man.vm5apis.com/dist/vmfiveLogger/vmfiveLogger_zi_media.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.194.212.25 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

25.212.194.35.bc.googleusercontent.com

Software

nginx/1.19.5 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15638400
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

Date: Thu, 26 Oct 2023 01:50:40 GMT
Strict-Transport-Security: max-age=15638400
X-Content-Type-Options: nosniff
Server: nginx/1.19.5
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://zi.media
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 35

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 1133 144 KB
50 KB 77ms
76ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: newaddiscover.com
URL: https://newaddiscover.com/videoads/?ca=41&cb=1698285038

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa1224c1013b533a1efd6c18d317455f39a118bb2dd64ba4a3abe08cb5ee4d74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://newaddiscover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:50:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51006
x-xss-protection: 0
server: cafe
etag: 10341730261641020559
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 26 Oct 2023 01:50:40 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 1133 52 KB
21 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: newaddiscover.com
URL: https://newaddiscover.com/videoads/?ca=41&cb=1698285038

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://newaddiscover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 25 Oct 2023 23:51:33 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 7147
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 26 Oct 2023 01:51:33 GMT

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame 1133 256 B
580 B 189ms
68ms Script
application/javascript 87.248.100.136
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?locale=en_us&agentVersion=205&adTrackingEnabled=true&adUnitCode=eaf363ee-e3d4-4edd-bc46-fcbe7c77596c&apiKey=9DBXYYFK9PZN8YTGHJSP&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Fpokatv.com%2F&cb=JSONPCallback0

Requested by

Host: newaddiscover.com
URL: https://newaddiscover.com/videoads/?ca=41&cb=1698285038

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.136 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

o1.ycpi.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

ccff4487a6e5d8ea93b975fd00d9718d2acd164bc69944ce023b565cf1f80928

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://newaddiscover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Thu, 26 Oct 2023 01:50:40 GMT
server: ATS
age: 0
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 17
x-xss-protection: 1; mode=block
x-request-id: 28b56dde-09ec-4c00-be35-23360f2144a4

GET
H2 200 / Show response
newaddiscover.com/videoads/ Frame 0D53 7 KB
2 KB 288ms
288ms Document
text/html 2606:4700:e0::ac40:6518
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newaddiscover.com/videoads/?ca=24&cb=1698285038
Requested by: Host: zi.media
URL: https://zi.media/js/track.js?cb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:6518 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4eae532b861af755bcd1d1b64b027048a56aaaa2622cf2ba876d80b8fcd8cd6d

Request headers

Referer: https://zi.media/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 81bf0cbf1abeb936-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 26 Oct 2023 01:50:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xNAjYFd9jya7u12yYiPGp5c8WICMo3ey%2FiytDXIB4gH4yFcLEfYLWI8HLLPMkABTFVFAN5Imnwf25sgq6%2BOLWr58rvLogVvvHM%2B7O%2B0e5fSdoE%2F2Rq25ppxn8WTSzD%2BVGyyY05DzVJjznmYtPQO1uQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 0D53 144 KB
50 KB 100ms
99ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: newaddiscover.com
URL: https://newaddiscover.com/videoads/?ca=24&cb=1698285038

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

abd21a85834c313ffc1810c26d74cd70336400dec477a441eb88faa9d5900d89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://newaddiscover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:50:40 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50988
x-xss-protection: 0
server: cafe
etag: 357929254311915927
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 26 Oct 2023 01:50:40 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 0D53 52 KB
21 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: newaddiscover.com
URL: https://newaddiscover.com/videoads/?ca=24&cb=1698285038

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://newaddiscover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 25 Oct 2023 23:51:33 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 7147
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 26 Oct 2023 01:51:33 GMT

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame 0D53 256 B
300 B 68ms
67ms Script
application/javascript 87.248.100.136
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?locale=en_us&agentVersion=205&adTrackingEnabled=true&adUnitCode=6f209016-0008-4daf-b5e5-7b4f71686ee4&apiKey=JCHZ892RD7YT79YK3TVN&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Fsofuntv.com%2F&cb=JSONPCallback0

Requested by

Host: newaddiscover.com
URL: https://newaddiscover.com/videoads/?ca=24&cb=1698285038

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.136 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

o1.ycpi.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

43e99f57c641c58cc78427d0f509cf3d882c041beee958dbfd2f1a00812c8574

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://newaddiscover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Thu, 26 Oct 2023 01:50:40 GMT
server: ATS
age: 0
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 17
x-xss-protection: 1; mode=block
x-request-id: a4a78f06-0bec-40f0-b712-8e8c404f65f7

GET
H3 200 / Show response
newaddiscover.com/videoads/ Frame F586 7 KB
3 KB 1052ms
1052ms Document
text/html 2606:4700:e0::ac40:6518
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newaddiscover.com/videoads/?ca=18&cb=1698285038
Requested by: Host: zi.media
URL: https://zi.media/js/track.js?cb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6518 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 252f210bce654da0ffa2a037bf3e69716a827e1537b79cf4803dc75fc0f30560

