zaloweb.me Open in urlscan Pro
45.76.180.219 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://zaloweb.me/
Submission: On July 08 via automatic, source chongluadao (July 8th 2022, 5:00:57 pm UTC) — Scanned from DE

Summary HTTP 165 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 26 IPs in 6 countries across 16 domains to perform 165 HTTP transactions. The main IP is 45.76.180.219, located in Singapore, Singapore and belongs to AS-CHOOPA, US. The main domain is zaloweb.me. The Cisco Umbrella rank of the primary domain is 529031.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 18th 2022. Valid for: a year.

This is the only time zaloweb.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
50	45.76.180.219 45.76.180.219	20473 (AS-CHOOPA) (AS-CHOOPA)
3	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	120.138.69.11 120.138.69.11	38244 (VINAGAME-...) (VINAGAME-AS-VN VNG Corporation)
2	151.139.242.29 151.139.242.29	33438 (STACKPATH) (STACKPATH)
3	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c1b::9a	15169 (GOOGLE) (GOOGLE)
1	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
1 24	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:1::4 2a02:2638:1::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
7	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:9000:21f... 2600:9000:21f3:a600:1e:a43d:b640:93a1	16509 (AMAZON-02) (AMAZON-02)
1	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 5	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
9	178.250.0.139 178.250.0.139	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.162 178.250.0.162	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
165	26

50 45.76.180.219 (Singapore, Singapore)

ASN20473 (AS-CHOOPA, US)
PTR: 45.76.180.219.vultrusercontent.com

zaloweb.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 120.138.69.11 (Viet Nam)

ASN38244 (VINAGAME-AS-VN VNG Corporation, VN)
PTR: ptr.vng.vn

stc-zaloprofile.zdn.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.139.242.29 (United States)

ASN33438 (STACKPATH, US)

images.dmca.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

mts0.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:a600:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)

secure-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.162 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	zaloweb.me zaloweb.me — Cisco Umbrella Rank: 529031	2 MB
38	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 120 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	501 KB
18	criteo.net static.criteo.net — Cisco Umbrella Rank: 606 pix.eu.criteo.net — Cisco Umbrella Rank: 6881 csm.eu.criteo.net — Cisco Umbrella Rank: 7033	35 KB
16	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 stats.g.doubleclick.net — Cisco Umbrella Rank: 119	151 KB
9	gstatic.com www.gstatic.com fonts.gstatic.com	124 KB
9	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 92 mts0.google.com — Cisco Umbrella Rank: 5221 www.google.com — Cisco Umbrella Rank: 8	62 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 179	212 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 71	4 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49 region1.google-analytics.com — Cisco Umbrella Rank: 2733	20 KB
3	criteo.com rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 10664 ads.eu.criteo.com — Cisco Umbrella Rank: 7052 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 8884	59 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 7751	1 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 89	178 KB
2	dmca.com images.dmca.com — Cisco Umbrella Rank: 12231	6 KB
1	imrworldwide.com secure-gl.imrworldwide.com — Cisco Umbrella Rank: 1303	688 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 867	644 B
1	zdn.vn stc-zaloprofile.zdn.vn — Cisco Umbrella Rank: 235759	3 KB
165	16

	Domain	Requested by
50	zaloweb.me	zaloweb.me
24	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
15	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net zaloweb.me
14	pagead2.googlesyndication.com	zaloweb.me pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
9	pix.eu.criteo.net	ads.eu.criteo.com
7	static.criteo.net	ads.eu.criteo.com
6	www.gstatic.com	googleads.g.doubleclick.net
5	www.google.com	2 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
5	www.googletagservices.com	googleads.g.doubleclick.net
5	fonts.googleapis.com	googleads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com zaloweb.me
3	www.googletagmanager.com	zaloweb.me www.googletagmanager.com
2	csm.eu.criteo.net	ads.eu.criteo.com
2	images.dmca.com	zaloweb.me
1	cat.nl.eu.criteo.com	ads.eu.criteo.com
1	secure-gl.imrworldwide.com	ads.eu.criteo.com
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	rtb.nl.eu.criteo.com	zaloweb.me
1	mts0.google.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	region1.google-analytics.com	www.googletagmanager.com
1	stc-zaloprofile.zdn.vn	zaloweb.me
165	26

This site contains links to these domains. Also see Links.

Domain
chat.zalo.me
www.dmca.com

Subject Issuer	Validity	Valid
zaloweb.me Sectigo RSA Domain Validation Secure Server CA	`2022-04-18` - `2023-04-18`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
*.zdn.vn DigiCert TLS RSA SHA256 2020 CA1	`2021-08-06` - `2022-09-06`	a year	crt.sh
images.dmca.com Go Daddy Secure Certificate Authority - G2	`2022-03-11` - `2023-03-29`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-05-22` - `2022-08-24`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-05-27` - `2022-08-25`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-21` - `2022-09-23`	3 months	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-04` - `2023-02-03`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-06-20` - `2022-09-12`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-12` - `2022-09-12`	3 months	crt.sh

This page contains 17 frames:

Primary Page: https://zaloweb.me/
Frame ID: 1CECB88EF78FE2EA430EB99A84352E82
Requests: 74 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220630/r20190131/zrt_lookup.html
Frame ID: B5F4139E419811C03FF6A20FD1304834
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5801112700479829&output=html&adk=1812271804&adf=3025194257&lmt=1657299649&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fzaloweb.me%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657299649288&bpp=2&bdt=1074&idt=100&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=852629487445&frm=20&pv=2&ga_vid=1174626436.1657299649&ga_sid=1657299649&ga_hid=441807809&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068331%2C44768688%2C31064018&oid=2&pvsid=545393740193883&tmod=1787055019&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=113
Frame ID: 1E43152332C105AD9A41DA6A9FABA4AD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5801112700479829&output=html&h=280&slotname=1598731556&adk=3047136366&adf=812349285&pi=t.ma~as.1598731556&w=1120&fwrn=4&fwrnh=100&lmt=1657299649&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Fzaloweb.me%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657299649290&bpp=1&bdt=1076&idt=115&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=852629487445&frm=20&pv=1&ga_vid=1174626436.1657299649&ga_sid=1657299649&ga_hid=441807809&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068331%2C44768688%2C31064018&oid=2&pvsid=545393740193883&tmod=1787055019&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=W0FXLUquju&p=https%3A//zaloweb.me&dtd=120
Frame ID: B7E3E2C1F42B00D34FD0DC3DF89AA123
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5801112700479829&output=html&h=600&slotname=9113799071&adk=3890572698&adf=943920009&pi=t.ma~as.9113799071&w=160&lmt=1657299649&psa=0&format=160x600&url=https%3A%2F%2Fzaloweb.me%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657299649593&bpp=2&bdt=1379&idt=2&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daa1599fc633ddacc-220496d0c8cd0072%3AT%3D1657299649%3ART%3D1657299649%3AS%3DALNI_MZuUj3wfl5UKxcuqTd4vqQybwY35w&prev_fmts=0x0%2C1120x280&nras=1&correlator=852629487445&frm=20&pv=1&ga_vid=1174626436.1657299649&ga_sid=1657299649&ga_hid=441807809&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=32&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068331%2C44768688%2C31064018&oid=2&pvsid=545393740193883&tmod=1787055019&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IdZdmOizlQ&p=https%3A//zaloweb.me&dtd=11
Frame ID: 466326614D1E352D8AF220B4A4F5A500
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5801112700479829&output=html&h=600&slotname=9113799071&adk=3890572698&adf=2347765671&pi=t.ma~as.9113799071&w=160&lmt=1657299649&psa=0&format=160x600&url=https%3A%2F%2Fzaloweb.me%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657299649606&bpp=1&bdt=1392&idt=1&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daa1599fc633ddacc-220496d0c8cd0072%3AT%3D1657299649%3ART%3D1657299649%3AS%3DALNI_MZuUj3wfl5UKxcuqTd4vqQybwY35w&prev_fmts=0x0%2C1120x280%2C160x600&nras=1&correlator=852629487445&frm=20&pv=1&ga_vid=1174626436.1657299649&ga_sid=1657299649&ga_hid=441807809&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1430&ady=32&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068331%2C44768688%2C31064018&oid=2&pvsid=545393740193883&tmod=1787055019&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=r03ziupTQG&p=https%3A//zaloweb.me&dtd=5
Frame ID: 4B5FF8D38CBC3E9BCB9D8C0CCB451B28
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220630/r20110914/zrt_lookup.html?fsb=1
Frame ID: BB718CD75E22C24C27DC24FF4B76E574
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220630/r20110914/zrt_lookup.html?fsb=1
Frame ID: 0C90DC412243D2F2CAAF96307C6EAA22
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YshiwQAGzSQK7egcAAJPzdxfXDA8U8nGBweyxA&u=%7C2G6cqCV0O7fBzgO5MGraYm0M%2FQVW1LjWCOPfBP33YqY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANddNRPYHnj5tZXpmi0sBbULWFKMhQHkrqTNGYx3MXGSihig_FO5no5fLKRzJbYdWHBI3gLuju_RKz-Wh9N_ShHZCCylNhJii5Vo9mjzZgI7ATMlF1rPi843_QOXNLVx8woR2Esat7ZAw5lqDncvpugssJ8dXb8HvSRyPB9qYlAKQPcD11hRO7wM-ThivY4m1cCsOq5qhNQ9Js43uAC2mw8we07jtQ-ZaS5oTo7fyWUABsn2MG2elPFhTOjSx_sqmdRxLxKtpH_LMv_V1ps3-PBD-hOcTTljO-UwPlx6CBRXMXN575uO4iI2leB6FuzfsqDZfkAckWZXxjmUMjDvuZEia53pipywCx5s2vgtADw5xDFqnUoIDA6U5gnBSsjTT-1qpNgvQez0ERTgzBGiT5PLP6HHwIhZ62Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqsGAwWLIYqSaG5zQtwfNn4nYC8me0rFczfHi3YgBwI23ARABIABglZKhgrAHggEXY2EtcHViLTU4MDExMTI3MDA0Nzk4MjmgAdW20uoDyAEJqQK1HYyX1QSxPqgDAaoEvQFP0OWwvHBkBc97veuONkDQMJOrFJBJQcDHpeuo38eCHkQ-BCQV4ppjBWBgnASd5fZY6bNB0D9hb22PAiRCuN5Qgbf66ivPMuUjRzm_SisuUNjwNLkwIvaRJTvaahkv1ULzMBY8Y8790ChDvxOhrTcQHnuwvBtaENTIdpsj_JtB4u_-tz9tApmbTIdocfgnNB5RHfsQPaQNqKSf_AVPVb5hIwhs4NYL8nNs2jTYDdDI8cvHNDPSYvjiHgZSm6OABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2KW5hSIzmOxG2gNZ2vV3QT_Bi0tw%26client%3Dca-pub-5801112700479829%26adurl%3D
Frame ID: 86DF9B77D140CBEBABDE3E6D33495566
Requests: 21 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C500
Frame ID: 5048139F9D874F036D48AC4B4B14317B
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ScuHrLJSuMz-P8UpD_WVXyUZt188tH6pyCCWmvqBSxI.js
Frame ID: AF638831058D71500C020B7221723F3D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8C05A9756989F4D7C6226D27CB3772C5
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ScuHrLJSuMz-P8UpD_WVXyUZt188tH6pyCCWmvqBSxI.js
Frame ID: 1012377C34B3B28E5A57B7D5E6ACD076
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8330C3C966DBD7DFF2A66DD8B7BFDA9E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ScuHrLJSuMz-P8UpD_WVXyUZt188tH6pyCCWmvqBSxI.js
Frame ID: 1A721768F9EF6B05239368ABA90CB949
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7AC2A77F29ACFE24427C2C0F74E02E28
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 575AB54B1FF383BB4415AE452D335C9D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Zalo Web | Đăng nhập tài khoản Zalo | Chat.Zalo.me

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

165
Requests

99 %
HTTPS

72 %
IPv6

16
Domains

26
Subdomains

26
IPs

6
Countries

3512 kB
Transfer

6009 kB
Size

7
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://chat.zalo.me/
Title: Dùng Bản Web

Search URL Search Domain Scan URL

URL: https://www.dmca.com/Protection/Status.aspx?ID=91606bcc-84a1-4bea-adbf-74ec7d3c5d48&refurl=https://zaloweb.me/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 116

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 151

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnj86ZywEQ9AMY9AMyCGN8MsJOAEwL HTTP 301
https://tpc.googlesyndication.com/simgad/4091503581208051288

Request Chain 157

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

165 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
zaloweb.me/ 99 KB
22 KB 1807ms
652ms Document
text/html 45.76.180.219
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://zaloweb.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.76.180.219 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.180.219.vultrusercontent.com

Software

HOSTVN.NET /

Resource Hash

56005ece39a5a8664cfda4dfe8e3782a1f2d00b0173ef129e5d29b5b620829b1

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 08 Jul 2022 17:00:47 GMT
link: <https://zaloweb.me/wp-json/>; rel="https://api.w.org/" <https://zaloweb.me/wp-json/wp/v2/pages/810>; rel="alternate"; type="application/json" <https://zaloweb.me/>; rel=shortlink
referrer-policy: no-referrer-when-downgrade
server: HOSTVN.NET
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
vary: Accept-Encoding
x-content-type-options: "nosniff" always
x-xss-protection: "1; mode=block" always

GET
H2 200 style.min.css
zaloweb.me/wp-includes/css/dist/block-library/ 87 KB
11 KB 401ms
399ms Stylesheet
text/css 45.76.180.219
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://zaloweb.me/wp-includes/css/dist/block-library/style.min.css?ver=6.0

Requested by

Host: zaloweb.me
URL: https://zaloweb.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.76.180.219 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.180.219.vultrusercontent.com

Software

HOSTVN.NET /

Resource Hash

d678ab3b4e7dddf5615012cc1a930e50dfbc967181b8fbeb1b98d61549f5ed08

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zaloweb.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:48 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 25 May 2022 03:59:01 GMT
server: HOSTVN.NET
etag: W/"628da985-15b26"
vary: Accept-Encoding
content-type: text/css
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
expires: Sat, 08 Jul 2023 17:00:48 GMT

GET
H2 200 style.min.css
zaloweb.me/wp-content/plugins/easy-table-of-contents/vendor/icomoon/ 438 B
630 B 417ms
415ms Stylesheet
text/css 45.76.180.219
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://zaloweb.me/wp-content/plugins/easy-table-of-contents/vendor/icomoon/style.min.css?ver=2.0.17

Requested by

Host: zaloweb.me
URL: https://zaloweb.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.76.180.219 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.180.219.vultrusercontent.com

Software

HOSTVN.NET /

Resource Hash

b88fca268e1352a0922f301c6b88f0499606c01faa8d0718de11a8153a5edc3a

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zaloweb.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:48 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 09 Jan 2022 19:47:26 GMT
server: HOSTVN.NET
etag: W/"61db3bce-1b6"
vary: Accept-Encoding
content-type: text/css
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
expires: Sat, 08 Jul 2023 17:00:48 GMT

GET
H2 200 screen.min.css
zaloweb.me/wp-content/plugins/easy-table-of-contents/assets/css/ 5 KB
2 KB 417ms
416ms Stylesheet
text/css 45.76.180.219
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://zaloweb.me/wp-content/plugins/easy-table-of-contents/assets/css/screen.min.css?ver=2.0.17

Requested by

Host: zaloweb.me
URL: https://zaloweb.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.76.180.219 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.180.219.vultrusercontent.com

Software

HOSTVN.NET /

Resource Hash

22af5d3bf749542c2d95975186991b7b8c1e0766449c3fdeab55d57eb0d1ffdc

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zaloweb.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:48 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 09 Jan 2022 19:47:26 GMT
server: HOSTVN.NET
etag: W/"61db3bce-13ef"
vary: Accept-Encoding
content-type: text/css
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
expires: Sat, 08 Jul 2023 17:00:48 GMT

GET
H2 200 font-awesome.css
zaloweb.me/wp-content/themes/zalotheme/assets/css/ 35 KB
7 KB 464ms
462ms Stylesheet
text/css 45.76.180.219
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://zaloweb.me/wp-content/themes/zalotheme/assets/css/font-awesome.css?ver=6.0

Requested by

Host: zaloweb.me
URL: https://zaloweb.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.76.180.219 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.180.219.vultrusercontent.com

Software

HOSTVN.NET /

Resource Hash

e2a387f6a7cdac265c90c59daa4f30eeb1d183b8bcce4858384ab51d33c94533

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zaloweb.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:48 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 08 Jan 2022 14:02:10 GMT
server: HOSTVN.NET
etag: W/"61d99962-8d64"
vary: Accept-Encoding
content-type: text/css
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
expires: Sat, 08 Jul 2023 17:00:48 GMT

GET
H2 200 genericons.css
zaloweb.me/wp-content/themes/zalotheme/genericons/genericons/ 28 KB
16 KB 567ms
566ms Stylesheet
text/css 45.76.180.219
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://zaloweb.me/wp-content/themes/zalotheme/genericons/genericons/genericons.css?ver=6.0

Requested by

Host: zaloweb.me
URL: https://zaloweb.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.76.180.219 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.180.219.vultrusercontent.com

Software

HOSTVN.NET /

Resource Hash

4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zaloweb.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:48 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 08 Jan 2022 14:02:10 GMT
server: HOSTVN.NET
etag: W/"61d99962-6e6a"
vary: Accept-Encoding
content-type: text/css
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
expires: Sat, 08 Jul 2023 17:00:48 GMT

GET
H2 200 style.css
zaloweb.me/wp-content/themes/zalotheme/ 71 KB
14 KB 725ms
723ms Stylesheet
text/css 45.76.180.219
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://zaloweb.me/wp-content/themes/zalotheme/style.css?ver=20211101

