www.zargan.com Open in urlscan Pro
2606:4700:3034::6815:2f22 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://zargan.com/
Effective URL:
https://www.zargan.com/
Submission Tags: tranco_l324
Submission: On November 25 via api (November 25th 2021, 8:10:51 am UTC) from DE — Scanned from DE

Summary HTTP 92 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 29 IPs in 6 countries across 19 domains to perform 92 HTTP transactions. The main IP is 2606:4700:3034::6815:2f22, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.zargan.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 28th 2021. Valid for: a year.

This is the only time www.zargan.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 10	2606:4700:303... 2606:4700:3034::6815:2f22	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 12	2606:4700:303... 2606:4700:3035::ac43:902e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0a::9a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2006	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
3	185.29.134.249 185.29.134.249	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
4	144.76.104.53 144.76.104.53	24940 (HETZNER-AS) (HETZNER-AS)
1	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
3	78.46.90.238 78.46.90.238	24940 (HETZNER-AS) (HETZNER-AS)
2 2	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
3	192.229.220.129 192.229.220.129	15133 (EDGECAST) (EDGECAST)
1 1	94.23.99.218 94.23.99.218	16276 (OVH) (OVH)
1	54.76.176.197 54.76.176.197	16509 (AMAZON-02) (AMAZON-02)
1	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
1 4	95.131.136.1 95.131.136.1	47841 (OXALIDE) (OXALIDE)
2	85.14.248.91 85.14.248.91	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 2	172.217.18.102 172.217.18.102	15169 (GOOGLE) (GOOGLE)
92	29

10 2606:4700:3034::6815:2f22 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

zargan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.zargan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:3035::ac43:902e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.zargan.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.134.249 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 144.76.104.53 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.53.104.76.144.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 78.46.90.238 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.238.90.46.78.clients.your-server.de

hal900019.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.193.130 (France) 2 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.198.250.30 (Schwaig, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.229.220.129 (United States)

ASN15133 (EDGECAST, US)

img.metaffiliation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.23.99.218 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu

medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com

ad-server.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 95.131.136.1 (France) 1 redirects

ASN47841 (OXALIDE, FR)
PTR: front.netaffiliation.net

action.metaffiliation.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 85.14.248.91 (Kamp-Lintfort, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.102 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f102.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	zargan.com 3 redirects zargan.com www.zargan.com	187 KB
14	googlesyndication.com 56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	59 KB
12	doubleclick.net 1 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net 5994599.fls.doubleclick.net	168 KB
7	metaffiliation.com 1 redirects img.metaffiliation.com action.metaffiliation.com	47 KB
7	redintelligence.net hal9000.redintelligence.net hal900019.redintelligence.net	56 KB
7	gstatic.com fonts.gstatic.com	101 KB
5	ampproject.org cdn.ampproject.org	103 KB
5	google.com 1 redirects adservice.google.com www.google.com	2 KB
4	mathtag.com tags.mathtag.com pixel.mathtag.com	3 KB
4	googleapis.com fonts.googleapis.com	3 KB
3	medialead.de 3 redirects pv.medialead.de medialead.de	2 KB
2	exactag.com m.exactag.com	2 KB
2	2mdn.net s0.2mdn.net	290 KB
2	google-analytics.com www.google-analytics.com	20 KB
1	awin1.com www.awin1.com	704 B
1	ad-server.eu ad-server.eu	312 B
1	media01.eu pb.media01.eu	629 B
1	googletagservices.com www.googletagservices.com	37 KB
1	google.de adservice.google.de	792 B
92	19

	Domain	Requested by
20	www.zargan.com	1 redirects www.zargan.com
7	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.zargan.com 56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com
7	fonts.gstatic.com	fonts.googleapis.com
7	securepubads.g.doubleclick.net	www.zargan.com securepubads.g.doubleclick.net
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	action.metaffiliation.com	1 redirects hal900019.redintelligence.net img.metaffiliation.com
4	hal9000.redintelligence.net	www.zargan.com hal900019.redintelligence.net
4	fonts.googleapis.com	www.zargan.com securepubads.g.doubleclick.net hal900019.redintelligence.net
3	img.metaffiliation.com	hal900019.redintelligence.net img.metaffiliation.com
3	hal900019.redintelligence.net	hal9000.redintelligence.net 56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com hal900019.redintelligence.net
3	tags.mathtag.com	56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com tags.mathtag.com
3	www.google.com	1 redirects tpc.googlesyndication.com 56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com
2	5994599.fls.doubleclick.net	1 redirects 56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com
2	m.exactag.com	56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com
2	pv.medialead.de	2 redirects
2	googleads.g.doubleclick.net	www.zargan.com
2	s0.2mdn.net	www.zargan.com
2	56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.com	securepubads.g.doubleclick.net 5994599.fls.doubleclick.net
2	www.google-analytics.com	www.zargan.com www.google-analytics.com
2	zargan.com	2 redirects
1	www.awin1.com	hal900019.redintelligence.net
1	ad-server.eu	56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com
1	medialead.de	1 redirects
1	pb.media01.eu	hal900019.redintelligence.net
1	pixel.mathtag.com	tags.mathtag.com
1	www.googletagservices.com	56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	adservice.google.de	securepubads.g.doubleclick.net
92	30

This site contains links to these domains. Also see Links.

Domain
itunes.apple.com
play.google.com
www.facebook.com
twitter.com
plus.google.com
www.adriva.com
misto.co

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-28` - `2022-06-27`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2022-04-22`	2 years	crt.sh
redintelligence.net R3	`2021-10-21` - `2022-01-19`	3 months	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2021-06-29` - `2022-07-07`	a year	crt.sh
*.media01.eu RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-05-27` - `2022-05-27`	a year	crt.sh
img.metaffiliation.com Gandi Standard SSL CA 2	`2020-12-09` - `2022-01-02`	a year	crt.sh
www.awin1.com DigiCert SHA2 Secure Server CA	`2021-06-11` - `2022-06-16`	a year	crt.sh
*.metaffiliation.com Gandi Standard SSL CA 2	`2021-03-08` - `2022-03-20`	a year	crt.sh
*.exactag.com Sectigo ECC Domain Validation Secure Server CA	`2021-08-16` - `2022-09-14`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://www.zargan.com/
Frame ID: 53856F44A5FDF440A3B310C4C6A00224
Requests: 38 HTTP requests in this frame

Frame: https://56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D13153125214D3B52E6F23E941D6DBFB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: F4E52B663EB848E9E528C43C6E78A0EF
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 17459DD794F399B10ADCCBA88D6B9F25
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs
Frame ID: 947D170053D2720480280EA77CCA40CD
Requests: 18 HTTP requests in this frame

Frame: https://56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 031C96DB6886622C3A2BF49DBE0A45F7
Requests: 21 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=78405400036510600951393011789019&actionid=879111&produktid=ratenkredit&dt_url=
Frame ID: 00A6263A696C17286DCCE0AB8DF91475
Requests: 1 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CJ7DtZiIs_QCFQ9B9ggdbpYJYQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7507910283849.135
Frame ID: 8BC9810D82CFAD90B614D639F5521B75
Requests: 2 HTTP requests in this frame

Frame: https://hal900019.redintelligence.net/request_content.php?s=78405400036510600951393011789019&a=17f34b73
Frame ID: 817BF52DD615A9B77B93F267F10F11EB
Requests: 6 HTTP requests in this frame

Frame: https://img.metaffiliation.com/kwanko-sdk-iframe.html
Frame ID: 6D9BEF1BF342C1D24F665C8928ACC635
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

İngilizce - Türkçe Sözlük | İngilizce - Türkçe Çeviri

Page URL History Show full URLs

http://zargan.com/ HTTP 301
https://zargan.com/ HTTP 301
http://www.zargan.com/ HTTP 301
https://www.zargan.com/ Page URL

Page Statistics

92
Requests

97 %
HTTPS

53 %
IPv6

19
Domains

30
Subdomains

29
IPs

6
Countries

1078 kB
Transfer

2336 kB
Size

20
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://itunes.apple.com/tr/app/zargan/id382821266?mt=8
Title: Available on App Store

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.zargan.zargan
Title: Get it on Google Play

Search URL Search Domain Scan URL

URL: https://www.facebook.com/zargansozluk

Search URL Search Domain Scan URL

URL: https://twitter.com/ZarganSozluk

Search URL Search Domain Scan URL

URL: https://plus.google.com/+zargan/posts

Search URL Search Domain Scan URL

URL: http://www.adriva.com/
Title: Yazılım: Adriva

Search URL Search Domain Scan URL

URL: http://misto.co/
Title: Tasarım: Misto

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://zargan.com/ HTTP 301
https://zargan.com/ HTTP 301
http://www.zargan.com/ HTTP 301
https://www.zargan.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 57

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 72

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=78405400036510600951393011789019&t=htlp HTTP 301
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=78405400036510600951393011789019&actionid=879111&produktid=ratenkredit&dt_url=

Request Chain 74

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=78405400036510600951393011789019 HTTP 302
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=78405400036510600951393011789019 HTTP 301
https://ad-server.eu/wm/pb/native.png

Request Chain 77

https://action.metaffiliation.com/trk.php?mann=P511E19571C9F151&argsite=78405400036510600951393011789019&gdprconsent=li HTTP 302
https://m.exactag.com/ai.aspx?extProvId=8&extPu=esprit-dcm&extLi=25444971&extPm=319075961&extCr=&rnd=%n&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_312}

Request Chain 78

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7507910283849.135 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=CJ7DtZiIs_QCFQ9B9ggdbpYJYQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7507910283849.135

92 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.zargan.com/
Redirect Chain

http://zargan.com/
https://zargan.com/
http://www.zargan.com/
https://www.zargan.com/

10 KB
4 KB

18ms
18ms

Document
text/html

2606:4700:3034::6815:2f22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zargan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:2f22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 72d78926ec426a6d5822fc211b04e3865571b443af6b0f413b6ed26a94c6620e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Thu, 25 Nov 2021 08:10:46 GMT
content-type: text/html; charset=utf-8
cache-control: private, max-age=14400
vary: Accept-Encoding
x-aspnetmvc-version: 5.2
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
cf-cache-status: HIT
age: 50420
last-modified: Wed, 24 Nov 2021 18:10:26 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EyryGsoiXtVpwBCOLe%2F%2B28uq9jdpawBXKEEacvMx0MuV1lILlWMfBBII5h%2BhVS%2BO2KTkoMMrjhtZwmTuZEWCnCQBA0s28pr94rEabEg4FAkWMiBBweTZmM3p3fphcqW%2Fpz4sMcE8OWTCGu11pg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6b396705ea764321-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Thu, 25 Nov 2021 08:10:46 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 25 Nov 2021 09:10:46 GMT
Location: https://www.zargan.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yMbkN0ZOPvVBZiIu2aANPbEWZ%2BzxzT3fOosEj4Kza9blwYAbBZ2PlLyys%2B%2BFilRYb4QQ0xjQxEnpYEINagc%2FcImHBEKsZPpQr4wVYb%2Ft0vQSzfx%2B3Ep0gYRC1EI4AfF9DF7CzOzrk9af8QzdZg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6b396705b90f2b16-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 jquery-ui-1.10.3.css
www.zargan.com/Content/ 55 KB
5 KB 32ms
30ms Stylesheet
text/css 2606:4700:3034::6815:2f22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zargan.com/Content/jquery-ui-1.10.3.css
Requested by: Host: www.zargan.com
URL: https://www.zargan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:2f22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c3292eff1c81c535d11651c53c1446c76072fe01ca9cec5a0e5833f9ad6d2c38

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zargan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 08:10:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 53157
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 28 Jul 2020 11:04:17 GMT
server: cloudflare
etag: W/"207e21d6ce64d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wEj5hpkzkrSYLdjOW1meljQdlMtcQeR32FbVJXT3NKAVOu4070bWgPR35w%2BrlGp7WiFTItKBXv7mtTl4uQbysH0ISsDISmPXbzN85dsTQ0bfcF%2Ft6%2FzHkrxjLer4L2CdieZYBVRH4lemzQ88KA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
cf-polished: status=cannot_optimize
cf-ray: 6b3967062b234321-FRA
cf-bgj: minify

GET
H2 200 less
www.zargan.com/Content/ 148 B
510 B 25ms
23ms Stylesheet
text/css 2606:4700:3034::6815:2f22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zargan.com/Content/less?v=oCZjo4l-GlOhArxk9T2NmkEIt9a0ikf2-TVn-qDxpDA1
Requested by: Host: www.zargan.com
URL: https://www.zargan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:2f22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 3c6ba7cb9d478cca5b9d2792cddbe436ba03ded10bad0fe31986c34b5e1d30ff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zargan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 08:10:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 54465
x-powered-by: ASP.NET
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 24 Nov 2021 17:03:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jL6Vgj0yVMS%2BrOvZbIR9VigqgV85%2FqH3pRqlRHcUZZplm7El7zN7QhLhDQPh96N6xZzHnSdJtND9kpmsmm%2Flwc47EcxgA%2BdJ%2F49trUJdFZQKu332zprrxDCqyZqlrWUKsyrpHIuVhH6H4pNqRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: public, max-age=14400
cf-polished: origSize=161
cf-ray: 6b3967062b254321-FRA
expires: Thu, 24 Nov 2022 17:03:01 GMT