Request headers

Referer: https://zi.media/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 81bf0cc68ada1ca6-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 26 Oct 2023 01:50:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UKWv0Fn%2F9maJ1kPvbSEbn99mqOI1JbmVVDP5xDgVNbYYwD1BILxHIZ6BU4CqfD2dmP9LrJ7akQnMyx5wJpxx0A21OUGYjTQiH4fSN1%2F7fBlLt3FYo6gaCdAnr0PG99paBe4pwMRS8zLPgzSX7VigKA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame F586 144 KB
50 KB 93ms
93ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: newaddiscover.com
URL: https://newaddiscover.com/videoads/?ca=18&cb=1698285038

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0e8abec9fffa01fda751f277a66e1b20b546ce96b2bf13d88e7d36f463a96e0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://newaddiscover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:50:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51003
x-xss-protection: 0
server: cafe
etag: 17704317101357326753
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 26 Oct 2023 01:50:42 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame F586 52 KB
21 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: newaddiscover.com
URL: https://newaddiscover.com/videoads/?ca=18&cb=1698285038

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://newaddiscover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 25 Oct 2023 23:51:33 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 7149
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 26 Oct 2023 01:51:33 GMT

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame F586 256 B
348 B 90ms
90ms Script
application/javascript 87.248.100.136
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?locale=en_us&agentVersion=205&adTrackingEnabled=true&adUnitCode=9afbe7b8-04e8-4d20-ae18-6b3fa0b3dc01&apiKey=BBNYRSSZRBTNKXPXPF36&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Featower.blogspot.com%2F&cb=JSONPCallback0

Requested by

Host: newaddiscover.com
URL: https://newaddiscover.com/videoads/?ca=18&cb=1698285038

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.136 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

o1.ycpi.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

5f8c6759ee5eef216c5f2125a2cffc3524c4f9609e4d4170abaa31f8b960d095

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://newaddiscover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Thu, 26 Oct 2023 01:50:42 GMT
server: ATS
age: 0
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 38
x-xss-protection: 1; mode=block
x-request-id: 2cc36a47-1a23-4444-a1b1-bf457a743397

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 49ms
48ms XHR
application/json 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231024&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d19deb44ba82ec30793c95f77261760b21030a43daf2424333d57b97e8ef32be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:50:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12137
x-xss-protection: 0

POST
H/1.1 200
OK pixel
pt0.vm5apis.com/api/v2/ 35 B
449 B 301ms
300ms Ping
image/gif 35.194.212.25
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://pt0.vm5apis.com/api/v2/pixel

Requested by

Host: man.vm5apis.com
URL: https://man.vm5apis.com/dist/vmfiveLogger/vmfiveLogger_zi_media.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.194.212.25 Taipei, Taiwan, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

25.212.194.35.bc.googleusercontent.com

Software

nginx/1.19.5 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=15638400
X-Content-Type-Options	nosniff

Request headers

Referer: https://zi.media/
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 26 Oct 2023 01:50:43 GMT
Strict-Transport-Security: max-age=15638400
X-Content-Type-Options: nosniff
Server: nginx/1.19.5
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://zi.media
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 35

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 32ms
32ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1666593263493412&ev=landing&dl=https%3A%2F%2Fzi.media%2F&rl=&if=false&ts=1698285042852&cd[webBrowserId]=7b6a60dc-53a4-4ba0-b0f6-700e71ef6d7c&cd[webRef]=&cd[webPage]=https%3A%2F%2Fzi.media%2F&cd[hostURL]=https%253A%252F%252Fzi.media%252F&cd[landingId]=2e3a92de-b9ce-410b-9f82-fd3b890bc9a21698285037928&cd[landingSessionId]=2e3a92de-b9ce-410b-9f82-fd3b890bc9a21698285037928&cd[adisonSessionId]=2e3a92de-b9ce-410b-9f82-fd3b890bc9a21698285037928&cd[event]=landing&cd[inventoryCompany]=Breaktime&cd[contentCatNielsen]=&cd[provider]=-&cd[loggerName]=zi_media&cd[loggerVer]=2023041401&cd[eventDetails]=%7B%22landingSessionId%22%3A%222e3a92de-b9ce-410b-9f82-fd3b890bc9a21698285037928%22%2C%22adisonSessionId%22%3A%222e3a92de-b9ce-410b-9f82-fd3b890bc9a21698285037928%22%7D&cd[FromVMFiveAds]=false&sw=1600&sh=1200&v=2.9.135&r=stable&ec=2&o=30&fbp=fb.1.1698285038560.822218221&ler=empty&it=1698285038311&coo=false&tm=2&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 26 Oct 2023 01:50:42 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 / Show response
newaddiscover.com/videoads/ Frame 1C51 7 KB
3 KB 287ms
287ms Document
text/html 2606:4700:e0::ac40:6518
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newaddiscover.com/videoads/?ca=42&cb=1698285038
Requested by: Host: zi.media
URL: https://zi.media/js/track.js?cb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6518 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17ad43ac3fddf727dd73f56e7152466bedb345f5c26d636f5432fd15b852e9a9

