kanzalia.com Open in urlscan Pro
172.104.184.240 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://kanzalia.com/
Submission: On February 27 via api (February 27th 2024, 8:51:45 pm UTC) from US — Scanned from SG

Summary HTTP 119 Redirects Links 120 Behaviour Indicators

Summary

This website contacted 40 IPs in 4 countries across 36 domains to perform 119 HTTP transactions. The main IP is 172.104.184.240, located in Singapore, Singapore and belongs to AKAMAI-LINODE-AP Akamai Connected Cloud, SG. The main domain is kanzalia.com.

This is the only time kanzalia.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
19	172.104.184.240 172.104.184.240	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1 1	13.33.88.58 13.33.88.58	16509 (AMAZON-02) (AMAZON-02)
1	13.33.88.100 13.33.88.100	16509 (AMAZON-02) (AMAZON-02)
1	74.125.200.97 74.125.200.97	15169 (GOOGLE) (GOOGLE)
2	142.251.10.157 142.251.10.157	15169 (GOOGLE) (GOOGLE)
3	13.35.21.182 13.35.21.182	16509 (AMAZON-02) (AMAZON-02)
2	192.243.61.227 192.243.61.227	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
3	45.133.44.52 45.133.44.52	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
17	172.253.118.155 172.253.118.155	15169 (GOOGLE) (GOOGLE)
1	13.227.254.23 13.227.254.23	16509 (AMAZON-02) (AMAZON-02)
1 2	3.120.23.175 3.120.23.175	16509 (AMAZON-02) (AMAZON-02)
2	104.21.24.208 104.21.24.208	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	52.84.229.11 52.84.229.11	16509 (AMAZON-02) (AMAZON-02)
1 4	172.67.131.213 172.67.131.213	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	157.240.235.35 157.240.235.35	32934 (FACEBOOK) (FACEBOOK)
6 9	142.251.175.84 142.251.175.84	15169 (GOOGLE) (GOOGLE)
1	104.21.234.32 104.21.234.32	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.77.115.37 52.77.115.37	16509 (AMAZON-02) (AMAZON-02)
1	172.240.108.92 172.240.108.92	7979 (SERVERS-COM) (SERVERS-COM)
1	172.67.179.196 172.67.179.196	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	45.133.44.24 45.133.44.24	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	45.133.44.53 45.133.44.53	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	192.243.59.20 192.243.59.20	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
3	23.59.168.112 23.59.168.112	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	64.233.170.113 64.233.170.113	15169 (GOOGLE) (GOOGLE)
6	74.125.200.154 74.125.200.154	15169 (GOOGLE) (GOOGLE)
1	104.21.30.242 104.21.30.242	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	157.90.84.242 157.90.84.242	24940 (HETZNER-AS) (HETZNER-AS)
1	50.16.197.56 50.16.197.56	14618 (AMAZON-AES) (AMAZON-AES)
2 2	18.140.172.38 18.140.172.38	16509 (AMAZON-02) (AMAZON-02)
4	35.156.226.144 35.156.226.144	16509 (AMAZON-02) (AMAZON-02)
2 2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2 2	18.141.80.142 18.141.80.142	16509 (AMAZON-02) (AMAZON-02)
1 2	34.117.77.79 34.117.77.79	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	35.244.154.8 35.244.154.8	15169 (GOOGLE) (GOOGLE)
2 2	13.228.126.19 13.228.126.19	16509 (AMAZON-02) (AMAZON-02)
1	94.130.197.240 94.130.197.240	24940 (HETZNER-AS) (HETZNER-AS)
11	172.253.118.102 172.253.118.102	15169 (GOOGLE) (GOOGLE)
7	142.251.10.132 142.251.10.132	15169 (GOOGLE) (GOOGLE)
3	74.125.130.148 74.125.130.148	15169 (GOOGLE) (GOOGLE)
3 4	74.125.24.157 74.125.24.157	15169 (GOOGLE) (GOOGLE)
2 4	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	103.43.90.114 103.43.90.114	29990 (ASN-APPNEX) (ASN-APPNEX)
2	172.253.118.148 172.253.118.148	15169 (GOOGLE) (GOOGLE)
1	142.251.175.103 142.251.175.103	15169 (GOOGLE) (GOOGLE)
119	40

19 172.104.184.240 (Singapore, Singapore)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1775-240.members.linode.com

kanzalia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
blog.kanzalia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.88.58 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-58.sin2.r.cloudfront.net

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.88.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-88-100.sin2.r.cloudfront.net

platform-api.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.200.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.10.157 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f157.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.35.21.182 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-21-182.sin5.r.cloudfront.net

d34cixo0lr52lw.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.243.61.227 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

streakattempt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
unseenreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 45.133.44.52 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

js.wpadmngr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
0af597d3bd.ce26c78a4e.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 172.253.118.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f155.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.254.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-23.sin52.r.cloudfront.net

buttons-config.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.120.23.175 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-23-175.eu-central-1.compute.amazonaws.com

l.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.21.24.208 (None, )

ASN13335 (CLOUDFLARENET, US)

pogothere.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.84.229.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-229-11.sin2.r.cloudfront.net

ourtshipanditlas.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.67.131.213 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

rbrightscarletcl.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.235.35 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-04-sin6.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.251.175.84 (Farmingdale, United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: sh-in-f84.1e100.net

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.234.32 (None, )

ASN13335 (CLOUDFLARENET, US)

friendshipmale.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.77.115.37 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-77-115-37.ap-southeast-1.compute.amazonaws.com

proftrafficcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.240.108.92 (United States)

ASN7979 (SERVERS-COM, US)

loiteringcoaltuesday.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.179.196 (United States)

ASN13335 (CLOUDFLARENET, US)

x8.makaronibasah.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.133.44.24 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

na.nawpush.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 45.133.44.53 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

js.capndr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.243.59.20 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

capaciousdrewreligion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.59.168.112 (Singapore, Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-59-168-112.deploy.static.akamaitechnologies.com

t.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.170.113 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f113.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 74.125.200.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f154.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.30.242 (None, )

ASN13335 (CLOUDFLARENET, US)

storage.multstorage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.90.84.242 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.242.84.90.157.clients.your-server.de

fp.metricswpsh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.16.197.56 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-197-56.compute-1.amazonaws.com

loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.140.172.38 (Singapore, Singapore) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-140-172-38.ap-southeast-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.156.226.144 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-226-144.eu-central-1.compute.amazonaws.com

sync.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (Seattle, United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.141.80.142 (Singapore, Singapore) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-141-80-142.ap-southeast-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.117.77.79 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 79.77.117.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.154.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.154.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.228.126.19 (Singapore, Singapore) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-126-19.ap-southeast-1.compute.amazonaws.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.130.197.240 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.240.197.130.94.clients.your-server.de

mcpuwpsh.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 172.253.118.102 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f102.1e100.net

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.251.10.132 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f132.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 74.125.130.148 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f148.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 74.125.24.157 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: sf-in-f157.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.151.101 (San Francisco, United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 103.43.90.114 (Singapore, Singapore) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 602.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.253.118.148 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f148.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.175.103 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f103.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 106 tpc.googlesyndication.com — Cisco Umbrella Rank: 161	421 KB
21	google.com 6 redirects accounts.google.com — Cisco Umbrella Rank: 24 fundingchoicesmessages.google.com — Cisco Umbrella Rank: 665 www.google.com — Cisco Umbrella Rank: 2	79 KB
19	kanzalia.com kanzalia.com blog.kanzalia.com	157 KB
14	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 219 googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 cm.g.doubleclick.net — Cisco Umbrella Rank: 264 ad.doubleclick.net — Cisco Umbrella Rank: 157	220 KB
12	sharethis.com 2 redirects platform-api.sharethis.com — Cisco Umbrella Rank: 4457 buttons-config.sharethis.com — Cisco Umbrella Rank: 5023 l.sharethis.com — Cisco Umbrella Rank: 4641 t.sharethis.com — Cisco Umbrella Rank: 6097 sync.sharethis.com — Cisco Umbrella Rank: 3049	63 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 628	2 KB
4	rbrightscarletcl.info 1 redirects rbrightscarletcl.info	2 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 259	3 KB
3	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 317	77 KB
3	ourtshipanditlas.info ourtshipanditlas.info	4 KB
3	cloudfront.net d34cixo0lr52lw.cloudfront.net	70 KB
2	yahoo.com 2 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 1486 ups.analytics.yahoo.com — Cisco Umbrella Rank: 425	572 B
2	rlcdn.com 2 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 479	834 B
2	ml314.com 1 redirects ml314.com — Cisco Umbrella Rank: 1975	555 B
2	eyeota.net 2 redirects ps.eyeota.net — Cisco Umbrella Rank: 1172	1 KB
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 363	676 B
2	crwdcntrl.net 2 redirects bcp.crwdcntrl.net — Cisco Umbrella Rank: 947	899 B
2	metricswpsh.com fp.metricswpsh.com — Cisco Umbrella Rank: 41878	429 B
2	capndr.com js.capndr.com — Cisco Umbrella Rank: 42451	28 KB
2	pogothere.xyz pogothere.xyz — Cisco Umbrella Rank: 32929	101 KB
2	wpadmngr.com js.wpadmngr.com — Cisco Umbrella Rank: 19067	36 KB
1	unseenreport.com unseenreport.com — Cisco Umbrella Rank: 21458	425 B
1	mcpuwpsh.com mcpuwpsh.com — Cisco Umbrella Rank: 67119	4 KB
1	exelator.com loadus.exelator.com — Cisco Umbrella Rank: 1589	299 B
1	ce26c78a4e.com 0af597d3bd.ce26c78a4e.com	207 B
1	multstorage.com storage.multstorage.com — Cisco Umbrella Rank: 35474	894 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	242 B
1	capaciousdrewreligion.com capaciousdrewreligion.com — Cisco Umbrella Rank: 24480	329 B
1	nawpush.com na.nawpush.com — Cisco Umbrella Rank: 54227	1 KB
1	makaronibasah.com x8.makaronibasah.com	2 KB
1	loiteringcoaltuesday.com loiteringcoaltuesday.com — Cisco Umbrella Rank: 392641	469 B
1	proftrafficcounter.com proftrafficcounter.com — Cisco Umbrella Rank: 13917	298 B
1	friendshipmale.com friendshipmale.com — Cisco Umbrella Rank: 18956	28 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 102
1	streakattempt.com streakattempt.com	29 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	91 KB
119	36

	Domain	Requested by
18	kanzalia.com	kanzalia.com
17	pagead2.googlesyndication.com	kanzalia.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
11	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
9	accounts.google.com	6 redirects kanzalia.com
7	tpc.googlesyndication.com	googleads.g.doubleclick.net kanzalia.com tpc.googlesyndication.com pagead2.googlesyndication.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	sync.sharethis.com	kanzalia.com
4	rbrightscarletcl.info	1 redirects kanzalia.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	s0.2mdn.net	kanzalia.com s0.2mdn.net
3	t.sharethis.com	platform-api.sharethis.com t.sharethis.com
3	ourtshipanditlas.info	d34cixo0lr52lw.cloudfront.net
3	d34cixo0lr52lw.cloudfront.net	kanzalia.com ourtshipanditlas.info
2	ad.doubleclick.net	kanzalia.com
2	idsync.rlcdn.com	2 redirects
2	ml314.com	1 redirects kanzalia.com
2	ps.eyeota.net	2 redirects
2	match.adsrvr.org	2 redirects
2	bcp.crwdcntrl.net	2 redirects
2	fp.metricswpsh.com	js.wpadmngr.com
2	js.capndr.com	js.wpadmngr.com
2	pogothere.xyz	d34cixo0lr52lw.cloudfront.net
2	l.sharethis.com	1 redirects kanzalia.com
2	js.wpadmngr.com	kanzalia.com js.wpadmngr.com
2	securepubads.g.doubleclick.net	kanzalia.com securepubads.g.doubleclick.net
2	platform-api.sharethis.com	1 redirects kanzalia.com
1	www.google.com	tpc.googlesyndication.com
1	unseenreport.com
1	mcpuwpsh.com	js.capndr.com
1	ups.analytics.yahoo.com	1 redirects
1	cms.analytics.yahoo.com	1 redirects
1	loadus.exelator.com	kanzalia.com
1	0af597d3bd.ce26c78a4e.com	js.wpadmngr.com
1	storage.multstorage.com	js.wpadmngr.com
1	www.google-analytics.com	www.googletagmanager.com
1	capaciousdrewreligion.com	streakattempt.com
1	na.nawpush.com	js.wpadmngr.com
1	x8.makaronibasah.com	kanzalia.com
1	loiteringcoaltuesday.com	kanzalia.com
1	proftrafficcounter.com	streakattempt.com
1	friendshipmale.com	streakattempt.com
1	www.facebook.com	kanzalia.com
1	buttons-config.sharethis.com	platform-api.sharethis.com
1	blog.kanzalia.com	kanzalia.com
1	streakattempt.com	kanzalia.com
1	www.googletagmanager.com	kanzalia.com
119	48

This site contains links to these domains. Also see Links.