Requested by

Host: zaloweb.me
URL: https://zaloweb.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.76.180.219 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.180.219.vultrusercontent.com

Software

HOSTVN.NET /

Resource Hash

5d5110899c37bdf3c0332d865e03fab7c745c54605be4c4635676257e753251e

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zaloweb.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:48 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 29 Mar 2022 08:01:27 GMT
server: HOSTVN.NET
etag: W/"6242bcd7-11ac6"
vary: Accept-Encoding
content-type: text/css
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
expires: Sat, 08 Jul 2023 17:00:48 GMT

GET
H2 200 responsive.css
zaloweb.me/wp-content/themes/zalotheme/ 7 KB
2 KB 725ms
724ms Stylesheet
text/css 45.76.180.219
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://zaloweb.me/wp-content/themes/zalotheme/responsive.css?ver=20211101

Requested by

Host: zaloweb.me
URL: https://zaloweb.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.76.180.219 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.180.219.vultrusercontent.com

Software

HOSTVN.NET /

Resource Hash

e01dc769afcc206d1b637bae0d1225eba73e1bdfbcb197dd15fcebcab02a5c26

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zaloweb.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:48 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 09 Jan 2022 14:15:46 GMT
server: HOSTVN.NET
etag: W/"61daee12-1c9c"
vary: Accept-Encoding
content-type: text/css
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
expires: Sat, 08 Jul 2023 17:00:48 GMT

GET
H2 200 jquery.min.js Show response
zaloweb.me/wp-includes/js/jquery/ 87 KB
30 KB 725ms
724ms Script
application/javascript 45.76.180.219
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://zaloweb.me/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Requested by

Host: zaloweb.me
URL: https://zaloweb.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.76.180.219 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.180.219.vultrusercontent.com

Software

HOSTVN.NET /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zaloweb.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:48 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 10 Mar 2021 13:37:24 GMT
server: HOSTVN.NET
etag: W/"6048cb94-15db1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
expires: Sat, 08 Jul 2023 17:00:48 GMT

GET
H2 200 jquery-migrate.min.js Show response
zaloweb.me/wp-includes/js/jquery/ 11 KB
4 KB 725ms
724ms Script
application/javascript 45.76.180.219
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://zaloweb.me/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Host: zaloweb.me
URL: https://zaloweb.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.76.180.219 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.180.219.vultrusercontent.com

Software

HOSTVN.NET /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zaloweb.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:48 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 18 Nov 2020 07:36:06 GMT
server: HOSTVN.NET
etag: W/"5fb4cee6-2bd8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
expires: Sat, 08 Jul 2023 17:00:48 GMT

GET
H2 200 vinahi.js Show response
zaloweb.me/wp-content/themes/zalotheme/assets/js/ 2 KB
1 KB 929ms
928ms Script
application/javascript 45.76.180.219
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://zaloweb.me/wp-content/themes/zalotheme/assets/js/vinahi.js?ver=1

Requested by

Host: zaloweb.me
URL: https://zaloweb.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.76.180.219 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.180.219.vultrusercontent.com

Software

HOSTVN.NET /

Resource Hash

26730153fd8c70836fd92e5e8f1dc59b0773a64cf6170bc922aa188469ff978b

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zaloweb.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:48 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 09 Jan 2022 21:27:24 GMT
server: HOSTVN.NET
etag: W/"61db533c-9aa"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
expires: Sat, 08 Jul 2023 17:00:48 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 193 KB
69 KB 62ms
30ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HPF8C9L884

Requested by

Host: zaloweb.me
URL: https://zaloweb.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

83d858c34f34d68fa91ca1132ee06334b28ca88dcd9497378016697f77834e5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zaloweb.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:49 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70510
x-xss-protection: 0
expires: Fri, 08 Jul 2022 17:00:49 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 164 KB
56 KB 58ms
26ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5801112700479829

Requested by

Host: zaloweb.me
URL: https://zaloweb.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

691ea4f82b9612fc33cd8a5663df6c2b2d4d1653b18929955231a678b1f6a6d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zaloweb.me/
Origin: https://zaloweb.me
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56575
x-xss-protection: 0
server: cafe
etag: 4518704473072258546
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 08 Jul 2022 17:00:49 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 103 KB
40 KB 54ms
23ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-205127614-1

Requested by

Host: zaloweb.me
URL: https://zaloweb.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2e9e8d9c99899d98b2c65d2ea9c9b2563d61f3274bdb603eb6ad417897da9dc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zaloweb.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:49 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40355
x-xss-protection: 0
last-modified: Fri, 08 Jul 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 08 Jul 2022 17:00:49 GMT

GET
H2 200 ads.js Show response
zaloweb.me/wp-content/themes/zalotheme/inc/ads/ 2 KB
1 KB 930ms
929ms Script
application/javascript 45.76.180.219
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://zaloweb.me/wp-content/themes/zalotheme/inc/ads/ads.js

Requested by

Host: zaloweb.me
URL: https://zaloweb.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.76.180.219 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.180.219.vultrusercontent.com

Software

HOSTVN.NET /

Resource Hash

cbf38ac781f121a33e4e62e55a3abb8ddc3fa0857ec609b8d17fc4d702d6e9fd

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zaloweb.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:48 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Jun 2022 17:32:18 GMT
server: HOSTVN.NET
etag: W/"62b200a2-83c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
expires: Sat, 08 Jul 2023 17:00:48 GMT

GET
H2 200 logo-zaloweb.png
zaloweb.me/wp-content/uploads/2022/01/ 15 KB
15 KB 468ms
463ms Image
image/png 45.76.180.219
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zaloweb.me/wp-content/uploads/2022/01/logo-zaloweb.png

Requested by

Host: zaloweb.me
URL: https://zaloweb.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.76.180.219 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.180.219.vultrusercontent.com

Software

HOSTVN.NET /

Resource Hash

9ffceef9e6206bb7905a36647ba3ade0ce970406b1a9fc43e4c03cff9ee5c35c

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zaloweb.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:49 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 08 Jan 2022 19:10:10 GMT
server: HOSTVN.NET
etag: "61d9e192-3b35"
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
content-type: image/png
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 15157
x-content-type-options: "nosniff" always
expires: Sat, 08 Jul 2023 17:00:49 GMT

GET
H2 200 world.png
stc-zaloprofile.zdn.vn/pc/v1/images/ 3 KB
3 KB 903ms
186ms Image
image/png 120.138.69.11
VINAGAME-AS-VN VN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stc-zaloprofile.zdn.vn/pc/v1/images/world.png
Requested by: Host: zaloweb.me
URL: https://zaloweb.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 120.138.69.11 , Viet Nam, ASN38244 (VINAGAME-AS-VN VNG Corporation, VN),
Reverse DNS: ptr.vng.vn
Software: ZDN /
Resource Hash: d26c1785b866a18666adb61e39511c9a2bf3d08a8125489115e3e03bfbdc5a6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zaloweb.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:49 GMT
last-modified: Mon, 01 Nov 2021 11:23:38 GMT
server: ZDN
age: 3398790
etag: "617fce3a-b09"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 2825

GET
H2 200 zalo-web.png
zaloweb.me/wp-content/uploads/2021/08/ 190 KB
191 KB 505ms
500ms Image
image/png 45.76.180.219
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zaloweb.me/wp-content/uploads/2021/08/zalo-web.png

Requested by

Host: zaloweb.me
URL: https://zaloweb.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.76.180.219 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.180.219.vultrusercontent.com

Software

HOSTVN.NET /

Resource Hash

3505ed4811c3f04939a3026e417e58f8ff797ff4d3b7adc9381caaa06c38cc08

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zaloweb.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:49 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 16 Aug 2021 16:40:14 GMT
server: HOSTVN.NET
etag: "611a94ee-2f876"
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
content-type: image/png
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 194678
x-content-type-options: "nosniff" always
expires: Sat, 08 Jul 2023 17:00:49 GMT

GET
H2 200 phien-ban-zalo-web.jpg
zaloweb.me/wp-content/uploads/2022/01/ 64 KB
64 KB 725ms
720ms Image
image/jpeg 45.76.180.219
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zaloweb.me/wp-content/uploads/2022/01/phien-ban-zalo-web.jpg

Requested by

Host: zaloweb.me
URL: https://zaloweb.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.76.180.219 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.180.219.vultrusercontent.com

Software

HOSTVN.NET /

Resource Hash

3c038095f9c8e938d02b10873864c29a83cbace99675c2e6b6fdc18868a10d92

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zaloweb.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:49 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 09 Jan 2022 17:28:30 GMT
server: HOSTVN.NET
etag: "61db1b3e-fe41"
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
content-type: image/jpeg
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 65089
x-content-type-options: "nosniff" always
expires: Sat, 08 Jul 2023 17:00:49 GMT

GET
H2 200 world.png
zaloweb.me/wp-content/uploads/2022/01/ 3 KB
3 KB 725ms
720ms Image
image/png 45.76.180.219
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zaloweb.me/wp-content/uploads/2022/01/world.png

Requested by

Host: zaloweb.me
URL: https://zaloweb.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.76.180.219 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.180.219.vultrusercontent.com

Software

HOSTVN.NET /

Resource Hash

d26c1785b866a18666adb61e39511c9a2bf3d08a8125489115e3e03bfbdc5a6c

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zaloweb.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:49 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 08 Jan 2022 19:10:10 GMT
server: HOSTVN.NET
etag: "61d9e192-b09"
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
content-type: image/png
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 2825
x-content-type-options: "nosniff" always
expires: Sat, 08 Jul 2023 17:00:49 GMT

GET
H2 200 cach-dang-nhap-zalo-bang-web-thong-qua-so-dien-thoai-1.jpg
zaloweb.me/wp-content/uploads/2022/01/ 33 KB
34 KB 726ms
721ms Image
image/jpeg 45.76.180.219
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zaloweb.me/wp-content/uploads/2022/01/cach-dang-nhap-zalo-bang-web-thong-qua-so-dien-thoai-1.jpg

Requested by

Host: zaloweb.me
URL: https://zaloweb.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.76.180.219 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.180.219.vultrusercontent.com

Software

HOSTVN.NET /

Resource Hash

93732a65a282d2c6a73473c0cbad268ff4b4d7e3a97a432e09eb1c7726d43540

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zaloweb.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:49 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 09 Jan 2022 18:42:24 GMT
server: HOSTVN.NET
etag: "61db2c90-854d"
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
content-type: image/jpeg
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 34125
x-content-type-options: "nosniff" always
expires: Sat, 08 Jul 2023 17:00:49 GMT

GET
H2 200 xac-minh-ma-capcha-de-chac-chan-rang-ban-khong-phai-nguoi-may-khi-dang-nhap-zalo-bang-web.jpg
zaloweb.me/wp-content/uploads/2022/03/ 77 KB
78 KB 726ms
721ms Image
image/jpeg 45.76.180.219
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zaloweb.me/wp-content/uploads/2022/03/xac-minh-ma-capcha-de-chac-chan-rang-ban-khong-phai-nguoi-may-khi-dang-nhap-zalo-bang-web.jpg

Requested by

Host: zaloweb.me
URL: https://zaloweb.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.76.180.219 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.180.219.vultrusercontent.com

Software

HOSTVN.NET /

Resource Hash

de138897660debebc32922cb7d8cef8ecef5ca973e296c3dc8cd3dc15d6f995b

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zaloweb.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:49 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 18 Mar 2022 14:54:36 GMT
server: HOSTVN.NET
etag: "62349d2c-135b6"
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
content-type: image/jpeg
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 79286
x-content-type-options: "nosniff" always
expires: Sat, 08 Jul 2023 17:00:49 GMT

GET
H2 200 xac-minh-3-nguoi-trong-danh-sach-ban-be-truoc-khi-dang-nhap-zalo-on-web.jpg
zaloweb.me/wp-content/uploads/2022/03/ 53 KB
53 KB 726ms
721ms Image
image/jpeg 45.76.180.219
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zaloweb.me/wp-content/uploads/2022/03/xac-minh-3-nguoi-trong-danh-sach-ban-be-truoc-khi-dang-nhap-zalo-on-web.jpg

Requested by

Host: zaloweb.me
URL: https://zaloweb.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.76.180.219 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.180.219.vultrusercontent.com

Software

HOSTVN.NET /

Resource Hash

d5dc5b26a45586ee73700328d96f2a7b5479f9384afe58e75d50001991dae55c

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zaloweb.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:49 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 18 Mar 2022 14:58:57 GMT
server: HOSTVN.NET
etag: "62349e31-d3a2"
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
content-type: image/jpeg
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 54178
x-content-type-options: "nosniff" always
expires: Sat, 08 Jul 2023 17:00:49 GMT

GET
H2 200 bat-thong-bao-nhan-tin-cua-zalo-tren-google-chrome-coc-coc.jpg
zaloweb.me/wp-content/uploads/2022/03/ 75 KB
75 KB 726ms
721ms Image
image/jpeg 45.76.180.219
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zaloweb.me/wp-content/uploads/2022/03/bat-thong-bao-nhan-tin-cua-zalo-tren-google-chrome-coc-coc.jpg

Requested by

Host: zaloweb.me
URL: https://zaloweb.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.76.180.219 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.180.219.vultrusercontent.com

Software

HOSTVN.NET /

Resource Hash

2389d2246dc7ec3c980e03fe2a11ba23e042db1c7be46904434150839047f882

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zaloweb.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:49 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 18 Mar 2022 15:01:22 GMT
server: HOSTVN.NET
etag: "62349ec2-12abf"
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
content-type: image/jpeg
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 76479
x-content-type-options: "nosniff" always
expires: Sat, 08 Jul 2023 17:00:49 GMT

GET
H2 200 cach-dang-nhap-zalo-bang-web-thong-qua-so-dien-thoai.jpg
zaloweb.me/wp-content/uploads/2022/01/ 50 KB
51 KB 726ms
722ms Image
image/jpeg 45.76.180.219
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zaloweb.me/wp-content/uploads/2022/01/cach-dang-nhap-zalo-bang-web-thong-qua-so-dien-thoai.jpg

Requested by

Host: zaloweb.me
URL: https://zaloweb.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.76.180.219 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.180.219.vultrusercontent.com

Software

HOSTVN.NET /

Resource Hash

65e63628edcc22d458460336be3fb63e34ad44c3472e230269704190820250ba

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zaloweb.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:49 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 09 Jan 2022 18:37:16 GMT
server: HOSTVN.NET
etag: "61db2b5c-c8e2"
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
content-type: image/jpeg
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 51426
x-content-type-options: "nosniff" always
expires: Sat, 08 Jul 2023 17:00:49 GMT

GET
H2 200 cach-dang-nhap-zalo-web-bang-ma-qr-tren-dien-thoai.jpg
zaloweb.me/wp-content/uploads/2022/01/ 44 KB
44 KB 726ms
722ms Image
image/jpeg 45.76.180.219
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zaloweb.me/wp-content/uploads/2022/01/cach-dang-nhap-zalo-web-bang-ma-qr-tren-dien-thoai.jpg

Requested by

Host: zaloweb.me
URL: https://zaloweb.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.76.180.219 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.180.219.vultrusercontent.com

Software

HOSTVN.NET /

Resource Hash

ed9a5cb7e034e44cc398920cf1eb8fbcc955781040f68e5a2328fcf9a55c046b

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zaloweb.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:49 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 09 Jan 2022 19:02:22 GMT
server: HOSTVN.NET
etag: "61db313e-aeab"
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
content-type: image/jpeg
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 44715
x-content-type-options: "nosniff" always
expires: Sat, 08 Jul 2023 17:00:49 GMT

GET
H2 200 nhan-vao-nut-quet-ma-trong-ung-dung-zalo-tren-dien-thoai-cua-ban-1-scaled.jpg
zaloweb.me/wp-content/uploads/2022/01/ 189 KB
190 KB 727ms
722ms Image
image/jpeg 45.76.180.219
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zaloweb.me/wp-content/uploads/2022/01/nhan-vao-nut-quet-ma-trong-ung-dung-zalo-tren-dien-thoai-cua-ban-1-scaled.jpg

Requested by

Host: zaloweb.me
URL: https://zaloweb.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.76.180.219 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.180.219.vultrusercontent.com

Software

HOSTVN.NET /

Resource Hash

95f07e8d6f149cf8b99d1bbfad02b054f775119551edaa7bb4595e1c2f86115b

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zaloweb.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:49 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 14 Jan 2022 12:22:52 GMT
server: HOSTVN.NET
etag: "61e16b1c-2f4a8"
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
content-type: image/jpeg
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 193704
x-content-type-options: "nosniff" always
expires: Sat, 08 Jul 2023 17:00:49 GMT

GET
H2 200 mo-ung-dung-zalo-tren-dien-thoai-va-quet-ma-qr-de-dang-nhap-vao-zalo-tren-web.jpg
zaloweb.me/wp-content/uploads/2022/03/ 567 KB
568 KB 727ms
723ms Image
image/jpeg 45.76.180.219
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zaloweb.me/wp-content/uploads/2022/03/mo-ung-dung-zalo-tren-dien-thoai-va-quet-ma-qr-de-dang-nhap-vao-zalo-tren-web.jpg

Requested by

Host: zaloweb.me
URL: https://zaloweb.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.76.180.219 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.180.219.vultrusercontent.com

Software

HOSTVN.NET /

Resource Hash

fd6757a6f7c7556d4c65fe1aca9224ff66856a32468dd89eab818db66150e1df

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zaloweb.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:49 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 18 Mar 2022 11:09:26 GMT
server: HOSTVN.NET
etag: "62346866-8dc77"
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
content-type: image/jpeg
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 580727
x-content-type-options: "nosniff" always
expires: Sat, 08 Jul 2023 17:00:49 GMT