Request headers

Referer: https://zi.media/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 81bf0cce0f371ca6-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 26 Oct 2023 01:50:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o1W4ArUogeaLDDcuyXsev%2B7V9YtLcEikC9kFi4mo0eunRScMYXWQyVzn3O7XVmbBzcSg8vNnjSQpli%2B17GVsAcltC9LK34N07otbXmIaHYwxshNlBs%2B87c%2Fyt%2FuY5w3zBE8DGgnnsiSOlICfUW66CQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 143ms
49ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:50:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 26 Oct 2023 01:50:43 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8D80 13 KB
5 KB 33ms
31ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zi.media/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

accept-ranges: bytes
age: 22741
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 25 Oct 2023 19:31:42 GMT
expires: Thu, 24 Oct 2024 19:31:42 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3EA4 829 B
1 KB 113ms
41ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

972b6a47fcc88cf49928367d31d246e8a5e2ffc501b03abe17fde102bac2733e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-432VyBJDLM_DKGKaIGnn-A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://zi.media/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-432VyBJDLM_DKGKaIGnn-A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 26 Oct 2023 01:50:43 GMT
expires: Thu, 26 Oct 2023 01:50:43 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 y08pV31sM45xEike2vHNAQ_usQ3N3SApGkbB1F_zlUU.js Show response
pagead2.googlesyndication.com/bg/ Frame 8D80 39 KB
15 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/y08pV31sM45xEike2vHNAQ_usQ3N3SApGkbB1F_zlUU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb4f29577d6c338e7112291edaf1cd010feeb10dcddd20291a46c1d45ff39545

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 02:07:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85422
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15202
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 12:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Oct 2024 02:07:01 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 1C51 144 KB
50 KB 89ms
88ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: newaddiscover.com
URL: https://newaddiscover.com/videoads/?ca=42&cb=1698285038

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f567ba3aaddaa3a128a3e3828ffa903abd4fa63001faaa9791b931d19d0a6006

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://newaddiscover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:50:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50985
x-xss-protection: 0
server: cafe
etag: 1840796798884783391
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 26 Oct 2023 01:50:43 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 1C51 52 KB
21 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: newaddiscover.com
URL: https://newaddiscover.com/videoads/?ca=42&cb=1698285038

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://newaddiscover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 25 Oct 2023 23:51:33 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 7150
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 26 Oct 2023 01:51:33 GMT

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame 1C51 260 B
338 B 66ms
66ms Script
application/javascript 87.248.100.136
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?locale=en_us&agentVersion=205&adTrackingEnabled=true&adUnitCode=dc46519c-e818-4db6-b32e-8a5a5a6406fd&apiKey=4F85ZVS8G5W5QJNMJXKG&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Fegchen726.com%2F&cb=JSONPCallback0

Requested by

Host: newaddiscover.com
URL: https://newaddiscover.com/videoads/?ca=42&cb=1698285038

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.136 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

o1.ycpi.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

aa45df5db9cb69cd5c34902b7a6af80b43d17569a6f664dd54e00d84ba2e7777

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://newaddiscover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Thu, 26 Oct 2023 01:50:43 GMT
server: ATS
age: 0
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 15
x-xss-protection: 1; mode=block
x-request-id: 7e6a191a-acc5-416f-935b-44d9c75df841