Domain
blog.kanzalia.com
otomotif.rakyatmerdekanews.com
baliq.com
www.malutpost.id
capitalfirst.com
sprintmate.sprinthink.id
rtp-slot.cela.org.au
shreckhiseshrubbery.com
tekiro.com
www.klongkhwangsao.go.th
bet100.addbuild.com.au
rtp-slot.skavsta.se
depo5k.foxrehab.org
kesling-poltekkesbjm.com
klinikberdikari.id
elitegas.com
mansatucirebon.sch.id
qris5k.skavsta.se
slot777.transpark.co.id
slot-qris.nos.jkt-1.neo.id
pontianakinformasi.co.id
mintailmu.com
sirup.clarioncoolers.com
thailand.gmf-aeroasia.co.id
futureretail.in
mitrabangunanstore.id
moladin.com
online.wits.ac.za
nkcf.org
depo5k.ecctur.com
sbobet.skavsta.se
www.omiland.co.id
bakpiakukustugujogja.id
digital.malutpost.id
slot-bet-100.ecctur.com
bet-100.gmf-aeroasia.co.id
www.zen-arome.fr
www.whitetablecatering.com
aimcardio.com
canadianimmigrationservices.org
sunrisedocumentary.com
babycute.co.id
ritewayconnect.com
diplomat.ramadacanberra.com.au
www.startuphrtoolkit.com
nursing.augustahealth.com
www.estudiarvirtual.unipiloto.edu.co
library.sim.edu.sg
book.rentalcars.co.nz
slot-depo-10k.cetrogar.com.ar
smanja.sch.id
rmik.polanka.ac.id
akatelkom-bogor.ac.id
ppdb.softwaresekolah.co.id
lintasgayo.com
lenterauniska.id
sman2unggulantalangubi.sch.id
sbobet.go.ly
bewellmedical.ca
pearlcard.com
rtp-slot.idws.id
ubksubang.ac.id
hosteducsupport.cbts.com
batampena.com
webexcallingtraining.verizon.com
www.bprsiliwangi.co.id
jacket.thewarmingstore.com
ertepe.nos.jkt-1.neo.id
pg-soft.torino.com.au
www.thinkdenali.com
ruleyourkingdom.com
3ppumps.com
www.baskohotel.com
gurianco.com
poroskalimantan.com
www.dialoguebaby.com
10k.thewarmingstore.com
rampagemovie.brightline.tv
slot-qris.vocport.gov.in
newmember.vital.com.ar
www.mediaindo.co.id
www.messer-ca.com
hotchiropractic.com
depo10k.ardanradio.com
www.visitmysmokies.com
www.myinnontheriver.com
clarkebenefits.com
a1firesec.com
petrane.co.id
staisam.ac.id
www.rs-yadika.com
firstqualityroof.com
theblueprint.training
stmik-karawang.ac.id
www.kartunet.com
waldenviaggiapiedi.it
www.sman13-bjm.sch.id
www.rajawalicell.id
wallpapercustom.co.id
fisika.id
duniaprint.com
ppbs.sch.id
www.tcp.ac.in
loiteringcoaltuesday.com

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
cpcalendars.kanzalia.com R3	`2023-12-30` - `2024-03-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
js.wpadmngr.com R3	`2024-01-11` - `2024-04-10`	3 months	crt.sh
www.blog.kanzalia.com R3	`2024-01-04` - `2024-04-03`	3 months	crt.sh
sharethis.com Amazon RSA 2048 M02	`2023-05-20` - `2024-06-17`	a year	crt.sh
pogothere.xyz GTS CA 1P5	`2024-01-27` - `2024-04-26`	3 months	crt.sh
ourtshipanditlas.info Amazon RSA 2048 M03	`2024-02-20` - `2025-03-20`	a year	crt.sh
rbrightscarletcl.info E1	`2024-02-04` - `2024-05-04`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-12-07` - `2024-03-06`	3 months	crt.sh
proftrafficcounter.com Amazon RSA 2048 M02	`2023-11-21` - `2024-12-19`	a year	crt.sh
makaronibasah.com E1	`2024-01-15` - `2024-04-14`	3 months	crt.sh
na.nawpush.com R3	`2024-01-28` - `2024-04-27`	3 months	crt.sh
js.capndr.com R3	`2024-02-21` - `2024-05-21`	3 months	crt.sh
cert1-prod.aut.a24365.net R3	`2024-02-12` - `2024-05-12`	3 months	crt.sh
multstorage.com GTS CA 1P5	`2024-01-18` - `2024-04-17`	3 months	crt.sh
0af597d3bd.ce26c78a4e.com R3	`2024-02-24` - `2024-05-24`	3 months	crt.sh
notification.tubecup.net R3	`2024-02-09` - `2024-05-09`	3 months	crt.sh
*.exelator.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-29` - `2024-06-11`	a year	crt.sh
puwpush.com R3	`2024-02-13` - `2024-05-13`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh

This page contains 16 frames:

Primary Page: http://kanzalia.com/
Frame ID: A22C27E6C536B52CF91F796832F4E7AA
Requests: 76 HTTP requests in this frame

Frame: http://ourtshipanditlas.info/VkNuMUw3IQ1cczd+DBc5JC9TFH4QZlx3KGV3DVg0OXMCQ3lkLxkfLzosG1UqJCwARWI4JhoUfhACO10eIhk5VjQZNCN1Gi8aV3IaPhEPAxo0Fl9JfAYrWnoOPwkedSRuJD5IOx0JX1YiE3MdYwk8GR5nGRsGI0sjHRQrBX8ZJFtoGw4SX3IdMhU0XwUMBT9SeTcRXnUEBSQUdx09CCVIAhoGL106GRInVw0Cd1p1CRQiKHYKEhU7ACsMBjtiDQI0GXAkHyEKAxYyABZJfwwvX2QbHjsFYgoPMgoDFjIGCXR0Dy8CcBsuARZpfQMSNHYOExIoQSUYEUMBGhQHDVsPFyAqfjUUCjhIeTgZX0EAAXE8SRRnFS9+GCEZLXAeZRkHBA0BLicFDhd3IFV+DCcvVnwuExl7AQIULFoIMXMPYRg9Cj93IwMZOAgUBC4kBxtnJwtofyYhNnR9MRksBQkSKSNcDhMBD3cLECY7WhY+GgVCHQAUIxcmJSwAQXE1OSZcNDEBXkQL
Frame ID: 0F600FC1624B6AEBE7A0380C0703F392
Requests: 2 HTTP requests in this frame

Frame: http://ourtshipanditlas.info/aWhLekQICigXewhVKVwxGwR2X3YvTXk8IFpcKBM8BlgnCHFbBDxUJwUHPh4iGwclDmoHDT9fdi8NBi99Oj4hIBcgLDwNBzw9JjQpGjgIMnECMQo3HCM7Dk8TLC4yMD0vORErdBgpJjgqJTsjFiE+LRIeByMlHSIOGAsNChUgPB0IAS85IzcTGiANA3BbJgoJAgg7KEkHWB8sMQBQCRMpcVoyAzsBMD8BAAYoLiUwEFAxHSkFBSIZNwAPEjwTAR4mbkgCMFoSIwU+GCM8BiQsLQMRTFoNLQUNXy9IElkuA0stJQ8KPB4HDCA4KChNeTwNAxgfKC0GHxssfS8JJlcFOCk8MHAPLx47AiFZIhwoWDIEAHxfLTw3CQ1aGj0cOjF+NzwkLC0AERM+HRUjDFsGPwU6H30wAgULABQgAgsKOH0wICw9DFoELCMFCg4uLTATKgo/fCQSCSIVEDJ4IAwoLS09El0qGh40I1o4MmIDGyQUNFQdPBwQKxAfLBILEng1FD4
Frame ID: BDDBA146ACC5868ADC8D0A01E7CF4848
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20190131/zrt_lookup_nohtml_fy2021.html
Frame ID: F4B140D7ECA6AD8822B098338C2F18D3
Requests: 1 HTTP requests in this frame

Frame: https://storage.multstorage.com/log/count.html
Frame ID: 26DD5A5AC612B4258A76CBB27A896139
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/a/t_.htm?ver=1.1280.23384&cid=c010&cls=B
Frame ID: 322FC1D82833733C01D667DE21E61CE3
Requests: 1 HTTP requests in this frame

Frame: https://t.sharethis.com/1.1280.23384/a/SG/t_.js?cid=c010&cls=B
Frame ID: 5CE64C733BDAEB6B0EA35FEB371C29A9
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7418199738286529&output=html&adk=1812271804&adf=3025194257&lmt=1709067099&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fkanzalia.com%2F&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17&dt=1709067099093&bpp=4&bdt=1160&idt=715&shv=r20240221&mjsv=m202402210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8707743788369&frm=20&pv=2&ga_vid=1587048101.1709067099&ga_sid=1709067100&ga_hid=1953439567&ga_fc=1&u_tz=480&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081348%2C44795921%2C95325066%2C95322329%2C95321865%2C95324161%2C95325784&oid=2&pvsid=2596066692080926&tmod=1064607128&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=738
Frame ID: D344C70017866BE75A326AACE41CEA22
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7418199738286529&output=html&h=280&slotname=4379629484&adk=2313007747&adf=2333189052&pi=t.ma~as.4379629484&w=960&fwrn=4&fwrnh=100&lmt=1709067099&rafmt=1&format=960x280&url=http%3A%2F%2Fkanzalia.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1709067099097&bpp=2&bdt=1164&idt=743&shv=r20240221&mjsv=m202402210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8707743788369&frm=20&pv=1&ga_vid=1587048101.1709067099&ga_sid=1709067100&ga_hid=1953439567&ga_fc=1&u_tz=480&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1520&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081348%2C44795921%2C95325066%2C95322329%2C95321865%2C95324161%2C95325784&oid=2&pvsid=2596066692080926&tmod=1064607128&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=1152&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=749
Frame ID: E01D5BF22302DE8C74162ABEC84FBECF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7418199738286529&output=html&h=600&slotname=8704436977&adk=3254328442&adf=984076758&pi=t.ma~as.8704436977&w=300&fwrn=4&fwrnh=100&lmt=1709067099&rafmt=1&format=300x600&url=http%3A%2F%2Fkanzalia.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1709067099099&bpp=1&bdt=1166&idt=758&shv=r20240221&mjsv=m202402210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C960x280&nras=1&correlator=8707743788369&frm=20&pv=1&ga_vid=1587048101.1709067099&ga_sid=1709067100&ga_hid=1953439567&ga_fc=1&u_tz=480&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=2180&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081348%2C44795921%2C95325066%2C95322329%2C95321865%2C95324161%2C95325784&oid=2&pvsid=2596066692080926&tmod=1064607128&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=1152&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=761
Frame ID: F9FDB2D4F8CBC8CA29CA2D0C07FB0C54
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7418199738286529&output=html&h=280&slotname=3946139089&adk=291703267&adf=2556019162&pi=t.ma~as.3946139089&w=728&fwrn=4&fwrnh=100&lmt=1709067099&rafmt=1&format=728x280&url=http%3A%2F%2Fkanzalia.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1709067099100&bpp=1&bdt=1167&idt=770&shv=r20240221&mjsv=m202402210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C960x280%2C300x600&nras=1&correlator=8707743788369&frm=20&pv=1&ga_vid=1587048101.1709067099&ga_sid=1709067100&ga_hid=1953439567&ga_fc=1&u_tz=480&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=920&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081348%2C44795921%2C95325066%2C95322329%2C95321865%2C95324161%2C95325784&oid=2&pvsid=2596066692080926&tmod=1064607128&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CfeoE%7C&abl=NF&pfx=0&fu=1152&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=773
Frame ID: 21ED4EC4FD4E2E83CB3C75D1B08541ED
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNqbIxDQwvCnBRi2n9SIAjAB&v=APEucNV-8TDZX_vxfYe5oIMDzP9Pw_aA9fjJ_A6x6gcVjk424UzjwjwW7-PBlsHSxIJRygiiHrb2xf8O4HI2vFmFT6gqDKHe6A
Frame ID: F72B0FC95487D3A9217E9CFA397D79B9
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 8D3D58E49C9B7252BF9E45F23C0715DE
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10425133677361861805/SUTD_DRONE_300x600/index.html?ev=01_250
Frame ID: E926452E6B79E5D1B62C9BEFE411ABD1
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 52D360BFEEC72C35720E961DD195E56D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C8488339FAB4A1E7998665E4A5B1F634
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Kanzalia.com | Mod Ets2 Indonesia

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

119
Requests

71 %
HTTPS

0 %
IPv6

36
Domains

48
Subdomains

40
IPs

4
Countries

1411 kB
Transfer

3895 kB
Size

35
Cookies

120 Outgoing links

These are links going to different origins than the main page.