GET
H2 200 phien-ban-zalo-web-4.png
zaloweb.me/wp-content/uploads/2022/01/ 95 KB
96 KB 727ms
723ms Image
image/png 45.76.180.219
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zaloweb.me/wp-content/uploads/2022/01/phien-ban-zalo-web-4.png

Requested by

Host: zaloweb.me
URL: https://zaloweb.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.76.180.219 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.180.219.vultrusercontent.com

Software

HOSTVN.NET /

Resource Hash

c41ce6b67f407e0caba7531192a1ff70091510819dde2722cfbdb0dfc8f143f2

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zaloweb.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:49 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 09 Jan 2022 17:28:32 GMT
server: HOSTVN.NET
etag: "61db1b40-17dcc"
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
content-type: image/png
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 97740
x-content-type-options: "nosniff" always
expires: Sat, 08 Jul 2023 17:00:49 GMT

GET
H2 200 huong-dan-zalo-web-dang-nhap-bang-tai-khoan-1.jpg
zaloweb.me/wp-content/uploads/2022/03/ 58 KB
59 KB 727ms
723ms Image
image/jpeg 45.76.180.219
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zaloweb.me/wp-content/uploads/2022/03/huong-dan-zalo-web-dang-nhap-bang-tai-khoan-1.jpg

Requested by

Host: zaloweb.me
URL: https://zaloweb.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.76.180.219 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.180.219.vultrusercontent.com

Software

HOSTVN.NET /

Resource Hash

146c050fccfe4e94fad0481d6d5e706d36a25b0395cf3ce6011ff88b864d89a0

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zaloweb.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:49 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 18 Mar 2022 11:29:05 GMT
server: HOSTVN.NET
etag: "62346d01-e961"
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
content-type: image/jpeg
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 59745
x-content-type-options: "nosniff" always
expires: Sat, 08 Jul 2023 17:00:49 GMT

GET
H2 200 wp-emoji-release.min.js Show response
zaloweb.me/wp-includes/js/ 18 KB
5 KB 727ms
723ms Script
application/javascript 45.76.180.219
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://zaloweb.me/wp-includes/js/wp-emoji-release.min.js?ver=6.0

Requested by

Host: zaloweb.me
URL: https://zaloweb.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.76.180.219 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.180.219.vultrusercontent.com

Software

HOSTVN.NET /

Resource Hash

5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zaloweb.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:49 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 25 May 2022 03:59:01 GMT
server: HOSTVN.NET
etag: W/"628da985-48b9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
expires: Sat, 08 Jul 2023 17:00:49 GMT

GET
H2 200 phien-ban-zalo-web-3.jpg
zaloweb.me/wp-content/uploads/2022/01/ 133 KB
133 KB 727ms
724ms Image
image/jpeg 45.76.180.219
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zaloweb.me/wp-content/uploads/2022/01/phien-ban-zalo-web-3.jpg

Requested by

Host: zaloweb.me
URL: https://zaloweb.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.76.180.219 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.180.219.vultrusercontent.com

Software

HOSTVN.NET /

Resource Hash

a44f3492a173452dc9cca679675a4113c749aefeee8b7e2f326387e8d9be5ef2

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zaloweb.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:49 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 09 Jan 2022 17:28:30 GMT
server: HOSTVN.NET
etag: "61db1b3e-21329"
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
content-type: image/jpeg
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 135977
x-content-type-options: "nosniff" always
expires: Sat, 08 Jul 2023 17:00:49 GMT

GET
H2 200 tinh-nang-gui-icon-gif-vui-nhon-va-dang-iu-tren-zaloweb.jpg
zaloweb.me/wp-content/uploads/2022/02/ 40 KB
41 KB 727ms
724ms Image
image/jpeg 45.76.180.219
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zaloweb.me/wp-content/uploads/2022/02/tinh-nang-gui-icon-gif-vui-nhon-va-dang-iu-tren-zaloweb.jpg

Requested by

Host: zaloweb.me
URL: https://zaloweb.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.76.180.219 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.180.219.vultrusercontent.com

Software

HOSTVN.NET /

Resource Hash

efad6a64aada8bb3357b02aa8bcf71536fa7c18abbb1df73a8383d1f0872a74e

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zaloweb.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:49 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 28 Feb 2022 13:36:05 GMT
server: HOSTVN.NET
etag: "621ccfc5-a0b1"
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
content-type: image/jpeg
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 41137
x-content-type-options: "nosniff" always
expires: Sat, 08 Jul 2023 17:00:49 GMT

GET
H2 200 tinh-nang-tao-nhac-hen-tren-zaloweb.jpg
zaloweb.me/wp-content/uploads/2022/02/ 31 KB
32 KB 728ms
724ms Image
image/jpeg 45.76.180.219
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zaloweb.me/wp-content/uploads/2022/02/tinh-nang-tao-nhac-hen-tren-zaloweb.jpg

Requested by

Host: zaloweb.me
URL: https://zaloweb.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.76.180.219 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.180.219.vultrusercontent.com

Software

HOSTVN.NET /

Resource Hash

6545d10fa09bea7237baa618fcfa331ffeb8d51ef6ed658aaf75a23debb3df04

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zaloweb.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:49 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 26 Feb 2022 19:24:10 GMT
server: HOSTVN.NET
etag: "621a7e5a-7d68"
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
content-type: image/jpeg
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 32104
x-content-type-options: "nosniff" always
expires: Sat, 08 Jul 2023 17:00:49 GMT

GET
H2 200 hinh-anh-duoc-gui-chat-luong-hd-gui-hinh-anh-hd-tren-zalo-on-web.jpg
zaloweb.me/wp-content/uploads/2022/03/ 58 KB
59 KB 728ms
725ms Image
image/jpeg 45.76.180.219
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zaloweb.me/wp-content/uploads/2022/03/hinh-anh-duoc-gui-chat-luong-hd-gui-hinh-anh-hd-tren-zalo-on-web.jpg

Requested by

Host: zaloweb.me
URL: https://zaloweb.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.76.180.219 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.180.219.vultrusercontent.com

Software

HOSTVN.NET /

Resource Hash

a10a65cda4e0697cb6b0e9222c286393609fdb45f027d3194870e175daf7da3e

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zaloweb.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:49 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 11 Mar 2022 15:30:56 GMT
server: HOSTVN.NET
etag: "622b6b30-e8a1"
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
content-type: image/jpeg
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 59553
x-content-type-options: "nosniff" always
expires: Sat, 08 Jul 2023 17:00:49 GMT

GET
H2 200 phien-ban-zalo-web-1.png
zaloweb.me/wp-content/uploads/2022/01/ 70 KB
71 KB 728ms
725ms Image
image/png 45.76.180.219
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zaloweb.me/wp-content/uploads/2022/01/phien-ban-zalo-web-1.png

Requested by

Host: zaloweb.me
URL: https://zaloweb.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.76.180.219 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.180.219.vultrusercontent.com

Software

HOSTVN.NET /

Resource Hash

de0ffa07714628c42699b0c6df1ae67aed1269221f4100551bd4d95117e22999

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zaloweb.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:49 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 09 Jan 2022 17:28:32 GMT
server: HOSTVN.NET
etag: "61db1b40-1192d"
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
content-type: image/png
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 71981
x-content-type-options: "nosniff" always
expires: Sat, 08 Jul 2023 17:00:49 GMT

GET
H2 200 huong-dan-cach-tai-zalo-pc-ve-may-tinh-window-va-os.jpg
zaloweb.me/wp-content/uploads/2022/01/ 57 KB
57 KB 728ms
725ms Image
image/jpeg 45.76.180.219
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zaloweb.me/wp-content/uploads/2022/01/huong-dan-cach-tai-zalo-pc-ve-may-tinh-window-va-os.jpg

Requested by

Host: zaloweb.me
URL: https://zaloweb.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.76.180.219 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.180.219.vultrusercontent.com

Software

HOSTVN.NET /

Resource Hash

e02cd79a3542a4cdbc02ddd4a0017f9ed9b23b16cd654a03d8d68e583444e9d6

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zaloweb.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:49 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 09 Jan 2022 19:36:26 GMT
server: HOSTVN.NET
etag: "61db393a-e340"
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
content-type: image/jpeg
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 58176
x-content-type-options: "nosniff" always
expires: Sat, 08 Jul 2023 17:00:49 GMT

GET
H2 200 zalo-web.jpg
zaloweb.me/wp-content/uploads/2022/01/ 52 KB
52 KB 728ms
726ms Image
image/jpeg 45.76.180.219
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zaloweb.me/wp-content/uploads/2022/01/zalo-web.jpg

Requested by

Host: zaloweb.me
URL: https://zaloweb.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.76.180.219 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.180.219.vultrusercontent.com

Software

HOSTVN.NET /

Resource Hash

98c301f03b6626841c9f75ad97b0b135ad8572b4087c2d8f4ef6541831d32e74

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zaloweb.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:49 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 09 Jan 2022 17:28:34 GMT
server: HOSTVN.NET
etag: "61db1b42-cf50"
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
content-type: image/jpeg
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 53072
x-content-type-options: "nosniff" always
expires: Sat, 08 Jul 2023 17:00:49 GMT

GET
H2 200 ban-co-the-su-dung-tinh-nang-giao-viec-cho-chinh-ban-than-tren-zalo-on-web.jpg
zaloweb.me/wp-content/uploads/2022/03/ 26 KB
26 KB 728ms
726ms Image
image/jpeg 45.76.180.219
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zaloweb.me/wp-content/uploads/2022/03/ban-co-the-su-dung-tinh-nang-giao-viec-cho-chinh-ban-than-tren-zalo-on-web.jpg

Requested by

Host: zaloweb.me
URL: https://zaloweb.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.76.180.219 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.180.219.vultrusercontent.com

Software

HOSTVN.NET /

Resource Hash

6d33998fb45cd6c5b382568065a2b7eef4e0901500ffa02cf4a767d731863712

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zaloweb.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:49 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 02 Mar 2022 16:17:07 GMT
server: HOSTVN.NET
etag: "621f9883-66a4"
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
content-type: image/jpeg
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 26276
x-content-type-options: "nosniff" always
expires: Sat, 08 Jul 2023 17:00:49 GMT

GET
H2 200 _dmca_premi_badge_5.png
images.dmca.com/Badges/ 5 KB
6 KB 371ms
27ms Image
image/png 151.139.242.29
STACKPATH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dmca.com/Badges/_dmca_premi_badge_5.png?ID=91606bcc-84a1-4bea-adbf-74ec7d3c5d48
Requested by: Host: zaloweb.me
URL: https://zaloweb.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.29 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: ad3ee286844c46dba3f0d26e100f508c410b28f52784fbeec2d513ef6c6fda7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zaloweb.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:49 GMT
last-modified: Thu, 02 Jun 2011 03:26:26 GMT
server: nginx
x-powered-by: ASP.NET
etag: "8ae3cdbd420cc1:0"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
link: <http://dmca-images.azurewebsites.net/Badges/_dmca_premi_badge_5.png>; rel="canonical"
content-length: 5605
expires: Sun, 07 Aug 2022 17:00:11 GMT

GET
H2 200 DMCABadgeHelper.min.js Show response
images.dmca.com/Badges/ 465 B
633 B 378ms
28ms Script
application/javascript 151.139.242.29
STACKPATH

General

Check archive.org

Show headers Download Go to

Full URL: https://images.dmca.com/Badges/DMCABadgeHelper.min.js
Requested by: Host: zaloweb.me
URL: https://zaloweb.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.139.242.29 , United States, ASN33438 (STACKPATH, US),
Reverse DNS
Software: nginx / ASP.NET
Resource Hash: e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zaloweb.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:49 GMT
content-encoding: gzip
last-modified: Fri, 21 Jun 2019 20:14:34 GMT
server: nginx
x-powered-by: ASP.NET
etag: "26b181f16d28d51:0"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
link: <http://dmca-images.azurewebsites.net/Badges/DMCABadgeHelper.min.js>; rel="canonical"
content-length: 280
expires: Sun, 07 Aug 2022 17:00:28 GMT

GET
H2 200 rank-math-snippet.css
zaloweb.me/wp-content/plugins/seo-by-rank-math/assets/front/css/ 3 KB
1005 B 345ms
345ms Stylesheet
text/css 45.76.180.219
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://zaloweb.me/wp-content/plugins/seo-by-rank-math/assets/front/css/rank-math-snippet.css?ver=1.0.92.1

Requested by

Host: zaloweb.me
URL: https://zaloweb.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.76.180.219 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.180.219.vultrusercontent.com

Software

HOSTVN.NET /

Resource Hash

9d650fa59c49b549ceb7fe45c93c1f139c27d2ba5bd379522e3a80d9fa69fdd2

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zaloweb.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:49 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 29 Jun 2022 15:58:57 GMT
server: HOSTVN.NET
etag: W/"62bc76c1-a02"
vary: Accept-Encoding
content-type: text/css
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
expires: Sat, 08 Jul 2023 17:00:49 GMT

GET
H2 200 rank-math-snippet.css
zaloweb.me/wp-content/plugins/seo-by-rank-math-pro/includes/modules/schema/assets/css/ 250 B
551 B 345ms
339ms Stylesheet
text/css 45.76.180.219
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://zaloweb.me/wp-content/plugins/seo-by-rank-math-pro/includes/modules/schema/assets/css/rank-math-snippet.css?ver=3.0.5

Requested by

Host: zaloweb.me
URL: https://zaloweb.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.76.180.219 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.180.219.vultrusercontent.com

Software

HOSTVN.NET /

Resource Hash

119f7b54ec2dd5b26bc47308c51a6e14b260a52d9536b63859c3bb4bac71ad1d

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zaloweb.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:49 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 19 Mar 2022 18:04:41 GMT
server: HOSTVN.NET
etag: W/"62361b39-fa"
vary: Accept-Encoding
content-type: text/css
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
expires: Sat, 08 Jul 2023 17:00:49 GMT

GET
H2 200 front.min.js Show response
zaloweb.me/wp-content/plugins/image-sizes/assets/js/ 0
451 B 345ms
338ms Script
application/javascript 45.76.180.219
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://zaloweb.me/wp-content/plugins/image-sizes/assets/js/front.min.js?ver=3.4.2.3

Requested by

Host: zaloweb.me
URL: https://zaloweb.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.76.180.219 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.180.219.vultrusercontent.com

Software

HOSTVN.NET /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zaloweb.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:49 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 19 Mar 2022 18:03:37 GMT
server: HOSTVN.NET
etag: "62361af9-0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
accept-ranges: bytes
content-length: 0
x-content-type-options: "nosniff" always
expires: Sat, 08 Jul 2023 17:00:49 GMT

GET
H2 200 superfish.js Show response
zaloweb.me/wp-content/themes/zalotheme/assets/js/ 7 KB
3 KB 345ms
338ms Script
application/javascript 45.76.180.219
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://zaloweb.me/wp-content/themes/zalotheme/assets/js/superfish.js?ver=6.0

Requested by

Host: zaloweb.me
URL: https://zaloweb.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.76.180.219 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.180.219.vultrusercontent.com

Software

HOSTVN.NET /

Resource Hash

4bd938863d8e473540c7300aec8fd156822f4701cee5fb6b3328a2cc9b0a012b

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zaloweb.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:49 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 08 Jan 2022 14:02:10 GMT
server: HOSTVN.NET
etag: W/"61d99962-1d7c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
expires: Sat, 08 Jul 2023 17:00:49 GMT

GET
H2 200 html5.js Show response
zaloweb.me/wp-content/themes/zalotheme/assets/js/ 10 KB
3 KB 352ms
345ms Script
application/javascript 45.76.180.219
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://zaloweb.me/wp-content/themes/zalotheme/assets/js/html5.js?ver=6.0

Requested by

Host: zaloweb.me
URL: https://zaloweb.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.76.180.219 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.180.219.vultrusercontent.com

Software

HOSTVN.NET /

Resource Hash

a4b3b91b775b356ac4b5c34ac94dbcc1212ef23b5e89bfa9bfcc92e285a4447a

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zaloweb.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:49 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 08 Jan 2022 14:02:10 GMT
server: HOSTVN.NET
etag: W/"61d99962-285a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
expires: Sat, 08 Jul 2023 17:00:49 GMT

GET
H2 200 jquery.bxslider.js Show response
zaloweb.me/wp-content/themes/zalotheme/assets/js/ 66 KB
14 KB 383ms
376ms Script
application/javascript 45.76.180.219
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://zaloweb.me/wp-content/themes/zalotheme/assets/js/jquery.bxslider.js?ver=6.0

Requested by

Host: zaloweb.me
URL: https://zaloweb.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.76.180.219 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.180.219.vultrusercontent.com

Software

HOSTVN.NET /

Resource Hash

d9a3e8f06cc8581fd6eeb011535e3fe287f9d38d22be1ec1f9fd9bf804adf62a

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zaloweb.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:49 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 08 Jan 2022 14:02:10 GMT
server: HOSTVN.NET
etag: W/"61d99962-107e0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
expires: Sat, 08 Jul 2023 17:00:49 GMT

GET
H2 200 theia-sticky-sidebar.js Show response
zaloweb.me/wp-content/themes/zalotheme/assets/js/ 16 KB
4 KB 395ms
388ms Script
application/javascript 45.76.180.219
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://zaloweb.me/wp-content/themes/zalotheme/assets/js/theia-sticky-sidebar.js?ver=6.0

Requested by

Host: zaloweb.me
URL: https://zaloweb.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.76.180.219 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.180.219.vultrusercontent.com