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3EA4 0
0 97ms
97ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231024&jk=3284370264882945&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8D80 0
10 B 33ms
32ms Image
text/plain 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?08bLEA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:50:43 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 97ms
96ms Image
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231024&jk=3284370264882945&bg=!-_il-LfNAAZRemZlcXo7ADQBe5WfOKhaI4ktWeKVUS0SsRzDmXFGxi4zMV3IKEzJnPD1e-bgBeI0inv4Ug0MtZosPUPzAgAAAEtSAAAAA2gBBwoAuvt8r0yJ_M849DastwYhcKqUis1V1Gy4lLfIcMEpSayyKTMTnHHpswF-NZo6oxPCe7RpW2DciLxpZFrPebikXLhUNlOoJm7wzOjjPVcJHhEmRQQ5Ge3j7dxCvcHyGecCvRMywinaBgb7v2seM--pIULiXd1Mhd4ydgalCbCZc6SPFiO9-htI-sQzTyC0n-TGJBgHjTVwzT9vGzqsfm85K7_Nwq1TtujEUXQOhMx-1vGekuI54I8V1QjnrpkCry14u-PvF6jHi8vK4iJp5YvKqOGRJwrvbu7Pno55SqGCBUGEN9iFiOwRXJY57qN5qDN_KpA_2YSS38g1vq_bdGvoZpLhAyG0l9nGoXx5VF6irJGL2fA0VYDvd8dBB4wYJzxps1KobU63R5xws459rITjxJ-Fmz0w-PHruMhQsJXBBsEAC3QQ8mVGj1ndaxqR1VaciHaam-w9QaxIPtvM8L2mXFpTM_Jt68fypPzL92Xxewj1w_l7SM2Ee-lCsgn8GKc1TDQ7JwQ6lfZuXV_jMTYErBOpya0oAihLlk0cqevKb7KIWd6vKaZd_36hlmO_5HIKNrwczOLlYJKLn0gYQ9EfpcdJx-09wuhGHZiQaet1gxz9df4zLsmi7-jEkzEE9arOCH8Fmp2-QxQ1kly2K9xG25B_QOeDGLIu2L4p6xClK9t1w19rm41b_zLod6iKo5tTPg29VavoWHPERdGsSd0idzt8HKDM-nE99FELUbm3mA-q64miyvaVQpfsG20H-AqlstOAPMFlBWOFmhi4_c2eLNwLeVz-y-C3WZWUbGhjN_kEI73BBKcz_IACCqwrsrdM-FH7zxbdtewr3VpOXoT_tsFazfpgOgWsYS3SVr-cXFE7rR24pXkVupT8ow39t3pVrV34YhD5ygTmydU5xFLBieXD11PdQKKyqiF_GYF4aQZFg_tz-7QkeJEZdNb6o87l3iPNrSKoEz1YBxv0xMPN30AaKHSq-EEWDkZGmw1loG8ewiJ_7-64bwdU5Ahh1wX7j4rrR5BM8lGxXLsLy6t8UKcZg2mVyLInfC0oEqd14aQWIx3tS4P7SIg1Mv2_28M7uUHZTpVwixzJ71XPxgL7QE-WM83Cwm9CZXoiMi-7BcW-VZcYe9Pkqy_QbhDPH-x9zu4RjZVQvt1xT_Y7Qw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://zi.media/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

GET
H3 200 / Show response
newaddiscover.com/videoads/ Frame 5074 7 KB
3 KB 288ms
287ms Document
text/html 2606:4700:e0::ac40:6518
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newaddiscover.com/videoads/?ca=44&cb=1698285038
Requested by: Host: zi.media
URL: https://zi.media/js/track.js?cb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6518 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2d515dac6b819d157d33dfa899f89d410d1e2eb631582197cd79027d041f60ba

Request headers

Referer: https://zi.media/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 81bf0cd58b8b1ca6-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 26 Oct 2023 01:50:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7C8zozG9sll%2BGDqMOdb6Qz9jMavLkIH%2FaNEbRB52Pk4t%2BvTced0SjaRJ3GZOv4Jrt1q144oFtTCz24COLPPDmd%2BZtOg2g3CqYvr0WJlo0iAe5T7GHoKdTqmTQ49QWvK5Lc%2F4VzP5e3tYkS870hVLAA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 5074 144 KB
50 KB 92ms
92ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: newaddiscover.com
URL: https://newaddiscover.com/videoads/?ca=44&cb=1698285038

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

580e89941a8c889f5bebe8d719cffc94c72edc321b29d74be6ef9b4f22fb4148

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://newaddiscover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:50:44 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51069
x-xss-protection: 0
server: cafe
etag: 9504236407009510275
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 26 Oct 2023 01:50:44 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame 5074 52 KB
21 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: newaddiscover.com
URL: https://newaddiscover.com/videoads/?ca=44&cb=1698285038

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://newaddiscover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 25 Oct 2023 23:51:33 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 7151
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 26 Oct 2023 01:51:33 GMT

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame 5074 256 B
322 B 67ms
66ms Script
application/javascript 87.248.100.136
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?locale=en_us&agentVersion=205&adTrackingEnabled=true&adUnitCode=746d7811-eefd-4ae0-a019-8639aa558f6b&apiKey=CBYHP5W8HHSV5N8KGPPW&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Fblog.zerozeroage.com%2F&cb=JSONPCallback0

Requested by

Host: newaddiscover.com
URL: https://newaddiscover.com/videoads/?ca=44&cb=1698285038

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.136 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

o1.ycpi.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

6a52d772741d50dfa9868e46276db6423a33c4aa8a6ca724cb6b9cb5b4491400

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://newaddiscover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Thu, 26 Oct 2023 01:50:44 GMT
server: ATS
age: 0
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 15
x-xss-protection: 1; mode=block
x-request-id: 761d8cd7-720b-4ee5-aa4d-b09bd877951b

GET
H3 200 / Show response
newaddiscover.com/videoads/ Frame AB4E 7 KB
3 KB 295ms
294ms Document
text/html 2606:4700:e0::ac40:6518
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://newaddiscover.com/videoads/?ca=45&cb=1698285038
Requested by: Host: zi.media
URL: https://zi.media/js/track.js?cb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e0::ac40:6518 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00e1ba6e92ff3da09725ab066acf6196da72e5429e74a32b8c3c9e940dd57e1a