GET
H2 200 jquery Show response
www.zargan.com/bundles/ 81 KB
30 KB 27ms
26ms Script
text/javascript 2606:4700:3034::6815:2f22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zargan.com/bundles/jquery?v=OCFAn1NcaUrZ5VLi0Kt8lefDjHOF7mvtdw-2FUpZjJ01
Requested by: Host: www.zargan.com
URL: https://www.zargan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:2f22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 4ae87c75dbcc83d62529d83fd8517893b6c298db6d5ca73707a07112428d7d7b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zargan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 08:10:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 54465
x-powered-by: ASP.NET
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 24 Nov 2021 17:03:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uCJJOyYIASjIQbPOIQnU2KdMdRJiNKv6AE5Jfa2%2BYLxurr5w8xy05vzzPG3%2FlfIrGBx7ho269EmPBS2mb2cPAj4ih9JXgHqK43yA82mKdUyoQBxFVXQnKxG2Ifc%2FyzVf0cZ4S2A4ebUVP3hNBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 6b3967062b264321-FRA
expires: Thu, 24 Nov 2022 17:03:01 GMT

GET
H2 200 modernizr Show response
www.zargan.com/bundles/ 11 KB
5 KB 26ms
25ms Script
text/javascript 2606:4700:3034::6815:2f22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zargan.com/bundles/modernizr?v=wBEWDufH_8Md-Pbioxomt90vm6tJN2Pyy9u9zHtWsPo1
Requested by: Host: www.zargan.com
URL: https://www.zargan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:2f22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 0ec4e0295f86b2142b8996e03d4195888843b50d1954d7e248341da032b7ebba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zargan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 08:10:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 54465
x-powered-by: ASP.NET
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 24 Nov 2021 17:03:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oae4LO2KgGTQxnFpE1%2FhD9cI1qPXg0cAO%2Fc6rfyo8mWWg5Pitxa6wqSZThq8o3wI%2FdxZxAxe1Jjnb6Wwk4BCGH9vQnYDAdZqMnHPdIcYgcjMMbyXbhWLzJhNZo3Cj2UyLno54D725ESKAyfIOw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 6b3967062b274321-FRA
expires: Thu, 24 Nov 2022 17:03:01 GMT

GET
H2 200 pageui Show response
www.zargan.com/bundles/ 10 KB
4 KB 31ms
30ms Script
text/javascript 2606:4700:3034::6815:2f22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zargan.com/bundles/pageui?v=9LBsTd1GiHAOjhlYiMcxVrlBg6IoYNbXdqZViBhRFro1
Requested by: Host: www.zargan.com
URL: https://www.zargan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:2f22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 4fb9044d9f78c5a5d4d49b38bd52a5391906ec445ca218aab49762daf3f283f0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zargan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 08:10:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 54465
x-powered-by: ASP.NET
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 24 Nov 2021 17:03:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hsS%2BdmXQ3jBafqJGhJUbRNs1%2FSJ1vPmpNEM538u%2Bkt6BanokMnXeVnsibImhnCa%2BHiWZ8wyQxVKA5bMBBhRiYc1FoFNldaU%2BleXkdyd0bOHvHdO16SRBQuXnSkgF4mGw1O3J5y3n%2Bt0ukKPSsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 6b3967062b284321-FRA
expires: Thu, 24 Nov 2022 17:03:01 GMT

GET
H2 200 zarganbase Show response
www.zargan.com/bundles/ 85 KB
27 KB 25ms
24ms Script
text/javascript 2606:4700:3034::6815:2f22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zargan.com/bundles/zarganbase?v=C6XvzpkO_DQeiAUv-CMRm-naALwNiBuMrWK13G2I3No1
Requested by: Host: www.zargan.com
URL: https://www.zargan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:2f22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 7cd5ddcc3887c6bfbf91079460c04f4e65ecfb7878caaf7a82109f7045db02ce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zargan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 08:10:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 54465
x-powered-by: ASP.NET
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 24 Nov 2021 17:03:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=URutV3K%2FkFIGqdwCem9mPBpCAKEJ70oJVsAh8fBiIfVEYst9gOjdviMU7a8I3w9oClGFdUt39gax%2Fx1VX4BADdzqs53zAeMW5FNO53kxkznYqWAyi42NSem1FXOZAx3H1l9suvuvYhgySkmJyw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 6b3967062b2a4321-FRA
expires: Thu, 24 Nov 2022 17:03:01 GMT

GET
H2 200 jqueryui Show response
www.zargan.com/bundles/ 222 KB
61 KB 32ms
31ms Script
text/javascript 2606:4700:3034::6815:2f22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zargan.com/bundles/jqueryui?v=G3zUI26k8shDvs3PSo5GPkxFSWclClRdLVUnA01ZKc01
Requested by: Host: www.zargan.com
URL: https://www.zargan.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:2f22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 10d1a23527be59be6b6aa52138b6952b80767910e27473712c7a1d8242fed31d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zargan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 08:10:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 54465
x-powered-by: ASP.NET
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 24 Nov 2021 17:03:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: User-Agent,Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Edh0HmESuetMlNn3ukm38PxK9%2FEC%2FnRu974twKsP9z6AbKngRXjvhOwYc7MgMDuTtGf4HEjWOUjwBLp7CB0j3bQ%2FoVlrvLyf9fh1Hl%2BBMY8kSGAezMUtQ0YvBtmZ3lMzkumSWNaYT%2FVh%2BQGoA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 6b3967062b2b4321-FRA
expires: Thu, 24 Nov 2022 17:03:01 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 77 KB
27 KB 42ms
19ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.zargan.com
URL: https://www.zargan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

9aa0b71ebc5dbd7bc6e2b78a35165da76987cc8e5b6f15b59c90d625be824083

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zargan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 08:10:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1054 / 5 of 1000 / last-modified: 1637708722"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26855
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 25 Nov 2021 08:10:46 GMT

GET
H3 200 search-logo.png
www.zargan.com/Images/ 6 KB
6 KB 29ms
29ms Image
image/png 2606:4700:3035::ac43:902e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zargan.com/Images/search-logo.png
Requested by: Host: www.zargan.com
URL: https://www.zargan.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:902e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b9c04e9bb079213fdbf3c88514359fec40efcc267f830ced5eef327eea09096a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zargan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 08:10:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 54464
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5959
last-modified: Tue, 28 Jul 2020 11:04:18 GMT
server: cloudflare
etag: "2389eed6ce64d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dt43rRE73Rcgsw1l5ViByvCMfkovW%2B5b5DNeYXtbRpP0g5gHzm8WKzQtuLsDJro6DeiRq6T%2F8GSCH6kZdf5qzLx66FZVTfJ9EXVNn9Y2U7Tu1ol0tjn4e0%2B7Lzlmx8mbgweSch%2FG2KfDZif4mg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b396706affc6943-FRA

GET
H3 200 logo.png
www.zargan.com/Images/ 7 KB
7 KB 14ms
14ms Image
image/png 2606:4700:3035::ac43:902e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zargan.com/Images/logo.png
Requested by: Host: www.zargan.com
URL: https://www.zargan.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:902e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 91988240567f1c52608ae9e9d256e4692af02f7657afb2377da796f835a636f3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zargan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 08:10:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 54464
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6885
last-modified: Tue, 28 Jul 2020 11:04:18 GMT
server: cloudflare
etag: "4cd9ddd6ce64d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nUjodXxNSe8GxwKmOOhlQnvSPRxY1wvFDrydGThxAqr%2FJtMcbcUS1EuRLWJaYET%2B%2BIyZjYS5%2Bg0RaeXsJegTlAC9gfbtFD6wFGVWTPi23KAbx%2B2vP2LQk6IShQqRMnHH3CTPbTBtVqsgcnFgng%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b396706e8666943-FRA

GET
H3 200 email-decode.min.js Show response
www.zargan.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 9ms
9ms Script
application/javascript 2606:4700:3035::ac43:902e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zargan.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.zargan.com
URL: https://www.zargan.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3035::ac43:902e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zargan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 08:10:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Nov 2021 17:32:49 GMT
server: cloudflare
etag: W/"619bd441-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=psCiJ4qBIimhDmhvpq1%2BpiJSZzhgjg%2Fg1yLWiB9JeV2rOub9j4gwpTYTLdN6ZyNp3mnh3kKJ2bd6ctjAOMCqxsX538fNketfb6yeGOxJTDUqp2tZbR70f7I%2FPrcJ%2FZN4NcETzLjYjzODqcaiBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6b3967067f836943-FRA
vary: Accept-Encoding
expires: Sat, 27 Nov 2021 08:10:46 GMT

GET
H3 200 base.less
www.zargan.com/Content/ 4 KB
2 KB 16ms
15ms Stylesheet
text/css 2606:4700:3035::ac43:902e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zargan.com/Content/base.less?v1.1
Requested by: Host: www.zargan.com
URL: https://www.zargan.com/Content/less?v=oCZjo4l-GlOhArxk9T2NmkEIt9a0ikf2-TVn-qDxpDA1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:902e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ac62dd02fedcf0574fb041b902844f9330648335b3e57d12d61b3ca5580cd78a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zargan.com/Content/less?v=oCZjo4l-GlOhArxk9T2NmkEIt9a0ikf2-TVn-qDxpDA1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 08:10:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 54465
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 24 Nov 2021 17:03:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ljKAdwxzDSmEOR16Ghu73lZ7ulPmGNOzi7SotVSG8XsZn%2BN2ZyrBV%2BA8mVH0l5peW4Wnn3b6Mii1TDerSCww3pruMar1K41R0uDXNCjWUHStdvFt9zWFTq3Q%2BESDTo%2BJte4KE010PYzoitA0jQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: private, max-age=14400
cf-polished: origSize=4802
cf-ray: 6b3967064f336943-FRA
cf-bgj: minify

GET
H3 200 grid.less
www.zargan.com/Content/ 4 KB
1 KB 24ms
23ms Stylesheet
text/css 2606:4700:3035::ac43:902e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zargan.com/Content/grid.less?v1.1
Requested by: Host: www.zargan.com
URL: https://www.zargan.com/Content/less?v=oCZjo4l-GlOhArxk9T2NmkEIt9a0ikf2-TVn-qDxpDA1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:902e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6bf1c54888e791dea8bec193c0a891e6d2309a7f1b5b54c368bb696cd1f595cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zargan.com/Content/less?v=oCZjo4l-GlOhArxk9T2NmkEIt9a0ikf2-TVn-qDxpDA1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 08:10:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 54465
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 24 Nov 2021 17:03:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pqX%2Bl%2BHa7orT2JUdjIa0Yfwt%2BL51TsUjKIudNC0Zsr3eCPaYn%2F%2B9HXCpNRIx34xJfgOV749asWKV5P2q9idhypcL4IT89ExMDPwBNp1ta584lZisSlmcozeT1AQbwrPlW0Bd%2F0sPDdh9luCz8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: private, max-age=14400
cf-polished: origSize=4807
cf-ray: 6b3967064f356943-FRA
cf-bgj: minify

GET
H3 200 font-awesome.min.css
www.zargan.com/Content/ 23 KB
6 KB 18ms
17ms Stylesheet
text/css 2606:4700:3035::ac43:902e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zargan.com/Content/font-awesome.min.css?v1.0
Requested by: Host: www.zargan.com
URL: https://www.zargan.com/Content/less?v=oCZjo4l-GlOhArxk9T2NmkEIt9a0ikf2-TVn-qDxpDA1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:902e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zargan.com/Content/less?v=oCZjo4l-GlOhArxk9T2NmkEIt9a0ikf2-TVn-qDxpDA1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 08:10:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 53157
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 28 Jul 2020 11:04:17 GMT
server: cloudflare
etag: W/"761b1fd6ce64d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A0Dit2E8CSqZdK0e051B4w8%2F5R%2FHZAbDNa5%2B7SdFVU%2Fc0KvMNHofTzHd9h7s5ModUcliD2spdhDokL3%2Ff73chX5QS1yDkYL5n06cDOA1hLwZgNGkAMPIyvPaqKj7mz222Spsg5GDykyYGyqe7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
cf-ray: 6b3967064f386943-FRA

GET
H3 200 layout.less
www.zargan.com/Content/ 37 KB
7 KB 17ms
16ms Stylesheet
text/css 2606:4700:3035::ac43:902e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zargan.com/Content/layout.less?v1.5
Requested by: Host: www.zargan.com
URL: https://www.zargan.com/Content/less?v=oCZjo4l-GlOhArxk9T2NmkEIt9a0ikf2-TVn-qDxpDA1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:902e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 1b42c813e395f848e5b9a0365007449e3110781992f7699fbdfb072f2e20c393

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zargan.com/Content/less?v=oCZjo4l-GlOhArxk9T2NmkEIt9a0ikf2-TVn-qDxpDA1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 08:10:46 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
age: 54464
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 24 Nov 2021 17:03:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hD4UcFDGytUPK8%2Fp7wF3ioY9EF8DQmI4t%2F520oVIdYUUV1MB4wCKbTKfGCYTFL1lU%2FlVjT6ieLvTQ47fREvlYGMgQtwgeoNKyHkYeoni5BW4zwppUwwcSrBKiARCM7CkIR98WwCwqxx6lpqXpw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: private, max-age=14400
cf-polished: origSize=47725
cf-ray: 6b3967064f3a6943-FRA
cf-bgj: minify

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 39ms
16ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,300,500,700,900&subset=latin,latin-ext

Requested by

Host: www.zargan.com
URL: https://www.zargan.com/Content/base.less?v1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

db5f411f7205ec2bbbc73f359461682f01f5dab26cebfa18c2c3cdebefa4d38c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zargan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 25 Nov 2021 07:38:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 25 Nov 2021 08:10:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Nov 2021 08:10:46 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 28ms
7ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,500,700,900&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.zargan.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:39:48 GMT
x-content-type-options: nosniff
age: 498658
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 19 Nov 2022 13:39:48 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.zargan.com
URL: https://www.zargan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zargan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4179
date: Thu, 25 Nov 2021 07:01:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 25 Nov 2021 09:01:07 GMT