Software

HOSTVN.NET /

Resource Hash

41f806a19a20885a156ceb760f01b4fddc9e037b0f94dbbdaf33c53077f5fc08

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zaloweb.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:49 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 08 Jan 2022 14:02:10 GMT
server: HOSTVN.NET
etag: W/"61d99962-3fc4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
expires: Sat, 08 Jul 2023 17:00:49 GMT

GET
H2 200 index.js Show response
zaloweb.me/wp-content/themes/zalotheme/assets/js/ 30 KB
7 KB 413ms
407ms Script
application/javascript 45.76.180.219
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://zaloweb.me/wp-content/themes/zalotheme/assets/js/index.js?ver=20210501

Requested by

Host: zaloweb.me
URL: https://zaloweb.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.76.180.219 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.180.219.vultrusercontent.com

Software

HOSTVN.NET /

Resource Hash

7ac8ebeafc116dc5f3fe3bcef244d3533607913da7d5c07d9e3427a87c83e670

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zaloweb.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:49 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 08 Jan 2022 14:02:10 GMT
server: HOSTVN.NET
etag: W/"61d99962-77d0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
expires: Sat, 08 Jul 2023 17:00:49 GMT

GET
H2 200 jquery.custom.js Show response
zaloweb.me/wp-content/themes/zalotheme/assets/js/ 3 KB
1 KB 414ms
408ms Script
application/javascript 45.76.180.219
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://zaloweb.me/wp-content/themes/zalotheme/assets/js/jquery.custom.js?ver=20210501

Requested by

Host: zaloweb.me
URL: https://zaloweb.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.76.180.219 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.180.219.vultrusercontent.com

Software

HOSTVN.NET /

Resource Hash

0f03c8748f2a50b87d383ac1790e6ae151f7869240fe854d38421c90620e040f

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zaloweb.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:49 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 21 Jun 2022 13:04:35 GMT
server: HOSTVN.NET
etag: W/"62b1c1e3-c1a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
expires: Sat, 08 Jul 2023 17:00:49 GMT

GET
H2 200 jquery.smooth-scroll.min.js Show response
zaloweb.me/wp-content/plugins/easy-table-of-contents/vendor/smooth-scroll/ 5 KB
2 KB 419ms
413ms Script
application/javascript 45.76.180.219
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://zaloweb.me/wp-content/plugins/easy-table-of-contents/vendor/smooth-scroll/jquery.smooth-scroll.min.js?ver=2.2.0

Requested by

Host: zaloweb.me
URL: https://zaloweb.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.76.180.219 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.180.219.vultrusercontent.com

Software

HOSTVN.NET /

Resource Hash

cb6554b04a2e5178a3e18dde21b1bb72e0aa5f87aac9cb567844a4fda5990847

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zaloweb.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:49 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 09 Jan 2022 19:47:26 GMT
server: HOSTVN.NET
etag: W/"61db3bce-13bc"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
expires: Sat, 08 Jul 2023 17:00:49 GMT

GET
H2 200 js.cookie.min.js Show response
zaloweb.me/wp-content/plugins/easy-table-of-contents/vendor/js-cookie/ 2 KB
1 KB 420ms
414ms Script
application/javascript 45.76.180.219
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://zaloweb.me/wp-content/plugins/easy-table-of-contents/vendor/js-cookie/js.cookie.min.js?ver=2.2.1

Requested by

Host: zaloweb.me
URL: https://zaloweb.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.76.180.219 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.180.219.vultrusercontent.com

Software

HOSTVN.NET /

Resource Hash

073351c657bbb62703d3e79b437eb5b7c7a647b2293edd2caab7e7016f3d91fa

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zaloweb.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:49 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 09 Jan 2022 19:47:26 GMT
server: HOSTVN.NET
etag: W/"61db3bce-9e7"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
expires: Sat, 08 Jul 2023 17:00:49 GMT

GET
H2 200 jquery.sticky-kit.min.js Show response
zaloweb.me/wp-content/plugins/easy-table-of-contents/vendor/sticky-kit/ 3 KB
2 KB 425ms
419ms Script
application/javascript 45.76.180.219
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://zaloweb.me/wp-content/plugins/easy-table-of-contents/vendor/sticky-kit/jquery.sticky-kit.min.js?ver=1.9.2

Requested by

Host: zaloweb.me
URL: https://zaloweb.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.76.180.219 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.180.219.vultrusercontent.com

Software

HOSTVN.NET /

Resource Hash

9b4ed13bfe6e05b6340281394abe265105b1eb916ab1e53e604352525305f7c2

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zaloweb.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:49 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 09 Jan 2022 19:47:26 GMT
server: HOSTVN.NET
etag: W/"61db3bce-b4c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
expires: Sat, 08 Jul 2023 17:00:49 GMT

GET
H2 200 front.min.js Show response
zaloweb.me/wp-content/plugins/easy-table-of-contents/assets/js/ 5 KB
2 KB 431ms
426ms Script
application/javascript 45.76.180.219
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://zaloweb.me/wp-content/plugins/easy-table-of-contents/assets/js/front.min.js?ver=2.0.17-1641757646

Requested by

Host: zaloweb.me
URL: https://zaloweb.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.76.180.219 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.180.219.vultrusercontent.com

Software

HOSTVN.NET /

Resource Hash

aad69cf5d08b51636277b46c0e2833cab2daf135684fccb873072b3c1176a3c8

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zaloweb.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:49 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 09 Jan 2022 19:47:26 GMT
server: HOSTVN.NET
etag: W/"61db3bce-14d0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
x-content-type-options: "nosniff" always
expires: Sat, 08 Jul 2023 17:00:49 GMT

GET
H2 200 ico_check.png
zaloweb.me/wp-content/themes/zalotheme/assets/img/ 1 KB
1 KB 715ms
715ms Image
image/png 45.76.180.219
AS-CHOOPA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zaloweb.me/wp-content/themes/zalotheme/assets/img/ico_check.png

Requested by

Host: zaloweb.me
URL: https://zaloweb.me/wp-content/themes/zalotheme/style.css?ver=20211101

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.76.180.219 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.180.219.vultrusercontent.com

Software

HOSTVN.NET /

Resource Hash

dd59aa3a642c6d0e3e970ec62c4ca24c987c93049c7a9b2fa3ebda822fd17565

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zaloweb.me/wp-content/themes/zalotheme/style.css?ver=20211101
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:49 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 21 Mar 2022 16:08:18 GMT
server: HOSTVN.NET
etag: "6238a2f2-41a"
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
content-type: image/png
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate, immutable, stale-while-revalidate=86400, stale-if-error=604800
accept-ranges: bytes
content-length: 1050
x-content-type-options: "nosniff" always
expires: Sat, 08 Jul 2023 17:00:49 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 193 KB
69 KB 27ms
26ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HPF8C9L884&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-205127614-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2f824f89d7340b0c3b914cc609c31a60979c6bcc63a4b07991795a2ab5c50f32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zaloweb.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:49 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70534
x-xss-protection: 0
expires: Fri, 08 Jul 2022 17:00:49 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-205127614-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zaloweb.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 281
date: Fri, 08 Jul 2022 16:56:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 08 Jul 2022 18:56:08 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206300101/ 339 KB
120 KB 50ms
32ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5801112700479829&plah=zaloweb.me&bust=31068331

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5801112700479829

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c21e448d2575a0c240542d3fb90618b2f3b3992d00ef78c31181e56ca5a3645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zaloweb.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122423
x-xss-protection: 0
server: cafe
etag: 8120175481401538953
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 08 Jul 2022 17:00:49 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220630/r20190131/ Frame B5F4 10 KB
5 KB 33ms
7ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220630/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5801112700479829

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zaloweb.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 22171
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4414
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Jul 2022 10:51:18 GMT
etag: 10429905676100781186
expires: Fri, 22 Jul 2022 10:51:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
334 B 39ms
16ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-HPF8C9L884&gtm=2oe6t0&_p=441807809&_z=ccd.v9B&gdid=dZTNiMT&cid=1174626436.1657299649&ul=en-us&sr=1600x1200&_s=1&sid=1657299649&sct=1&seg=0&dl=https%3A%2F%2Fzaloweb.me%2F&dt=Zalo%20Web%20%7C%20%C4%90%C4%83ng%20nh%E1%BA%ADp%20t%C3%A0i%20kho%E1%BA%A3n%20Zalo%20%7C%20Chat.Zalo.me&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HPF8C9L884
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zaloweb.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 17:00:49 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://zaloweb.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 32ms
16ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=441807809&t=pageview&_s=1&dl=https%3A%2F%2Fzaloweb.me%2F&ul=en-us&de=UTF-8&dt=Zalo%20Web%20%7C%20%C4%90%C4%83ng%20nh%E1%BA%ADp%20t%C3%A0i%20kho%E1%BA%A3n%20Zalo%20%7C%20Chat.Zalo.me&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=782517154&gjid=1140418321&cid=1174626436.1657299649&tid=UA-205127614-1&_gid=1803639375.1657299649&_r=1&gtm=2ou6t0&did=dZTNiMT&gdid=dZTNiMT&z=1572429280

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://zaloweb.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 17:00:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://zaloweb.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 21ms
7ms Image
image/gif 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=441807809&t=pageview&_s=2&dl=https%3A%2F%2Fzaloweb.me%2F&ul=en-us&de=UTF-8&dt=Zalo%20Web%20%7C%20%C4%90%C4%83ng%20nh%E1%BA%ADp%20t%C3%A0i%20kho%E1%BA%A3n%20Zalo%20%7C%20Chat.Zalo.me&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=&gjid=&cid=1174626436.1657299649&tid=UA-205127614-1&_gid=1803639375.1657299649&gtm=2ou6t0&did=dZTNiMT&gdid=dZTNiMT&z=1450193580

Requested by

Host: zaloweb.me
URL: https://zaloweb.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zaloweb.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Jul 2022 22:34:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 66401
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
435 B 59ms
19ms XHR
text/plain 2a00:1450:400c:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-205127614-1&cid=1174626436.1657299649&jid=782517154&gjid=1140418321&_gid=1803639375.1657299649&_u=YADAAUAAAAAAAC~&z=51040226

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://zaloweb.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 08 Jul 2022 17:00:49 GMT
content-type: text/plain
access-control-allow-origin: https://zaloweb.me
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 214 B
644 B 93ms
33ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=zaloweb.me&callback=_gfp_s_&client=ca-pub-5801112700479829

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5801112700479829&plah=zaloweb.me&bust=31068331

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

743425bf350e15c32f23c1bf3505546d39071ba4f35c2634a0d43654bf00d639

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zaloweb.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 200
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 65ms
22ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=zaloweb.me

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zaloweb.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Jul 2022 17:00:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 108ms
71ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=zaloweb.me

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zaloweb.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Jul 2022 17:00:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1E43 184 KB
49 KB 327ms
310ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5801112700479829&output=html&adk=1812271804&adf=3025194257&lmt=1657299649&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fzaloweb.me%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657299649288&bpp=2&bdt=1074&idt=100&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=852629487445&frm=20&pv=2&ga_vid=1174626436.1657299649&ga_sid=1657299649&ga_hid=441807809&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068331%2C44768688%2C31064018&oid=2&pvsid=545393740193883&tmod=1787055019&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=113

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fdb2f19e4728e8dc282d972e2958ef4fba63f4558861d50cd7a4c94f19a9b34f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zaloweb.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 50048
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Jul 2022 17:00:49 GMT
expires: Fri, 08 Jul 2022 17:00:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B7E3 103 KB
33 KB 332ms
323ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5801112700479829&output=html&h=280&slotname=1598731556&adk=3047136366&adf=812349285&pi=t.ma~as.1598731556&w=1120&fwrn=4&fwrnh=100&lmt=1657299649&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Fzaloweb.me%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657299649290&bpp=1&bdt=1076&idt=115&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=852629487445&frm=20&pv=1&ga_vid=1174626436.1657299649&ga_sid=1657299649&ga_hid=441807809&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068331%2C44768688%2C31064018&oid=2&pvsid=545393740193883&tmod=1787055019&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=W0FXLUquju&p=https%3A//zaloweb.me&dtd=120

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90dd6a57351137eb72d9aef2c85493606582b65c204826faccc3aab55b860da1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zaloweb.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 34067
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Jul 2022 17:00:49 GMT
expires: Fri, 08 Jul 2022 17:00:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 33ms
16ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=zaloweb.me

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zaloweb.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Jul 2022 17:00:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 201ms
184ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=zaloweb.me

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zaloweb.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Jul 2022 17:00:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4663 102 KB
32 KB 586ms
585ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5801112700479829&output=html&h=600&slotname=9113799071&adk=3890572698&adf=943920009&pi=t.ma~as.9113799071&w=160&lmt=1657299649&psa=0&format=160x600&url=https%3A%2F%2Fzaloweb.me%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657299649593&bpp=2&bdt=1379&idt=2&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daa1599fc633ddacc-220496d0c8cd0072%3AT%3D1657299649%3ART%3D1657299649%3AS%3DALNI_MZuUj3wfl5UKxcuqTd4vqQybwY35w&prev_fmts=0x0%2C1120x280&nras=1&correlator=852629487445&frm=20&pv=1&ga_vid=1174626436.1657299649&ga_sid=1657299649&ga_hid=441807809&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=32&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068331%2C44768688%2C31064018&oid=2&pvsid=545393740193883&tmod=1787055019&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IdZdmOizlQ&p=https%3A//zaloweb.me&dtd=11

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a3f97d78aef212189688c06d7c17a5eebb4141f15b6e4e12b1e11ba4885eb45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zaloweb.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 32992
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Jul 2022 17:00:50 GMT
expires: Fri, 08 Jul 2022 17:00:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4B5F 74 KB
22 KB 533ms
532ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5801112700479829&output=html&h=600&slotname=9113799071&adk=3890572698&adf=2347765671&pi=t.ma~as.9113799071&w=160&lmt=1657299649&psa=0&format=160x600&url=https%3A%2F%2Fzaloweb.me%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657299649606&bpp=1&bdt=1392&idt=1&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daa1599fc633ddacc-220496d0c8cd0072%3AT%3D1657299649%3ART%3D1657299649%3AS%3DALNI_MZuUj3wfl5UKxcuqTd4vqQybwY35w&prev_fmts=0x0%2C1120x280%2C160x600&nras=1&correlator=852629487445&frm=20&pv=1&ga_vid=1174626436.1657299649&ga_sid=1657299649&ga_hid=441807809&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1430&ady=32&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068331%2C44768688%2C31064018&oid=2&pvsid=545393740193883&tmod=1787055019&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=r03ziupTQG&p=https%3A//zaloweb.me&dtd=5

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

62b7bc5741a33135c1766967ea35feb1101e9527e0aff0bf97587aeffd289dd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zaloweb.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 22846
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Jul 2022 17:00:50 GMT
expires: Fri, 08 Jul 2022 17:00:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ez-toc-icomoon.woff2
zaloweb.me/wp-content/plugins/easy-table-of-contents/vendor/icomoon/fonts/ 580 B
979 B 546ms
545ms Font
font/woff2 45.76.180.219
AS-CHOOPA

General

Check archive.org

Show headers Download Go to

Full URL

https://zaloweb.me/wp-content/plugins/easy-table-of-contents/vendor/icomoon/fonts/ez-toc-icomoon.woff2

Requested by

Host: zaloweb.me
URL: https://zaloweb.me/wp-content/plugins/easy-table-of-contents/vendor/icomoon/style.min.css?ver=2.0.17

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.76.180.219 Singapore, Singapore, ASN20473 (AS-CHOOPA, US),

Reverse DNS

45.76.180.219.vultrusercontent.com

Software

HOSTVN.NET /

Resource Hash

9a5d04f74cf2a5ac395114c141150def9ea2ec79fa5b06febc02cb396d2c88f7

Security Headers

Name	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Request headers

Referer: https://zaloweb.me/wp-content/plugins/easy-table-of-contents/vendor/icomoon/style.min.css?ver=2.0.17
Origin: https://zaloweb.me
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:49 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 09 Jan 2022 19:47:26 GMT
server: HOSTVN.NET
etag: "61db3bce-244"
vary: Accept-Encoding
content-type: font/woff2
x-xss-protection: "1; mode=block" always
cache-control: max-age=31536000, public, must-revalidate, proxy-revalidate
strict-transport-security: "max-age=31536000; includeSubDomains; preload" always
accept-ranges: bytes
content-length: 580
x-content-type-options: "nosniff" always
expires: Sat, 08 Jul 2023 17:00:49 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame B7E3 8 KB
1 KB 51ms
15ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5801112700479829&output=html&h=280&slotname=1598731556&adk=3047136366&adf=812349285&pi=t.ma~as.1598731556&w=1120&fwrn=4&fwrnh=100&lmt=1657299649&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Fzaloweb.me%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657299649290&bpp=1&bdt=1076&idt=115&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=852629487445&frm=20&pv=1&ga_vid=1174626436.1657299649&ga_sid=1657299649&ga_hid=441807809&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068331%2C44768688%2C31064018&oid=2&pvsid=545393740193883&tmod=1787055019&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=W0FXLUquju&p=https%3A//zaloweb.me&dtd=120

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 08 Jul 2022 16:55:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 08 Jul 2022 17:00:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 08 Jul 2022 17:00:49 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/ Frame B7E3 2 KB
983 B 55ms
10ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 16:55:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 303
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Jul 2022 16:55:46 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/ Frame B7E3 21 KB
9 KB 52ms
8ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 16:58:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 147
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 18116328616323621410
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Jul 2022 16:58:22 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/ Frame B7E3 3 KB
1 KB 45ms
10ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 16:57:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 183
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Jul 2022 16:57:46 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B7E3 137 KB
43 KB 87ms
31ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e49548c45f00bbfa0fda642d02b5e29b407004eacc2099e348da7cb38f477052