URL: https://blog.kanzalia.com/platform-aplikasi-saham-terbaik-pemula/
Title: Aplikasi Saham Terbaik

Search URL Search Domain Scan URL

URL: https://blog.kanzalia.com/pintu-aplikasi-jual-beli-crypto-terpercaya-di-indonesia/
Title: Pintu Aplikasi Jual Beli Crypto Terpercaya Di Indonesia

Search URL Search Domain Scan URL

URL: https://otomotif.rakyatmerdekanews.com/
Title: https://otomotif.rakyatmerdekanews.com/

Search URL Search Domain Scan URL

URL: https://baliq.com/peanut/
Title: https://baliq.com/peanut/

Search URL Search Domain Scan URL

URL: https://www.malutpost.id/gempa-bumi/
Title: https://www.malutpost.id/gempa-bumi/

Search URL Search Domain Scan URL

URL: https://capitalfirst.com/
Title: https://capitalfirst.com/

Search URL Search Domain Scan URL

URL: https://sprintmate.sprinthink.id/wp-content/uploads/bet200/
Title: https://sprintmate.sprinthink.id/wp-content/uploads/bet200/

Search URL Search Domain Scan URL

URL: https://sprintmate.sprinthink.id/wp-content/uploads/sbo/
Title: https://sprintmate.sprinthink.id/wp-content/uploads/sbo/

Search URL Search Domain Scan URL

URL: https://rtp-slot.cela.org.au/
Title: https://rtp-slot.cela.org.au/

Search URL Search Domain Scan URL

URL: https://shreckhiseshrubbery.com/zeus-slot/
Title: https://shreckhiseshrubbery.com/zeus-slot/

Search URL Search Domain Scan URL

URL: https://tekiro.com/depo5k/
Title: https://tekiro.com/depo5k/

Search URL Search Domain Scan URL

URL: http://www.klongkhwangsao.go.th/slot-bet-100/
Title: http://www.klongkhwangsao.go.th/slot-bet-100/

Search URL Search Domain Scan URL

URL: https://bet100.addbuild.com.au/
Title: https://bet100.addbuild.com.au/

Search URL Search Domain Scan URL

URL: https://rtp-slot.skavsta.se/
Title: https://rtp-slot.skavsta.se/

Search URL Search Domain Scan URL

URL: https://depo5k.foxrehab.org/
Title: https://depo5k.foxrehab.org/

Search URL Search Domain Scan URL

URL: https://kesling-poltekkesbjm.com/zeus/
Title: https://kesling-poltekkesbjm.com/zeus/

Search URL Search Domain Scan URL

URL: https://klinikberdikari.id/olympus/
Title: https://klinikberdikari.id/olympus/

Search URL Search Domain Scan URL

URL: https://elitegas.com/bonanza/
Title: https://elitegas.com/bonanza/

Search URL Search Domain Scan URL

URL: https://mansatucirebon.sch.id/zeus/
Title: https://mansatucirebon.sch.id/zeus/

Search URL Search Domain Scan URL

URL: https://qris5k.skavsta.se/
Title: https://qris5k.skavsta.se/

Search URL Search Domain Scan URL

URL: https://slot777.transpark.co.id/
Title: https://slot777.transpark.co.id/

Search URL Search Domain Scan URL

URL: https://slot-qris.nos.jkt-1.neo.id/index.html
Title: https://slot-qris.nos.jkt-1.neo.id/index.html

Search URL Search Domain Scan URL

URL: https://pontianakinformasi.co.id/depo5k/
Title: https://pontianakinformasi.co.id/depo5k/

Search URL Search Domain Scan URL

URL: https://mintailmu.com/.tmb/
Title: https://mintailmu.com/.tmb/

Search URL Search Domain Scan URL

URL: https://sirup.clarioncoolers.com/
Title: https://sirup.clarioncoolers.com/

Search URL Search Domain Scan URL

URL: https://thailand.gmf-aeroasia.co.id/
Title: https://thailand.gmf-aeroasia.co.id/

Search URL Search Domain Scan URL

URL: https://futureretail.in/slot-thailand/
Title: https://futureretail.in/slot-thailand/

Search URL Search Domain Scan URL

URL: https://mitrabangunanstore.id/slot-thailand/
Title: https://mitrabangunanstore.id/slot-thailand/

Search URL Search Domain Scan URL

URL: https://pontianakinformasi.co.id/slot-thailand/
Title: https://pontianakinformasi.co.id/slot-thailand/

Search URL Search Domain Scan URL

URL: https://moladin.com/blog/.tmb/
Title: https://moladin.com/blog/.tmb/

Search URL Search Domain Scan URL

URL: https://moladin.com/blog/kendaraan-thailand/
Title: https://moladin.com/blog/kendaraan-thailand/

Search URL Search Domain Scan URL

URL: https://online.wits.ac.za/rtp-slot/
Title: https://online.wits.ac.za/rtp-slot/

Search URL Search Domain Scan URL

URL: https://nkcf.org/thailand/
Title: https://nkcf.org/thailand/

Search URL Search Domain Scan URL

URL: https://depo5k.ecctur.com/
Title: https://depo5k.ecctur.com/

Search URL Search Domain Scan URL

URL: https://sbobet.skavsta.se/
Title: https://sbobet.skavsta.se/

Search URL Search Domain Scan URL

URL: https://www.omiland.co.id/slot-bet-100/
Title: slot bet 100

Search URL Search Domain Scan URL

URL: https://bakpiakukustugujogja.id/slot-bet-100
Title: slot bet 100

Search URL Search Domain Scan URL

URL: https://digital.malutpost.id/
Title: slot bet 100

Search URL Search Domain Scan URL

URL: https://slot-bet-100.ecctur.com/
Title: slot bet 100

Search URL Search Domain Scan URL

URL: https://bet-100.gmf-aeroasia.co.id/
Title: slot bet 100

Search URL Search Domain Scan URL

URL: http://www.zen-arome.fr/slot-bet-200/
Title: http://www.zen-arome.fr/slot-bet-200/

Search URL Search Domain Scan URL

URL: https://www.whitetablecatering.com/slot-bet-200/
Title: https://www.whitetablecatering.com/slot-bet-200/

Search URL Search Domain Scan URL

URL: https://aimcardio.com/bet200/
Title: https://aimcardio.com/bet200/

Search URL Search Domain Scan URL

URL: https://canadianimmigrationservices.org/bet200/
Title: https://canadianimmigrationservices.org/bet200/

Search URL Search Domain Scan URL

URL: https://sunrisedocumentary.com/bonusmember/
Title: https://sunrisedocumentary.com/bonusmember/

Search URL Search Domain Scan URL

URL: https://babycute.co.id/reseller/mahjongways/
Title: https://babycute.co.id/reseller/mahjongways/

Search URL Search Domain Scan URL

URL: https://ritewayconnect.com/slot-bet-200/
Title: https://ritewayconnect.com/slot-bet-200/

Search URL Search Domain Scan URL

URL: https://diplomat.ramadacanberra.com.au/slot-bet-100/
Title: slot bet 100

Search URL Search Domain Scan URL

URL: https://www.startuphrtoolkit.com/depo5k/
Title: https://www.startuphrtoolkit.com/depo5k/

Search URL Search Domain Scan URL

URL: https://nursing.augustahealth.com/slot-thailand/
Title: https://nursing.augustahealth.com/slot-thailand/

Search URL Search Domain Scan URL

URL: https://www.estudiarvirtual.unipiloto.edu.co/bonus-new-member/
Title: https://www.estudiarvirtual.unipiloto.edu.co/bonus-new-member/

Search URL Search Domain Scan URL

URL: https://library.sim.edu.sg/thailand/
Title: https://library.sim.edu.sg/thailand/

Search URL Search Domain Scan URL

URL: https://book.rentalcars.co.nz/slot-bet-100/
Title: slot bet 100

Search URL Search Domain Scan URL

URL: https://slot-depo-10k.cetrogar.com.ar/
Title: https://slot-depo-10k.cetrogar.com.ar/

Search URL Search Domain Scan URL

URL: https://book.rentalcars.co.nz/slot-bet-200/
Title: https://book.rentalcars.co.nz/slot-bet-200/

Search URL Search Domain Scan URL

URL: https://smanja.sch.id/slot-bet-100/
Title: https://smanja.sch.id/slot-bet-100/

Search URL Search Domain Scan URL

URL: https://rmik.polanka.ac.id/slot-qris/
Title: https://rmik.polanka.ac.id/slot-qris/

Search URL Search Domain Scan URL

URL: https://moladin.com/blog/slot-bet-100/
Title: https://moladin.com/blog/slot-bet-100/

Search URL Search Domain Scan URL

URL: https://akatelkom-bogor.ac.id/slot777/
Title: https://akatelkom-bogor.ac.id/slot777/

Search URL Search Domain Scan URL

URL: https://mintailmu.com/slot-bet-100/
Title: https://mintailmu.com/slot-bet-100/

Search URL Search Domain Scan URL

URL: https://ppdb.softwaresekolah.co.id/
Title: https://ppdb.softwaresekolah.co.id/

Search URL Search Domain Scan URL

URL: https://lintasgayo.com/depo10k/
Title: https://lintasgayo.com/depo10k/

Search URL Search Domain Scan URL

URL: https://lenterauniska.id/depo10k/
Title: https://lenterauniska.id/depo10k/

Search URL Search Domain Scan URL

URL: https://sman2unggulantalangubi.sch.id/depo10k/
Title: https://sman2unggulantalangubi.sch.id/depo10k/

Search URL Search Domain Scan URL

URL: https://akatelkom-bogor.ac.id/thailand/
Title: https://akatelkom-bogor.ac.id/thailand/

Search URL Search Domain Scan URL

URL: https://sbobet.go.ly//
Title: https://sbobet.go.ly/

Search URL Search Domain Scan URL

URL: https://bewellmedical.ca/sbobet/
Title: https://bewellmedical.ca/sbobet/

Search URL Search Domain Scan URL

URL: https://pearlcard.com/joker123/
Title: https://pearlcard.com/joker123/

Search URL Search Domain Scan URL

URL: https://rtp-slot.idws.id/
Title: https://rtp-slot.idws.id/

Search URL Search Domain Scan URL

URL: https://ubksubang.ac.id/slot-bet/
Title: https://ubksubang.ac.id/slot-bet//a>

Search URL Search Domain Scan URL

URL: https://hosteducsupport.cbts.com/rtp-slot/
Title: https://hosteducsupport.cbts.com/rtp-slot/

Search URL Search Domain Scan URL

URL: https://moladin.com/blog/products/rtp-slot/
Title: https://moladin.com/blog/products/rtp-slot/

Search URL Search Domain Scan URL

URL: https://batampena.com/slot-bonus/
Title: https://batampena.com/slot-bonus/

Search URL Search Domain Scan URL

URL: https://www.malutpost.id/tanah-longsor/
Title: https://www.malutpost.id/tanah-longsor/

Search URL Search Domain Scan URL

URL: https://mintailmu.com/sulap/
Title: https://mintailmu.com/sulap/

Search URL Search Domain Scan URL

URL: https://webexcallingtraining.verizon.com/slot-bet-100/
Title: https://webexcallingtraining.verizon.com/slot-bet-100/

Search URL Search Domain Scan URL

URL: https://www.bprsiliwangi.co.id/sbobet/
Title: https://www.bprsiliwangi.co.id/sbobet/

Search URL Search Domain Scan URL

URL: https://jacket.thewarmingstore.com/
Title: https://jacket.thewarmingstore.com/