GET
H3 200 sprite2.png
www.zargan.com/images/ 13 KB
13 KB 14ms
14ms Image
image/png 2606:4700:3035::ac43:902e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zargan.com/images/sprite2.png
Requested by: Host: www.zargan.com
URL: https://www.zargan.com/Content/layout.less?v1.5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:902e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c83af888ece30e28edec6faee6cb9dcaf54009d58e2ada900d5dbb532b65f096

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zargan.com/Content/layout.less?v1.5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 08:10:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 53179
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 13002
last-modified: Tue, 28 Jul 2020 11:04:18 GMT
server: cloudflare
etag: "d611f8d6ce64d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=amhAlHlK7ANDCZj4gxp8RFBgaRrr%2BIqNE6J1R6LjW83%2BLE01MeZvrpq6piT8lcvwvYtAHNKIITWUmTAJfTtr0y4rfQWtQYduB7CyzDYj1zApmx3RLXkePfozCrzzwkae7k9uwTpsbqK2O6J2zQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b396706e86a6943-FRA

GET
H3 200 icon-search.png
www.zargan.com/images/ 549 B
1 KB 19ms
18ms Image
image/png 2606:4700:3035::ac43:902e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zargan.com/images/icon-search.png
Requested by: Host: www.zargan.com
URL: https://www.zargan.com/Content/layout.less?v1.5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:902e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 93f0a0039e82a3a08481a1cd29195e361ba2e70d8bef388a909c11eab1754098

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zargan.com/Content/layout.less?v1.5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 08:10:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 54464
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 549
last-modified: Tue, 28 Jul 2020 11:04:18 GMT
server: cloudflare
etag: "fe2acdd6ce64d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vSvkij70gDV4o2%2F%2F%2F41X9LDluLud4a5LABQwj02RhqRnluKE5mv1CRKFqVYwyK%2F6mEu6TnsLI41DcVMpH0Ody%2FJJN6S9frjHM6qQ6xXRM3rJnOjyUL63ERksslP17LNsZqWjL5FLR7aTMvr89w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b396706e8716943-FRA

GET
H3 200 keyboardShortcut.png
www.zargan.com/images/ 1 KB
2 KB 16ms
15ms Image
image/png 2606:4700:3035::ac43:902e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zargan.com/images/keyboardShortcut.png
Requested by: Host: www.zargan.com
URL: https://www.zargan.com/Content/layout.less?v1.5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:902e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d13d7014237494e1c4f46c9c5793a20a5696a3f0d1d6ccd631b3e6d419631e5d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zargan.com/Content/layout.less?v1.5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 08:10:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 52788
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1145
last-modified: Tue, 28 Jul 2020 11:04:18 GMT
server: cloudflare
etag: "4c13d9d6ce64d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nC2BQPAV1DHstkUPK0gGYp5bvDnCwXaDxMG5Q49lRLyxrYPOFwXtdH82o7cekBynSu7RlEmDGhfbVz%2BsNftVW3qRtxcYIcopwe2IOn72cT45Ts3rUA69JNoDxGZuJBd3nYqFjUkp08lxkPVFmg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b396706e8736943-FRA

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 16 KB
16 KB 22ms
6ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,500,700,900&subset=latin,latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.zargan.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 14:02:00 GMT
x-content-type-options: nosniff
age: 151726
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 23 Nov 2022 14:02:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 24ms
8ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,500,700,900&subset=latin,latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.zargan.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 17:56:19 GMT
x-content-type-options: nosniff
age: 51267
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 24 Nov 2022 17:56:19 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 11 KB
12 KB 19ms
10ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,500,700,900&subset=latin,latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b48f2e025fc91e265f2c27ad6ee03f73527eb219036c9c68ab8de7d0fce23738

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.zargan.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 18:03:33 GMT
x-content-type-options: nosniff
age: 50833
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11768
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:23 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 24 Nov 2022 18:03:33 GMT

GET
H3 200 infobox-trigger.png
www.zargan.com/images/ 2 KB
2 KB 16ms
16ms Image
image/png 2606:4700:3035::ac43:902e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zargan.com/images/infobox-trigger.png
Requested by: Host: www.zargan.com
URL: https://www.zargan.com/Content/layout.less?v1.5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:902e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 04c84d467cf8ac1b1a82cb8644f8da047a9018405acf3881534c97d7d801dc6d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zargan.com/Content/layout.less?v1.5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 08:10:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 53179
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1630
last-modified: Tue, 28 Jul 2020 11:04:18 GMT
server: cloudflare
etag: "11ecd1d6ce64d61:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UrAB1nXgkqoFrF7sJ9sxpT%2FbtKWtDzZIbEp6hZQoPHWFLAZAyH3DmcN3M0DH8XZO%2BFdikvlCZSobnNNNDIBOFaeShRYQ52HklMXUvqXne3faS4b3O449vgen%2F4Q48vi51Ma3PQVF98gMfSc66A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6b396706f8a56943-FRA

GET
H3 200 KFOmCnqEu92Fr1Mu7GxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ 12 KB
12 KB 16ms
12ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu7GxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,300,500,700,900&subset=latin,latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.zargan.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 08:01:19 GMT
x-content-type-options: nosniff
age: 173367
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11860
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 23 Nov 2022 08:01:19 GMT

GET
H3 200 pubads_impl_2021111601.js Show response
securepubads.g.doubleclick.net/gpt/ 344 KB
116 KB 30ms
16ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zargan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 08:10:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 118471
x-xss-protection: 0
last-modified: Tue, 16 Nov 2021 09:34:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 25 Nov 2021 08:10:46 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 107 B
118 B 32ms
15ms XHR
application/json 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.zargan.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

21be9916946d5ceea476fe65e18fcdc7ca99f0338993d17a33d8b761316dfedc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zargan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Nov 2021 08:10:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93
x-xss-protection: 0
expires: Thu, 25 Nov 2021 08:10:46 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 28ms
13ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2141322965&t=pageview&_s=1&dl=https%3A%2F%2Fwww.zargan.com%2F&ul=en-us&de=UTF-8&dt=%C4%B0ngilizce%20-%20T%C3%BCrk%C3%A7e%20S%C3%B6zl%C3%BCk%20%7C%20%C4%B0ngilizce%20-%20T%C3%BCrk%C3%A7e%20%C3%87eviri&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1882052566&gjid=1542544296&cid=2040649749.1637827846&tid=UA-235140-1&_gid=1825924363.1637827846&_r=1&_slc=1&z=1607933147

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zargan.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 08:10:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.zargan.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 166ms
16ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.zargan.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zargan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Nov 2021 08:10:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 164ms
15ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.zargan.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zargan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Nov 2021 08:10:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 831ms
831ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=10736901066724&correlator=1681106156743130&output=ldjh&impl=fif&eid=31063813%2C31060545%2C31062323%2C31062931&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211125&iu_parts=78792240%3A1020451%2CMobil_Zargan_Anasayfa_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1637777426&dt=1637827846343&dlt=1637827846080&idt=239&frm=20&biw=1600&bih=1200&oid=2&adxs=-12245933&adys=-12245933&adks=1465101197&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.zargan.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x0&msz=0x0&ga_vid=2040649749.1637827846&ga_sid=1637827846&ga_hid=2141322965&ga_fc=true&fws=128&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

9cf9f2f30286cc23d6cd7df71e51e2ed60655d35f13afe9654801c4ad31c46c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zargan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 08:10:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9964
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.zargan.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 59 KB
14 KB 341ms
341ms XHR
text/plain 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=10736901066724&correlator=1681106156743130&output=ldjh&impl=fif&eid=31063813%2C31060545%2C31062323%2C31062931&vrg=2021111601&ptt=17&sc=1&sfv=1-0-38&ecs=20211125&iu_parts=78792240%3A1020451%2CZargan_Anasayfa_Masthead&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C728x90&cookie_enabled=1&bc=31&abxe=1&lmt=1637777426&dt=1637827846347&dlt=1637827846080&idt=239&frm=20&biw=1600&bih=1200&oid=2&adxs=176&adys=675&adks=4095986870&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.zargan.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1248x0&msz=1248x0&ga_vid=2040649749.1637827846&ga_sid=1637827846&ga_hid=2141322965&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

9fda66a08de97011813205fa7931599e27d8750b0b42d2c8f51d9efc5ac1ea33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zargan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 08:10:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14210
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.zargan.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D131 6 KB
4 KB 65ms
14ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zargan.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Thu, 25 Nov 2021 08:10:46 GMT
expires: Fri, 25 Nov 2022 08:10:46 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
439 B 149ms
16ms XHR
text/plain 2a00:1450:400c:c0a::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-235140-1&cid=2040649749.1637827846&jid=1882052566&gjid=1542544296&_gid=1825924363.1637827846&_u=IEBAAEAAAAAAAC~&z=1701377693

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zargan.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 25 Nov 2021 08:10:46 GMT
content-type: text/plain
access-control-allow-origin: https://www.zargan.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
10 KB 49ms
22ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021111601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de71191eb004fe508d205532538f358f69cb17960aee5419a371c8d0f6c0189d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zargan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Nov 2021 08:10:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9280
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 46ms
24ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zargan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 08:10:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 25 Nov 2021 08:10:46 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame F4E5 12 KB
5 KB 25ms
6ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zargan.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Wed, 24 Nov 2021 20:36:52 GMT
expires: Thu, 24 Nov 2022 20:36:52 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 41634
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1745 783 B
1 KB 42ms
17ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

518ee4ec1256eec9418168f030d5bf234b9532731142b293726d1e287c3ce9a2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cbRU7r1cu8UmzN+TvE61tA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zargan.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Thu, 25 Nov 2021 08:10:46 GMT
date: Thu, 25 Nov 2021 08:10:46 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-cbRU7r1cu8UmzN+TvE61tA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012111011823000/ Frame 947D 189 KB
55 KB 33ms
6ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zargan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 117612
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55592
x-xss-protection: 0
server: sffe
date: Tue, 23 Nov 2021 23:30:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "11dee2040f5fc1d7"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 23 Nov 2022 23:30:34 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 947D 13 KB
5 KB 42ms
16ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zargan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 215910
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4992
x-xss-protection: 0
server: sffe
date: Mon, 22 Nov 2021 20:12:16 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "858600ba27ef7413"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 22 Nov 2022 20:12:16 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 947D 89 KB
28 KB 42ms
17ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zargan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 95459
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28555
x-xss-protection: 0
server: sffe
date: Wed, 24 Nov 2021 05:39:47 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a64e482645fd262b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 24 Nov 2022 05:39:47 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 947D 5 KB
2 KB 45ms
20ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zargan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 119056
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1731
x-xss-protection: 0
server: sffe
date: Tue, 23 Nov 2021 23:06:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "cb4f0e89d7d37d9b"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 23 Nov 2022 23:06:30 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012111011823000/v0/ Frame 947D 40 KB
13 KB 45ms
20ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111011823000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zargan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 119442
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12826
x-xss-protection: 0
server: sffe
date: Tue, 23 Nov 2021 23:00:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "f02165e023e70703"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 23 Nov 2022 23:00:04 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 947D 6 KB
669 B 36ms
19ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=tr

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2ddefcdc9f260c5ffeb93fed110fe9d929028226f9a2d8a4934ea52b546e9640

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zargan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 25 Nov 2021 07:55:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 25 Nov 2021 08:10:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Nov 2021 08:10:46 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 947D 4 KB
618 B 35ms
18ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&text=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zargan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 25 Nov 2021 07:47:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 25 Nov 2021 08:10:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Nov 2021 08:10:46 GMT

GET
H2 200 16840926707985673088
s0.2mdn.net/simgad/ Frame 947D 288 KB
288 KB 52ms
9ms Image
image/jpeg 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/16840926707985673088

Requested by

Host: www.zargan.com
URL: https://www.zargan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da42a553221af53faa2e2140af0e03ff721c98bc32a6bf88b9c636d304954857

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zargan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 11:01:23 GMT
x-content-type-options: nosniff
age: 76163
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295094
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 14:49:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 24 Nov 2022 11:01:23 GMT

GET
H2 200 11107184533922566823
s0.2mdn.net/simgad/ Frame 947D 790 B
1 KB 51ms
8ms Image
image/png 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/11107184533922566823

Requested by

Host: www.zargan.com
URL: https://www.zargan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5aa3ebfb8e3a3e4fb5c31f8abf598f3e85d3a7e12fd2a703442c24133d23fcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zargan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 16:27:51 GMT
x-content-type-options: nosniff
age: 56575
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 790
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 12:34:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 24 Nov 2022 16:27:51 GMT