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43254
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1657132091081416"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 08 Jul 2022 17:00:49 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/ Frame B7E3 17 KB
7 KB 53ms
9ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 16:55:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 318
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Jul 2022 16:55:31 GMT

GET
H2 200 e335c40f4e500f406840f7159cec7b48.js Show response
www.gstatic.com/mysidia/ Frame B7E3 31 KB
13 KB 34ms
9ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e335c40f4e500f406840f7159cec7b48.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

204ee979949dff78fdc0b391fe74c9b8fe736abd65a1f0a6af80cb01bcfb8587

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 02 Jul 2022 16:52:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 518927
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13085
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 02:13:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 30 Sep 2022 16:52:02 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B7E3 0
0 53ms
52ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CnLd_wWLIYvOPG5rntgf8kLrACLn3-MlqkZn13NsP_LWDnfgKEAEgoqGQkAFglZKhgrAHoAHY9pa3AsgBCakCtR2Ml9UEsT6oAwHIA8sEqgTSAU_QEa_JpruGRDr7C4ycWHi06X9Y5Pq_tXh6Y1W9bvGfrocLqhFosI3vNWd8G1uEHUNmmshmblMz-JnvAdvjlvVnPtJ6UQwOcSplwb-NQe_D4WojLoIbpGF8mPdnnN_TpdYqaF72tJ2dJ0RLpy6HJdvl9YArPMzTEl7sfuo_MGFMYodL1MGpK2oxqeSRfjvZOWmizZ1nmBJbfdzvPyHgtO3U3Cwiw06Ay7Bn3CI-LaWwiDfOWXXE_Ps4L5fQd31Q9hikcrYmENo6x0PdrumcU1Nj9sAE8vanivgDkgUECAQYAZIFBAgFGASgBi6AB5CJ6cgBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQi9Ab0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwGYDKzi_rD2A7gTgwTYEw7QFQGYFgGAFwGyFxwKGggAEhRwdWItNTgwMTExMjcwMDQ3OTgyORgA&sigh=FOwQLIgYt8I&uach_m=[UACH]&template_id=515

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5801112700479829&output=html&h=280&slotname=1598731556&adk=3047136366&adf=812349285&pi=t.ma~as.1598731556&w=1120&fwrn=4&fwrnh=100&lmt=1657299649&rafmt=1&psa=0&format=1120x280&url=https%3A%2F%2Fzaloweb.me%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657299649290&bpp=1&bdt=1076&idt=115&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=852629487445&frm=20&pv=1&ga_vid=1174626436.1657299649&ga_sid=1657299649&ga_hid=441807809&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068331%2C44768688%2C31064018&oid=2&pvsid=545393740193883&tmod=1787055019&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=W0FXLUquju&p=https%3A//zaloweb.me&dtd=120
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 08 Jul 2022 17:00:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 08 Jul 2022 17:00:49 GMT

GET
H2 200 data=5NIO0uadQNaKYTvgfgTbgXAF3Xokau5kGmTeL-TP5XbAJrblCTwRrf_1K1DFmAS3HiqFr7dDBdH92U0l1haW3WWbHARCckycQS3rtKWewjccbbTlT-J2sAQXyA
mts0.google.com/vt/ Frame B7E3 60 KB
61 KB 172ms
127ms Image
image/png 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mts0.google.com/vt/data=5NIO0uadQNaKYTvgfgTbgXAF3Xokau5kGmTeL-TP5XbAJrblCTwRrf_1K1DFmAS3HiqFr7dDBdH92U0l1haW3WWbHARCckycQS3rtKWewjccbbTlT-J2sAQXyA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

64d24b4c9afb6e5fe9afab78a013911c5ae41de7f385a30e0a5e354caf84dd92

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'; base-uri 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:49 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=120
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61836
x-xss-protection: 0
x-server-version-bin: CggIBBCil5qWBg==
server: scaffolding on HTTPServer2
etag: 0f34731633e78b46a
x-frame-options: SAMEORIGIN
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=3600
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
expires: Fri, 08 Jul 2022 18:00:49 GMT

GET
DATA 200
OK truncated
/ Frame B7E3 244 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8be8f432572fba9a5669684d4f89b81b9595700f40480eeecbfe7721ce5b2234

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame B7E3 333 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b1ccf2d92e5e6235fcb23becebc6b98f5eba33abad7902763aa8b830be20bd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206300101/ 149 KB
53 KB 35ms
26ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206300101/reactive_library_fy2019.js?bust=31068331

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e96d22139df00d81b7259958dd5253f5b3a7dcde958d8445ce67e847958abaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zaloweb.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54367
x-xss-protection: 0
server: cafe
etag: 8333315921678498232
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Jul 2022 17:00:49 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 18ms
18ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=zaloweb.me

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zaloweb.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Jul 2022 17:00:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 255ms
255ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=zaloweb.me

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zaloweb.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Jul 2022 17:00:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220630/r20110914/ Frame BB71 10 KB
4 KB 8ms
7ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220630/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zaloweb.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 73775
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4414
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Jul 2022 20:31:14 GMT
etag: 10429905676100781186
expires: Thu, 21 Jul 2022 20:31:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220630/r20110914/ Frame 0C90 10 KB
4 KB 9ms
8ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220630/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zaloweb.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 73775
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4414
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Jul 2022 20:31:14 GMT
etag: 10429905676100781186
expires: Thu, 21 Jul 2022 20:31:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame BB71 4 KB
636 B 35ms
18ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220630/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 08 Jul 2022 16:53:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 08 Jul 2022 17:00:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 08 Jul 2022 17:00:49 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame BB71 205 B
229 B 26ms
9ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220630/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 15:58:39 GMT
x-content-type-options: nosniff
age: 3730
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 08 Jul 2023 15:58:39 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame BB71 604 B
628 B 25ms
8ms Image
image/png 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220630/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 07:45:27 GMT
x-content-type-options: nosniff
age: 33322
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 08 Jul 2023 07:45:27 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/elements/html/ Frame BB71 19 KB
8 KB 27ms
8ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220630/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae2e1dc0161fa05e80b225682868a9bfbab08c503b2429f06339d4487f160ac2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 16:58:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 120
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8263
x-xss-protection: 0
server: cafe
etag: 17157773748623750166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Jul 2022 16:58:49 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0C90 0
0 49ms
48ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C5rehwWLIYqSaG5zQtwfNn4nYC8me0rFczfHi3YgBwI23ARABIABglZKhgrAHggEXY2EtcHViLTU4MDExMTI3MDA0Nzk4MjmgAdW20uoDyAEJqQK1HYyX1QSxPqgDAaoEugFP0OWwvHBkBc97veuONkDQMJOrFJBJQcDHpeuo38eCHkQ-BCQV4ppjBWBgnASd5fZY6bNB0D9hb22PAiRCuN5Qgbf66ivPMuUjRzm_SisuUNjwNLkwIvaRJTvaahkv1ULzMBY8Y8790ChDvxOhrTcQHnuwvBtaENTIdpsj_JtB4u_-tz9tApmbTIdocfgnNB5RHfsQf6YsOiMQYBbwyarC8zXKGN8f-MVm9CxauRj1Vzl4Kh_K51JmDbmABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNTgwMTExMjcwMDQ3OTgyORgA&sigh=kI3JtdwYCVQ&uach_m=[UACH]&cid=CAQSGwCNIrLM-dOX9Wfqg4c_vhizrwvAe7FzUN1HuxgB

Requested by

Host: zaloweb.me
URL: https://zaloweb.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220630/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 08 Jul 2022 17:00:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 0C90 0
0 47ms
14ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kOb8EMz6RO0HfJ2DYgICAAAADxCU1EnLd-8QwWLIYhKau1vSRvIbF1wEABIAAA&wp=YshiwQAGzSQK7egcAAJPzdxfXDA8U8nGBweyxA

Requested by

Host: zaloweb.me
URL: https://zaloweb.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:49 GMT
server: Kestrel
server-processing-duration-in-ticks: 303481
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 86DF 211 KB
59 KB 185ms
150ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YshiwQAGzSQK7egcAAJPzdxfXDA8U8nGBweyxA&u=%7C2G6cqCV0O7fBzgO5MGraYm0M%2FQVW1LjWCOPfBP33YqY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANddNRPYHnj5tZXpmi0sBbULWFKMhQHkrqTNGYx3MXGSihig_FO5no5fLKRzJbYdWHBI3gLuju_RKz-Wh9N_ShHZCCylNhJii5Vo9mjzZgI7ATMlF1rPi843_QOXNLVx8woR2Esat7ZAw5lqDncvpugssJ8dXb8HvSRyPB9qYlAKQPcD11hRO7wM-ThivY4m1cCsOq5qhNQ9Js43uAC2mw8we07jtQ-ZaS5oTo7fyWUABsn2MG2elPFhTOjSx_sqmdRxLxKtpH_LMv_V1ps3-PBD-hOcTTljO-UwPlx6CBRXMXN575uO4iI2leB6FuzfsqDZfkAckWZXxjmUMjDvuZEia53pipywCx5s2vgtADw5xDFqnUoIDA6U5gnBSsjTT-1qpNgvQez0ERTgzBGiT5PLP6HHwIhZ62Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqsGAwWLIYqSaG5zQtwfNn4nYC8me0rFczfHi3YgBwI23ARABIABglZKhgrAHggEXY2EtcHViLTU4MDExMTI3MDA0Nzk4MjmgAdW20uoDyAEJqQK1HYyX1QSxPqgDAaoEvQFP0OWwvHBkBc97veuONkDQMJOrFJBJQcDHpeuo38eCHkQ-BCQV4ppjBWBgnASd5fZY6bNB0D9hb22PAiRCuN5Qgbf66ivPMuUjRzm_SisuUNjwNLkwIvaRJTvaahkv1ULzMBY8Y8790ChDvxOhrTcQHnuwvBtaENTIdpsj_JtB4u_-tz9tApmbTIdocfgnNB5RHfsQPaQNqKSf_AVPVb5hIwhs4NYL8nNs2jTYDdDI8cvHNDPSYvjiHgZSm6OABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2KW5hSIzmOxG2gNZ2vV3QT_Bi0tw%26client%3Dca-pub-5801112700479829%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220630/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b6b606fe32829b8ec41f4559eca2ccfe2dc225c31b50d9027bb8f26473f07b16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 08 Jul 2022 17:00:49 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=ZSJkXP0h7SwKdip6lQu4zmg1YE9mTbOt1nS25U1hyQnGmF5zI8tp3ZCwj0y5Z_c9Dluv-T1ypTZ2xORwPODO73I2NKQul_5pfMnSJLAtYhZy-E1Lf6Fvg8ux_DsOz2o4SQw145TyC42swwdgjOdlOa8QQp198AojzHOq2ij9-jA6vUO-VsxpIYTYO3muV8kcWRUXQHFhCfZeGuI3Oj0qJSFxgasjvPfV5KtdrDZm6htYDX6ZVTHWkwKmgDQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 135542266
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/ Frame 0C90 3 KB
1 KB 26ms
11ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220630/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 16:57:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 183
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Jul 2022 16:57:46 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0C90 137 KB
42 KB 54ms
36ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220630/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e49548c45f00bbfa0fda642d02b5e29b407004eacc2099e348da7cb38f477052

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43254
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1657132091081416"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 08 Jul 2022 17:00:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/ Frame 0C90 17 KB
7 KB 20ms
7ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220630/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 16:55:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 318
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Jul 2022 16:55:31 GMT

GET
DATA 200
OK truncated
/ Frame B7E3 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9ec2965b9fe07eac15b565a860e858d0a507f817319b3d90c542ef328324f659

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame B7E3 28 KB
28 KB 31ms
7ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 08:44:44 GMT
x-content-type-options: nosniff
age: 202565
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Jul 2023 08:44:44 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 5048 5 KB
667 B 32ms
32ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220630/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

01b43417d89abafa536872c1d43bb27916170b4eb8778846b7b9d1b13c6c6c85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 08 Jul 2022 16:53:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 08 Jul 2022 17:00:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 08 Jul 2022 17:00:49 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/ Frame 5048 2 KB
902 B 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220630/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 16:55:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 303
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Jul 2022 16:55:46 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/ Frame 5048 21 KB
8 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220630/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 16:58:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 147
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 18116328616323621410
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Jul 2022 16:58:22 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/ Frame 5048 3 KB
1 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220630/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 16:57:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 183
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Jul 2022 16:57:46 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5048 137 KB
42 KB 28ms
26ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220630/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e49548c45f00bbfa0fda642d02b5e29b407004eacc2099e348da7cb38f477052

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43254
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1657132091081416"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 08 Jul 2022 17:00:49 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/ Frame 5048 17 KB
7 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220630/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 16:55:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 318
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Jul 2022 16:55:31 GMT

GET
H3 200 e335c40f4e500f406840f7159cec7b48.js Show response
www.gstatic.com/mysidia/ Frame 5048 31 KB
13 KB 25ms
23ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e335c40f4e500f406840f7159cec7b48.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220630/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

204ee979949dff78fdc0b391fe74c9b8fe736abd65a1f0a6af80cb01bcfb8587

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 02 Jul 2022 16:52:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 518927
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13085
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 02:13:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 30 Sep 2022 16:52:02 GMT

GET
H3 200 ScuHrLJSuMz-P8UpD_WVXyUZt188tH6pyCCWmvqBSxI.js Show response
pagead2.googlesyndication.com/bg/ Frame AF63 36 KB
14 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ScuHrLJSuMz-P8UpD_WVXyUZt188tH6pyCCWmvqBSxI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49cb87acb252b8ccfe3fc5290ff5955f2519b75f3cb47ea9c820969afa814b12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:18:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 164548
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13935
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 06 Jul 2023 19:18:22 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8C05 143 B
163 B 10ms
9ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220630/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220630/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 595
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Fri, 08 Jul 2022 16:50:55 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 0C90 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b4677907d6fb98b80338e2ca3fa5d0a066b8fca481fb3f26a42d926efceb3dba

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 86DF 2 KB
1 KB 62ms
20ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YshiwQAGzSQK7egcAAJPzdxfXDA8U8nGBweyxA&u=%7C2G6cqCV0O7fBzgO5MGraYm0M%2FQVW1LjWCOPfBP33YqY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANddNRPYHnj5tZXpmi0sBbULWFKMhQHkrqTNGYx3MXGSihig_FO5no5fLKRzJbYdWHBI3gLuju_RKz-Wh9N_ShHZCCylNhJii5Vo9mjzZgI7ATMlF1rPi843_QOXNLVx8woR2Esat7ZAw5lqDncvpugssJ8dXb8HvSRyPB9qYlAKQPcD11hRO7wM-ThivY4m1cCsOq5qhNQ9Js43uAC2mw8we07jtQ-ZaS5oTo7fyWUABsn2MG2elPFhTOjSx_sqmdRxLxKtpH_LMv_V1ps3-PBD-hOcTTljO-UwPlx6CBRXMXN575uO4iI2leB6FuzfsqDZfkAckWZXxjmUMjDvuZEia53pipywCx5s2vgtADw5xDFqnUoIDA6U5gnBSsjTT-1qpNgvQez0ERTgzBGiT5PLP6HHwIhZ62Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqsGAwWLIYqSaG5zQtwfNn4nYC8me0rFczfHi3YgBwI23ARABIABglZKhgrAHggEXY2EtcHViLTU4MDExMTI3MDA0Nzk4MjmgAdW20uoDyAEJqQK1HYyX1QSxPqgDAaoEvQFP0OWwvHBkBc97veuONkDQMJOrFJBJQcDHpeuo38eCHkQ-BCQV4ppjBWBgnASd5fZY6bNB0D9hb22PAiRCuN5Qgbf66ivPMuUjRzm_SisuUNjwNLkwIvaRJTvaahkv1ULzMBY8Y8790ChDvxOhrTcQHnuwvBtaENTIdpsj_JtB4u_-tz9tApmbTIdocfgnNB5RHfsQPaQNqKSf_AVPVb5hIwhs4NYL8nNs2jTYDdDI8cvHNDPSYvjiHgZSm6OABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2KW5hSIzmOxG2gNZ2vV3QT_Bi0tw%26client%3Dca-pub-5801112700479829%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:50 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 03 Jul 2023 17:00:50 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 86DF 2 KB
1 KB 58ms
16ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:50 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 03 Jul 2023 17:00:50 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 86DF 308 B
636 B 56ms
19ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:50 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 03 Jul 2023 17:00:50 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 86DF 293 B
621 B 54ms
17ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:50 GMT
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 03 Jul 2023 17:00:50 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame 86DF 0
688 B 176ms
113ms Image
text/plain 2600:9000:21f3:a600:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1657299649
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YshiwQAGzSQK7egcAAJPzdxfXDA8U8nGBweyxA&u=%7C2G6cqCV0O7fBzgO5MGraYm0M%2FQVW1LjWCOPfBP33YqY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANddNRPYHnj5tZXpmi0sBbULWFKMhQHkrqTNGYx3MXGSihig_FO5no5fLKRzJbYdWHBI3gLuju_RKz-Wh9N_ShHZCCylNhJii5Vo9mjzZgI7ATMlF1rPi843_QOXNLVx8woR2Esat7ZAw5lqDncvpugssJ8dXb8HvSRyPB9qYlAKQPcD11hRO7wM-ThivY4m1cCsOq5qhNQ9Js43uAC2mw8we07jtQ-ZaS5oTo7fyWUABsn2MG2elPFhTOjSx_sqmdRxLxKtpH_LMv_V1ps3-PBD-hOcTTljO-UwPlx6CBRXMXN575uO4iI2leB6FuzfsqDZfkAckWZXxjmUMjDvuZEia53pipywCx5s2vgtADw5xDFqnUoIDA6U5gnBSsjTT-1qpNgvQez0ERTgzBGiT5PLP6HHwIhZ62Q&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqsGAwWLIYqSaG5zQtwfNn4nYC8me0rFczfHi3YgBwI23ARABIABglZKhgrAHggEXY2EtcHViLTU4MDExMTI3MDA0Nzk4MjmgAdW20uoDyAEJqQK1HYyX1QSxPqgDAaoEvQFP0OWwvHBkBc97veuONkDQMJOrFJBJQcDHpeuo38eCHkQ-BCQV4ppjBWBgnASd5fZY6bNB0D9hb22PAiRCuN5Qgbf66ivPMuUjRzm_SisuUNjwNLkwIvaRJTvaahkv1ULzMBY8Y8790ChDvxOhrTcQHnuwvBtaENTIdpsj_JtB4u_-tz9tApmbTIdocfgnNB5RHfsQPaQNqKSf_AVPVb5hIwhs4NYL8nNs2jTYDdDI8cvHNDPSYvjiHgZSm6OABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2KW5hSIzmOxG2gNZ2vV3QT_Bi0tw%26client%3Dca-pub-5801112700479829%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:a600:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 17:00:50 GMT
via: 1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA2-C2
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
x-cache: Miss from cloudfront
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length: 0
x-amz-cf-id: 0kwRxyk4vUmVWUyAbhn0CVYm3AW0q0YX37-VVBlbv5u08KX3xc6gdA==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 86DF 43 B
349 B 157ms
25ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=fLfxD_EQXosB4o_DSZQa_qdMyZ59bEC9xHGvvWymTdmWzUxOzZrwiINC8mBx3iJ-OTTzKeME6dKSPmR_yw44M0sowjkfU4lqmGo85xXlB1BuAWxcxvL_wPmKQd3L2HeRlUfXz65w1fKWghYCfImYrsB2DFADZvivsmFyFuohjqOEitpWgofwKCB64WtEb9UUKeNpqXCvrZAQHu1XLEwcqqiaCxlU-KvHmED1Oy0s5icWB63cRpEDKoocJO8I0Gq_ouBXUMnKfB-j5t5Rf6mMiinmLO6eHNoMa9XLjqsfOK6OrCRNrP3xxSGeotQh5stfqE8SQRlX0thifrGKEWdxWVWJRMwAYx6n6Yyqk8HeGgIMSkUZi3biVg9SQIc5wT60BDL94s8tHuOwUho1MFcd3red_tviurA4K2E5eP1kqvkWsPPu-922AqLwdS8eW_aPK7uYiw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 17:00:49 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 11968541
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8C05
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