Search URL Search Domain Scan URL

URL: https://ertepe.nos.jkt-1.neo.id/index.html
Title: https://ertepe.nos.jkt-1.neo.id/index.html

Search URL Search Domain Scan URL

URL: https://pg-soft.torino.com.au/
Title: https://pg-soft.torino.com.au/

Search URL Search Domain Scan URL

URL: https://www.thinkdenali.com/pgsoft/
Title: https://www.thinkdenali.com/pgsoft/

Search URL Search Domain Scan URL

URL: https://ruleyourkingdom.com/pgsoft/
Title: https://ruleyourkingdom.com/pgsoft/

Search URL Search Domain Scan URL

URL: https://3ppumps.com/slot777/
Title: https://3ppumps.com/slot777/

Search URL Search Domain Scan URL

URL: https://www.baskohotel.com/rtp-slot/
Title: https://www.baskohotel.com/rtp-slot/

Search URL Search Domain Scan URL

URL: https://gurianco.com/newpayroll/
Title: https://gurianco.com/newpayroll/

Search URL Search Domain Scan URL

URL: https://poroskalimantan.com/wp-content/pdf/
Title: https://poroskalimantan.com/wp-content/pdf/

Search URL Search Domain Scan URL

URL: https://www.dialoguebaby.com/gendongan/
Title: https://www.dialoguebaby.com/gendongan/

Search URL Search Domain Scan URL

URL: https://nursing.augustahealth.com/slot-depo-10k/
Title: https://nursing.augustahealth.com/slot-depo-10k/

Search URL Search Domain Scan URL

URL: https://10k.thewarmingstore.com/
Title: https://10k.thewarmingstore.com/

Search URL Search Domain Scan URL

URL: https://rampagemovie.brightline.tv/
Title: https://rampagemovie.brightline.tv/

Search URL Search Domain Scan URL

URL: https://slot-qris.vocport.gov.in/
Title: https://slot-qris.vocport.gov.in/

Search URL Search Domain Scan URL

URL: https://newmember.vital.com.ar/
Title: https://newmember.vital.com.ar

Search URL Search Domain Scan URL

URL: https://www.mediaindo.co.id/
Title: https://www.mediaindo.co.id

Search URL Search Domain Scan URL

URL: https://www.messer-ca.com/depo10k/
Title: https://www.messer-ca.com/depo10k/

Search URL Search Domain Scan URL

URL: https://hotchiropractic.com/rtp-slot/
Title: https://hotchiropractic.com/rtp-slot/

Search URL Search Domain Scan URL

URL: https://depo10k.ardanradio.com/
Title: https://depo10k.ardanradio.com/

Search URL Search Domain Scan URL

URL: https://www.visitmysmokies.com/slot-qris/
Title: https://www.visitmysmokies.com/slot-qris/

Search URL Search Domain Scan URL

URL: https://www.myinnontheriver.com/slot-bet-100/
Title: https://www.myinnontheriver.com/slot-bet-100/

Search URL Search Domain Scan URL

URL: https://clarkebenefits.com/depo10k/
Title: https://clarkebenefits.com/depo10k/

Search URL Search Domain Scan URL

URL: https://a1firesec.com/slot-qris/
Title: https://a1firesec.com/slot-qris/

Search URL Search Domain Scan URL

URL: https://petrane.co.id/slot-bet-100/
Title: https://petrane.co.id/slot-bet-100/

Search URL Search Domain Scan URL

URL: https://kesling-poltekkesbjm.com/hela/
Title: https://kesling-poltekkesbjm.com/hela/

Search URL Search Domain Scan URL

URL: https://staisam.ac.id/100/
Title: https://staisam.ac.id/100/

Search URL Search Domain Scan URL

URL: https://poroskalimantan.com/slot-bet-200/
Title: https://poroskalimantan.com/slot-bet-200/

Search URL Search Domain Scan URL

URL: https://www.rs-yadika.com/joker123/
Title: https://www.rs-yadika.com/joker123/

Search URL Search Domain Scan URL

URL: https://firstqualityroof.com/joker123/
Title: https://firstqualityroof.com/joker123/

Search URL Search Domain Scan URL

URL: https://theblueprint.training/slot-depo-10k/
Title: https://theblueprint.training/slot-depo-10k/

Search URL Search Domain Scan URL

URL: https://stmik-karawang.ac.id/sicor777/
Title: https://stmik-karawang.ac.id/sicor777/

Search URL Search Domain Scan URL

URL: https://www.kartunet.com/slot-bet-200/
Title: https://www.kartunet.com/slot-bet-200/

Search URL Search Domain Scan URL

URL: https://waldenviaggiapiedi.it/slot-pulsa/
Title: https://waldenviaggiapiedi.it/slot-pulsa/

Search URL Search Domain Scan URL

URL: https://akatelkom-bogor.ac.id/kamboja/
Title: https://akatelkom-bogor.ac.id/kamboja/

Search URL Search Domain Scan URL

URL: https://www.sman13-bjm.sch.id/pgsoft/
Title: https://www.sman13-bjm.sch.id/pgsoft/

Search URL Search Domain Scan URL

URL: https://www.rajawalicell.id/store/
Title: https://www.rajawalicell.id/store/

Search URL Search Domain Scan URL

URL: https://waldenviaggiapiedi.it/sbobet/
Title: https://waldenviaggiapiedi.it/sbobet/

Search URL Search Domain Scan URL

URL: https://wallpapercustom.co.id/sbobet/
Title: https://wallpapercustom.co.id/sbobet/

Search URL Search Domain Scan URL

URL: https://fisika.id/slot-bet-200/
Title: https://fisika.id/slot-bet-200/

Search URL Search Domain Scan URL

URL: https://duniaprint.com/wallpaper-pgsoft/
Title: https://duniaprint.com/wallpaper-pgsoft/

Search URL Search Domain Scan URL

URL: http://ppbs.sch.id/
Title: http://ppbs.sch.id

Search URL Search Domain Scan URL

URL: https://www.tcp.ac.in/mahjong-ways/
Title: https://www.tcp.ac.in/mahjong-ways/

Search URL Search Domain Scan URL

URL: http://loiteringcoaltuesday.com/ivdky4a06v?bxg=77&refer=http%3A%2F%2Fkanzalia.com%2F&kw=%5B%22kanzalia%22%2C%22com%22%2C%22mod%22%2C%22ets2%22%2C%22indonesia%22%5D&key=b9e64d85127374594eb40640862254df&scrWidth=1600&scrHeight=1200&tz=8&v=24.2.6519&ship=&psid=kanzalia.com,kanzalia.com&sub3=invoke_layer&res=14.29&dev=r&uuid=8da01d79-64b7-493c-bc49-8c7604d96cb9%3A2%3A1

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

http://platform-api.sharethis.com/js/sharethis.js?ver=8.4.12 HTTP 301
https://platform-api.sharethis.com/js/sharethis.js?ver=8.4.12

Request Chain 22

https://l.sharethis.com/pview?event=pview&hostname=kanzalia.com&location=%2F&product=gdpr-compliance-tool-v2&url=http%3A%2F%2Fkanzalia.com%2F&source=simple-share-buttons-adder-wordpress&fcmp=false&fcmpv2=false&has_segmentio=false&title=Kanzalia.com%20%7C%20Mod%20Ets2%20Indonesia&cms=unknown&publisher=6260de4e742b6c001a1bdd23&sop=true&version=st_sop.js&lang=en&description=Informasi%20perkembangan%20Game%20Euro%20Truck%20Simulator%202%2C%20Mod%20Ets2%20Indonesia%20mulai%20dari%20Mod%20Bus%2C%20Mod%20Map%2C%20Mod%20Traffic%2C%20Mod%20Graphic%2C%20DOWNLOAD%20DISINI%20100%25%20GRATIS%20!! HTTP 301
https://l.sharethis.com/sc?event=pview&hostname=kanzalia.com&location=%2F&product=gdpr-compliance-tool-v2&url=http%3A%2F%2Fkanzalia.com%2F&source=simple-share-buttons-adder-wordpress&fcmp=false&fcmpv2=false&has_segmentio=false&title=Kanzalia.com%20%7C%20Mod%20Ets2%20Indonesia&cms=unknown&publisher=6260de4e742b6c001a1bdd23&sop=true&version=st_sop.js&lang=en&description=Informasi%20perkembangan%20Game%20Euro%20Truck%20Simulator%202%2C%20Mod%20Ets2%20Indonesia%20mulai%20dari%20Mod%20Bus%2C%20Mod%20Map%2C%20Mod%20Traffic%2C%20Mod%20Graphic%2C%20DOWNLOAD%20DISINI%20100%25%20GRATIS%20!!&samesite=None

Request Chain 28

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail HTTP 302
https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ATuJsjz_7f9NhtjTUxFswBmP8oFERGsOx1o4t_9OuZE4RlSDK82Z6MPZ6M0ovfnDNzKaW4H0937Njg HTTP 302
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ATuJsjyaxwIZC2FxQvAtZexYTK966rTTcMi8WLUlpv73h5oYHhyeDXpWAzpBl8p80MpaXXdTMWX8xQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1761119012%3A1709067099324531&theme=glif

Request Chain 29

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ATuJsjyrQdmCQlJETfehTS9OynMh2-Mbkpv_-ml4hzrljOQ-0SvP_CjrUExBl7n3EgqVfY28X8N8 HTTP 302
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ATuJsjxpyqoUa8H5e3RT9wbQ95gvoey-XxnOq1C6UzYoPCUL1RaTkL8jK_EhhL7EF4G_a9MVe5iK&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-318715735%3A1709067099177947&theme=glif

Request Chain 30

http://rbrightscarletcl.info/popunder.gif HTTP 301
https://rbrightscarletcl.info/popunder.gif

Request Chain 60

http://t.sharethis.com/a/t_.htm?ver=1.1280.23384&cid=c010&cls=B HTTP 307
https://t.sharethis.com/a/t_.htm?ver=1.1280.23384&cid=c010&cls=B

Request Chain 62

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP 302
https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ATuJsjxPKKvTaJa5sFAcfgmuyIHwwFqaBT0Xn55krrdXhlmAHal2AxAUPZh_5byEqm4P-NPBp9EmhQ HTTP 302
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ATuJsjwcxgOgNvYcuEGBfBSIV71UFWXrwpXhFEhoTcmELxBagcNqJ6YpFsjXFGLz3EkvPNHC9Zq4Ug&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S84802345%3A1709067099398818&theme=glif

Request Chain 65

https://bcp.crwdcntrl.net/5/c=9084/tp=SARE/tpid=ZHOAA2XeS1oAAAAICTx%2FAw%3D%3D&gdpr=0&gdpr_consent=?https%3A%2F%2Fsync.sharethis.com%2Fint%2Flotame%3Fuid%3D%24%7Bprofile_id%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=9084/tp=SARE/tpid=ZHOAA2XeS1oAAAAICTx%2FAw%3D%3D&gdpr=0&gdpr_consent=?https%3A%2F%2Fsync.sharethis.com%2Fint%2Flotame%3Fuid%3D%24%7Bprofile_id%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://sync.sharethis.com/int/lotame?uid=756ec56545a2fc123f2b5e6486b743b3&gdpr=0&gdpr_consent=

Request Chain 66

https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://sync.sharethis.com/ttd?uid=71a896f5-ddf3-42b7-99c1-d199458dc3f4&gdpr=0&gdpr_consent=

Request Chain 67

https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent= HTTP 302
https://sync.sharethis.com/eyeota?uid=2lg824FQhlEg_eEwUC2D3wE81dKEVw-hc4jhWlXNNKiA&gdpr=0&gdpr_consent=

Request Chain 68

https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZHOAA2XeS1oAAAAICTx%2FAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D HTTP 302
https://idsync.rlcdn.com/395886.gif?partner_uid=3642374046808539173 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzY0MjM3NDA0NjgwODUzOTE3MxAAGg0I25b5rgYSBQjoBxAAQgBKAA HTTP 307
https://ml314.com/csync.ashx?fp=1be9b95cf7f40596163e01ece2221ce8d35bd05cd0a4ec3372c403b691e9000ef4cb09cee1a4f8eb&person_id=3642374046808539173&eid=50082

Request Chain 69

https://cms.analytics.yahoo.com/cms?partner_id=SHARE&gdpr=0&euconsent= HTTP 302
https://ups.analytics.yahoo.com/ups/58724/cms?partner_id=SHARE&gdpr=0&euconsent= HTTP 302
https://sync.sharethis.com/yahoo?uid=y-TjDEtlRE2oNL.aSdw9I70dgUXF7v49Q82sI-~A&gdpr=0