GET
H2 200 ad
googleads.g.doubleclick.net/dbm/ Frame 947D 42 B
762 B 73ms
31ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CPMij4cMjACytQDqxD-g4w2gML_MksCP3xyDsnR2cg5xlJzS40Do6QBj0zFy_FOUmmLZv6R1WZKrzoTBEX5TJOiyLsuFA5Ty1o1rybQa0BidxXC9RnCKMvDCD5A3I2doTwJldvcE5ezrnOHJyypnMq0cOILQ&dbm_d=AKAmf-AJgSa7BtcLvplPIAAMybD6DMyW5r65ex2CnAZYp6tTkR9EfTKHa67evUi2QRY47VcMF15nzJo83iWsVruZqFZFktkNmPvibuXt2mocW_9TOX_moRpMuHRJuvLFKo5wUGZPpH4nHtngv95tQhNMgxAFrrUIHvLUXyfG-MRsuUDLbD1ytu6W5hFgG-ZGFv4x1Bl-tr26hRv04Ww92n2oLZuUoxhpifYjAPRrNtzuOSKqCknwCswfuia3xMEqUrBUDn31qi9G2E3lbschCRrgtxKTA2i1FgpAQU6q7whyt4gNrvWXw5XKXqYZG1jgs2juQFOilpoZMzQcp3Hp7zpffq8J9QoI2C8Zy9-5HuZ8C3dfA2tGLnVJiV7ykmGclrRQ6yvkbtAuAw5_CeikUd8ItHayjnyTjdS53raJudtJs8J0h-GX8oXJa0WpIcEAnvq2ShK7i_zk9sdsgY-elSpJ_4jfZXZ8KnxCl7pv9VV3eGWhJvvpB_lyl631IKfJJkBFCzSo2wKcNsRG-PIU_8hLLN23sUmcnZOgryouTyo802Vqr2C00HUj5ch9KULDBhGlk6a6YMDTMurqloWoJt2mPf00hi7KlEwizBtuEEvFnGCJgkK1mZgmCzI0QTta1Fm94sghXXCBeH0EH5mUw1DSl1E-9f5hKRayYWmEyFqfaXviyP1CrWNN1_hzqN14lit7ysq3x3zzpivSvwbJtri4shh4YOFuUNqgfqImJSgG1drZU_Aa7avkyZ2Wt-3yt-NAYKzyn4hjC98aQ2TZJBg6ni0G2W4TyvXoDjQaqT-nj5upgHhyJxqOaqrlehZS0HFGJmF1LLRwe_et3cVnHWasmiyip7z2UDZOj8Qg8f--ibKPwlbPQi-O-VOV8pY5HXvN0wU60qvERRh3LjxCYDjebxFkVd-2zroO_GTCR11YWvp8b5m7kYOiMND6IYmF8PBCQKvg19EAif7aCV8fO3c6NTxc4JRtOcQjvfdx8Li-kBNBZ7qXIUHsYyAXY3KfumbePRWbaK7caJMjz9XI-NgfjXCJAJAp73rsAASB8sQp7IdGoKfy9IBHJIZxiycP48JJqow-VOGxPsgbf2dbwm0y5_WwqEdbJtGeNzVQzUxcxiIwU-tBhrQs3Prudcj632nfp17Kyxopk1JQHC9cCOAkuQ35PfOsdx4H-0L99nfFV4fbkaxoRO4jhwspSIv3TgRgi2CNbcgxz3PDV0InMjhq1Xb2vt-XUabxhMXOw3OZ418Bx1mmBOwexYDPO1-hg5MPdA0mMOlsVuekYYZoGmFAP5-u3b12SqC8lyACf45uaDvp1TSlILmQKgIHnTKZiCmmHxn8hPcJQUNNHW6bEWutmrlq0Cv4vmZWRoKBl1euDshmCGHyyo5NxasrJpAbDc4V7fREvecjrtd1TyfCp1AXWBk3NZhI6eXlD9unB3LYr1o_KQDlo4hF8tN6v_cFt6Oogxu6vwgOIk2BWxM0Tk5oVVH74qnYYA9PVw4RGa3yZ5PtHRiZ69PehK4bAN9sDCkaaTJlM6nwjVWAhvljGOKvr9gkfPJKZcy0aVRhBv0UeCWsbJ75YVAeSOLnSM1AUkaZRg2F0GsqrKz86-bPgYtV0EDvtyuSQBMUMN4wxuVxBFWYw5DdgBfZFVDz1GNAnHqC9lOuOWJaTtFIHUi2jCa4d0F5yI7v14ySwg2De9zf-Ub-59d3bUaTQTYcoTbFNAgbvF1Uo1cENu0MooTWG18tOpZ_AT2q-YDY1BhVvn2fiJuAEGO4Oi_g4d2f5dRg-P-LUbV2lRrw2Fzb9E1sVEdbYgS3WoKG9ClQLW7w01xn6cKkS_vmccsIfQJRbcwvtBJnkE6QQkUO-oQAm-mVTCkbCzVI12jU5Twf4JEd6tl_3XiV2DJdfyRM6Xg4Yb-BQ16K2ZPH2INe_KcQpHQSWwDBlbYHa5lecQvmx80bD8kYGzVtjROk4tDzFA53pEJt_qcQDkNsu-vY47w8hQPFYXp1ecAwn08WqEuHPwQeuKMboZj76avH_iI3CH3Q0PVEG82rcJUti7TnEGaf-r-QFiunM0omRCgZbaXlheTR9gx9E2mgSKtX3y1S7TavLLg0_qx4XPD27CoibBrx283dxaFC9_XXh60MGIFnWex6JvP_6snlca7koe9bYi7q2XyXYW325yB6caKVUvut8SpkVVc9D2ogDKK9_W5G02YbAaCDWM1yoODdg2ML0-SvXr9320V6QwBfPILnmE-taIYIhLd-Kt6TuxbXJSiQHoFmyDQIB0WQNHdgN_r8yiSdOUKSseXq-TWdTyR6nJpGpRHPao_5CfTbSHdNS5aGDUXReORXeACxHfylkfx9s1UyaSBQ28QRbmi50qH0N7XZArEADVBd4FuDlbV-jTyXl8EiMI-igYCNa_Ub0Gyaq996zOL7orBeqh0P-IIVeopj7vLCb2tR6HAykLYFEO6cp6uE--yDwgnHYZkgYGSs5BUdvzwRlE7-18mvrTdRYXQowAgEWh6u5dWkpBqAocwadg0zEsnZ56-BlILdaKSGWcAoanEgaYUGV7dJBDL3HurS0dJTD_ssnLJkeC5__Bw3DC9yop6RVaidrzxqIJcRejFOHQZEPu6FlUtCEgNBM5WqePnY5ellZNeYtZC_eoGCpEi7sE_Llf0uiTbzFOLE4CQ7zG1scrDYRnwRn_dSfTJ9pUk8LADJVGQ4L0s6-KojMjzUcm_jMjOc5VZ91sxRd_WpebF2MIq3M8JG6C7mLZYdYwxe1C67nOGDyB-xXukdL9V4ZG30MkZpy6d75soorMdsRL-wmCsE8S4Uwjwyn2QXFoAZD5KpzL77CBgxL46XqrhU5FqhzZ8bSLxc7yNIPIQW6JbzCu7dPr4zZk4NL-qX6prAw-xZ2e5ZIPJs-xdPNWaAgfwuyMc0TP79fN0o2FmVCN_KGiYmkVmFOHsLMnMtPKuQ_4p4-YW_A-cZ_Y5bGxHgjz703mlAAJ2DQIyLYH1FL9wq_Ne0MBNf929i4Vh99---SN9hG3G3Pc4e2Fb1rwHmGd20WkQzLtiWdv5bhV7IyuQJEK91d7QsFPLHa2KF2-LvLv-40NQwYe0MnjVYzhCzueQLFobZQapO5e7GT8VueiC0925WQYhQBeUaP4TZPimENX5y357-AIdTtEMBsoRtulDF0ukAxxxP4ipHB0lo-ioD1sC0dhyDFeACep1eb2Q7bHe97eRSMF3AkG0Yx8Q1J8NCfyEEzFLRHGwUezFhqJmNwNrk6Q14JP0j_ndow2BjGw5haQM7Tvc1N9_0KDGiqfPe1gAgDEEn2IsVJryJfDkr1GHHdJsJ0VWXTsJUVRwn6xWdqe11jL2-kg&cid=CAASFeRo26NJ9hfDFaQcb1AwWaXPal8wuA&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)

Requested by

Host: www.zargan.com
URL: https://www.zargan.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zargan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 08:10:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 947D 0
0 46ms
44ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CF_cOBkWfYaWMGIzC7_UP3b-7qA6u5dzYY4nj3aypDvAuEAEg9PySIWCV2oeCmAegAZXIibkCyAEGqQJaBLSOhs-yPqgDAaoE5AFP0JNik7VsI0jyDV0_YqlNmJh7vV52hP_oiZ9qTMsM6CHw9k3dK8yeRUTHWcmGFZuT155fytHnPvfKm71L4N00m8bv1xB27S4KKp3DAN8IHlFwEZBMhR06sXYz9jP-G5OYCBg-QX7I-y3naXa59U63wGxl2lip9LPuLEUYQWSJIImoCA6WxKqq7_YahG4X3aPkU0TaPjVvPixmC9DFx0dyx7EA14FtF3TBYfWxM4ZVrmRg9zXrlnntmrlFWPGT9PpckmV9LMYHCeK_5-1GP-lbHsTgjhXwuoo_Hq5v2ka11GuzSxLABNKiuIjVA-AEA4gF1dWQxjOSBQYIAxAFGAGSBQYIGxACGAGSBQoIIhAFGAFIgpFikgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAY3gAfTt_bGAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcKEMDsLhi58O6tAdIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tNzQ4NTk2MjE5MTA1MTQ2OYAKA8gLAbAT1aiwDcgTwpuv3QPQEwDYEw2IFAHYFAHQFQGAFwGyFx4KHAgAEhRwdWItODkyOTY2NzYzNDIxMDQ4MBi4kh4&sigh=DrBLNoSlO0o&uach_m=[UACH]&cid=CAQSPwCNIrLM9hW0rKUQPKF-3wZtHtF5jzFRrDlKg22pNdT43Rnxn9fvFTjzU09XFf3-bkA2ZYGWo9DBENZjcf-URw&template_id=509&vt=10&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: www.zargan.com
URL: https://www.zargan.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zargan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 tr.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 947D 3 KB
3 KB 13ms
11ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/tr.png

Requested by

Host: www.zargan.com
URL: https://www.zargan.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zargan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 24 Nov 2021 20:05:06 GMT
x-content-type-options: nosniff
server: cafe
age: 43540
etag: 9957912877679239782
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3057
x-xss-protection: 0
expires: Thu, 25 Nov 2021 20:05:06 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 947D 344 B
368 B 17ms
11ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.zargan.com
URL: https://www.zargan.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zargan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 25 Nov 2021 06:46:14 GMT
x-content-type-options: nosniff
server: cafe
age: 5072
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Fri, 26 Nov 2021 06:46:14 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1745 0
0 78ms
61ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021111601&jk=10736901066724&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js Show response
pagead2.googlesyndication.com/bg/ Frame F4E5 35 KB
13 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lK7Pd7B-H_9yBaI_NSshU4OXimYezFu1HmFuNXULOe8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 19:37:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45179
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13508
x-xss-protection: 0
last-modified: Mon, 08 Nov 2021 11:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 24 Nov 2022 19:37:47 GMT

GET
DATA 200
OK truncated
/ Frame 947D 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e588ad70dde0f67bed16971eba008f0a6865dadc9565685eca7e57b3a69f453

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 947D 15 KB
15 KB 14ms
13ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=tr

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.zargan.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:39:48 GMT
x-content-type-options: nosniff
age: 498658
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 19 Nov 2022 13:39:48 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 947D 16 KB
16 KB 14ms
14ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300|Roboto:400,500&lang=tr

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.zargan.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Tue, 23 Nov 2021 14:02:00 GMT
x-content-type-options: nosniff
age: 151726
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 23 Nov 2022 14:02:00 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 947D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

97ms
80ms

Image
text/html

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.zargan.com
URL: https://www.zargan.com/
Protocol: H3
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Redirect headers