67ms
67ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220630/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 08 Jul 2022 17:00:50 GMT
expires: Fri, 08 Jul 2022 17:00:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 08 Jul 2022 17:00:50 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ScuHrLJSuMz-P8UpD_WVXyUZt188tH6pyCCWmvqBSxI.js Show response
pagead2.googlesyndication.com/bg/ Frame 1012 36 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ScuHrLJSuMz-P8UpD_WVXyUZt188tH6pyCCWmvqBSxI.js

Requested by

Host: zaloweb.me
URL: https://zaloweb.me/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49cb87acb252b8ccfe3fc5290ff5955f2519b75f3cb47ea9c820969afa814b12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:18:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 164548
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13935
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 06 Jul 2023 19:18:22 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 4B5F 8 KB
892 B 20ms
18ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5801112700479829&output=html&h=600&slotname=9113799071&adk=3890572698&adf=2347765671&pi=t.ma~as.9113799071&w=160&lmt=1657299649&psa=0&format=160x600&url=https%3A%2F%2Fzaloweb.me%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657299649606&bpp=1&bdt=1392&idt=1&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daa1599fc633ddacc-220496d0c8cd0072%3AT%3D1657299649%3ART%3D1657299649%3AS%3DALNI_MZuUj3wfl5UKxcuqTd4vqQybwY35w&prev_fmts=0x0%2C1120x280%2C160x600&nras=1&correlator=852629487445&frm=20&pv=1&ga_vid=1174626436.1657299649&ga_sid=1657299649&ga_hid=441807809&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1430&ady=32&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068331%2C44768688%2C31064018&oid=2&pvsid=545393740193883&tmod=1787055019&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=r03ziupTQG&p=https%3A//zaloweb.me&dtd=5

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c261555eab7ae93e60d96a5c5f4f177d11262c0c16e6a1422cf9afadfade15be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 08 Jul 2022 16:54:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 08 Jul 2022 17:00:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 08 Jul 2022 17:00:50 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/ Frame 4B5F 2 KB
902 B 10ms
9ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 16:55:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 304
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Jul 2022 16:55:46 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/ Frame 4B5F 21 KB
8 KB 12ms
10ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 16:58:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 148
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 18116328616323621410
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Jul 2022 16:58:22 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/ Frame 4B5F 3 KB
1 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 16:57:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 184
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Jul 2022 16:57:46 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4B5F 137 KB
42 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e49548c45f00bbfa0fda642d02b5e29b407004eacc2099e348da7cb38f477052

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43254
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1657132091081416"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 08 Jul 2022 17:00:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/ Frame 4B5F 17 KB
7 KB 13ms
11ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 16:55:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 319
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Jul 2022 16:55:31 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 4B5F 0
0 20ms
15ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSCyYbrdvsV2RKAtEIm8UDu6QSPei3leE2EwxmJkyqm5t1zqlUEwloTwpMrqYHOY_EuH4wuNI-twicfeg9hHBJmrV-2XQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5801112700479829&output=html&h=600&slotname=9113799071&adk=3890572698&adf=2347765671&pi=t.ma~as.9113799071&w=160&lmt=1657299649&psa=0&format=160x600&url=https%3A%2F%2Fzaloweb.me%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657299649606&bpp=1&bdt=1392&idt=1&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daa1599fc633ddacc-220496d0c8cd0072%3AT%3D1657299649%3ART%3D1657299649%3AS%3DALNI_MZuUj3wfl5UKxcuqTd4vqQybwY35w&prev_fmts=0x0%2C1120x280%2C160x600&nras=1&correlator=852629487445&frm=20&pv=1&ga_vid=1174626436.1657299649&ga_sid=1657299649&ga_hid=441807809&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1430&ady=32&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068331%2C44768688%2C31064018&oid=2&pvsid=545393740193883&tmod=1787055019&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=r03ziupTQG&p=https%3A//zaloweb.me&dtd=5
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 e335c40f4e500f406840f7159cec7b48.js Show response
www.gstatic.com/mysidia/ Frame 4B5F 31 KB
13 KB 11ms
8ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e335c40f4e500f406840f7159cec7b48.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

204ee979949dff78fdc0b391fe74c9b8fe736abd65a1f0a6af80cb01bcfb8587

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 02 Jul 2022 16:52:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 518928
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13085
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 02:13:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 30 Sep 2022 16:52:02 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4B5F 0
0 55ms
52ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CkNR9wWLIYvmpK8XVtOUPmtqsaMrCxIZrsoSH8_oPoty_oNQBEAEgoqGQkAFglZKhgrAHoAGvmbieA8gBAakCRF3QWvMDsT6oAwGqBMsBT9DAwvSeSDTHNNpwIrcwk9jGChj09_-eAHZjzvKtfl8tL_v4iHi62-Et2OVdOm-sdDwSfQ-UYkRjxC1CJhwNjEq5Yo7ts-xHLN4U1dtWyvSYBQ9cxqTN3hy9yTcHLmiEN2QrnPYBTeFtCiXs5oMcjlwXQ-TMyMZRI3jmjbxNalHmkb9CErovLbmFGzWgp6qe6A14mH_3Ebp__yXkZuJsHTfzRrNYL3mlwRQI0cAAKoVWaLRelyJGUMkq0ES_rKiM5r881wJ38NR6cPPABPTii_v6A5IFBAgEGAGSBQQIBRgEgAfIkdh5qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ2asD0ggSCIjhgBAQARgfMgOqggE6AoBAgAoByAsB2BMCiBQB0BUBgBcBshccChoIABIUcHViLTU4MDExMTI3MDA0Nzk4MjkYAA&sigh=FH49ObB3s0M&uach_m=[UACH]&template_id=5020

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5801112700479829&output=html&h=600&slotname=9113799071&adk=3890572698&adf=2347765671&pi=t.ma~as.9113799071&w=160&lmt=1657299649&psa=0&format=160x600&url=https%3A%2F%2Fzaloweb.me%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657299649606&bpp=1&bdt=1392&idt=1&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daa1599fc633ddacc-220496d0c8cd0072%3AT%3D1657299649%3ART%3D1657299649%3AS%3DALNI_MZuUj3wfl5UKxcuqTd4vqQybwY35w&prev_fmts=0x0%2C1120x280%2C160x600&nras=1&correlator=852629487445&frm=20&pv=1&ga_vid=1174626436.1657299649&ga_sid=1657299649&ga_hid=441807809&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1430&ady=32&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068331%2C44768688%2C31064018&oid=2&pvsid=545393740193883&tmod=1787055019&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=r03ziupTQG&p=https%3A//zaloweb.me&dtd=5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 08 Jul 2022 17:00:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 86DF 12 KB
6 KB 17ms
16ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:50 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 03 Jul 2023 17:00:50 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 86DF 7 KB
7 KB 57ms
16ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=244&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F79f2c646e3f74b54931cff1f39d769d0_blue.png&v=3&w=196&s=OSVWZlqsAEjHj4o1uxJfPYMJ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

bfcd7a262745ac2a8520d46dbe261c5db424c001970e9ebe83c440bfb48454f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:49 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=28570881
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 6722
expires: Sun, 04 Jun 2023 09:22:12 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 86DF 2 KB
2 KB 58ms
17ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoDZH-GmbH-71233DE-2201071435.gif%3Feb%3D1&v=3&w=800&s=vpGm_seSEYg5jupcMbmNinfn&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

65e821b53990c7e875f3a0c2ed1d78d9aaf42a0ac22e5befe5903e4e87faf931

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:50 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1188849
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1540
expires: Fri, 22 Jul 2022 11:14:59 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 86DF 1 KB
2 KB 69ms
29ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoDienstleistungs-Center-Halle-GmbH-DLC-Halle-153157DE.gif%3Feb%3D1&v=3&w=800&s=5ZBJ5qniP8NhN_Q2K8FX3HYz&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

5f5654d3095dcc7a871f7d4c1355b2c9eea3eb0d8f72f87e65b0cf51961aefd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:50 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1043008
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1382
expires: Wed, 20 Jul 2022 18:44:19 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 86DF 1 KB
1 KB 70ms
30ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2FlogoBrenntag-GmbH-24117DE.gif%3Feb%3D1&v=3&w=800&s=aY0qZFm0QPpU2Oy8YdfGD4Ak&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

10fdd6e2b935a4877a1af3b3f84610f10a98fd406065b5a832284674d10ae263

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:49 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=678516
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1228
expires: Sat, 16 Jul 2022 13:29:26 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 86DF 2 KB
2 KB 58ms
17ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F6%2FlogoSMC-Deutschland-GmbH-219784DE.gif%3Feb%3D1&v=3&w=800&s=8xYp2hUF-NT1f3ZL-85i78Xw&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

92c1d30deab581cdf3b6d181b2819afbf641eddf3f271534237b798e1792b095

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:49 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2515635
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1970
expires: Sat, 06 Aug 2022 19:48:05 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 86DF 2 KB
2 KB 69ms
29ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F5%2FlogoBaker-Tilly-88439DE.gif%3Feb%3D1&v=3&w=800&s=mxLMVoVseV4HfRg8413VIOrm&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

090b84dc202b8aa19bc130967edb4939e9ba29458b6583935e4404ca9500c4eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:50 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2910
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1548
expires: Fri, 08 Jul 2022 17:49:20 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 86DF 2 KB
3 KB 16ms
16ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F4%2FlogoRheinmetall-Waffe-Munition-GmbH-222500DE-2106231751.gif%3Feb%3D1&v=3&w=800&s=q08VB5s1jNLRXdIuNZsyv9II&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

cc5e65f3bf4a6f565b2e549b9b401450a1e7d283ffe50dd4a906b5375808b851

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:49 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=993108
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 2446
expires: Wed, 20 Jul 2022 04:52:38 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 86DF 2 KB
3 KB 34ms
34ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F9%2FlogoDARCBLUE-Aktiengesellschaft-283606DE-2201241426.gif%3Feb%3D1&v=3&w=800&s=MlTOGcqDmLFzSR0o71Vt7z2S&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

92dac08f66fd8fedc80ac319e5354cdf8fa9fb3b9b120f1d7058dd7ea2c7f3db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:49 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 2309
expires: Mon, 03 Jul 2023 17:00:50 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 86DF 2 KB
2 KB 17ms
16ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FH%2FlogoHUMAN-Gesellschaft-fur-Biochemica-und-Diagnostica-mbH-139807DE.gif%3Feb%3D1&v=3&w=800&s=Vlq9y_uWl6gvv4DoAZEtzwms&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

7eded04e9befa23d4bef4ca344009da8a4f4667af4da41a9e594b56fab7bdb42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:50 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=713399
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1798
expires: Sat, 16 Jul 2022 23:10:50 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 86DF 0
128 B 65ms
16ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=ZSJkXP0h7SwKdip6lQu4zmg1YE9mTbOt1nS25U1hyQnGmF5zI8tp3ZCwj0y5Z_c9Dluv-T1ypTZ2xORwPODO73I2NKQul_5pfMnSJLAtYhZy-E1Lf6Fvg8ux_DsOz2o4SQw145TyC42swwdgjOdlOa8QQp198AojzHOq2ij9-jA6vUO-VsxpIYTYO3muV8kcWRUXQHFhCfZeGuI3Oj0qJSFxgasjvPfV5KtdrDZm6htYDX6ZVTHWkwKmgDQ&sds=2&rev=82042&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 08 Jul 2022 17:00:49 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 86DF 2 KB
1 KB 17ms
17ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:50 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 03 Jul 2023 17:00:50 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 86DF 2 KB
1 KB 16ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:50 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 03 Jul 2023 17:00:50 GMT

GET
DATA 200
OK truncated
/ Frame 4B5F 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 css
fonts.googleapis.com/ Frame 4663 4 KB
621 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5801112700479829&output=html&h=600&slotname=9113799071&adk=3890572698&adf=943920009&pi=t.ma~as.9113799071&w=160&lmt=1657299649&psa=0&format=160x600&url=https%3A%2F%2Fzaloweb.me%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657299649593&bpp=2&bdt=1379&idt=2&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daa1599fc633ddacc-220496d0c8cd0072%3AT%3D1657299649%3ART%3D1657299649%3AS%3DALNI_MZuUj3wfl5UKxcuqTd4vqQybwY35w&prev_fmts=0x0%2C1120x280&nras=1&correlator=852629487445&frm=20&pv=1&ga_vid=1174626436.1657299649&ga_sid=1657299649&ga_hid=441807809&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=32&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068331%2C44768688%2C31064018&oid=2&pvsid=545393740193883&tmod=1787055019&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IdZdmOizlQ&p=https%3A//zaloweb.me&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 08 Jul 2022 16:53:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 08 Jul 2022 17:00:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 08 Jul 2022 17:00:50 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/ Frame 4663 2 KB
902 B 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5801112700479829&output=html&h=600&slotname=9113799071&adk=3890572698&adf=943920009&pi=t.ma~as.9113799071&w=160&lmt=1657299649&psa=0&format=160x600&url=https%3A%2F%2Fzaloweb.me%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657299649593&bpp=2&bdt=1379&idt=2&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daa1599fc633ddacc-220496d0c8cd0072%3AT%3D1657299649%3ART%3D1657299649%3AS%3DALNI_MZuUj3wfl5UKxcuqTd4vqQybwY35w&prev_fmts=0x0%2C1120x280&nras=1&correlator=852629487445&frm=20&pv=1&ga_vid=1174626436.1657299649&ga_sid=1657299649&ga_hid=441807809&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=32&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068331%2C44768688%2C31064018&oid=2&pvsid=545393740193883&tmod=1787055019&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IdZdmOizlQ&p=https%3A//zaloweb.me&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 16:55:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 304
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Jul 2022 16:55:46 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/ Frame 4663 21 KB
8 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5801112700479829&output=html&h=600&slotname=9113799071&adk=3890572698&adf=943920009&pi=t.ma~as.9113799071&w=160&lmt=1657299649&psa=0&format=160x600&url=https%3A%2F%2Fzaloweb.me%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657299649593&bpp=2&bdt=1379&idt=2&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daa1599fc633ddacc-220496d0c8cd0072%3AT%3D1657299649%3ART%3D1657299649%3AS%3DALNI_MZuUj3wfl5UKxcuqTd4vqQybwY35w&prev_fmts=0x0%2C1120x280&nras=1&correlator=852629487445&frm=20&pv=1&ga_vid=1174626436.1657299649&ga_sid=1657299649&ga_hid=441807809&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=32&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068331%2C44768688%2C31064018&oid=2&pvsid=545393740193883&tmod=1787055019&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IdZdmOizlQ&p=https%3A//zaloweb.me&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 16:58:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 148
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 18116328616323621410
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Jul 2022 16:58:22 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/ Frame 4663 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5801112700479829&output=html&h=600&slotname=9113799071&adk=3890572698&adf=943920009&pi=t.ma~as.9113799071&w=160&lmt=1657299649&psa=0&format=160x600&url=https%3A%2F%2Fzaloweb.me%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657299649593&bpp=2&bdt=1379&idt=2&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daa1599fc633ddacc-220496d0c8cd0072%3AT%3D1657299649%3ART%3D1657299649%3AS%3DALNI_MZuUj3wfl5UKxcuqTd4vqQybwY35w&prev_fmts=0x0%2C1120x280&nras=1&correlator=852629487445&frm=20&pv=1&ga_vid=1174626436.1657299649&ga_sid=1657299649&ga_hid=441807809&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=32&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068331%2C44768688%2C31064018&oid=2&pvsid=545393740193883&tmod=1787055019&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IdZdmOizlQ&p=https%3A//zaloweb.me&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 16:57:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 184
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Jul 2022 16:57:46 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4663 137 KB
42 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5801112700479829&output=html&h=600&slotname=9113799071&adk=3890572698&adf=943920009&pi=t.ma~as.9113799071&w=160&lmt=1657299649&psa=0&format=160x600&url=https%3A%2F%2Fzaloweb.me%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657299649593&bpp=2&bdt=1379&idt=2&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daa1599fc633ddacc-220496d0c8cd0072%3AT%3D1657299649%3ART%3D1657299649%3AS%3DALNI_MZuUj3wfl5UKxcuqTd4vqQybwY35w&prev_fmts=0x0%2C1120x280&nras=1&correlator=852629487445&frm=20&pv=1&ga_vid=1174626436.1657299649&ga_sid=1657299649&ga_hid=441807809&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=32&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068331%2C44768688%2C31064018&oid=2&pvsid=545393740193883&tmod=1787055019&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IdZdmOizlQ&p=https%3A//zaloweb.me&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e49548c45f00bbfa0fda642d02b5e29b407004eacc2099e348da7cb38f477052