Request Chain 88

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFqsBEZHimgKmHQPSqhS30k&google_cver=1

Request Chain 89

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zd5LXIsFVpAAAAdQAAQu1gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFqsBEZHimgKmHQPSqhS30k&google_cver=1

Request Chain 90

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEBO8J8ZVwprXp6eBpFIVQhM&google_cver=1

Request Chain 91

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQ4MDMyMTg2NzA2MjkxMjMwNA%3D%3D

119 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
kanzalia.com/ 88 KB
18 KB 267ms
234ms Document
text/html 172.104.184.240
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: http://kanzalia.com/
Protocol: HTTP/1.1
Server: 172.104.184.240 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1775-240.members.linode.com
Software: LiteSpeed /
Resource Hash: d1e08c32e5bf942f89164ac60372255ca276555d12f6feb792a6076ef832bbc6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 27 Feb 2024 20:51:37 GMT
link: <https://kanzalia.com/wp-json/>; rel="https://api.w.org/"
server: LiteSpeed
transfer-encoding: chunked
vary: Accept-Encoding,User-Agent

GET
H/1.1 200
OK idblog-core.css
kanzalia.com/wp-content/plugins/idblog-core/css/ 7 KB
2 KB 30ms
27ms Stylesheet
text/css 172.104.184.240
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: http://kanzalia.com/wp-content/plugins/idblog-core/css/idblog-core.css?ver=1.0.0
Requested by: Host: kanzalia.com
URL: http://kanzalia.com/
Protocol: HTTP/1.1
Server: 172.104.184.240 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1775-240.members.linode.com
Software: LiteSpeed /
Resource Hash: 842fdd042483fa98e322a986ab8f21739eef3b4cffc09b637d0b3728bfb05430

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://kanzalia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 20:51:37 GMT
content-encoding: gzip
last-modified: Thu, 07 Dec 2023 06:54:49 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css; charset=UTF-8
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 1841
expires: Tue, 05 Mar 2024 20:51:37 GMT

GET
H/1.1 200
OK style.css
kanzalia.com/wp-content/themes/superfast/ 45 KB
10 KB 50ms
47ms Stylesheet
text/css 172.104.184.240
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: http://kanzalia.com/wp-content/themes/superfast/style.css?ver=2.1.3
Requested by: Host: kanzalia.com
URL: http://kanzalia.com/
Protocol: HTTP/1.1
Server: 172.104.184.240 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1775-240.members.linode.com
Software: LiteSpeed /
Resource Hash: 0d4ccdb61fb27f34a2eb755463215c47acebc9ef0783264444fea77972b9f29d

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://kanzalia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 20:51:37 GMT
content-encoding: gzip
last-modified: Tue, 02 Jan 2024 14:17:58 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css; charset=UTF-8
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 9779
expires: Tue, 05 Mar 2024 20:51:37 GMT

GET
H/1.1 200
OK jquery.min.js Show response
kanzalia.com/wp-includes/js/jquery/ 86 KB
30 KB 58ms
55ms Script
application/javascript 172.104.184.240
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: http://kanzalia.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: kanzalia.com
URL: http://kanzalia.com/
Protocol: HTTP/1.1
Server: 172.104.184.240 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1775-240.members.linode.com
Software: LiteSpeed /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://kanzalia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 20:51:37 GMT
content-encoding: gzip
last-modified: Mon, 28 Aug 2023 22:44:24 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 30412
expires: Tue, 05 Mar 2024 20:51:37 GMT

GET
H/1.1 200
OK jquery-migrate.min.js Show response
kanzalia.com/wp-includes/js/jquery/ 13 KB
5 KB 53ms
51ms Script
application/javascript 172.104.184.240
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: http://kanzalia.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: kanzalia.com
URL: http://kanzalia.com/
Protocol: HTTP/1.1
Server: 172.104.184.240 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1775-240.members.linode.com
Software: LiteSpeed /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://kanzalia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 20:51:37 GMT
content-encoding: gzip
last-modified: Fri, 09 Jun 2023 11:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 4870
expires: Tue, 05 Mar 2024 20:51:37 GMT

GET
H2

200

sharethis.js Show response
platform-api.sharethis.com/js/
Redirect Chain

http://platform-api.sharethis.com/js/sharethis.js?ver=8.4.12
https://platform-api.sharethis.com/js/sharethis.js?ver=8.4.12

206 KB
46 KB

45ms
19ms

Script
text/javascript

13.33.88.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://platform-api.sharethis.com/js/sharethis.js?ver=8.4.12

Requested by

Host: kanzalia.com
URL: http://kanzalia.com/

Protocol

Server

13.33.88.100 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-33-88-100.sin2.r.cloudfront.net

Software

Resource Hash

cf9e92205faeb2fc9929f8aaf67ee6fb15084be8994babd310cfa01d62e29e5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://kanzalia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 20:49:19 GMT
content-encoding: gzip
via: 1.1 31d603b763553e4238110d07f30c186e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: SIN2-P2
age: 213
etag: W/"3360d-7zvdaxLS2Lhi3Pty7QrCYymkuqI"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
edge-control: cache-maxage=60m,downstream-ttl=60m
cache-control: max-age=600, public
x-cache: Hit from cloudfront
x-amz-cf-id: x4tTEqhnx7CXwH63bN_AWmS0gSGPaheu9Fa1lLn4e8a5z4pOFVRn9Q==

Redirect headers

Date: Tue, 27 Feb 2024 20:51:38 GMT
Via: 1.1 fbb0eee872ada24336cf35814e95a30c.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: SIN2-P2
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://platform-api.sharethis.com/js/sharethis.js?ver=8.4.12
Connection: keep-alive
Content-Length: 167
X-Amz-Cf-Id: jzQzFHlBVU0HzlmW8_V_MdsusYiDGiKehSMVLzC4G1GWisfaQV0Dhg==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 265 KB
91 KB 359ms
25ms Script
application/javascript 74.125.200.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-NWMSVYLZZH

Requested by

Host: kanzalia.com
URL: http://kanzalia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

9e5d8e55792e4e8edbd75163ab9d1eeffb7f885cf72d29221e57543b76feba32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://kanzalia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 20:51:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92547
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 27 Feb 2024 20:51:38 GMT

GET
H2 200 custom.js Show response
kanzalia.com/wp-content/uploads/hm_custom_css_js/ 513 B
607 B 167ms
106ms Script
application/javascript 172.104.184.240
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://kanzalia.com/wp-content/uploads/hm_custom_css_js/custom.js?ver=1707302893
Requested by: Host: kanzalia.com
URL: http://kanzalia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.104.184.240 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1775-240.members.linode.com
Software: LiteSpeed /
Resource Hash: 756e2e719a642f209b84a25cae6bdb74e92324c4ad21273e8523ca20a5bd4358

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://kanzalia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 20:51:38 GMT
content-encoding: br
last-modified: Wed, 07 Feb 2024 10:48:13 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 283
expires: Tue, 05 Mar 2024 20:51:38 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 90 KB
29 KB 378ms
33ms Script
text/javascript 142.251.10.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: kanzalia.com
URL: http://kanzalia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.157 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f157.1e100.net

Software

cafe /

Resource Hash

e0cd58f05c3e8a0af05febc2ef1d3dbd6e88776c0f2063a43b0f6945a12bfb02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://kanzalia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 20:51:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28760
x-xss-protection: 0
server: cafe
etag: 825 / 19780 / m202402200101 / config-hash: 15796071134116293544
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 27 Feb 2024 20:51:39 GMT

GET
H/1.1 200
OK / Show response
d34cixo0lr52lw.cloudfront.net/ 205 KB
68 KB 624ms
313ms Script
text/plain 13.35.21.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://d34cixo0lr52lw.cloudfront.net/?oxicd=991664
Requested by: Host: kanzalia.com
URL: http://kanzalia.com/
Protocol: HTTP/1.1
Server: 13.35.21.182 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-21-182.sin5.r.cloudfront.net
Software: /
Resource Hash: afa8ea7e9b1c1f589fe5662651ad511826ae5e125e71d7c2a5661b737bbf5a88

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://kanzalia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Feb 2024 20:51:38 GMT
Content-Encoding: gzip
Via: 1.1 490cd3b4c8c8e2aafa0be58f76446f44.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: SIN5-C1
X-Cache: Miss from cloudfront
access-control-allow-origin: *
Cache-Control: no-store, no-cache, proxy-revalidate, must-revalidate, private, no-transform
Connection: keep-alive
Content-Length: 69594
X-Amz-Cf-Id: Ill0CExDpfRYW9lv51ick1Uny7FhDlU5isOAsL4p6uhKTQnMM1PbKw==

GET
H/1.1 200
OK b9e64d85127374594eb40640862254df.js Show response
streakattempt.com/b9/e6/4d/ 75 KB
29 KB 493ms
483ms Script
application/javascript 192.243.61.227
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://streakattempt.com/b9/e6/4d/b9e64d85127374594eb40640862254df.js

Requested by

Host: kanzalia.com
URL: http://kanzalia.com/

Protocol

HTTP/1.1

Server

192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

ba8cc8e945ec26698cf34d672cd00099c5ac144b3d5f0d433e17eeb3447dd3d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://kanzalia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 20:51:38 GMT
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Cache-Control: no-cache
Connection: keep-alive
X-Request-ID: 23d8dd636246b0f8eb19685c932733ca
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 adManager.js Show response
js.wpadmngr.com/static/ 2 KB
1 KB 54ms
14ms Script
application/javascript 45.133.44.52
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/static/adManager.js
Requested by: Host: kanzalia.com
URL: http://kanzalia.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: b78c5c3f93b9d9d8dcb46d08d4f67cbcf71ff8b2ec96c03543fc377ce446b6e6

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://kanzalia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

expires: Tue, 27 Feb 2024 20:56:38 GMT
date: Tue, 27 Feb 2024 20:51:38 GMT
content-encoding: gzip
last-modified: Thu, 22 Feb 2024 12:25:33 GMT
server: nginx/1.18.0
etag: W/"65d73d3d-6c3"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
x-proxy-cache: HIT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 154 KB
51 KB 379ms
42ms Script
text/javascript 172.253.118.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7418199738286529&host=ca-host-pub-2644536267352236

Requested by

Host: kanzalia.com
URL: http://kanzalia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f155.1e100.net

Software

cafe /

Resource Hash

846897c65d4e8dc05e65334f9038bfa1611f4b7b7f9947bf81a883cde1ac1895

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://kanzalia.com/
Origin: http://kanzalia.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 20:51:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52064
x-xss-protection: 0
server: cafe
etag: 4124852805376525012
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Tue, 27 Feb 2024 20:51:39 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 154 KB
51 KB 369ms
32ms Script
text/javascript 172.253.118.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7418199738286529

Requested by

Host: kanzalia.com
URL: http://kanzalia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f155.1e100.net

Software

cafe /

Resource Hash

f64a1073cedcb007beea92fa50c0a3a52028212fbcc520406a6654ad2e01d34f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://kanzalia.com/
Origin: http://kanzalia.com
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 20:51:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52061
x-xss-protection: 0
server: cafe
etag: 10713719793762561722
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Tue, 27 Feb 2024 20:51:39 GMT

GET
H2 200 Kanzalia-dot-com.png
kanzalia.com/wp-content/uploads/2020/02/ 10 KB
10 KB 166ms
106ms Image
image/png 172.104.184.240
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kanzalia.com/wp-content/uploads/2020/02/Kanzalia-dot-com.png
Requested by: Host: kanzalia.com
URL: http://kanzalia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.104.184.240 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1775-240.members.linode.com
Software: LiteSpeed /
Resource Hash: bf46dce541c2d6e88c2c5b068aaec651fb0d6f5f4f4d3fb5f24ceb60f3b62449

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://kanzalia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 20:51:38 GMT
last-modified: Tue, 28 Jul 2020 15:45:18 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 10215
expires: Tue, 05 Mar 2024 20:51:38 GMT