date: Thu, 25 Nov 2021 08:10:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 44ms
43ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021111601&jk=10736901066724&bg=!hoWlhcHNAAZQLpa_UC47ACkAdvg8WsvVVzRfKMbUsEo7YXcYPFC1iCK4BQt_38EoUPFy0smP8X85YgIAAADTUgAAAAtoAQcKAKskYDSxciKmTIgdZjADytCmS0L61IiKTFLhSikWjvV4tUPKSlDdd_IpLTGaBvVBDqZjlYNanjNBJSn4gIlMk6SBvB65KFNPIkHEcqqHyS1-cDk2DBVYtiKxXNRCID2gWhgjfqepvNPgGbwzbENE68VmXqtrDl8wBiPCFShSqpMv9sDp0IiGs0Y3frThanTt47_6XS_ZNJ3Dk-bHv_YLfhQ-CWTzAD6g55s8BPmZAnm2KCJjmdOGWFFXer2OsIbowwqzRtG6vJQMnJKxGthK4dshjWIR7K2HXqZHN2WYSdTV0LFYUl2RhUuoQrk0zibgzVArMuCn_jJbSleaGc9XraSEMED4xdHQBzjTb1lojJNq3hMk02Yo32Ov1vuH2rwWoHFpNh_tiEAdfOf05oRRFfu4aEB5sTgCKpeGRba2vv9ugg7Qd0qOhGwKURXJ6EFB-Rk5saf-ePC47ABnxQ6Dj5DF537bxb_QcOSMJc0MbxZ2fE2SYcJcHSeGeHNvtmi5JpKVRgdK-UI5PWpTLS6NLIfL8irHjkIBVeefOnMnFO9qLp38CuaRBvk69l1uk4IXggD6W2Xr1XOj0n4lrVFYoDo_GR77see_9MPEBHNj35atNx2lpQDUeKV_BnVXQznpV_yBJWZckN05-V-B1fTiXQHQcTLWlNrbBZk6b4jgQfiBLTEWhE3ypuZn3dxsZGjnxevIHcvC7iuS4wmefUebVpFaQZT7Bw-P9EQHszgQ78yjEUwqm_f9rEgo3_Cz4jh4T0Kbvtoc6rqA_ALLuUYUU1JzFS5WH2d8fD-rjDOmPMTlptzKXTu-wZApl-GaoghgMKdvXTda3Z6VTM67xSFry7JuOxS7qo505BiEJVNzxSDScPCoY-qEKKs9A3ZnTdegtEHan4Bi_WOyKs4OuOwGFHwnSQKDINE5MiJj8VsRB6wHNt-TRjxHR47zaUaFQsdyM7OHZ7eLhBhTzbZ7WTdZ58NYgw2i1OPvNIfYKkcQqXznX2ZekpVvZ5-eAg1U6-6y3i6d2l5L4AD6Dt5V3CD8TS5z-xvAZ7k3c5zXrggkvBnbVX1rcjFDNM0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zargan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 08:10:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 031C 6 KB
3 KB 24ms
7ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021111601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zargan.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Thu, 25 Nov 2021 08:10:46 GMT
expires: Fri, 25 Nov 2022 08:10:46 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 031C 0
0 45ms
44ms Fetch
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CVfu5BkWfYcLCKNGP9u8P-bKfiAbPh46bXMCG2YLGAsCNtwEQASAAYJXah4KYB4IBF2NhLXB1Yi04OTI5NjY3NjM0MjEwNDgwyAEJ4AIAqAMBqgT1AU_QE2DUYje41kaoNRWcygQH_fYxGG38y8YkNhdzCNISSRN5yPBe8KwiCuCtPo_AjUw69-pjajyGZ34382ZJ5fJXKNyAr5Dl22C6anQKdsFwXITfTXkge_6JKv_0lkjhqPOCmP51BDvks9tG3CFH8NKuaB2Y9p881rM8EP9NkmqqImHtOzjnjN6gIkS5xdy2Vg8l5JlwfIsY0MWx6V6qeM80ZsL3zgQco-91srHC5gTIYfxKqFgmEB041Am__6DWaNjvV7wCbSH2jW0YyBiKjiTrN46yXBPJz87aqhJQBm0KTmlhncsLLt67FoySb6jD_at-qsRb4AQBgAaQpezv4ZiAztcBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAHyCBthZHgtc3Vic3luLTc0ODU5NjIxOTEwNTE0NjmACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItODkyOTY2NzYzNDIxMDQ4MBi4kh4&sigh=KLa5bI4HBlo&uach_m=[UACH]&cid=CAQSPwCNIrLMkRVjHxVNWe_LE77Rn4ezuzd8LeF9s38LDNOvEvKnnt87O-ESRBS8In0BUI9E0GpMxywDygqslWuzuhgB&tpd=AGWhJmununoO8DHEE31g2TM1CkMj2EODuFs7iOLCiFkBo1WNYrXFLNrmSO5oGZGna8AR3M8E6j2kU-vP1t26_mFDy8yF2HWnDKV8yze6mlwVplBvRooRXAgAKnKmG6ee1M7v2pLf9qTdCi0yzbgWajaE5aJN3a6qbRNOJ4Pm4tvs24HBeki77lU1f1edHVGcXVQvqGsXaorLavnwO_BDnQ-6TZjox1ffY8TJERkeNPwhe5uZP1SgnZladFd_4MOCDi3-NPiRr8flM69NBQJkpElhgbrzli099MB9zMu2YgFx_2S8w1xHUsILbI8mtj3A7GfK8Ij_nI3z245lRa5SWq2ehiNa4DGc-EzAtwWLYKOpuKtjbbYxfFOmz4GoNurBxiUIOfnpmnMDNdFzQtcux_0cnThN_VDvmm6pfAru9E6cAk1vVyta5GL__Kj3SJowIJDcTmT7s0Ov5pjpbxuMZxOfFaKXFeq1dxtXa6zAtHzEQmxJ5Mk--wpnsSiM06MXJz6VjUgGo55T4u4m20IRys1DtAhTgel_tKKQWxNq-RIA6fVO8LWYFbtV51Tkf-RYNdkf7f3_tCOmFybOsuxV1sVyaHS_gi4drkM0_-85MX1TN7nXsOO8gU3SH7do1gB-r-DakKCCJZrEg0YeQgVoqV_64-g9uMoRjKlgNLV0CCyZRRIT0uRZ5nG_-toiNbYw83PPyuz9LGKB5MfYD6EwEjD-0Pl09bnSozbebNsYTmRZopMK6-cPQsqbq8eRQ03qwzkOeyhX2Ei7qsNIOTW_mJn61uOrzZLVMkMo9BSLhKZhyZPNOOQ-vjWV9AkKYGaBPyM5kpyvpxC-zOWJhLshzJY-WPpVtZq8tieqPAQJ9llqxnTvEEghUonvTT3pu9VNaPDWWcvW2X44EeAnlsyrAHmTJ8Nqi74FkuPJZdUUB-uWfwa4LrHA_fRf5JtWndCiN7O18RdmGWnyihKxB1bUQoIP7WhNUy01VZDewyLVB_o8Mb01bvZhIPPXBgv_kAVEztuG2L7Q3sprHd0mOGJ1SKtJEXA574m7FxESYS8s3crZMugF86XLVsXi17zqKc8OfP2fN88h2zKnG_DZjQ81giXX
Requested by: Host: www.zargan.com
URL: https://www.zargan.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s49-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame 031C 3 KB
2 KB 46ms
15ms Script
application/x-javascript 185.29.134.249
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvT0RZMU9UTXdaV1V0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzYyMjQ1NDg2NTk2NDY3NTcwMDYvNjYyMjMyNi80NTYyMzA2LzQvY0lTNWM2YW9mLXRTLVFUZUFWYWJVY1Y0NkJwNFp2RGFjWUZZUEVJNDhiWS8xLzQvMC8wLzk1NjgwMy8yMjk3Njc3MzEyLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC82MjI0NTQ4NjU5NjQ2NzU3MDA2L2Ftcy8wLzIxMC8zOC85OTkvMzIyLzEzNi4yNDMuMTk4LjAvMC4wMDAvMTYzNzgyNzg0Ni8xNjM3ODQwNDQ2LzQvcHViLTg5Mjk2Njc2MzQyMTA0ODAv/jnHkdf2cDUZQ0aDLcUgrrmBBc3I&nodeid=2823&group=cdg&auctionid=6224548659646757006&shardkey=6224548659646757006&sid=4562306&cid=6622326&bp=a_bgafhj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.172&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLuwQBkWfYcLCKNGP9u8P-bKfiAbPh46bXMCG2YLGAsCNtwEQASAAYJXah4KYB4IBF2NhLXB1Yi04OTI5NjY3NjM0MjEwNDgwyAEJ4AIAqAMBqgT4AU_QE2DUYje41kaoNRWcygQH_fYxGG38y8YkNhdzCNISSRN5yPBe8KwiCuCtPo_AjUw69-pjajyGZ34382ZJ5fJXKNyAr5Dl22C6anQKdsFwXITfTXkge_6JKv_0lkjhqPOCmP51BDvks9tG3CFH8NKuaB2Y9p881rM8EP9NkmqqImHtOzjnjN6gIkS5xdy2Vg8l5JlwfIsY0MWx6V6qeM80ZsL3zgQco-91srHC5gTIYfxKqFgmEB041Am__6DWaNjvV7wCbSH2jW0YyBiKjmbpFhwe4LfOQmqSAcoQqZ0XWmPdl-UTz2N7ViNozrbv5QXnFsPWbeh84AQBgAaQpezv4ZiAztcBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAHyCBthZHgtc3Vic3luLTc0ODU5NjIxOTEwNTE0Njn6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2vpGgTns9TS1tGP8H7Ns9k7dxwYA%26client%3Dca-pub-8929667634210480%26adurl%3D
Requested by: Host: 56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com
URL: https://56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.209.5 /
Resource Hash: aee9531937c1335a3511968541e307af835935d562530ef3e3d1b44db5c4329b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 08:10:47 GMT
Content-Encoding: gzip
x-mm-bid-request-time: 1637827846
Last-Modified: Thu, 25 Nov 2021 08:10:46 GMT
Server: MMBD/3.209.5
x-mm-latency: 2 (2)
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg: Count
Cache-Control: no-cache
x-mm-host: cdg-router-x94, cdg-bidder-x172
Connection: close
Content-Type: application/x-javascript; charset=UTF-8
Expires: Thu, 25 Nov 2021 08:10:46 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 031C 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/window_focus_fy2019.js

Requested by

Host: 56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com
URL: https://56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 08:09:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Dec 2021 08:09:56 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 031C 119 KB
37 KB 45ms
16ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com
URL: https://56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 08:10:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37119
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636547677202025"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 25 Nov 2021 08:10:47 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/ Frame 031C 15 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211111/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com
URL: https://56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 08:08:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 164
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 16810888504096353422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 09 Dec 2021 08:08:03 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 031C 0
0 19ms
18ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQS9NypTe39ymSZBTf6-XUPYOhoC1_5Ay3h1E6yD9J53ItBZ45wp0zbyCSx1fFe1KtIKyBD6W7jivNEOo4tH3K7y8DzIQ
Requested by: Host: 56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com
URL: https://56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 031C 22 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com
URL: https://56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 15:16:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60887
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 24 Nov 2022 15:16:00 GMT