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43254
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1657132091081416"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 08 Jul 2022 17:00:50 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/ Frame 4663 17 KB
7 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5801112700479829&output=html&h=600&slotname=9113799071&adk=3890572698&adf=943920009&pi=t.ma~as.9113799071&w=160&lmt=1657299649&psa=0&format=160x600&url=https%3A%2F%2Fzaloweb.me%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657299649593&bpp=2&bdt=1379&idt=2&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daa1599fc633ddacc-220496d0c8cd0072%3AT%3D1657299649%3ART%3D1657299649%3AS%3DALNI_MZuUj3wfl5UKxcuqTd4vqQybwY35w&prev_fmts=0x0%2C1120x280&nras=1&correlator=852629487445&frm=20&pv=1&ga_vid=1174626436.1657299649&ga_sid=1657299649&ga_hid=441807809&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=32&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068331%2C44768688%2C31064018&oid=2&pvsid=545393740193883&tmod=1787055019&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IdZdmOizlQ&p=https%3A//zaloweb.me&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 16:55:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 319
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Jul 2022 16:55:31 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4663 0
0 36ms
16ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTseDQdfe9m_ecglE5ZGHr_2iy6JtxS7nTAtOoB5Lb5WZCg4rPM15u9ypxrN_h_jyLr4JKd64qkw3gV5GP1o7NvvOiiaw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5801112700479829&output=html&h=600&slotname=9113799071&adk=3890572698&adf=943920009&pi=t.ma~as.9113799071&w=160&lmt=1657299649&psa=0&format=160x600&url=https%3A%2F%2Fzaloweb.me%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657299649593&bpp=2&bdt=1379&idt=2&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daa1599fc633ddacc-220496d0c8cd0072%3AT%3D1657299649%3ART%3D1657299649%3AS%3DALNI_MZuUj3wfl5UKxcuqTd4vqQybwY35w&prev_fmts=0x0%2C1120x280&nras=1&correlator=852629487445&frm=20&pv=1&ga_vid=1174626436.1657299649&ga_sid=1657299649&ga_hid=441807809&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=32&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068331%2C44768688%2C31064018&oid=2&pvsid=545393740193883&tmod=1787055019&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IdZdmOizlQ&p=https%3A//zaloweb.me&dtd=11
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 200 e335c40f4e500f406840f7159cec7b48.js Show response
www.gstatic.com/mysidia/ Frame 4663 31 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e335c40f4e500f406840f7159cec7b48.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5801112700479829&output=html&h=600&slotname=9113799071&adk=3890572698&adf=943920009&pi=t.ma~as.9113799071&w=160&lmt=1657299649&psa=0&format=160x600&url=https%3A%2F%2Fzaloweb.me%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657299649593&bpp=2&bdt=1379&idt=2&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daa1599fc633ddacc-220496d0c8cd0072%3AT%3D1657299649%3ART%3D1657299649%3AS%3DALNI_MZuUj3wfl5UKxcuqTd4vqQybwY35w&prev_fmts=0x0%2C1120x280&nras=1&correlator=852629487445&frm=20&pv=1&ga_vid=1174626436.1657299649&ga_sid=1657299649&ga_hid=441807809&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=32&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068331%2C44768688%2C31064018&oid=2&pvsid=545393740193883&tmod=1787055019&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IdZdmOizlQ&p=https%3A//zaloweb.me&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

204ee979949dff78fdc0b391fe74c9b8fe736abd65a1f0a6af80cb01bcfb8587

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sat, 02 Jul 2022 16:52:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 518928
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13085
x-xss-protection: 0
last-modified: Thu, 30 Jun 2022 02:13:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 30 Sep 2022 16:52:02 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4663 0
0 52ms
52ms Fetch
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CAW4ywWLIYquaK-P_tOUPnN2AsAncxbaDacrVg5jTDI3WhZmAHBABIKKhkJABYJWSoYKwB6ABsLqh1wPIAQmpAkRd0FrzA7E-qAMByAPLBKoEywFP0ERdeoYvEBrmUNLf0VSBiZC9yGoYFpv7plspEsH4fubYiAssJVoWHa6kRlqJrZY2WixscKwY0ZKv7H3NTEKLWO7FechjNO4Ke8CbuuX8sfjMcguw8HNFVjvpF6zchcKi_QgXAFG8q2G9uEAl8uUY6Jf_-vLdb3ROOzIHMO0ARFzlEB0pM6Sz800ybaAl-NmNo6cVPUmvL6PHQDi3plWgzqKKEbqUAZ_-G__k-VdwwryC0eSrn-Smwm1nxgRKLkitxXVC-n36DZ11s8AEuav95KIDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB7_ZvWCoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQsosC0ggSCIjhgBAQARgfMgOqggE6AoBAgAoByAsB2BMMiBQC0BUBgBcBshccChoIABIUcHViLTU4MDExMTI3MDA0Nzk4MjkYAA&sigh=DBNzpyATTDo&uach_m=[UACH]&template_id=494

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5801112700479829&output=html&h=600&slotname=9113799071&adk=3890572698&adf=943920009&pi=t.ma~as.9113799071&w=160&lmt=1657299649&psa=0&format=160x600&url=https%3A%2F%2Fzaloweb.me%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657299649593&bpp=2&bdt=1379&idt=2&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daa1599fc633ddacc-220496d0c8cd0072%3AT%3D1657299649%3ART%3D1657299649%3AS%3DALNI_MZuUj3wfl5UKxcuqTd4vqQybwY35w&prev_fmts=0x0%2C1120x280&nras=1&correlator=852629487445&frm=20&pv=1&ga_vid=1174626436.1657299649&ga_sid=1657299649&ga_hid=441807809&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=32&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068331%2C44768688%2C31064018&oid=2&pvsid=545393740193883&tmod=1787055019&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IdZdmOizlQ&p=https%3A//zaloweb.me&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5801112700479829&output=html&h=600&slotname=9113799071&adk=3890572698&adf=943920009&pi=t.ma~as.9113799071&w=160&lmt=1657299649&psa=0&format=160x600&url=https%3A%2F%2Fzaloweb.me%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657299649593&bpp=2&bdt=1379&idt=2&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daa1599fc633ddacc-220496d0c8cd0072%3AT%3D1657299649%3ART%3D1657299649%3AS%3DALNI_MZuUj3wfl5UKxcuqTd4vqQybwY35w&prev_fmts=0x0%2C1120x280&nras=1&correlator=852629487445&frm=20&pv=1&ga_vid=1174626436.1657299649&ga_sid=1657299649&ga_hid=441807809&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=32&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068331%2C44768688%2C31064018&oid=2&pvsid=545393740193883&tmod=1787055019&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IdZdmOizlQ&p=https%3A//zaloweb.me&dtd=11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 08 Jul 2022 17:00:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4663 287 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce

Request headers

Referer
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

4091503581208051288
tpc.googlesyndication.com/simgad/ Frame 4663
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDnj86ZywEQ9AMY9AMyCGN8MsJOAEwL
https://tpc.googlesyndication.com/simgad/4091503581208051288

107 KB
107 KB

9ms
8ms

Image
image/png

2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4091503581208051288

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5801112700479829&output=html&h=600&slotname=9113799071&adk=3890572698&adf=943920009&pi=t.ma~as.9113799071&w=160&lmt=1657299649&psa=0&format=160x600&url=https%3A%2F%2Fzaloweb.me%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657299649593&bpp=2&bdt=1379&idt=2&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daa1599fc633ddacc-220496d0c8cd0072%3AT%3D1657299649%3ART%3D1657299649%3AS%3DALNI_MZuUj3wfl5UKxcuqTd4vqQybwY35w&prev_fmts=0x0%2C1120x280&nras=1&correlator=852629487445&frm=20&pv=1&ga_vid=1174626436.1657299649&ga_sid=1657299649&ga_hid=441807809&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=32&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068331%2C44768688%2C31064018&oid=2&pvsid=545393740193883&tmod=1787055019&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IdZdmOizlQ&p=https%3A//zaloweb.me&dtd=11

Protocol

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fcab803c6d01082f69e5510655ca566241f3a4fd3ee7aa1506b1308e2d069ccb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 09:38:44 GMT
x-content-type-options: nosniff
age: 199326
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109931
x-xss-protection: 0
last-modified: Wed, 23 Oct 2019 12:45:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 06 Jul 2023 09:38:44 GMT

Redirect headers

date: Fri, 08 Jul 2022 08:05:41 GMT
x-content-type-options: nosniff
server: cafe
age: 32109
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://tpc.googlesyndication.com/simgad/4091503581208051288
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 07 Aug 2022 08:05:41 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8330 143 B
163 B 8ms
7ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5801112700479829&output=html&h=600&slotname=9113799071&adk=3890572698&adf=2347765671&pi=t.ma~as.9113799071&w=160&lmt=1657299649&psa=0&format=160x600&url=https%3A%2F%2Fzaloweb.me%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657299649606&bpp=1&bdt=1392&idt=1&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daa1599fc633ddacc-220496d0c8cd0072%3AT%3D1657299649%3ART%3D1657299649%3AS%3DALNI_MZuUj3wfl5UKxcuqTd4vqQybwY35w&prev_fmts=0x0%2C1120x280%2C160x600&nras=1&correlator=852629487445&frm=20&pv=1&ga_vid=1174626436.1657299649&ga_sid=1657299649&ga_hid=441807809&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1430&ady=32&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068331%2C44768688%2C31064018&oid=2&pvsid=545393740193883&tmod=1787055019&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&fsb=1&xpc=r03ziupTQG&p=https%3A//zaloweb.me&dtd=5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 595
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Fri, 08 Jul 2022 16:50:55 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 4B5F 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8495472e2b0c73c48fe8898bb3440866d514c7565e3d75cf7e6601ea963b1862

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 4663 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 360d0faf50e34def32d020d13195008ff93e29bbc9b12d7874ebfdeeb9a91677

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 4B5F 28 KB
28 KB 29ms
11ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 08:44:44 GMT
x-content-type-options: nosniff
age: 202566
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Jul 2023 08:44:44 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 4663 16 KB
16 KB 18ms
8ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 04 Jul 2022 16:12:47 GMT
x-content-type-options: nosniff
age: 348483
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 04 Jul 2023 16:12:47 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8330
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

50ms
49ms

Document
text/html

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 08 Jul 2022 17:00:50 GMT
expires: Fri, 08 Jul 2022 17:00:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 08 Jul 2022 17:00:50 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ScuHrLJSuMz-P8UpD_WVXyUZt188tH6pyCCWmvqBSxI.js Show response
pagead2.googlesyndication.com/bg/ Frame 1A72 36 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ScuHrLJSuMz-P8UpD_WVXyUZt188tH6pyCCWmvqBSxI.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5801112700479829&output=html&h=600&slotname=9113799071&adk=3890572698&adf=943920009&pi=t.ma~as.9113799071&w=160&lmt=1657299649&psa=0&format=160x600&url=https%3A%2F%2Fzaloweb.me%2F&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657299649593&bpp=2&bdt=1379&idt=2&shv=r20220630&mjsv=m202206300101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Daa1599fc633ddacc-220496d0c8cd0072%3AT%3D1657299649%3ART%3D1657299649%3AS%3DALNI_MZuUj3wfl5UKxcuqTd4vqQybwY35w&prev_fmts=0x0%2C1120x280&nras=1&correlator=852629487445&frm=20&pv=1&ga_vid=1174626436.1657299649&ga_sid=1657299649&ga_hid=441807809&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=0&ady=32&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068331%2C44768688%2C31064018&oid=2&pvsid=545393740193883&tmod=1787055019&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfeE%7C&abl=CF&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=IdZdmOizlQ&p=https%3A//zaloweb.me&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49cb87acb252b8ccfe3fc5290ff5955f2519b75f3cb47ea9c820969afa814b12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 06 Jul 2022 19:18:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 164548
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13935
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 06 Jul 2023 19:18:22 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B7E3 42 B
64 B 62ms
45ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstMbBVOY4b1Ra9ZSbHTzh_GzLVz77ItFLgoYqAhs0Vw_UUEAnzAnuNEFpEPr0oOUv9SoWl67KY6K4jZQ2BJQsYYUCNbWanz3j3dIzcLx21W068d5eKdkL_JsEsSmDiePmXkTlKZPhU-SjL5V7ZkcxX0udMcYMFLnFg09oU5_X5sf2rsqfJqjwPpt8hVvOnUrFbKuTNTVmJlVgWKpH6rWMfpPFsffTfP8xy51Kt4F4vH6GICrwiOi-BwYTwhOCApiwZIoKrPQ9nTo1IlU0n2sOzed0ao2z6KXkEDWAnpAQ34PaxYsTtCDpFG_7Ga24Pme-CCOuNvWIg-t9ts8pkcF2zTOeHNAl7CHHN2dAKylNx9qC8AEBdVvCO2ty7EO7YILKzv3cl__4oskIOeHvH80H5xfQHgk_u3hNcF1Hwce06lhPnm0pZw96kvL2KAwdSaY7O-v0rUcwIeLQVLWP8C6dbc_kjf_Q1ahYPItnRqSHzT7A1MbmnNvYMfzbFZ6Pa_2VETTSWfBUgL4A5rBW1EEebISB-0g5U7znLd_BN70xeZiVGrxeS71wNKqhoWn9Ec0OhRn2O0Z4Zzj5nxC_5y3TvTtuAE33kGK5J0yetwWvSPYseIrq_M3R8zEV3Wc3pX0iKLuD5RZv4OBPYrMyB1L4zLGxonhuXk4mbpbFX2zqc1G-0LXllmu0acvewBPxegUJ63MCdocdeRqZ1XMXB1vv03zgAHgGBDAP3h0Tp5AyhreRV5v5XS7x63191D66nn6bcOn1pnx-7YwxBoq-c9NiVFWtf6ZYkg-y61eWACMfSsLrlR2qiC6HAiNVvvzvCQkFTVT3kobEktfuCEO-IIVmwHGtTEovcqN3VoQcXz0mqPRst-LrjBg3kbxmO-GfbYq71OF0C1xeNAp9qsn-ICgj5cee7ws4E206G7_Z09q4Cot0Od1xqT_6iyki6wxfVJ6jWb7EKaPIIyPeDEx-aRKW8VWXerFmYXQly5z3tNFNw0oUuzz6EtNXsqKQqbkNZzvZ2km0KpJ3gMPefm1ft2pRln2ZNTaSwJ1sK9NOFRqQ&sai=AMfl-YRvpu5cQk3kSD5oq9d4Sv7iSL6Sd7jSbs5yr-DXoOVRdjfbkmtivHriqVm97vpTIA6CfiEtpnkFn7YRNNB8TFL2Cu4m73Km4w&sig=Cg0ArKJSzG36YSfqXUg3EAE&id=lidar2&mcvt=1002&p=0,0,280,1120&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20220706&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3047136366&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1657299649410&rpt=589&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 17:00:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0C90 42 B
64 B 42ms
42ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsucGgKgj96Z6HuBx6Tq2oYVrr8Ln-t-L3Vg1q5e2NJLAz8YGhaGzC7zVFgyaQDAlUdugUo_QrNCMnGDARpYrJc6M9nH&sig=Cg0ArKJSzO0p12VUcCA9EAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=176,848,1000,1194,1303&tos=176,672,152,194,109&v=20220706&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1657299649853&rpt=173&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 17:00:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4663 42 B
64 B 53ms
51ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst6xqr64M-6zseM6ZirdrXrCYVL636yPrKIpc3h5G2w_WrObznVjSAwG_7nnE0BIi7ijmYOzH_Y4g4C6MKCWnH5U18MIyjA5MrFqAaKMk6Mqf1GL-Pa1qI4fWZiRmdvKTuyoEm-VYOht_4kbWEDwIt5iBkAG3eNUr7binxY5bPz&sai=AMfl-YS0qLMv4pWN5h5NTRrtQCWQzLZg5fXWUGTE7rU50wUm0J40UJlrOq2EYJd0Q3zQP9X4of_SPe6DAH8NIFi69_FFgtfnuC8Ac1dY9oGB9htSznsOxoB5MPjYmSNJk0N5&sig=Cg0ArKJSzGJ-SGwWI5LgEAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220706&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3890572698&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1657299649605&rpt=876&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 17:00:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4B5F 42 B
64 B 50ms
49ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstLso3sfA5KY1lYtYsFAbpjbaCUTu4W92ZLf4arabz5s6qVkBl_jmht_rJXcouFfrWrlv2kJncQVmxHiTirgwqthIihnY1dLHeuczwCX5rd4kIHN_O4Ep_pScKdr09UXyYOzEObMZzyh3L_-QSYNz5M2qKctbpIKbWzEmn7-PIe&sai=AMfl-YQK1VpbB9K2-rzp4abS2SvWXvvJD9I9G7z7HqVkHSkKMwYLv5TYdd-TZdPlynXYUvmkJzx6Tv_aFJviLUJ4ziZWPkLd1ATWIxeK7V-SBOx-huIk0adNtJPrjKLJLQMq&sig=Cg0ArKJSzHa7IPbX8zyLEAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220706&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3890572698&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1657299649612&rpt=977&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Jul 2022 17:00:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 21ms
21ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220630&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