GET
H2 200 Mod-Hino-Lohan-Ets2-200x135.jpg
kanzalia.com/wp-content/uploads/2023/12/ 11 KB
11 KB 167ms
107ms Image
image/jpeg 172.104.184.240
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kanzalia.com/wp-content/uploads/2023/12/Mod-Hino-Lohan-Ets2-200x135.jpg
Requested by: Host: kanzalia.com
URL: http://kanzalia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.104.184.240 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1775-240.members.linode.com
Software: LiteSpeed /
Resource Hash: 432c85d102b03b0980137b46fbb08e0c1fb46101be8a7f681b84a7a61a8e85d7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://kanzalia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 20:51:38 GMT
last-modified: Sun, 31 Dec 2023 04:20:18 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 11456
expires: Tue, 05 Mar 2024 20:51:38 GMT

GET
H2 200 Mod-Map-Gabungan-Ets2-Indonesia-200x135.jpg
kanzalia.com/wp-content/uploads/2023/12/ 12 KB
12 KB 26ms
25ms Image
image/jpeg 172.104.184.240
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kanzalia.com/wp-content/uploads/2023/12/Mod-Map-Gabungan-Ets2-Indonesia-200x135.jpg
Requested by: Host: kanzalia.com
URL: http://kanzalia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.104.184.240 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1775-240.members.linode.com
Software: LiteSpeed /
Resource Hash: a0ad6879b3e537265366cc1bcfb539ccd370583d3734135154c410fbd62dbf61

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://kanzalia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 20:51:38 GMT
last-modified: Thu, 28 Dec 2023 03:34:37 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 12210
expires: Tue, 05 Mar 2024 20:51:38 GMT

GET
H2 200 Mod-Jetbus-5-V2-200x135.jpg
kanzalia.com/wp-content/uploads/2023/12/ 10 KB
10 KB 24ms
24ms Image
image/jpeg 172.104.184.240
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kanzalia.com/wp-content/uploads/2023/12/Mod-Jetbus-5-V2-200x135.jpg
Requested by: Host: kanzalia.com
URL: http://kanzalia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.104.184.240 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1775-240.members.linode.com
Software: LiteSpeed /
Resource Hash: 1ff3f53abe4fb5446e7357d39bc4547af57798154ef881a36ca66d4f0f148808

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://kanzalia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 20:51:38 GMT
last-modified: Thu, 21 Dec 2023 04:25:32 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 10617
expires: Tue, 05 Mar 2024 20:51:38 GMT

GET
H/1.1 200
OK ssba.js Show response
kanzalia.com/wp-content/plugins/simple-share-buttons-adder/js/ 3 KB
2 KB 16ms
16ms Script
application/javascript 172.104.184.240
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: http://kanzalia.com/wp-content/plugins/simple-share-buttons-adder/js/ssba.js?ver=1708496666
Requested by: Host: kanzalia.com
URL: http://kanzalia.com/
Protocol: HTTP/1.1
Server: 172.104.184.240 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1775-240.members.linode.com
Software: LiteSpeed /
Resource Hash: 1afeb9a2d9a01296c575126784a1d2ab736334ac419227c76be847640f9354b8

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://kanzalia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 20:51:38 GMT
content-encoding: gzip
last-modified: Wed, 21 Feb 2024 06:24:26 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 1192
expires: Tue, 05 Mar 2024 20:51:38 GMT

GET
H/1.1 200
OK customscript.js Show response
kanzalia.com/wp-content/themes/superfast/js/ 14 KB
5 KB 20ms
20ms Script
application/javascript 172.104.184.240
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: http://kanzalia.com/wp-content/themes/superfast/js/customscript.js?ver=2.1.3
Requested by: Host: kanzalia.com
URL: http://kanzalia.com/
Protocol: HTTP/1.1
Server: 172.104.184.240 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1775-240.members.linode.com
Software: LiteSpeed /
Resource Hash: dfa6d59d57e3b6ae87dfa5ce893036f4255a2b9d9dcc56898b41ee1091a2ca97

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://kanzalia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 20:51:38 GMT
content-encoding: gzip
last-modified: Tue, 02 Jan 2024 14:17:58 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 4597
expires: Tue, 05 Mar 2024 20:51:38 GMT

GET
H/1.1 200
OK frontend.min.js Show response
kanzalia.com/wp-content/plugins/q2w3-fixed-widget/js/ 23 KB
6 KB 36ms
36ms Script
application/javascript 172.104.184.240
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: http://kanzalia.com/wp-content/plugins/q2w3-fixed-widget/js/frontend.min.js?ver=6.2.3
Requested by: Host: kanzalia.com
URL: http://kanzalia.com/
Protocol: HTTP/1.1
Server: 172.104.184.240 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1775-240.members.linode.com
Software: LiteSpeed /
Resource Hash: a69c12ccd186a899db79fce802b46c08e71f69c2c422be2666ed8565e3add026

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://kanzalia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 20:51:38 GMT
content-encoding: gzip
last-modified: Fri, 02 Dec 2022 02:05:07 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 5410
expires: Tue, 05 Mar 2024 20:51:38 GMT

GET
H2 200 btn_close.gif
blog.kanzalia.com/wp-content/uploads/2023/11/ 362 B
686 B 88ms
12ms Image
image/gif 172.104.184.240
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.kanzalia.com/wp-content/uploads/2023/11/btn_close.gif
Requested by: Host: kanzalia.com
URL: http://kanzalia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.104.184.240 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1775-240.members.linode.com
Software: LiteSpeed /
Resource Hash: 0450e2e1aa3c8b5435690d841f3e573c4f521864e1f8e01a5b6dbcdac922c8b4

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://kanzalia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 20:51:38 GMT
last-modified: Wed, 15 Nov 2023 07:09:48 GMT
server: LiteSpeed
vary: User-Agent,Accept-Encoding,Accept-Encoding
content-type: image/gif
cache-control: public, max-age=10368000,public,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 362
expires: Wed, 26 Jun 2024 20:51:38 GMT

GET
H2 200 6260de4e742b6c001a1bdd23.js Show response
buttons-config.sharethis.com/js/ 438 B
882 B 1396ms
1026ms Script
text/javascript 13.227.254.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://buttons-config.sharethis.com/js/6260de4e742b6c001a1bdd23.js

Requested by

Host: platform-api.sharethis.com
URL: http://platform-api.sharethis.com/js/sharethis.js?ver=8.4.12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.254.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-254-23.sin52.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

2d7e3ffbe83b2d14982ca3d1ce2b606b6efc0b243207e669fb83ed26b9feda10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://kanzalia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 20:51:40 GMT
via: 1.1 900a893b03bf29fa958d4587d585157e.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
last-modified: Fri, 02 Dec 2022 10:29:34 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C3
x-amz-server-side-encryption: AES256
etag: "f31130f4d0015ee18f7cfa1cea2881eb"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/javascript
cache-control: public, max-age=60
accept-ranges: bytes
content-length: 438
x-amz-cf-id: j3rKqxIFzXHCVx9m1mwtqdfSG5uRnnratD4RV2pTgN1pOW0-lhS5AA==

GET
H/1.1

200
OK

sc Show response
l.sharethis.com/
Redirect Chain

https://l.sharethis.com/pview?event=pview&hostname=kanzalia.com&location=%2F&product=gdpr-compliance-tool-v2&url=http%3A%2F%2Fkanzalia.com%2F&source=simple-share-buttons-adder-wordpress&fcmp=false&...
https://l.sharethis.com/sc?event=pview&hostname=kanzalia.com&location=%2F&product=gdpr-compliance-tool-v2&url=http%3A%2F%2Fkanzalia.com%2F&source=simple-share-buttons-adder-wordpress&fcmp=false&fcm...

160 B
677 B

178ms
178ms

XHR
text/plain

3.120.23.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://l.sharethis.com/sc?event=pview&hostname=kanzalia.com&location=%2F&product=gdpr-compliance-tool-v2&url=http%3A%2F%2Fkanzalia.com%2F&source=simple-share-buttons-adder-wordpress&fcmp=false&fcmpv2=false&has_segmentio=false&title=Kanzalia.com%20%7C%20Mod%20Ets2%20Indonesia&cms=unknown&publisher=6260de4e742b6c001a1bdd23&sop=true&version=st_sop.js&lang=en&description=Informasi%20perkembangan%20Game%20Euro%20Truck%20Simulator%202%2C%20Mod%20Ets2%20Indonesia%20mulai%20dari%20Mod%20Bus%2C%20Mod%20Map%2C%20Mod%20Traffic%2C%20Mod%20Graphic%2C%20DOWNLOAD%20DISINI%20100%25%20GRATIS%20!!&samesite=None

Requested by

Host: kanzalia.com
URL: http://kanzalia.com/

Protocol

HTTP/1.1

Server

3.120.23.175 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-120-23-175.eu-central-1.compute.amazonaws.com

Software

Resource Hash

fc260ca05d8dfd03702d4978567800f2902915697cc64ee03dc8ab496bba30f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://kanzalia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 20:51:38 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Max-Age: 1728000
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: http://kanzalia.com
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Stid: ZHOAA2XeS1oAAAAICTx/Aw==
Access-Control-Allow-Headers: *
Content-Length: 160
X-Robots-Tag: noindex, nofollow

Redirect headers

Date: Tue, 27 Feb 2024 20:51:38 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Access-Control-Max-Age: 1728000
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: http://kanzalia.com
Location: /sc?event=pview&hostname=kanzalia.com&location=%2F&product=gdpr-compliance-tool-v2&url=http%3A%2F%2Fkanzalia.com%2F&source=simple-share-buttons-adder-wordpress&fcmp=false&fcmpv2=false&has_segmentio=false&title=Kanzalia.com%20%7C%20Mod%20Ets2%20Indonesia&cms=unknown&publisher=6260de4e742b6c001a1bdd23&sop=true&version=st_sop.js&lang=en&description=Informasi%20perkembangan%20Game%20Euro%20Truck%20Simulator%202%2C%20Mod%20Ets2%20Indonesia%20mulai%20dari%20Mod%20Bus%2C%20Mod%20Map%2C%20Mod%20Traffic%2C%20Mod%20Graphic%2C%20DOWNLOAD%20DISINI%20100%25%20GRATIS%20!!&samesite=None
Access-Control-Expose-Headers: stid
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Stid: ZHOAA2XeS1oAAAAICTx/Aw==
Access-Control-Allow-Headers: *
Content-Length: 677
X-Robots-Tag: noindex, nofollow

GET
H2 200 asd100.bin Show response
pogothere.xyz/ 100 KB
100 KB 546ms
506ms Fetch
binary/octet-stream 104.21.24.208
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/asd100.bin
Requested by: Host: d34cixo0lr52lw.cloudfront.net
URL: http://d34cixo0lr52lw.cloudfront.net/?oxicd=991664
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.24.208 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://kanzalia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 20:51:39 GMT
cf-cache-status: MISS
last-modified: Tue, 27 Feb 2024 20:51:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: http://kanzalia.com
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=puyjUWZGx%2F86kLO%2FahMQObZqIESUR0Oki%2FRe1ahYuXP1GBp1VHzOGkIQ23WDfm5QirAqHLv6iAUe97fkwLYboa%2FBrwzZZxfDSu1OfMCUbCUl%2BQBgj04M1HKiGFKCCII5"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 85c34e967bb087f6-SIN
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400

GET
H2 200 / Show response
pogothere.xyz/ 26 B
613 B 302ms
262ms Fetch
text/plain 104.21.24.208
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pogothere.xyz/
Requested by: Host: d34cixo0lr52lw.cloudfront.net
URL: http://d34cixo0lr52lw.cloudfront.net/?oxicd=991664
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.24.208 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a419bfea68e97d3437e3a55e2c019701699721b363b2ba303c9f88bd0ce4acee

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://kanzalia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 20:51:38 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GV7Vg9p%2FBt00kymDNEqXUVQzP7nuH8zKm4t2Ot7htw2LTKoU66hvZD%2FP5DAkSYS9aXXPvrqqguQrXAGdxQztp2%2FzekA%2F0IBPX8Bo1go1IVJ8qivSasuPLZ56WQDjOKYO"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET
access-control-allow-origin: http://kanzalia.com
content-type: text/plain
access-control-allow-credentials: true
cf-ray: 85c34e967baf87f6-SIN
access-control-allow-headers: X-Requested-With, content-type
alt-svc: h3=":443"; ma=86400