Request headers

Referer: https://zi.media/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 81bf0cdd08361ca6-AMS
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 26 Oct 2023 01:50:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tiief2qFCHHeaCzwFGwsYtRWg9rYbNAZIUZ%2FRmf360aVzQUvcP%2BnP2jdtOycdlpFFoaPg5rPmkrPQHvK1NZzRYd9M%2FbgAx%2FdBqE63344grp16fRSYM5lQu7zhN75fpkdHKBdSw0qfVze90xQCd0yNA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame AB4E 144 KB
50 KB 79ms
78ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: newaddiscover.com
URL: https://newaddiscover.com/videoads/?ca=45&cb=1698285038

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83a2c3547cad8860567d2bc0a8c62f78146aa82c5390d19ebff9dfcd728e4101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://newaddiscover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

date: Thu, 26 Oct 2023 01:50:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51073
x-xss-protection: 0
server: cafe
etag: 11844397103353157135
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 26 Oct 2023 01:50:45 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame AB4E 52 KB
21 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: newaddiscover.com
URL: https://newaddiscover.com/videoads/?ca=45&cb=1698285038

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://newaddiscover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 25 Oct 2023 23:51:33 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 7152
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Thu, 26 Oct 2023 01:51:33 GMT

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame AB4E 256 B
323 B 67ms
67ms Script
application/javascript 87.248.100.136
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?locale=en_us&agentVersion=205&adTrackingEnabled=true&adUnitCode=c2c36b24-9200-49b7-9b63-51b7bf1ccc15&apiKey=6R43BZ7HNR3BX3VDGB8G&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Fcontentparty.org%2F&cb=JSONPCallback0

Requested by

Host: newaddiscover.com
URL: https://newaddiscover.com/videoads/?ca=45&cb=1698285038

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.136 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

o1.ycpi.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0643dceaa31291462e63c6496f0cc79a9bfb1112937403e6d96d91ba17850f68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: nl-NL,nl;q=0.9
Referer: https://newaddiscover.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Thu, 26 Oct 2023 01:50:45 GMT
server: ATS
age: 0
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 15
x-xss-protection: 1; mode=block
x-request-id: a7d3aa01-3a3e-4a0c-9a4b-5c8ad3d2aafb

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: web.archive.orghttps
URL: https://web.archive.orghttps//fonts.googleapis.com/icon?family=Material+Icons

Domain: certify-js.alexametrics.com
URL: https://certify-js.alexametrics.com/atrk.js