GET
H/1.1 200
OK 01qrvgnrrbds Show response
hal9000.redintelligence.net/zone/ Frame 031C 10 KB
3 KB 17ms
3ms Script
text/html 144.76.104.53
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/01qrvgnrrbds?subid=&gdpr=1&gdpr_consent=li&rnd=6224548659646757006&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6224548659646757006%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D3bbf619f-4507-4401-9fe4-0b92278b0dd4%26mt_cid%3D3bbf619f-4507-4401-9fe4-0b92278b0dd4%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCLuwQBkWfYcLCKNGP9u8P-bKfiAbPh46bXMCG2YLGAsCNtwEQASAAYJXah4KYB4IBF2NhLXB1Yi04OTI5NjY3NjM0MjEwNDgwyAEJ4AIAqAMBqgT4AU_QE2DUYje41kaoNRWcygQH_fYxGG38y8YkNhdzCNISSRN5yPBe8KwiCuCtPo_AjUw69-pjajyGZ34382ZJ5fJXKNyAr5Dl22C6anQKdsFwXITfTXkge_6JKv_0lkjhqPOCmP51BDvks9tG3CFH8NKuaB2Y9p881rM8EP9NkmqqImHtOzjnjN6gIkS5xdy2Vg8l5JlwfIsY0MWx6V6qeM80ZsL3zgQco-91srHC5gTIYfxKqFgmEB041Am__6DWaNjvV7wCbSH2jW0YyBiKjmbpFhwe4LfOQmqSAcoQqZ0XWmPdl-UTz2N7ViNozrbv5QXnFsPWbeh84AQBgAaQpezv4ZiAztcBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAHyCBthZHgtc3Vic3luLTc0ODU5NjIxOTEwNTE0Njn6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2vpGgTns9TS1tGP8H7Ns9k7dxwYA%2526client%253Dca-pub-8929667634210480%2526adurl%253D%26redirect%3D
Requested by: Host: www.zargan.com
URL: https://www.zargan.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.53.104.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 160240f027c89d68b52cb4a19f3a038dc88610bb1b70c044ebe9bf1c2f3449b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 08:10:47 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3381
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame 031C 49 B
330 B 49ms
19ms Image
image/gif 185.29.134.249
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=6224548659646757006&node_id=2823&exch_id=4
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvT0RZMU9UTXdaV1V0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzYyMjQ1NDg2NTk2NDY3NTcwMDYvNjYyMjMyNi80NTYyMzA2LzQvY0lTNWM2YW9mLXRTLVFUZUFWYWJVY1Y0NkJwNFp2RGFjWUZZUEVJNDhiWS8xLzQvMC8wLzk1NjgwMy8yMjk3Njc3MzEyLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC82MjI0NTQ4NjU5NjQ2NzU3MDA2L2Ftcy8wLzIxMC8zOC85OTkvMzIyLzEzNi4yNDMuMTk4LjAvMC4wMDAvMTYzNzgyNzg0Ni8xNjM3ODQwNDQ2LzQvcHViLTg5Mjk2Njc2MzQyMTA0ODAv/jnHkdf2cDUZQ0aDLcUgrrmBBc3I&nodeid=2823&group=cdg&auctionid=6224548659646757006&shardkey=6224548659646757006&sid=4562306&cid=6622326&bp=a_bgafhj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.172&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLuwQBkWfYcLCKNGP9u8P-bKfiAbPh46bXMCG2YLGAsCNtwEQASAAYJXah4KYB4IBF2NhLXB1Yi04OTI5NjY3NjM0MjEwNDgwyAEJ4AIAqAMBqgT4AU_QE2DUYje41kaoNRWcygQH_fYxGG38y8YkNhdzCNISSRN5yPBe8KwiCuCtPo_AjUw69-pjajyGZ34382ZJ5fJXKNyAr5Dl22C6anQKdsFwXITfTXkge_6JKv_0lkjhqPOCmP51BDvks9tG3CFH8NKuaB2Y9p881rM8EP9NkmqqImHtOzjnjN6gIkS5xdy2Vg8l5JlwfIsY0MWx6V6qeM80ZsL3zgQco-91srHC5gTIYfxKqFgmEB041Am__6DWaNjvV7wCbSH2jW0YyBiKjmbpFhwe4LfOQmqSAcoQqZ0XWmPdl-UTz2N7ViNozrbv5QXnFsPWbeh84AQBgAaQpezv4ZiAztcBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAHyCBthZHgtc3Vic3luLTc0ODU5NjIxOTEwNTE0Njn6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2vpGgTns9TS1tGP8H7Ns9k7dxwYA%26client%3Dca-pub-8929667634210480%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.209.5 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 08:10:47 GMT
Server: MMBD/3.209.5
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x98, cdg-bidder-x172
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Thu, 25 Nov 2021 08:10:46 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame 031C 43 B
405 B 82ms
32ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=6224548659646757006&v3=651871&v4=4562306&v5=6622326&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvT0RZMU9UTXdaV1V0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzYyMjQ1NDg2NTk2NDY3NTcwMDYvNjYyMjMyNi80NTYyMzA2LzQvY0lTNWM2YW9mLXRTLVFUZUFWYWJVY1Y0NkJwNFp2RGFjWUZZUEVJNDhiWS8xLzQvMC8wLzk1NjgwMy8yMjk3Njc3MzEyLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC82MjI0NTQ4NjU5NjQ2NzU3MDA2L2Ftcy8wLzIxMC8zOC85OTkvMzIyLzEzNi4yNDMuMTk4LjAvMC4wMDAvMTYzNzgyNzg0Ni8xNjM3ODQwNDQ2LzQvcHViLTg5Mjk2Njc2MzQyMTA0ODAv/jnHkdf2cDUZQ0aDLcUgrrmBBc3I&nodeid=2823&group=cdg&auctionid=6224548659646757006&shardkey=6224548659646757006&sid=4562306&cid=6622326&bp=a_bgafhj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.172&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLuwQBkWfYcLCKNGP9u8P-bKfiAbPh46bXMCG2YLGAsCNtwEQASAAYJXah4KYB4IBF2NhLXB1Yi04OTI5NjY3NjM0MjEwNDgwyAEJ4AIAqAMBqgT4AU_QE2DUYje41kaoNRWcygQH_fYxGG38y8YkNhdzCNISSRN5yPBe8KwiCuCtPo_AjUw69-pjajyGZ34382ZJ5fJXKNyAr5Dl22C6anQKdsFwXITfTXkge_6JKv_0lkjhqPOCmP51BDvks9tG3CFH8NKuaB2Y9p881rM8EP9NkmqqImHtOzjnjN6gIkS5xdy2Vg8l5JlwfIsY0MWx6V6qeM80ZsL3zgQco-91srHC5gTIYfxKqFgmEB041Am__6DWaNjvV7wCbSH2jW0YyBiKjmbpFhwe4LfOQmqSAcoQqZ0XWmPdl-UTz2N7ViNozrbv5QXnFsPWbeh84AQBgAaQpezv4ZiAztcBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAHyCBthZHgtc3Vic3luLTc0ODU5NjIxOTEwNTE0Njn6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2vpGgTns9TS1tGP8H7Ns9k7dxwYA%26client%3Dca-pub-8929667634210480%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4103 f8fad19 master cdg-pixel-x24 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 08:10:47 GMT
Server: MT3 4103 f8fad19 master cdg-pixel-x24 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 25 Nov 2021 08:10:46 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame 031C 49 B
330 B 46ms
17ms Image
image/gif 185.29.134.249
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=6224548659646757006&st=4562306&time=1637827847&nodeid=2823
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvT0RZMU9UTXdaV1V0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzYyMjQ1NDg2NTk2NDY3NTcwMDYvNjYyMjMyNi80NTYyMzA2LzQvY0lTNWM2YW9mLXRTLVFUZUFWYWJVY1Y0NkJwNFp2RGFjWUZZUEVJNDhiWS8xLzQvMC8wLzk1NjgwMy8yMjk3Njc3MzEyLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC82MjI0NTQ4NjU5NjQ2NzU3MDA2L2Ftcy8wLzIxMC8zOC85OTkvMzIyLzEzNi4yNDMuMTk4LjAvMC4wMDAvMTYzNzgyNzg0Ni8xNjM3ODQwNDQ2LzQvcHViLTg5Mjk2Njc2MzQyMTA0ODAv/jnHkdf2cDUZQ0aDLcUgrrmBBc3I&nodeid=2823&group=cdg&auctionid=6224548659646757006&shardkey=6224548659646757006&sid=4562306&cid=6622326&bp=a_bgafhj&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.133.172&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLuwQBkWfYcLCKNGP9u8P-bKfiAbPh46bXMCG2YLGAsCNtwEQASAAYJXah4KYB4IBF2NhLXB1Yi04OTI5NjY3NjM0MjEwNDgwyAEJ4AIAqAMBqgT4AU_QE2DUYje41kaoNRWcygQH_fYxGG38y8YkNhdzCNISSRN5yPBe8KwiCuCtPo_AjUw69-pjajyGZ34382ZJ5fJXKNyAr5Dl22C6anQKdsFwXITfTXkge_6JKv_0lkjhqPOCmP51BDvks9tG3CFH8NKuaB2Y9p881rM8EP9NkmqqImHtOzjnjN6gIkS5xdy2Vg8l5JlwfIsY0MWx6V6qeM80ZsL3zgQco-91srHC5gTIYfxKqFgmEB041Am__6DWaNjvV7wCbSH2jW0YyBiKjmbpFhwe4LfOQmqSAcoQqZ0XWmPdl-UTz2N7ViNozrbv5QXnFsPWbeh84AQBgAaQpezv4ZiAztcBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAHyCBthZHgtc3Vic3luLTc0ODU5NjIxOTEwNTE0Njn6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2vpGgTns9TS1tGP8H7Ns9k7dxwYA%26client%3Dca-pub-8929667634210480%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.209.5 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 08:10:47 GMT
Server: MMBD/3.209.5
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x26, cdg-bidder-x172
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Thu, 25 Nov 2021 08:10:46 GMT

GET
H/1.1 200
OK request.php Show response
hal900019.redintelligence.net/ Frame 031C 4 KB
2 KB 65ms
52ms Script
application/x-javascript 78.46.90.238
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900019.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=717f455366&subid=&uid=dce39f3f3bb42233&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6224548659646757006%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D3bbf619f-4507-4401-9fe4-0b92278b0dd4%26mt_cid%3D3bbf619f-4507-4401-9fe4-0b92278b0dd4%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCLuwQBkWfYcLCKNGP9u8P-bKfiAbPh46bXMCG2YLGAsCNtwEQASAAYJXah4KYB4IBF2NhLXB1Yi04OTI5NjY3NjM0MjEwNDgwyAEJ4AIAqAMBqgT4AU_QE2DUYje41kaoNRWcygQH_fYxGG38y8YkNhdzCNISSRN5yPBe8KwiCuCtPo_AjUw69-pjajyGZ34382ZJ5fJXKNyAr5Dl22C6anQKdsFwXITfTXkge_6JKv_0lkjhqPOCmP51BDvks9tG3CFH8NKuaB2Y9p881rM8EP9NkmqqImHtOzjnjN6gIkS5xdy2Vg8l5JlwfIsY0MWx6V6qeM80ZsL3zgQco-91srHC5gTIYfxKqFgmEB041Am__6DWaNjvV7wCbSH2jW0YyBiKjmbpFhwe4LfOQmqSAcoQqZ0XWmPdl-UTz2N7ViNozrbv5QXnFsPWbeh84AQBgAaQpezv4ZiAztcBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAHyCBthZHgtc3Vic3luLTc0ODU5NjIxOTEwNTE0Njn6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2vpGgTns9TS1tGP8H7Ns9k7dxwYA%2526client%253Dca-pub-8929667634210480%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2F56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=7594815261509&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/01qrvgnrrbds?subid=&gdpr=1&gdpr_consent=li&rnd=6224548659646757006&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6224548659646757006%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D3bbf619f-4507-4401-9fe4-0b92278b0dd4%26mt_cid%3D3bbf619f-4507-4401-9fe4-0b92278b0dd4%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCLuwQBkWfYcLCKNGP9u8P-bKfiAbPh46bXMCG2YLGAsCNtwEQASAAYJXah4KYB4IBF2NhLXB1Yi04OTI5NjY3NjM0MjEwNDgwyAEJ4AIAqAMBqgT4AU_QE2DUYje41kaoNRWcygQH_fYxGG38y8YkNhdzCNISSRN5yPBe8KwiCuCtPo_AjUw69-pjajyGZ34382ZJ5fJXKNyAr5Dl22C6anQKdsFwXITfTXkge_6JKv_0lkjhqPOCmP51BDvks9tG3CFH8NKuaB2Y9p881rM8EP9NkmqqImHtOzjnjN6gIkS5xdy2Vg8l5JlwfIsY0MWx6V6qeM80ZsL3zgQco-91srHC5gTIYfxKqFgmEB041Am__6DWaNjvV7wCbSH2jW0YyBiKjmbpFhwe4LfOQmqSAcoQqZ0XWmPdl-UTz2N7ViNozrbv5QXnFsPWbeh84AQBgAaQpezv4ZiAztcBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAHyCBthZHgtc3Vic3luLTc0ODU5NjIxOTEwNTE0Njn6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2vpGgTns9TS1tGP8H7Ns9k7dxwYA%2526client%253Dca-pub-8929667634210480%2526adurl%253D%26redirect%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.238.90.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 2808a2b987c82ece4c20f912c8c81461c4c1dacb61b643bc28fd86b0810496ff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Nov 2021 08:10:47 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 78405400036510600951393011789019
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 1323
Expires: Thu, 25 Nov 2021 08:10:47 +0100

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame 00A6
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=78405400036510600951393011789019&t=htlp
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=78405400036510600951393011789019&actionid=879111&produktid=ratenkredit&dt_url=

0
629 B

140ms
114ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=78405400036510600951393011789019&actionid=879111&produktid=ratenkredit&dt_url=

Requested by

Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=717f455366&subid=&uid=dce39f3f3bb42233&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6224548659646757006%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D3bbf619f-4507-4401-9fe4-0b92278b0dd4%26mt_cid%3D3bbf619f-4507-4401-9fe4-0b92278b0dd4%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCLuwQBkWfYcLCKNGP9u8P-bKfiAbPh46bXMCG2YLGAsCNtwEQASAAYJXah4KYB4IBF2NhLXB1Yi04OTI5NjY3NjM0MjEwNDgwyAEJ4AIAqAMBqgT4AU_QE2DUYje41kaoNRWcygQH_fYxGG38y8YkNhdzCNISSRN5yPBe8KwiCuCtPo_AjUw69-pjajyGZ34382ZJ5fJXKNyAr5Dl22C6anQKdsFwXITfTXkge_6JKv_0lkjhqPOCmP51BDvks9tG3CFH8NKuaB2Y9p881rM8EP9NkmqqImHtOzjnjN6gIkS5xdy2Vg8l5JlwfIsY0MWx6V6qeM80ZsL3zgQco-91srHC5gTIYfxKqFgmEB041Am__6DWaNjvV7wCbSH2jW0YyBiKjmbpFhwe4LfOQmqSAcoQqZ0XWmPdl-UTz2N7ViNozrbv5QXnFsPWbeh84AQBgAaQpezv4ZiAztcBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAHyCBthZHgtc3Vic3luLTc0ODU5NjIxOTEwNTE0Njn6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2vpGgTns9TS1tGP8H7Ns9k7dxwYA%2526client%253Dca-pub-8929667634210480%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2F56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=7594815261509&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 Schwaig, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Thu, 25 Nov 2021 09:10:47 GMT
server: Microsoft-IIS/10.0
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
access-control-allow-origin: *
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
access-control-allow-methods: GET,POST
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
date: Thu, 25 Nov 2021 08:10:46 GMT
content-length: 0

Redirect headers

Server: nginx/1.17.5
Date: Thu, 25 Nov 2021 08:10:47 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Keep-Alive: timeout=20
X-Powered-By: PHP/7.2.21
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
Access-Control-Allow-Credentials: true
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=78405400036510600951393011789019&actionid=879111&produktid=ratenkredit&dt_url=
Strict-Transport-Security: max-age=63072000;includeSubdomains;preload max-age=15768000
X-IPLB-Request-ID: 88F3C651:C153_91EFC182:01BB_619F4507_D960594:2A265
X-IPLB-Instance: 40028
Cache-control: private

GET
H2 200 script.js Show response
img.metaffiliation.com/na/na/res/trk/ Frame 031C 128 KB
33 KB 54ms
10ms Script
application/javascript 192.229.220.129
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://img.metaffiliation.com/na/na/res/trk/script.js
Requested by: Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=717f455366&subid=&uid=dce39f3f3bb42233&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6224548659646757006%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D3bbf619f-4507-4401-9fe4-0b92278b0dd4%26mt_cid%3D3bbf619f-4507-4401-9fe4-0b92278b0dd4%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCLuwQBkWfYcLCKNGP9u8P-bKfiAbPh46bXMCG2YLGAsCNtwEQASAAYJXah4KYB4IBF2NhLXB1Yi04OTI5NjY3NjM0MjEwNDgwyAEJ4AIAqAMBqgT4AU_QE2DUYje41kaoNRWcygQH_fYxGG38y8YkNhdzCNISSRN5yPBe8KwiCuCtPo_AjUw69-pjajyGZ34382ZJ5fJXKNyAr5Dl22C6anQKdsFwXITfTXkge_6JKv_0lkjhqPOCmP51BDvks9tG3CFH8NKuaB2Y9p881rM8EP9NkmqqImHtOzjnjN6gIkS5xdy2Vg8l5JlwfIsY0MWx6V6qeM80ZsL3zgQco-91srHC5gTIYfxKqFgmEB041Am__6DWaNjvV7wCbSH2jW0YyBiKjmbpFhwe4LfOQmqSAcoQqZ0XWmPdl-UTz2N7ViNozrbv5QXnFsPWbeh84AQBgAaQpezv4ZiAztcBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAHyCBthZHgtc3Vic3luLTc0ODU5NjIxOTEwNTE0Njn6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2vpGgTns9TS1tGP8H7Ns9k7dxwYA%2526client%253Dca-pub-8929667634210480%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2F56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=7594815261509&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.220.129 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F65) /
Resource Hash: 7c22b007743a09ec0ad5931edb3cc96fa88009586b10e0d3c502eeca52fbb183