GET
H2 204 utx Show response
ourtshipanditlas.info/ 0
535 B 302ms
263ms XHR
text/plain 52.84.229.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ourtshipanditlas.info/utx?cb=ZEFDf2PvBvWG&top=kanzalia.com&tid=991664
Requested by: Host: d34cixo0lr52lw.cloudfront.net
URL: http://d34cixo0lr52lw.cloudfront.net/?oxicd=991664
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.229.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-229-11.sin2.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://kanzalia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Feb 2024 20:51:38 GMT
via: 1.1 e8cd61c9b2a785e4fc8167b0177016b8.cloudfront.net (CloudFront)
server: openresty/1.17.8.2
accept-ch: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
x-amz-cf-pop: SIN2-C1
x-cache: Miss from cloudfront
p3p: CP="NID DSP ALL COR"
access-control-allow-origin: http://kanzalia.com
cache-control: no-store, no-cache, must-revalidate, no-transform
access-control-allow-credentials: true
x-amz-cf-id: jE5MmOjtvUNg84HAaCviKHzr0jtmr_zdUeaFaWcmWYbWK6NxB-62xA==

GET
H2 204 R2c0dm9oWFcFUiQdbjUgAw94N1wkKHUzIggEdRElFhBiRywgXxICBiNaDU9ecVEAUB8uAwlHSTQTVQIaNFoFUAYpAVtLSTFaBVhcc0kHQ0F2QUFLXmETRBcIelYSBhszCwlHWHdeBEBYd14MQ1dz
rbrightscarletcl.info/ 0
261 B 311ms
264ms Image
text/plain 172.67.131.213
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rbrightscarletcl.info/R2c0dm9oWFcFUiQdbjUgAw94N1wkKHUzIggEdRElFhBiRywgXxICBiNaDU9ecVEAUB8uAwlHSTQTVQIaNFoFUAYpAVtLSTFaBVhcc0kHQ0F2QUFLXmETRBcIelYSBhszCwlHWHdeBEBYd14MQ1dz
Requested by: Host: kanzalia.com
URL: http://kanzalia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.131.213 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://kanzalia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 20:51:38 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=390Jw0TdzTYelyXyh6zzNvuvYqe0tHgi%2BuVXzIPR49rCR%2FVmHXnGiKEZgwQPB7peBBUvnCL80bOdKdtcnLIo2Dqz2F7kbWjRw7ywlyueCS3%2BmMY3OjtuqwuX0yAMzPg2lI6opUblOD8%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 85c34e97181540c8-SIN
alt-svc: h3=":443"; ma=86400

GET
H2 200 login.php
www.facebook.com/ 0
0 575ms
228ms Image
text/html 157.240.235.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/login.php?next=https%3A%2F%2Fwww.facebook.com%2Ffavicon.ico%3F_rdr%3Dp
Requested by: Host: kanzalia.com
URL: http://kanzalia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 157.240.235.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS: edge-star-mini-shv-04-sin6.facebook.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://kanzalia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

GET
H2

403

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&uilel=3&hl=en&service=mail
https://accounts.google.com/InteractiveLogin?continue=https://www.google.com/favicon.ico&hl=en&passive=true&service=mail&uilel=3&ifkv=ATuJsjz_7f9NhtjTUxFswBmP8oFERGsOx1o4t_9OuZE4RlSDK82Z6MPZ6M0ovfn...
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ATuJsjyaxwIZC2FxQvAtZexYTK966rTTcMi8WLUlpv73h5oYHhyeDXpWAzpBl8p80MpaXXdTMWX8xQ&passiv...

0
0

46ms
46ms

Image
text/html

142.251.175.84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ATuJsjyaxwIZC2FxQvAtZexYTK966rTTcMi8WLUlpv73h5oYHhyeDXpWAzpBl8p80MpaXXdTMWX8xQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1761119012%3A1709067099324531&theme=glif
Requested by: Host: kanzalia.com
URL: http://kanzalia.com/
Protocol: H2
Server: 142.251.175.84 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS: sh-in-f84.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://kanzalia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Redirect headers

date: Tue, 27 Feb 2024 20:51:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-dtnhjIVqmdGidLyrY1V4og' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 403
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ATuJsjyaxwIZC2FxQvAtZexYTK966rTTcMi8WLUlpv73h5oYHhyeDXpWAzpBl8p80MpaXXdTMWX8xQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1761119012%3A1709067099324531&theme=glif
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

403

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
https://accounts.google.com/InteractiveLogin?continue=https://www.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ATuJsjyrQdmCQlJETfehTS9OynMh2-Mbkpv_-ml4hzrljOQ-0SvP_CjrUEx...
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ATuJsjxpyqoUa8H5e3RT9wbQ95gvoey-XxnOq1C6UzYoPCUL1RaTkL8jK_EhhL7EF4G_a9MVe5iK&passive...

0
0

72ms
72ms

Image
text/html

142.251.175.84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ATuJsjxpyqoUa8H5e3RT9wbQ95gvoey-XxnOq1C6UzYoPCUL1RaTkL8jK_EhhL7EF4G_a9MVe5iK&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-318715735%3A1709067099177947&theme=glif
Requested by: Host: kanzalia.com
URL: http://kanzalia.com/
Protocol: H2
Server: 142.251.175.84 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS: sh-in-f84.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://kanzalia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Redirect headers

date: Tue, 27 Feb 2024 20:51:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'report-sample' 'nonce-f5G4cfG7xPaWNPgiq14hcw' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 405
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ATuJsjxpyqoUa8H5e3RT9wbQ95gvoey-XxnOq1C6UzYoPCUL1RaTkL8jK_EhhL7EF4G_a9MVe5iK&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-318715735%3A1709067099177947&theme=glif
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

popunder.gif
rbrightscarletcl.info/
Redirect Chain

http://rbrightscarletcl.info/popunder.gif
https://rbrightscarletcl.info/popunder.gif

35 B
536 B

22ms
22ms

Image
image/gif

172.67.131.213
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rbrightscarletcl.info/popunder.gif
Requested by: Host: kanzalia.com
URL: http://kanzalia.com/
Protocol: H2
Server: 172.67.131.213 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://kanzalia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: public
date: Tue, 27 Feb 2024 20:51:38 GMT
cf-cache-status: HIT
last-modified: Tue, 27 Feb 2024 17:08:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 13391
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WG48hl23waMVZLMoG%2F0d%2BoP383wh9UE%2FcAr2SEYbxHThB7n1KqnzJ1riD6ICdRlrA4csByMOWFtLqYtjdgduUcOfGAViawtSgyACnAjY6aBWmGP1n9LprbKYnVEkCv%2BKiX158qbV3S8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800, immutable
cf-ray: 85c34e97783740c8-SIN
alt-svc: h3=":443"; ma=86400

Redirect headers

Date: Tue, 27 Feb 2024 20:51:38 GMT
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9PMTYM9BnGY8InE7tWpycvzR61D1ZFKev5gcwbltJvaC%2BLE68WPgU9z4Ui4Az8XjjpUCT8SHs1ifh6WzlGGJxH0PU9o%2FAJ7xc0J0W60fDXvqWGC30oFRZx00ptrl3aBphuMy5Fzs0zU%3D"}],"group":"cf-nel","max_age":604800}
Location: https://rbrightscarletcl.info/popunder.gif
Cache-Control: max-age=3600
Vary: Accept-Encoding
Connection: keep-alive
CF-RAY: 85c34e974c203d99-SIN
alt-svc: h3=":443"; ma=86400
Expires: Tue, 27 Feb 2024 21:51:38 GMT

GET
H2 204 a0FASGpmRkBIam5FTkg
rbrightscarletcl.info/U1Zwd3h8aRMERTBmPQ0bYTI8Eg8RFyZHOmQVQDUpAjg5MyliE1YDETdrSU5JZWBFUQg6Mk1GQHUlBBYMJiVNRl46OBYYRXUgTUZWY3hCWUx1I01GXicmERBFYnAAAww/ 0
249 B 262ms
261ms Image
text/plain 172.67.131.213
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rbrightscarletcl.info/U1Zwd3h8aRMERTBmPQ0bYTI8Eg8RFyZHOmQVQDUpAjg5MyliE1YDETdrSU5JZWBFUQg6Mk1GQHUlBBYMJiVNRl46OBYYRXUgTUZWY3hCWUx1I01GXicmERBFYnAAAww/a0FASGpmRkBIam5FTkg
Requested by: Host: kanzalia.com
URL: http://kanzalia.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.131.213 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://kanzalia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 20:51:38 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rCJcKpLLDJ7AfmZRbRwj1h5ENoc5jOjohsdtoN%2FwViho53bu44EOyUtU0V7hntDeiQnvDU2KOhMpcBupomzwrJOG2bpFkEgOoZUBxJk5l7rNRIx0qI8SP4QDqLDhP5k4%2FW0mCtc5gRw%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 85c34e97281740c8-SIN
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK sfp.js Show response
friendshipmale.com/ 83 KB
28 KB 622ms
310ms Script
application/javascript 104.21.234.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

http://friendshipmale.com/sfp.js

Requested by

Host: streakattempt.com
URL: http://streakattempt.com/b9/e6/4d/b9e64d85127374594eb40640862254df.js

Protocol

HTTP/1.1

Server

104.21.234.32 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac84c2f8288b59f8e04ba77287ce696052bfeee0d462a566d94dc305df646c95

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://kanzalia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 20:51:39 GMT
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip
CF-Cache-Status: EXPIRED
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding: chunked
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Connection: keep-alive
alt-svc: h3=":443"; ma=86400
X-Request-ID: fea4bedfce00b80b604cdc7a09408bc3
Last-Modified: Tue, 27 Feb 2024 20:51:38 GMT
Server: cloudflare
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FDmKhmcRvOkKFXl1xQZoC45BIoKvtiblMujZlU8BrqQE9gvhS%2F3TWLFrM5npIgk%2BItZwhNHmvmmXq5ywG1PtOmmnM8xwHsUT%2F3pLpQwEnsh41peKRjt43WoZ8hsNrfB1G24rEaY%3D"}],"group":"cf-nel","max_age":604800}
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=14400
CF-RAY: 85c34e99992d601c-SIN
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 stats Show response
proftrafficcounter.com/ 40 B
298 B 60ms
13ms XHR
text/html 52.77.115.37
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://proftrafficcounter.com/stats
Requested by: Host: streakattempt.com
URL: http://streakattempt.com/b9/e6/4d/b9e64d85127374594eb40640862254df.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.77.115.37 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-77-115-37.ap-southeast-1.compute.amazonaws.com
Software: fasthttp /
Resource Hash: 9da21beba1f05fd694185c3c556066e62548bfed082789bc596aa2ca7586f60c

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://kanzalia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

access-control-allow-origin: http://kanzalia.com
date: Tue, 27 Feb 2024 20:51:38 GMT
access-control-allow-credentials: true
server: fasthttp
content-length: 40
vary: Origin
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK purst
loiteringcoaltuesday.com/pixel/ 0
469 B 533ms
528ms Image
text/plain 172.240.108.92
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://loiteringcoaltuesday.com/pixel/purst?dl=0&th=0&sc=0&rs=1003.2000045776367&rd=1003.2000045776367&fd=727.4000015258789&bv=24.2.6519&tmpl=70
Requested by: Host: kanzalia.com
URL: http://kanzalia.com/
Protocol: HTTP/1.1
Server: 172.240.108.92 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://kanzalia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 20:51:39 GMT
Server: nginx/1.21.6
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: no-cache
Connection: keep-alive
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 200 Download-ets2-1.49-full-dlc-200x135.jpg
kanzalia.com/wp-content/uploads/2023/12/ 10 KB
10 KB 41ms
41ms Image
image/jpeg 172.104.184.240
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kanzalia.com/wp-content/uploads/2023/12/Download-ets2-1.49-full-dlc-200x135.jpg
Requested by: Host: kanzalia.com
URL: http://kanzalia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.104.184.240 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1775-240.members.linode.com
Software: LiteSpeed /
Resource Hash: a1191fdd14232164b156ab8d3f6f5e0e68b930ef25a787cf5801ce5adb7e6b6f

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://kanzalia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 20:51:38 GMT
last-modified: Thu, 07 Dec 2023 09:45:25 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 10436
expires: Tue, 05 Mar 2024 20:51:38 GMT

GET
H3 200 Mod-Map-Rajawali-Ets2-Indonesia-200x135.jpg
kanzalia.com/wp-content/uploads/2023/11/ 9 KB
9 KB 39ms
38ms Image
image/jpeg 172.104.184.240
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kanzalia.com/wp-content/uploads/2023/11/Mod-Map-Rajawali-Ets2-Indonesia-200x135.jpg
Requested by: Host: kanzalia.com
URL: http://kanzalia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.104.184.240 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1775-240.members.linode.com
Software: LiteSpeed /
Resource Hash: 578993f847158d1e0493ce7b0ffba058859d3ffa840b472010cd403462d71c42