96bbcf015bc8b8723ea497301399214757a7ffded7d7f20635555832271b2bcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zaloweb.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 08 Jul 2022 17:00:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10650
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zaloweb.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 08 Jul 2022 17:00:51 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7AC2 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zaloweb.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1246
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Jul 2022 16:40:05 GMT
expires: Sat, 08 Jul 2023 16:40:05 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 575A 783 B
535 B 20ms
19ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

175cd96b3c175d3a73fd537ca830c5cf7fb916e9aaae63b5d5259c4af3fd175f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qPMGR0YV7yb3venPAD1anA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://zaloweb.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-qPMGR0YV7yb3venPAD1anA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 08 Jul 2022 17:00:51 GMT
expires: Fri, 08 Jul 2022 17:00:51 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 yleD_imbJ2YLIerZJCJUa4yQOSRhPvCXXlQ8m3xKa_Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 7AC2 36 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/yleD_imbJ2YLIerZJCJUa4yQOSRhPvCXXlQ8m3xKa_Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca5783fe299b27660b21ead92422546b8c903924613ef0975e543c9b7c4a6bf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 16:42:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1087
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13895
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 08:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Jul 2023 16:42:44 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 575A 0
0 56ms
56ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220630&jk=545393740193883&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7AC2 0
9 B 9ms
9ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?J5VQrA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 08 Jul 2022 17:00:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H2 200 all
csm.eu.criteo.net/ Frame 86DF 0
127 B 18ms
17ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 08 Jul 2022 17:00:51 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 55ms
55ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220630&jk=545393740193883&bg=!09Cl0JTNAAaLlKKnq5Q7ACkAdvg8WrxTaLvFeK6hNVd5hOJ-33K4IoUFoBrdeRsr2EbQa5gdToVuPwIAAABdUgAAAAJoAQcKAKATUHzUGsCUY_eIsCfC-ZL7HaKNJQSQZTSaOzk0rp3NFpPy8fJqIsW5Tpo4KHrgP11JbwNvcnO1rFsacew3Bq47dbU4XAKr_lpIELbRUcwZVA09oA-dW_J2Z10hPooqqGdnzpWNAqVgzDbPvTRvvDoL8Q2YuYbOW5N0aiBw7QYhcnEb4zycMaW1SWvFuvxvT48LhBG9fU58DTfYwhqyallBmQKRlW_DXkoMlpYPAFJE6Jws7z1z6xhg9tygiDm1_pSvqMZvB48fX3HqO7okM-iRRr23_Oz5TRYbuI7DT6f4x_F92uBXuWp5fYNSZ8ZjVpo0uHRGojCbt7LsiDYW_a3nJwkBC1Y0CMW_RQ_eEAExi2NxTP5lXczjWDqM-exoD1SXA_6P9V4sgKZUs0jbt6hEdiAdwb4pYO38SN9TjagoP09x29oW8mOOqy5_pjSSr0ANJLaKijbxAZh9lSFLnshnOIbRKKd6Qy4xt0S5L5N0ZEAO7QNphALoaaqa04Zxf1QCae8Qz6akDBykY4S3SjXTRwB7h7YVgmFAI_KZK94KBdh--rjc7XTdPg_tVQl7MfJJZv7rlHcYnNBM7n8y-UsFDKYDXhRxjPRYDv8ipQ7XJC7S2qDSvLP5-31ft-oCH6pRYmR43ToHPq3IwLed38qziZwRXR-TLFESRRsxxFZ-dZwmqaWtMMICivN51eX9RHCDg_C-lVTPWLzCT0HQ7-gIxfKyg-obQpBU0Oa9c9CLon_s1A6uqGqGJbR97YnJHv7LYKfMbksIaxkkQ_5AYuxrI1H5t0Qemomeg5pw9qZRUEJ5057DuwLOv03bLtTtYIx6OvtkzQKhyPmmAy0ZuOszeYB3QQ-ta6NRN9z52jq_hew0UmR06qJC54bUgJk25WZK0MHt7qvnlmBxRNqUgxBWreD3_DzBj50wjh0DJk0GEHxpA71d23PSUa_0kpz4ZREC2izHYyBOEmgnptpcetQ4sprAT9LprAHg89fl2Re1yq5ADtlbKI5IwBwKqHg3Cs2Px4XBweISQJWTsCiPcr-92K87o1a6lXb1xdOCRLy_iq13k1nXyjxW4uAHqkMmp5UB7xvw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://zaloweb.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.zaloweb.me/	1970-01-20 21:52:51	Name: _ga_HPF8C9L884 Value: GS1.1.1657299649.1.0.1657299649.0
.zaloweb.me/	1970-01-20 21:52:51	Name: _ga Value: GA1.2.1174626436.1657299649
.zaloweb.me/	1970-01-20 04:23:06	Name: _gid Value: GA1.2.1803639375.1657299649
.zaloweb.me/	1970-01-20 04:21:39	Name: _gat_gtag_UA_205127614_1 Value: 1
.zaloweb.me/	1970-01-20 13:43:15	Name: __gads Value: ID=aa1599fc633ddacc-220496d0c8cd0072:T=1657299649:RT=1657299649:S=ALNI_MZuUj3wfl5UKxcuqTd4vqQybwY35w
.doubleclick.net/	1970-01-20 13:43:15	Name: IDE Value: AHWqTUnC1LtuPtC-jso0vlmpgyVWOm4dHoBqJOi9TpgfkrtupoS3tDw4fGh6djJrhUs
.doubleclick.net/	1970-01-20 04:21:43	Name: DSID Value: NO_DATA

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20220630/r20110914/zrt_lookup.html?fsb=1(Line 21) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	"max-age=31536000; includeSubDomains; preload" always
X-Content-Type-Options	"nosniff" always
X-Xss-Protection	"1; mode=block" always

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.com
adservice.google.de
cat.nl.eu.criteo.com
csm.eu.criteo.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
images.dmca.com
mts0.google.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
region1.google-analytics.com
rtb.nl.eu.criteo.com
secure-gl.imrworldwide.com
static.criteo.net
stats.g.doubleclick.net
stc-zaloprofile.zdn.vn
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
zaloweb.me
120.138.69.11
151.139.242.29
178.250.0.139
178.250.0.162
178.250.2.148
2001:4860:4802:32::36
216.58.212.162
2600:9000:21f3:a600:1e:a43d:b640:93a1
2a00:1450:4001:803::2002
2a00:1450:4001:806::200e
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::2008
2a00:1450:4001:810::2003
2a00:1450:4001:813::2002
2a00:1450:4001:827::2001
2a00:1450:4001:828::200a
2a00:1450:4001:82b::2004
2a00:1450:4001:830::2002
2a00:1450:4001:830::200e
2a00:1450:400c:c1b::9a
2a02:2638:1::2
2a02:2638:1::4
2a02:2638::3
45.76.180.219
01b43417d89abafa536872c1d43bb27916170b4eb8778846b7b9d1b13c6c6c85
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
073351c657bbb62703d3e79b437eb5b7c7a647b2293edd2caab7e7016f3d91fa
090b84dc202b8aa19bc130967edb4939e9ba29458b6583935e4404ca9500c4eb
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0f03c8748f2a50b87d383ac1790e6ae151f7869240fe854d38421c90620e040f
10fdd6e2b935a4877a1af3b3f84610f10a98fd406065b5a832284674d10ae263
119f7b54ec2dd5b26bc47308c51a6e14b260a52d9536b63859c3bb4bac71ad1d
146c050fccfe4e94fad0481d6d5e706d36a25b0395cf3ce6011ff88b864d89a0
175cd96b3c175d3a73fd537ca830c5cf7fb916e9aaae63b5d5259c4af3fd175f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a3f97d78aef212189688c06d7c17a5eebb4141f15b6e4e12b1e11ba4885eb45
204ee979949dff78fdc0b391fe74c9b8fe736abd65a1f0a6af80cb01bcfb8587
22af5d3bf749542c2d95975186991b7b8c1e0766449c3fdeab55d57eb0d1ffdc
2389d2246dc7ec3c980e03fe2a11ba23e042db1c7be46904434150839047f882
26730153fd8c70836fd92e5e8f1dc59b0773a64cf6170bc922aa188469ff978b
2e9e8d9c99899d98b2c65d2ea9c9b2563d61f3274bdb603eb6ad417897da9dc6
2f824f89d7340b0c3b914cc609c31a60979c6bcc63a4b07991795a2ab5c50f32
3505ed4811c3f04939a3026e417e58f8ff797ff4d3b7adc9381caaa06c38cc08
360d0faf50e34def32d020d13195008ff93e29bbc9b12d7874ebfdeeb9a91677
3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d
3c038095f9c8e938d02b10873864c29a83cbace99675c2e6b6fdc18868a10d92
41f806a19a20885a156ceb760f01b4fddc9e037b0f94dbbdaf33c53077f5fc08
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
49cb87acb252b8ccfe3fc5290ff5955f2519b75f3cb47ea9c820969afa814b12
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4bd938863d8e473540c7300aec8fd156822f4701cee5fb6b3328a2cc9b0a012b
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ed10d0d64bb1515397e8666a63f484d640dbc5678fa62574e077b7aef1c3af2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56005ece39a5a8664cfda4dfe8e3782a1f2d00b0173ef129e5d29b5b620829b1
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d5110899c37bdf3c0332d865e03fab7c745c54605be4c4635676257e753251e
5f5654d3095dcc7a871f7d4c1355b2c9eea3eb0d8f72f87e65b0cf51961aefd6
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62b7bc5741a33135c1766967ea35feb1101e9527e0aff0bf97587aeffd289dd7
64d24b4c9afb6e5fe9afab78a013911c5ae41de7f385a30e0a5e354caf84dd92
6545d10fa09bea7237baa618fcfa331ffeb8d51ef6ed658aaf75a23debb3df04
65e63628edcc22d458460336be3fb63e34ad44c3472e230269704190820250ba
65e821b53990c7e875f3a0c2ed1d78d9aaf42a0ac22e5befe5903e4e87faf931
691ea4f82b9612fc33cd8a5663df6c2b2d4d1653b18929955231a678b1f6a6d1
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d33998fb45cd6c5b382568065a2b7eef4e0901500ffa02cf4a767d731863712
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
743425bf350e15c32f23c1bf3505546d39071ba4f35c2634a0d43654bf00d639
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
7ac8ebeafc116dc5f3fe3bcef244d3533607913da7d5c07d9e3427a87c83e670
7eded04e9befa23d4bef4ca344009da8a4f4667af4da41a9e594b56fab7bdb42
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83d858c34f34d68fa91ca1132ee06334b28ca88dcd9497378016697f77834e5b
8495472e2b0c73c48fe8898bb3440866d514c7565e3d75cf7e6601ea963b1862
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b1ccf2d92e5e6235fcb23becebc6b98f5eba33abad7902763aa8b830be20bd7
8be8f432572fba9a5669684d4f89b81b9595700f40480eeecbfe7721ce5b2234
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
90dd6a57351137eb72d9aef2c85493606582b65c204826faccc3aab55b860da1
92c1d30deab581cdf3b6d181b2819afbf641eddf3f271534237b798e1792b095
92dac08f66fd8fedc80ac319e5354cdf8fa9fb3b9b120f1d7058dd7ea2c7f3db
93732a65a282d2c6a73473c0cbad268ff4b4d7e3a97a432e09eb1c7726d43540
95f07e8d6f149cf8b99d1bbfad02b054f775119551edaa7bb4595e1c2f86115b
96bbcf015bc8b8723ea497301399214757a7ffded7d7f20635555832271b2bcc
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
98c301f03b6626841c9f75ad97b0b135ad8572b4087c2d8f4ef6541831d32e74
9a5d04f74cf2a5ac395114c141150def9ea2ec79fa5b06febc02cb396d2c88f7
9b4ed13bfe6e05b6340281394abe265105b1eb916ab1e53e604352525305f7c2
9c21e448d2575a0c240542d3fb90618b2f3b3992d00ef78c31181e56ca5a3645
9d650fa59c49b549ceb7fe45c93c1f139c27d2ba5bd379522e3a80d9fa69fdd2
9e96d22139df00d81b7259958dd5253f5b3a7dcde958d8445ce67e847958abaa
9ec2965b9fe07eac15b565a860e858d0a507f817319b3d90c542ef328324f659
9ffceef9e6206bb7905a36647ba3ade0ce970406b1a9fc43e4c03cff9ee5c35c
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a10a65cda4e0697cb6b0e9222c286393609fdb45f027d3194870e175daf7da3e
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a44f3492a173452dc9cca679675a4113c749aefeee8b7e2f326387e8d9be5ef2
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b3b91b775b356ac4b5c34ac94dbcc1212ef23b5e89bfa9bfcc92e285a4447a
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
aad69cf5d08b51636277b46c0e2833cab2daf135684fccb873072b3c1176a3c8
ad3ee286844c46dba3f0d26e100f508c410b28f52784fbeec2d513ef6c6fda7a
ae2e1dc0161fa05e80b225682868a9bfbab08c503b2429f06339d4487f160ac2
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b4677907d6fb98b80338e2ca3fa5d0a066b8fca481fb3f26a42d926efceb3dba
b6b606fe32829b8ec41f4559eca2ccfe2dc225c31b50d9027bb8f26473f07b16
b88fca268e1352a0922f301c6b88f0499606c01faa8d0718de11a8153a5edc3a
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bfcd7a262745ac2a8520d46dbe261c5db424c001970e9ebe83c440bfb48454f7
c261555eab7ae93e60d96a5c5f4f177d11262c0c16e6a1422cf9afadfade15be
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c41ce6b67f407e0caba7531192a1ff70091510819dde2722cfbdb0dfc8f143f2
ca5783fe299b27660b21ead92422546b8c903924613ef0975e543c9b7c4a6bf4
cb6554b04a2e5178a3e18dde21b1bb72e0aa5f87aac9cb567844a4fda5990847
cbf38ac781f121a33e4e62e55a3abb8ddc3fa0857ec609b8d17fc4d702d6e9fd
cc5e65f3bf4a6f565b2e549b9b401450a1e7d283ffe50dd4a906b5375808b851
d26c1785b866a18666adb61e39511c9a2bf3d08a8125489115e3e03bfbdc5a6c
d5dc5b26a45586ee73700328d96f2a7b5479f9384afe58e75d50001991dae55c
d678ab3b4e7dddf5615012cc1a930e50dfbc967181b8fbeb1b98d61549f5ed08
d9a3e8f06cc8581fd6eeb011535e3fe287f9d38d22be1ec1f9fd9bf804adf62a
dd59aa3a642c6d0e3e970ec62c4ca24c987c93049c7a9b2fa3ebda822fd17565
de0ffa07714628c42699b0c6df1ae67aed1269221f4100551bd4d95117e22999
de138897660debebc32922cb7d8cef8ecef5ca973e296c3dc8cd3dc15d6f995b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e01dc769afcc206d1b637bae0d1225eba73e1bdfbcb197dd15fcebcab02a5c26
e02cd79a3542a4cdbc02ddd4a0017f9ed9b23b16cd654a03d8d68e583444e9d6
e2a387f6a7cdac265c90c59daa4f30eeb1d183b8bcce4858384ab51d33c94533
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49548c45f00bbfa0fda642d02b5e29b407004eacc2099e348da7cb38f477052
e8021f1a9dad409f7e699457ac334653bf800464df69900237c4de1c29e275d0
ed9a5cb7e034e44cc398920cf1eb8fbcc955781040f68e5a2328fcf9a55c046b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efad6a64aada8bb3357b02aa8bcf71536fa7c18abbb1df73a8383d1f0872a74e
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
fcab803c6d01082f69e5510655ca566241f3a4fd3ee7aa1506b1308e2d069ccb
fd6757a6f7c7556d4c65fe1aca9224ff66856a32468dd89eab818db66150e1df
fdb2f19e4728e8dc282d972e2958ef4fba63f4558861d50cd7a4c94f19a9b34f

zaloweb.me Open in urlscan Pro 45.76.180.219 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

165 Requests

99 %HTTPS

72 %IPv6

16 Domains

26 Subdomains

26 IPs

6 Countries

3512 kBTransfer

6009 kBSize

7 Cookies

2 Outgoing links

Redirected requests

165 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

zaloweb.me Open in urlscan Pro
45.76.180.219 Public Scan

Screenshot
Live screenshot

Full Image

165
Requests

99 %
HTTPS

72 %
IPv6

16
Domains

26
Subdomains

26
IPs

6
Countries

3512 kB
Transfer

6009 kB
Size

7
Cookies

165 HTTP transactions
8 data transactions