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 08:10:47 GMT
content-encoding: gzip
last-modified: Tue, 19 Oct 2021 09:25:18 GMT
server: ECAcc (frc/8F65)
age: 2953
etag: "616e8efe-201f0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=600, s-maxage=3600
accept-ranges: bytes
content-length: 33512

GET
H/1.1

200
OK

native.png
ad-server.eu/wm/pb/ Frame 031C
Redirect Chain

https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=78405400036510600951393011789019
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=78405400036510600951393011789019
https://ad-server.eu/wm/pb/native.png

68 B
312 B

155ms
29ms

Image
image/png

54.76.176.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-server.eu/wm/pb/native.png
Requested by: Host: 56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com
URL: https://56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 08:15:10 GMT
Last-Modified: Sat, 21 Dec 2019 23:06:59 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5dfea593-44"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68

Redirect headers

Date: Thu, 25 Nov 2021 08:10:47 GMT
Server: nginx/1.19.7
X-IPLB-Request-ID: 88F3C651:C15F_91EFC182:01BB_619F4507_D9375F3:2A263
X-Powered-By: PHP/7.2.34
X-IPLB-Instance: 40028
Strict-Transport-Security: max-age=63072000;includeSubdomains;preload, max-age=15768000
Content-Type: text/html; charset=UTF-8
Location: https://ad-server.eu/wm/pb/native.png
Cache-control: private
Transfer-Encoding: chunked
Keep-Alive: timeout=20

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 031C 43 B
704 B 56ms
33ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519595&v=14098&q=379097&r=296283&pref1=78405400036510600951393011789019&pv=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 25 Nov 2021 08:10:47 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H/1.1 200
OK trk.php
action.metaffiliation.com/ Frame 031C 43 B
2 KB 82ms
25ms Image
image/gif 95.131.136.1
OXALIDE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://action.metaffiliation.com/trk.php?taff=P511E19571C9F151&argsite=78405400036510600951393011789019&gdprconsent=li
Requested by: Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=717f455366&subid=&uid=dce39f3f3bb42233&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fmt_aid%3D6224548659646757006%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D3bbf619f-4507-4401-9fe4-0b92278b0dd4%26mt_cid%3D3bbf619f-4507-4401-9fe4-0b92278b0dd4%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCLuwQBkWfYcLCKNGP9u8P-bKfiAbPh46bXMCG2YLGAsCNtwEQASAAYJXah4KYB4IBF2NhLXB1Yi04OTI5NjY3NjM0MjEwNDgwyAEJ4AIAqAMBqgT4AU_QE2DUYje41kaoNRWcygQH_fYxGG38y8YkNhdzCNISSRN5yPBe8KwiCuCtPo_AjUw69-pjajyGZ34382ZJ5fJXKNyAr5Dl22C6anQKdsFwXITfTXkge_6JKv_0lkjhqPOCmP51BDvks9tG3CFH8NKuaB2Y9p881rM8EP9NkmqqImHtOzjnjN6gIkS5xdy2Vg8l5JlwfIsY0MWx6V6qeM80ZsL3zgQco-91srHC5gTIYfxKqFgmEB041Am__6DWaNjvV7wCbSH2jW0YyBiKjmbpFhwe4LfOQmqSAcoQqZ0XWmPdl-UTz2N7ViNozrbv5QXnFsPWbeh84AQBgAaQpezv4ZiAztcBoAYhqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiI4YAQEAHyCBthZHgtc3Vic3luLTc0ODU5NjIxOTEwNTE0Njn6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_2vpGgTns9TS1tGP8H7Ns9k7dxwYA%2526client%253Dca-pub-8929667634210480%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2F56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&ancestorOrigins=null&random=7594815261509&isIframe=1&container=&adPos=0x0&adPosCheck=0x0&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.131.136.1 , France, ASN47841 (OXALIDE, FR),
Reverse DNS: front.netaffiliation.net
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 08:10:47 GMT
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR CUR ADMa PSAa OUR IND NAV COM",policyref="http://www.netaffiliation.com/w3c/p3p.xml"
X-TRK-D: 0.004256010055542
Connection: close
Pragma: no-cache
X-TRK-PROC: 73241
Last-Modified: Thu, 25 Nov 2021 08:10:47 GMT
Server: nginx
X-TRK-DECISION: 7
Content-Type: image/gif
Access-Control-Allow-Origin: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Kwanko-Content-Type,X-Kwanko-Sdk-Version,X-KWKunijs-Debug,X-KWKunijs-Version
X-TRK-SRV: 9

GET
H/1.1

200
OK

ai.aspx
m.exactag.com/ Frame 031C
Redirect Chain

https://action.metaffiliation.com/trk.php?mann=P511E19571C9F151&argsite=78405400036510600951393011789019&gdprconsent=li
https://m.exactag.com/ai.aspx?extProvId=8&extPu=esprit-dcm&extLi=25444971&extPm=319075961&extCr=&rnd=%n&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_312}

43 B
1 KB

81ms
18ms

Image
image/gif

85.14.248.91
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=8&extPu=esprit-dcm&extLi=25444971&extPm=319075961&extCr=&rnd=%n&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_312}

Requested by

Host: 56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com
URL: https://56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Server

85.14.248.91 Kamp-Lintfort, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
Pragma: no-cache
X-ET-Code: 0
Last-Modified: Do, 25 Nov 2021 08:10:47 GMT
Server: Microsoft-IIS/8.5
Date: Thu, 25 Nov 2021 08:10:47 GMT
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 1788
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Thu, 25 Nov 2021 08:10:47 GMT
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
X-TRK-D: 0.0034990310668945
Connection: close
Pragma: no-cache
X-TRK-PROC: 73241
Last-Modified: Thu, 25 Nov 2021 08:10:47 GMT
Server: nginx
X-TRK-DECISION: -3
Content-Type: text/html; charset=UTF-8
Location: https://m.exactag.com/ai.aspx?extProvId=8&extPu=esprit-dcm&extLi=25444971&extPm=319075961&extCr=&rnd=%n&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_312}
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Kwanko-Content-Type,X-Kwanko-Sdk-Version,X-KWKunijs-Debug,X-KWKunijs-Version
X-TRK-SRV: 9

GET
H3

200

activityi;dc_pre=CJ7DtZiIs_QCFQ9B9ggdbpYJYQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7507910283849.135 Show response
5994599.fls.doubleclick.net/ Frame 8BC9
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7507910283849.135?
https://5994599.fls.doubleclick.net/activityi;dc_pre=CJ7DtZiIs_QCFQ9B9ggdbpYJYQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7507910283849.135?

391 B
345 B

44ms
30ms

Document
text/html

172.217.18.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=CJ7DtZiIs_QCFQ9B9ggdbpYJYQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7507910283849.135?

Requested by

Host: 56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com
URL: https://56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f102.1e100.net

Software

cafe /

Resource Hash

5d2f6b3cd3e286d0d91ec7fb1ca90ac0f7aadd68e799998e79542263bd96585b

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 25 Nov 2021 08:10:47 GMT
expires: Thu, 25 Nov 2021 08:10:47 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 322
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 25 Nov 2021 08:10:47 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=CJ7DtZiIs_QCFQ9B9ggdbpYJYQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7507910283849.135?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK request_content.php Show response
hal900019.redintelligence.net/ Frame 817B 7 KB
2 KB 4ms
2ms Document
text/html 78.46.90.238
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900019.redintelligence.net/request_content.php?s=78405400036510600951393011789019&a=17f34b73
Requested by: Host: 56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com
URL: https://56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.238.90.46.78.clients.your-server.de
Software: Apache /
Resource Hash: d8f46ac3d104bdbf86ddd70c7c24fa54a23823a88b00f1c07d95b05cd5ff52b0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com/

Response headers

Date: Thu, 25 Nov 2021 08:10:47 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Thu, 25 Nov 2021 08:10:47 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2065
Connection: close
Content-Type: text/html; charset=utf-8

GET
H2 200 kwanko-sdk-iframe.html Show response
img.metaffiliation.com/ Frame 6D9B 3 KB
992 B 8ms
8ms Document
text/html 192.229.220.129
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://img.metaffiliation.com/kwanko-sdk-iframe.html
Requested by: Host: img.metaffiliation.com
URL: https://img.metaffiliation.com/na/na/res/trk/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.220.129 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FB0) /
Resource Hash: 2d43c04a2d2f68039cedc241e492503a5e0d93a2cafb3be130993b3e3dfd8d4a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com/

Response headers

content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 2408
cache-control: public, max-age=600, s-maxage=3600
content-type: text/html
date: Thu, 25 Nov 2021 08:10:47 GMT
etag: "5fd78d26-ac5"
last-modified: Mon, 14 Dec 2020 16:04:54 GMT
server: ECAcc (frc/8FB0)
vary: Accept-Encoding
x-cache: HIT
content-length: 891

GET
H3 200 css
fonts.googleapis.com/ Frame 817B 4 KB
649 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request_content.php?s=78405400036510600951393011789019&a=17f34b73

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ad246d47536dacf0256646042ec184678bfc630fcb638d9199bd66cf8cb5e457

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900019.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 25 Nov 2021 07:46:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 25 Nov 2021 08:10:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 25 Nov 2021 08:10:47 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 817B 16 KB
16 KB 8ms
3ms Image
image/png 144.76.104.53
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by: Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request_content.php?s=78405400036510600951393011789019&a=17f34b73
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.53.104.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 316245b467c8fc69e0dfbc8baeb1445f610964a3e2c7899a4c10529ef74675ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900019.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 08:10:47 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16248
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 817B 17 KB
17 KB 6ms
2ms Image
image/png 144.76.104.53
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/3839/creativesup/father_daughter_1200x627.jpg
Requested by: Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request_content.php?s=78405400036510600951393011789019&a=17f34b73
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.53.104.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 06b6e80da8e0637bf48fcd9672fc1578449c531c242638f22fb77ce7d4e281cc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900019.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 08:10:47 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16857
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 817B 16 KB
16 KB 6ms
3ms Image
image/png 144.76.104.53
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/62726/creativesup/ESDE_MSS_Step2_Kleid_1200x627_251021_rs-IxQ56xIE.jpg
Requested by: Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request_content.php?s=78405400036510600951393011789019&a=17f34b73
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 144.76.104.53 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.53.104.76.144.clients.your-server.de
Software: Apache /
Resource Hash: 984dcdcc4d2091059cb59721828565af960dd4b658c143b775e0a42fe46c4748

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900019.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 08:10:47 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16241
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK viewability Show response
hal900019.redintelligence.net/ Frame 817B 0
150 B 5ms
2ms Script
text/html 78.46.90.238
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal900019.redintelligence.net/viewability?s=78405400036510600951393011789019&a=493f081b&vb=m
Requested by: Host: hal900019.redintelligence.net
URL: https://hal900019.redintelligence.net/request_content.php?s=78405400036510600951393011789019&a=17f34b73
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.90.238 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.238.90.46.78.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal900019.redintelligence.net/request_content.php?s=78405400036510600951393011789019&a=17f34b73
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date: Thu, 25 Nov 2021 08:10:47 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H3 200 dc_pre=CJ7DtZiIs_QCFQ9B9ggdbpYJYQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7507910283849.135
adservice.google.com/ddm/fls/z/ Frame 8BC9 42 B
63 B 56ms
42ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJ7DtZiIs_QCFQ9B9ggdbpYJYQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7507910283849.135

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CJ7DtZiIs_QCFQ9B9ggdbpYJYQ;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=7507910283849.135?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 08:10:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 947D 42 B
64 B 30ms
29ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstC6SavzJMccD_2SxgVpnfoRrriPpy7abeM93ZxDZgTRhwg_s0QyoDp7Jlsb5UyIRlfwaThQRvluhn2fkqig9M-om-BS4gROUNavViH6E8PX8zNvMbIAA&sai=AMfl-YR2lbTAPwjnBjrZZHHfgP6JyK1SLY7dSJx_8bpcUTWJ1nf0SotUGbVA182qZyKTFLQmHCmAcgGYbgqep-KWkkwNSUbNur3RUcQ02UVGL3GMTRDBaz8yz2wyuKR4q4xC&sig=Cg0ArKJSzDaWfvcu9azDEAE&cid=CAASFeRo26NJ9hfDFaQcb1AwWaXPal8wuA&id=ampim&o=315,550&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=82&tls=1082&g=100&h=100&tt=1082&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=4095986870

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zargan.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 25 Nov 2021 08:10:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H/1.1 204
No Content trk.php
action.metaffiliation.com/ Frame 0
0 71ms
19ms Preflight
text/plain 95.131.136.1
OXALIDE

General

Check archive.org

Show headers Download Go to

Full URL: https://action.metaffiliation.com/trk.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.131.136.1 , France, ASN47841 (OXALIDE, FR),
Reverse DNS: front.netaffiliation.net
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-kwanko-content-type,x-kwanko-sdk-version
Origin: https://56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Server: nginx
Date: Thu, 25 Nov 2021 08:10:48 GMT
Content-Type: text/plain charset=UTF-8
Content-Length: 0
Connection: close
Access-Control-Allow-Origin: https://56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Kwanko-Content-Type,X-Kwanko-Sdk-Version,X-KWKunijs-Debug,X-KWKunijs-Version
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Max-Age: 1728000

POST
H/1.1 200
OK trk.php Show response
action.metaffiliation.com/ Frame 031C 818 B
3 KB 75ms
25ms Fetch
application/json 95.131.136.1
OXALIDE