Verdicts & Comments Add Verdict or Comment

217 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
man.vm5apis.com/dist	1970-01-21 01:20:45	Name: VM5AD_BROWSER_ID_COOKIE_TIMESTAMP Value: 1698285039130
man.vm5apis.com/dist	1970-01-21 01:20:45	Name: VM5AD_BROWSER_ID_COOKIE Value: 7b6a60dc-53a4-4ba0-b0f6-700e71ef6d7c
.zi.media/	1970-01-20 15:46:11	Name: cat_trid Value:
.zi.media/	1970-01-21 01:06:21	Name: __gads Value: ID=e0922c3e0795b1f0-22e74f3e0ce30068:T=1698285037:RT=1698285037:S=ALNI_MZWuCk8PKGWh24ls8xATJxDP5VEYw
.zi.media/	1970-01-21 01:06:21	Name: __gpi Value: UID=00000ca42fad60a0:T=1698285037:RT=1698285037:S=ALNI_MZrTnJHQ_u2_ezVvD6GdMk9PcKshg
.zi.media/	1970-01-20 15:46:11	Name: _gid Value: GA1.2.1114821017.1698285038
.zi.media/	1970-01-20 15:44:45	Name: _gat_UA-135689988-1 Value: 1
.zi.media/	1970-01-21 01:20:45	Name: _ga_3DCCEXXFQP Value: GS1.2.1698285038.1.0.1698285038.0.0.0
.zi.media/	1970-01-20 17:54:21	Name: _fbp Value: fb.1.1698285038560.822218221
.zi.media/	1970-01-20 15:44:45	Name: _gat_gtag_UA_230439076_1 Value: 1
zi.media/	1970-01-20 17:54:21	Name: vmfive_landing_session_info Value: %7B%22id%22%3A%222e3a92de-b9ce-410b-9f82-fd3b890bc9a21698285037928%22%2C%22requestId%22%3Anull%2C%22utm_source%22%3Anull%7D
zi.media/	1970-01-20 17:54:21	Name: adison_session_info Value: %7B%22id%22%3A%222e3a92de-b9ce-410b-9f82-fd3b890bc9a21698285037928%22%7D
.zi.media/	1970-01-21 01:20:45	Name: _ga_NCBMBRV2DM Value: GS1.1.1698285038.1.0.1698285038.0.0.0
.zi.media/	1970-01-21 01:20:45	Name: _ga Value: GA1.1.108474875.1698285038
.zi.media/	1970-01-21 01:20:45	Name: _smt_uid Value: 6539c5ee.29c3e7e6
.eyeota.net/	1970-01-20 15:44:45	Name: SERVERID Value: 17609~DM
zi.media/	1970-01-21 01:20:45	Name: VM5AD_BROWSER_ID_COOKIE Value: 7b6a60dc-53a4-4ba0-b0f6-700e71ef6d7c
zi.media/	1970-01-21 01:20:45	Name: VM5AD_BROWSER_ID_COOKIE_TIMESTAMP Value: 1698285039130
.doubleclick.net/	1970-01-21 01:06:21	Name: IDE Value: AHWqTUnOSDnei_CXwE6rgMzQY4crjZx7wL_uJWVHUmQc3a0k21Z1txrx6_5cJsrqd6M
.criteo.com/	1970-01-21 01:06:21	Name: uid Value: 16a7bb15-cd68-4d7b-ad7e-bee48ee39ad0
.zi.media/	1970-01-21 01:06:21	Name: cto_bundle Value: ep0pBV9Kcm93TURudzIyWGFVOVUxU0FDZzRCSURjRG5RM1ZXOFVsYnQ4UUZ4Ynp5bUxZSlAxZW1jdmRYTXlUcTdRbEY2VyUyQlRKalFrWXhzbUw0bmoxRzh1TzdkSE5DQVV0STVOeVpYZks3bEVNZWRFWXh0Vk1lRXFyZ0N5ZjlDellSTGNRTHRkeHpCQmZlaVMxTmI4Wm5Ncm9uQSUzRCUzRA
.openx.net/	1970-01-21 00:30:21	Name: i Value: 863ad903-7b21-426e-aea3-6d55c24ae685\|1698285039
.zi.media/	1970-01-21 00:30:21	Name: connectId Value: {"ttl":86400000,"lastUsed":1698285039424,"lastSynced":1698285039424}
.lndata.com/	1969-12-31 23:59:59	Name: admses Value: 0950393814354
.lndata.com/	1970-01-21 00:30:49	Name: mapping_hist Value: szeJ.T00vOKDHUM.S.tDCyMDUwtgQAJw0EDg**
.lndata.com/	1970-01-21 00:30:49	Name: viewlist Value: szeJwNyMERADAIArCNOBT1YP_F2mcCmHNB.XZkEHVxe6mfnystW9EDtC0IYQ**
.c.appier.net/	1970-01-21 00:30:21	Name: _auid Value: x4BISwZmD8asu6vU78U5ZQ
.lndata.com/	1970-01-21 00:30:49	Name: admckid Value: 2310260950391424313
.hinet.net/	1970-01-21 01:20:45	Name: uuid Value: afbac928-ac00-44d5-b054-24159f066a33