General

Check archive.org

Show headers Download Go to

Full URL: https://action.metaffiliation.com/trk.php
Requested by: Host: img.metaffiliation.com
URL: https://img.metaffiliation.com/na/na/res/trk/script.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.131.136.1 , France, ASN47841 (OXALIDE, FR),
Reverse DNS: front.netaffiliation.net
Software: nginx /
Resource Hash: bb43b77d1593278ea5d108bc33e6ef5b3a903e52eeff5018213b440fb82445da

Request headers

x-kwanko-sdk-version: web-1.16
Referer: https://56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com/
x-kwanko-content-type: application/json
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryB07gQxyjhG9VRAVm

Response headers

Date: Thu, 25 Nov 2021 08:10:48 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR CUR ADMa PSAa OUR IND NAV COM",policyref="http://www.netaffiliation.com/w3c/p3p.xml"
X-TRK-D: 0.0051620006561279
Connection: close
Pragma: no-cache
X-TRK-PROC: 73241
Last-Modified: Thu, 25 Nov 2021 08:10:48 GMT
Server: nginx
X-TRK-DECISION: 2
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: https://56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
X-Robots-Tag: noindex
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Kwanko-Content-Type,X-Kwanko-Sdk-Version,X-KWKunijs-Debug,X-KWKunijs-Version
X-TRK-SRV: 9

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 031C 43 B
947 B 70ms
19ms Image
image/gif 85.14.248.91
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=8&extPu=esprit-dcm&extLi=25444971&extPm=319075961&extCr=&rnd=%n&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_312}

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

85.14.248.91 Kamp-Lintfort, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
Pragma: no-cache
X-ET-Code: 0
Last-Modified: Do, 25 Nov 2021 08:10:48 GMT
Server: Microsoft-IIS/8.5
Date: Thu, 25 Nov 2021 08:10:47 GMT
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 1788
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 img_5_1_1.gif
img.metaffiliation.com/12/73241/ Frame 031C 8 KB
7 KB 10ms
10ms Image
image/gif 192.229.220.129
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.metaffiliation.com/12/73241/img_5_1_1.gif
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.220.129 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FE7) /
Resource Hash: a2b3c5cd0c329c390fe6c10f7f4d3e83f67fc81657ebe7daebb89ee6821cc738

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Thu, 25 Nov 2021 08:10:48 GMT
content-encoding: gzip
last-modified: Thu, 04 Nov 2021 08:57:40 GMT
server: ECAcc (frc/8FE7)
age: 3367
etag: "6183a084-1e58"
vary: Accept-Encoding
x-cache: HIT
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=600, s-maxage=3600
accept-ranges: bytes
content-length: 7502

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.zargan.com/	1970-01-20 16:28:19	Name: _ga Value: GA1.2.2040649749.1637827846
.zargan.com/	1970-01-19 22:58:34	Name: _gid Value: GA1.2.1825924363.1637827846
.zargan.com/	1970-01-19 22:57:07	Name: _gat Value: 1
.doubleclick.net/	1970-01-20 08:18:43	Name: IDE Value: AHWqTUnE7HiZwCXmxzlYtksYuExYmKfs_jrGvEcPMtDaFFewupHZA0Tj3-QVA9-KZGg
.doubleclick.net/	1970-01-19 22:57:11	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-19 22:57:08	Name: test_cookie Value: CheckForPermission
.zargan.com/	1970-01-20 08:18:43	Name: __gads Value: ID=ecd2c0872f814956-229342a9f6cb004f:T=1637827846:S=ALNI_Mb0U_481Ho82YTygvZcdSgeQUHy7Q
.mathtag.com/	1970-01-20 07:42:43	Name: uuid Value: 3bbf619f-4507-4401-9fe4-0b92278b0dd4
.awin1.com/	1970-01-19 23:07:12	Name: awpv14098 Value: 296283\|1637827847\|31fe9000-4dc7-11ec-b06a-226397119453
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 379097:2519595
.metaffiliation.com/	1970-01-20 00:23:31	Name: neta_ssc Value: 60d0f3l0gqu8tn42v4iq7qzdw8by
.metaffiliation.com/	1969-12-31 23:59:59	Name: netases_ssc Value: 60d0f3l0gqu8tn42v4iq7qzdw8by
.medialead.de/	1970-01-20 07:42:43	Name: trscj Value: MTYzNzgyNzg0N3xMM1J5WTJzdlpYQjJMMlU1T1dGaFkyVTVOR1UyWlRVNE56TTRPREZrTXpRd01EazVNMlV4WlRkbFAzTjFZbWxrUFRjNE5EQTFOREF3TURNMk5URXdOakF3T1RVeE16a3pNREV4TnpnNU1ERTVKblE5YUhSc2NBPT18YUhSMGNITTZMeTgxTm1KallUUTFabVE1WWpaaU1EZ3dObUU0WlRnMFpEWXlOVFF5WW1RMlppNXpZV1psWm5KaGJXVXVaMjl2WjJ4bGMzbHVaR2xqWVhScGIyNHVZMjl0THc9PQ%3D%3D
m.exactag.com/	1970-01-20 01:06:43	Name: exactag_new_gk Value: 78da82214018477db418846bd653f3c6%7c24.01.2022+08%3a10%3a47
m.exactag.com/	1970-01-20 03:16:19	Name: exactag_new_uk Value: 3977047fb3ab49e4b824b49d7093ff4e%7c
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: 7eb6741bc03a4842bf76d828
pb.media01.eu/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 03rybjoeu5zem1rutf2czgxa
pb.media01.eu/	1970-01-20 16:28:19	Name: DTU Value: F6F175C5D77F398193FD7D98F599BD42
.metaffiliation.com/	1970-01-20 00:23:31	Name: kwknc_ssc Value: ds511e19571c9f151-Nzg0MDU0MDAwMzY1MTA2MDA5NTEzOTMwMTE3ODkwMTk%3D
.metaffiliation.com/	1969-12-31 23:59:59	Name: kwkncses_ssc Value: ds511e19571c9f151-Nzg0MDU0MDAwMzY1MTA2MDA5NTEzOTMwMTE3ODkwMTk%3D

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.ampproject.org/rtv/012111011823000/v0/amp-ad-exit-0.1.mjs(Line 2) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

56bca45fd9b6b0806a8e84d62542bd6f.safeframe.googlesyndication.com
5994599.fls.doubleclick.net
action.metaffiliation.com
ad-server.eu
adservice.google.com
adservice.google.de
cdn.ampproject.org
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900019.redintelligence.net
img.metaffiliation.com
m.exactag.com
medialead.de
pagead2.googlesyndication.com
pb.media01.eu
pixel.mathtag.com
pv.medialead.de
s0.2mdn.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tags.mathtag.com
tpc.googlesyndication.com
www.awin1.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.zargan.com
zargan.com
104.111.239.217
142.250.185.98
144.76.104.53
145.239.193.130
172.217.18.102
185.29.134.249
192.229.220.129
2.18.233.201
2606:4700:3034::6815:2f22
2606:4700:3035::ac43:902e
2a00:1450:4001:803::2002
2a00:1450:4001:809::2002
2a00:1450:4001:810::2002
2a00:1450:4001:810::2004
2a00:1450:4001:810::2006
2a00:1450:4001:811::2001
2a00:1450:4001:812::2001
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:827::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:830::200e
2a00:1450:400c:c0a::9a
54.76.176.197
78.46.90.238
85.14.248.91
88.198.250.30
94.23.99.218
95.131.136.1
04c84d467cf8ac1b1a82cb8644f8da047a9018405acf3881534c97d7d801dc6d
06b6e80da8e0637bf48fcd9672fc1578449c531c242638f22fb77ce7d4e281cc
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0ec4e0295f86b2142b8996e03d4195888843b50d1954d7e248341da032b7ebba
10d1a23527be59be6b6aa52138b6952b80767910e27473712c7a1d8242fed31d
160240f027c89d68b52cb4a19f3a038dc88610bb1b70c044ebe9bf1c2f3449b8
1b42c813e395f848e5b9a0365007449e3110781992f7699fbdfb072f2e20c393
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1e588ad70dde0f67bed16971eba008f0a6865dadc9565685eca7e57b3a69f453
1e5a886321d0e00c13f7abff03ca39fd782f42997fd34bcbf4fc93718f3670cc
21be9916946d5ceea476fe65e18fcdc7ca99f0338993d17a33d8b761316dfedc
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2808a2b987c82ece4c20f912c8c81461c4c1dacb61b643bc28fd86b0810496ff
2d43c04a2d2f68039cedc241e492503a5e0d93a2cafb3be130993b3e3dfd8d4a
2ddefcdc9f260c5ffeb93fed110fe9d929028226f9a2d8a4934ea52b546e9640
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27
316245b467c8fc69e0dfbc8baeb1445f610964a3e2c7899a4c10529ef74675ad
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
3c6ba7cb9d478cca5b9d2792cddbe436ba03ded10bad0fe31986c34b5e1d30ff
3d76ab4ac854cafef51bbbb5177ea75816df90e3c775294991a016404f2b6bb5
3eee78aaf4f9dc8d0d36d3dddbaad9094ace5d91611f9aee6fe0b44b0ed46ccc
4ae87c75dbcc83d62529d83fd8517893b6c298db6d5ca73707a07112428d7d7b
4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4fb9044d9f78c5a5d4d49b38bd52a5391906ec445ca218aab49762daf3f283f0
518ee4ec1256eec9418168f030d5bf234b9532731142b293726d1e287c3ce9a2
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5d2f6b3cd3e286d0d91ec7fb1ca90ac0f7aadd68e799998e79542263bd96585b
65f6185cfe1cf88fa7981160dd6fa443e111887215b72953718ea70f8e2ba9f2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bf1c54888e791dea8bec193c0a891e6d2309a7f1b5b54c368bb696cd1f595cb
72d78926ec426a6d5822fc211b04e3865571b443af6b0f413b6ed26a94c6620e
7c22b007743a09ec0ad5931edb3cc96fa88009586b10e0d3c502eeca52fbb183
7cd5ddcc3887c6bfbf91079460c04f4e65ecfb7878caaf7a82109f7045db02ce
8aa335ad864ac08058c857f05f31cc4c1853a014859bd8ebff6d2a54e05813e8
91988240567f1c52608ae9e9d256e4692af02f7657afb2377da796f835a636f3
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
93f0a0039e82a3a08481a1cd29195e361ba2e70d8bef388a909c11eab1754098
94aecf77b07e1fff7205a23f352b215383978a661ecc5bb51e616e35750b39ef
984dcdcc4d2091059cb59721828565af960dd4b658c143b775e0a42fe46c4748
98ba8f881333898d751dabe4f8b4cacc4489a9f5b6b4fd1fc67c571dbfec95cf
9a630b852e94f20cb8140704fd830bf40bfea0a2effaa67d06a0eadafbf3d508
9aa0b71ebc5dbd7bc6e2b78a35165da76987cc8e5b6f15b59c90d625be824083
9cf9f2f30286cc23d6cd7df71e51e2ed60655d35f13afe9654801c4ad31c46c0
9e97fc43ecd2f16948c3a8d2de65e0e5483db4ed5ab174058c178ca1c8665d0b
9fda66a08de97011813205fa7931599e27d8750b0b42d2c8f51d9efc5ac1ea33
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2b3c5cd0c329c390fe6c10f7f4d3e83f67fc81657ebe7daebb89ee6821cc738
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5aa3ebfb8e3a3e4fb5c31f8abf598f3e85d3a7e12fd2a703442c24133d23fcf
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ac62dd02fedcf0574fb041b902844f9330648335b3e57d12d61b3ca5580cd78a
ad246d47536dacf0256646042ec184678bfc630fcb638d9199bd66cf8cb5e457
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aee9531937c1335a3511968541e307af835935d562530ef3e3d1b44db5c4329b
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b48f2e025fc91e265f2c27ad6ee03f73527eb219036c9c68ab8de7d0fce23738
b9c04e9bb079213fdbf3c88514359fec40efcc267f830ced5eef327eea09096a
bb43b77d1593278ea5d108bc33e6ef5b3a903e52eeff5018213b440fb82445da
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
c3292eff1c81c535d11651c53c1446c76072fe01ca9cec5a0e5833f9ad6d2c38
c83af888ece30e28edec6faee6cb9dcaf54009d58e2ada900d5dbb532b65f096
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d13d7014237494e1c4f46c9c5793a20a5696a3f0d1d6ccd631b3e6d419631e5d
d8f46ac3d104bdbf86ddd70c7c24fa54a23823a88b00f1c07d95b05cd5ff52b0
da42a553221af53faa2e2140af0e03ff721c98bc32a6bf88b9c636d304954857
db5f411f7205ec2bbbc73f359461682f01f5dab26cebfa18c2c3cdebefa4d38c
de71191eb004fe508d205532538f358f69cb17960aee5419a371c8d0f6c0189d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7907336273196ef7b66c3c9377e5958d4c7e9691de3e67dca3a803138344a00
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

www.zargan.com Open in urlscan Pro 2606:4700:3034::6815:2f22 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

92 Requests

97 %HTTPS

53 %IPv6

19 Domains

30 Subdomains

29 IPs

6 Countries

1078 kBTransfer

2336 kBSize

20 Cookies

7 Outgoing links

Page URL History

Redirected requests

92 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.zargan.com Open in urlscan Pro
2606:4700:3034::6815:2f22 Public Scan

Screenshot
Live screenshot

Full Image

92
Requests

97 %
HTTPS

53 %
IPv6

19
Domains

30
Subdomains

29
IPs

6
Countries

1078 kB
Transfer

2336 kB
Size

20
Cookies

92 HTTP transactions
1 data transactions