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://web.archive.orghttps//fonts.googleapis.com/icon?family=Material+Icons Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://certify-js.alexametrics.com/atrk.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript	warning	URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7062c60d79892459149a1d843a69876c.safeframe.googlesyndication.com
a.breaktime.com.tw
ads.yap.yahoo.com
alliance.breaktime.com.tw
analytics.archive.org
archive.org
bcp.crwdcntrl.net
breaktime.tw
cdn-ima.33across.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.lndata.com
cdn.prod.uidapi.com
cell.adbottw.net
certify-js.alexametrics.com
cm.daexauto.com
cm.lndata.com
connect.facebook.net
connectid.analytics.yahoo.com
gocm.c.appier.net
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
id5-sync.com
invstatic101.creativecdn.com
iptoweather.vm5apis.com
man.vm5apis.com
match-hubble-man.vm5apis.com
match.adsrvr.org
mug.criteo.com
newaddiscover.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
partner.googleadservices.com
power.adhacker.online
powerads.breaktime.com.tw
ps.eyeota.net
pt0.vm5apis.com
region1.google-analytics.com
s.lndata.com
securepubads.g.doubleclick.net
static.criteo.net
t.daexauto.com
t.ssp.hinet.net
tags.crwdcntrl.net
tpc.googlesyndication.com
ups.analytics.yahoo.com
v.lndata.com
vawpro.vm5apis.com
web.archive.orghttps
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
zi.media
certify-js.alexametrics.com
web.archive.orghttps
104.18.35.167
104.199.210.210
104.199.245.202
104.208.76.145
116.50.36.71
139.162.117.143
15.197.193.217
162.19.138.120
18.179.226.88
2001:4860:4802:32::36
203.75.214.136
207.241.224.2
207.241.225.195
2600:9000:206f:9c00:15:a9a7:4a80:93a1
2600:9000:223c:7600:10:dd8:5e40:93a1
2600:9000:225b:ba00:a:e047:753:6381
2606:4700:10::6816:3556
2606:4700:20::681a:403
2606:4700:3036::6815:eb9
2606:4700::6810:5614
2606:4700:e0::ac40:6518
2620:1ec:46::67
2a00:1450:4001:802::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:810::2002
2a00:1450:4001:813::2008
2a00:1450:4001:813::200e
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2002
2a02:2638:3::3
2a02:2638:3::c
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a06:98c1:3120::3
2a06:98c1:3121::3
3.114.84.80
3.122.214.165
3.71.149.231
34.102.146.192
34.102.239.73
34.120.135.53
34.96.70.87
35.194.212.25
35.229.142.89
35.244.138.40
35.244.159.8
54.65.203.202
65.9.66.68
87.248.100.136
99.81.194.117
00e1ba6e92ff3da09725ab066acf6196da72e5429e74a32b8c3c9e940dd57e1a
0557b34d2a820ff2d9c455e5c66ccf62ec22045f327f843dc4d548ebbb073964
0643dceaa31291462e63c6496f0cc79a9bfb1112937403e6d96d91ba17850f68
07860ac8f7d4a807d627c95ab0289287ade2b8cde63a1b0f127dd16824f6379c
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
0e8abec9fffa01fda751f277a66e1b20b546ce96b2bf13d88e7d36f463a96e0b
0ec8bc3ef1eb0c6ff43a2f94234c9487df3bf5e5f6b511693ca32cbb89bb665d
0fab57543f51269755c854c09e1a361e6a3c04ae97b28b483ae00f13de630e9d
1072f78177a2bfa518cd686241c44dfdb5a46d026c214910ec96243acd5fb003
1244d6703800ddb33d6382482265ea91cc68fae650bfcc89c06f4de355de7aca
17ad43ac3fddf727dd73f56e7152466bedb345f5c26d636f5432fd15b852e9a9
1b365cf68a59081dacb89c77857b5fd991d1691c9fe16c952534b26053214355
1dea1955b028be104dff5ea8495c57a8fd30862fd7d00bdcf36032e454d27629
1fe73b5cbe63fba9da27a2870372c6733ddd2e78e5fe556bb4b37dca6891311f
218320160a6ad3f75f66cf16bfc2736582f4c38b72b6fe3ac6f62334d4c29bef
23c97a2bb4f13d0e0ba5ec46d4b99efd1d501cd9cd38677e027ac3894c3d31ba
23e3c4927e5a13daf2ba90bde62ac2e2b6c8860fdbfbf707738fdda9497eeb1d
252f210bce654da0ffa2a037bf3e69716a827e1537b79cf4803dc75fc0f30560
2b7b2a16b4dae9bb3f29b758b96879f0805e7515a641a985bd86dce816546503
2d515dac6b819d157d33dfa899f89d410d1e2eb631582197cd79027d041f60ba
33a1ac6754700d34ab739d69e5009b5347e6f1c63111ec69a2a7b51f1e473ca1
36e2f189b8c181a0f4903edb464652dbe1eaa0112744cd460c827ec976424aba
38a4c9c784a1d9353ecc55139cda30814e0727d08a3a92a36f480d814c1225c2
38e9c75c472d206bbd08761630773831ea7b4dcf16a2bef0d766d9d10103d71a
3d1cc19c30936ba91c00ecde3eea5bd2fa034cff3e3b68b5ae9106f0e1291f13
3d618abb01bc1c948f5b00de5e3ddfa505c1ba4e6d260921d3d954731b1fcbb2
42b5df502359cdb452fbfe7e78921cb0ec9630a08ec2a1de22114870a7e9204a
43e99f57c641c58cc78427d0f509cf3d882c041beee958dbfd2f1a00812c8574
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
473a4194e9afde1d6fd0fe00cb1dd4194496d1e62d822da736a0823771fd163f
47c16416da729fa31f12f29e7e1fe15979ffd5e62835a069976cd39558b4a189
49db66ae1889e3ae58a38124422c4d6648b19cf9f233b12412db9b565b5d85b0
4c319c6311aa8295e4dcdf465d3797a055e072fc83d26e011f4dfec69cfb76a4
4d84cc0c5ddeec8192c92f9abf5cce58c54a5deeea8fb635da4aacedd00ec510
4eae532b861af755bcd1d1b64b027048a56aaaa2622cf2ba876d80b8fcd8cd6d
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
580e89941a8c889f5bebe8d719cffc94c72edc321b29d74be6ef9b4f22fb4148
5a0e0bff8aff490cd3817c0f945e120780bd2148eb66f8179899bb4c999fc762
5f8c6759ee5eef216c5f2125a2cffc3524c4f9609e4d4170abaa31f8b960d095
61118867a3cec289e2ae2f8849b6e8d9ce655add14ae3df076e8a782b8b92531
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6a52d772741d50dfa9868e46276db6423a33c4aa8a6ca724cb6b9cb5b4491400
6b570fdfda901fd253d4ec31cc5d5b03264fa1fe754098065e79de29acde7afa
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
73fcf5092d5dbb7f06cf2ca7e0ff38522bb27cde183d53c522143f6aa4d35c4e
75f98edec0ef29b310fbefe51576305d171a3a93594169645d2490e8e317a167
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83a2c3547cad8860567d2bc0a8c62f78146aa82c5390d19ebff9dfcd728e4101
850c995b50deb27451cd4b7b1cf3aa76c1001510b55e9b0ede72da3522ec0518
880be84ee4c47dd2900cf3c8fbbbb05bb25ed1d2b978d065af122c5ec0d71b9e
8992fc003274783c94d8e0b72a5b244bfb86ef46263e2ac9cfed7549d6e12aa1
8a9dd10029a20918de46e1b60145a720b5d7c4de88d03caa480fa833029633b0
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8fd6f53666e92a00d5fdf78b4e278307ab0ae21b1417bb872332d028d15c0053
917a0535f677ea3aa8b6e76107bfd5f8d363bc127f2d6a9fcc6478e675b48454
946178d46f833ea76fe4aa24f899e1250a6ccbd4769d17abd792cf90109c07ed
94e9ee9b451685dc7a3c4d97c97229e0642fbfbb6aab4aaec90864c4068ffdfb
972b6a47fcc88cf49928367d31d246e8a5e2ffc501b03abe17fde102bac2733e
9dee97292cc74b3c842dc63337e243c5e89996aabce32593be1e36d494573f0f
9e1123ff4ab7e97e70425039b8addceceb3c5e24fed71b2dafc96f4c33466490
a11335ef0708b1ae62a97d701a9892f9a4c0ef3c8ab8b8b7eb2c6b110bd0be83
a1f3d3be0af279c2da371163d037a3d46569453a855cf91aceca0f3695c57017
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a5745a4cb4cd4b442fff8ea9202b88e9a49298eeb281559af5d86aeec4b5f9c1
aa1224c1013b533a1efd6c18d317455f39a118bb2dd64ba4a3abe08cb5ee4d74
aa45df5db9cb69cd5c34902b7a6af80b43d17569a6f664dd54e00d84ba2e7777
ab6a1bcc0d0ad21e749eb86f14aad4cdbef2def38a89f935bf2e3d7b8102de79
abd21a85834c313ffc1810c26d74cd70336400dec477a441eb88faa9d5900d89
ad1270333ea16969313802add43789e0558cd75e2bf91e768bcf3937f091a001
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
ba6923cfc3ccf637c457aae8fcc156e9d1c5a5ec744717c10ea430f8798f81de
bfe277d874705171583384d1ca996020d6db2a090463edcb10c15c6cf84f24a8
c3a9dccde007203effef205b831e4d12dbccde7ec61a0d1ae336251ab101d80a
c7f6468c8ac1542980b2d5f637fa933d7d00d2c6ff6690e34505d2aed0c0e23a
cb4f29577d6c338e7112291edaf1cd010feeb10dcddd20291a46c1d45ff39545
ccff4487a6e5d8ea93b975fd00d9718d2acd164bc69944ce023b565cf1f80928
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d19deb44ba82ec30793c95f77261760b21030a43daf2424333d57b97e8ef32be
d2db0616ed3a4d08b72fb5ccc7a254d52adf08a785f99804a8d4a391800bd3a9
d62bec0ab5bd64a839531c99dc00e11790d51dda21ab62d2a1fa3b81b8175b26
d6fac87a6c47841000f3671db689a4ff243d8e674199d6bc236c7a32e143648e
d8058c062c006f6d3c760a1a1796f8e7316979cf5ada758deacbcc338bf11f0c
d806fbf706d44e3f70c84eb278b8eccfbb6f746a9da03fc8e8e8807c2d788f42
d9f9a9157eeab2175c368ba3e64dc443035b3d87c4c778324b59a02443f12349
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e290febb83652102d748aaa3d360cb6f4ef173ba8bc93dd5031107ea2b134320
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4c6c3776e859eceac9b186ea05db2f0a3ff0026a4ebcd597d0f76114f8b4699
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
f567ba3aaddaa3a128a3e3828ffa903abd4fa63001faaa9791b931d19d0a6006
f8a5161c07ab898309064bb523789045a3e9e3e60eeede0c5e5f9be0e9f1b648
f8f83b2d89f2887f3e03585cfce8c273099314fbf5b8d50a7672b3027758fffd

zi.media Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

124 Requests

94 %HTTPS

49 %IPv6

36 Domains

57 Subdomains

52 IPs

8 Countries

1929 kBTransfer

5841 kBSize

29 Cookies

34 Outgoing links

Redirected requests

124 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

zi.media Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

124
Requests

94 %
HTTPS

49 %
IPv6

36
Domains

57
Subdomains

52
IPs

8
Countries

1929 kB
Transfer

5841 kB
Size

29
Cookies

124 HTTP transactions
0 data transactions