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://kanzalia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 20:51:38 GMT
last-modified: Mon, 06 Nov 2023 02:01:45 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 8958
expires: Tue, 05 Mar 2024 20:51:38 GMT

GET
H3 200 Download-ets2-1.48-full-dlc-200x135.jpg
kanzalia.com/wp-content/uploads/2023/08/ 9 KB
9 KB 43ms
42ms Image
image/jpeg 172.104.184.240
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kanzalia.com/wp-content/uploads/2023/08/Download-ets2-1.48-full-dlc-200x135.jpg
Requested by: Host: kanzalia.com
URL: http://kanzalia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.104.184.240 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1775-240.members.linode.com
Software: LiteSpeed /
Resource Hash: 885744aad10ecef26445abb495cc7dd1d8288c24247f6c74301f23edaaf0a2fd

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://kanzalia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 20:51:38 GMT
last-modified: Wed, 30 Aug 2023 14:36:25 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 9439
expires: Tue, 05 Mar 2024 20:51:38 GMT

GET
H3 200 Mod-Jetbus-5-V2-60x60.jpg
kanzalia.com/wp-content/uploads/2023/12/ 3 KB
3 KB 42ms
41ms Image
image/jpeg 172.104.184.240
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kanzalia.com/wp-content/uploads/2023/12/Mod-Jetbus-5-V2-60x60.jpg
Requested by: Host: kanzalia.com
URL: http://kanzalia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.104.184.240 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1775-240.members.linode.com
Software: LiteSpeed /
Resource Hash: 61786dd29e59d453951c675df3a6d83a8c9be06d4b4e3b1560842cf4bea6cc63

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://kanzalia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 20:51:38 GMT
last-modified: Thu, 21 Dec 2023 04:25:32 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2897
expires: Tue, 05 Mar 2024 20:51:38 GMT

GET
H3 200 Mod-jetbus-3-shd-ets2-60x60.jpg
kanzalia.com/wp-content/uploads/2023/01/ 3 KB
3 KB 44ms
43ms Image
image/jpeg 172.104.184.240
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kanzalia.com/wp-content/uploads/2023/01/Mod-jetbus-3-shd-ets2-60x60.jpg
Requested by: Host: kanzalia.com
URL: http://kanzalia.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.104.184.240 Singapore, Singapore, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1775-240.members.linode.com
Software: LiteSpeed /
Resource Hash: 19424969cde4822b67331990c378205f635a2995a58bd2c0de8e8ebe84414727

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://kanzalia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 20:51:38 GMT
last-modified: Mon, 16 Jan 2023 02:15:06 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2874
expires: Tue, 05 Mar 2024 20:51:38 GMT

GET
DATA 200
OK truncated
/ 364 B
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e6ef188fffc554aea26b8ae5f90e66bc650fbee26493e9035e7d948a220ed1c6

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://kanzalia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type: text/css

GET
H2 200 marlboro.txt Show response
x8.makaronibasah.com/ 10 KB
2 KB 412ms
49ms Fetch
text/plain 172.67.179.196
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://x8.makaronibasah.com/marlboro.txt
Requested by: Host: kanzalia.com
URL: https://kanzalia.com/wp-content/uploads/hm_custom_css_js/custom.js?ver=1707302893
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.179.196 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 6d147577362f874e9c1ec21defc7d5a5b32f62cd488174c88c2babe4d9c4e7e9

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://kanzalia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 20:51:39 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 27 Feb 2024 10:55:36 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"283b-18dea34a840-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BSpO43RgCbbI%2B3t2qAB%2BuI8H%2BRyHL%2BmjpCZ009vp3%2FRtQo%2FVPh9mDO41mBG1TESuKUEz3l7Z6ZY5rEDFGnyhR0etUYjznXpGtfkf8Uu%2B%2BJhHaeUU0U62ax1fegwPJFVwj56w%2Fgi9zQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=0
cf-ray: 85c34e997c873f59-SIN
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK VkNuMUw3IQ1cczd+DBc5JC9TFH4QZlx3KGV3DVg0OXMCQ3lkLxkfLzosG1UqJCwARWI4JhoUfhACO10eIhk5VjQZNCN1Gi8aV3IaPhEPAxo0Fl9JfAYrWnoOPwkedSRuJD5IOx0JX1YiE3MdYwk8GR5nGRsGI0sjHRQrBX8ZJFtoGw4SX3IdMhU0XwUMBT9SeTcRX... Show response
ourtshipanditlas.info/ Frame 0F60 3 KB
2 KB 290ms
288ms Document
text/html 52.84.229.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://ourtshipanditlas.info/VkNuMUw3IQ1cczd+DBc5JC9TFH4QZlx3KGV3DVg0OXMCQ3lkLxkfLzosG1UqJCwARWI4JhoUfhACO10eIhk5VjQZNCN1Gi8aV3IaPhEPAxo0Fl9JfAYrWnoOPwkedSRuJD5IOx0JX1YiE3MdYwk8GR5nGRsGI0sjHRQrBX8ZJFtoGw4SX3IdMhU0XwUMBT9SeTcRXnUEBSQUdx09CCVIAhoGL106GRInVw0Cd1p1CRQiKHYKEhU7ACsMBjtiDQI0GXAkHyEKAxYyABZJfwwvX2QbHjsFYgoPMgoDFjIGCXR0Dy8CcBsuARZpfQMSNHYOExIoQSUYEUMBGhQHDVsPFyAqfjUUCjhIeTgZX0EAAXE8SRRnFS9+GCEZLXAeZRkHBA0BLicFDhd3IFV+DCcvVnwuExl7AQIULFoIMXMPYRg9Cj93IwMZOAgUBC4kBxtnJwtofyYhNnR9MRksBQkSKSNcDhMBD3cLECY7WhY+GgVCHQAUIxcmJSwAQXE1OSZcNDEBXkQL
Requested by: Host: d34cixo0lr52lw.cloudfront.net
URL: http://d34cixo0lr52lw.cloudfront.net/?oxicd=991664
Protocol: HTTP/1.1
Server: 52.84.229.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-229-11.sin2.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: 788098a1c6baa5fd2dd9c88e4165cdd4b84b4bc7122393295456e9156b4d3944

Request headers

Referer: http://kanzalia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

Accept-CH: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
Connection: keep-alive
Content-Length: 1231
Content-Type: text/html
Date: Tue, 27 Feb 2024 20:51:38 GMT
P3P: CP="NID DSP ALL COR"
Pragma: no-cache
Server: openresty/1.17.8.2
Via: 1.1 fe526590cbb2126b4baee2eb7ee38048.cloudfront.net (CloudFront)
X-Amz-Cf-Id: KLRXRQDPGy8ATWvi0shslgQegvzPGu2pyeVcsUgzIseByl-2rrJ_8Q==
X-Amz-Cf-Pop: SIN2-C1
X-Cache: Miss from cloudfront
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip

GET
H/1.1 200
OK fCQSCSIVEDJ4IAwoLS09El0qGh40I1o4MmIDGyQUNFQdPBwQKxAfLBILEng1FD4 Show response
ourtshipanditlas.info/aWhLekQICigXewhVKVwxGwR2X3YvTXk8IFpcKBM8BlgnCHFbBDxUJwUHPh4iGwclDmoHDT9fdi8NBi99Oj4hIBcgLDwNBzw9JjQpGjgIMnECMQo3HCM7Dk8TLC4yMD0vORErdBgpJjgqJTsjFiE+LRIeByMlHSIOGAsNChUgPB0IAS8... Frame BDDB 3 KB
2 KB 287ms
286ms Document
text/html 52.84.229.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://ourtshipanditlas.info/aWhLekQICigXewhVKVwxGwR2X3YvTXk8IFpcKBM8BlgnCHFbBDxUJwUHPh4iGwclDmoHDT9fdi8NBi99Oj4hIBcgLDwNBzw9JjQpGjgIMnECMQo3HCM7Dk8TLC4yMD0vORErdBgpJjgqJTsjFiE+LRIeByMlHSIOGAsNChUgPB0IAS85IzcTGiANA3BbJgoJAgg7KEkHWB8sMQBQCRMpcVoyAzsBMD8BAAYoLiUwEFAxHSkFBSIZNwAPEjwTAR4mbkgCMFoSIwU+GCM8BiQsLQMRTFoNLQUNXy9IElkuA0stJQ8KPB4HDCA4KChNeTwNAxgfKC0GHxssfS8JJlcFOCk8MHAPLx47AiFZIhwoWDIEAHxfLTw3CQ1aGj0cOjF+NzwkLC0AERM+HRUjDFsGPwU6H30wAgULABQgAgsKOH0wICw9DFoELCMFCg4uLTATKgo/fCQSCSIVEDJ4IAwoLS09El0qGh40I1o4MmIDGyQUNFQdPBwQKxAfLBILEng1FD4
Requested by: Host: d34cixo0lr52lw.cloudfront.net
URL: http://d34cixo0lr52lw.cloudfront.net/?oxicd=991664
Protocol: HTTP/1.1
Server: 52.84.229.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-229-11.sin2.r.cloudfront.net
Software: openresty/1.17.8.2 /
Resource Hash: aed9a790cdfb6f4fbfca3f61f0f762e39fcfe0e0ad1074c737be4e9a3121e259

Request headers

Referer: http://kanzalia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

Accept-CH: DPR, Width, Viewport-Width, Device-Memory, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List
Connection: keep-alive
Content-Length: 1223
Content-Type: text/html
Date: Tue, 27 Feb 2024 20:51:38 GMT
P3P: CP="NID DSP ALL COR"
Pragma: no-cache
Server: openresty/1.17.8.2
Via: 1.1 160bb0630905c94d984edd48c570887e.cloudfront.net (CloudFront)
X-Amz-Cf-Id: JpJFVh4q0yjmOmbEa7561ECdVwk71XUimZi_NAVMBryOOT2PQkqtcw==
X-Amz-Cf-Pop: SIN2-C1
X-Cache: Miss from cloudfront
cache-control: no-store, no-cache, must-revalidate, no-transform
content-encoding: gzip

GET
H2 200 adManager.m.js Show response
js.wpadmngr.com/static/ 104 KB
35 KB 21ms
21ms Script
application/javascript 45.133.44.52
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.wpadmngr.com/static/adManager.m.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 7093535c92c8b7651ca055b34c44b3686656471359c9ec3badb15b6019dcae4b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://kanzalia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

expires: Tue, 27 Feb 2024 20:56:38 GMT
date: Tue, 27 Feb 2024 20:51:38 GMT
content-encoding: gzip
last-modified: Thu, 22 Feb 2024 12:25:38 GMT
server: nginx/1.18.0
etag: W/"65d73d42-19fa5"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
x-proxy-cache: HIT

GET
H2 200 132645 Show response
na.nawpush.com/tags/ 1 KB
1 KB 252ms
204ms XHR
application/json 45.133.44.24
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://na.nawpush.com/tags/132645?version_name=a
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.24 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 929843d1fc4e08015a664fd602cde5549cf47b44eef856cebbcc1d3c23e6a180

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://kanzalia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 27 Feb 2024 20:51:39 GMT
cache-control: max-age=300, public
content-type: application/json
server: nginx/1.18.0
content-length: 1251
x-proxy-cache: EXPIRED

GET
H2 200 advertising.js Show response
js.capndr.com/ 0
238 B 79ms
20ms Script
application/javascript 45.133.44.53
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.capndr.com/advertising.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://kanzalia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

expires: Tue, 27 Feb 2024 20:56:39 GMT
date: Tue, 27 Feb 2024 20:51:39 GMT
last-modified: Fri, 14 Jul 2023 08:23:25 GMT
server: nginx/1.18.0
etag: "64b105fd-0"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
accept-ranges: bytes
content-length: 0
x-proxy-cache: HIT

GET
H/1.1 200
OK advertisers.js Show response
capaciousdrewreligion.com/ 0
329 B 495ms
489ms Script
application/javascript 192.243.59.20
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://capaciousdrewreligion.com/advertisers.js

Requested by

Host: streakattempt.com
URL: http://streakattempt.com/b9/e6/4d/b9e64d85127374594eb40640862254df.js

Protocol

HTTP/1.1

Server

192.243.59.20 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.19.5 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://kanzalia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 20:51:39 GMT
Strict-Transport-Security: max-age=0; includeSubdomains
Server: nginx/1.19.5
Content-Type: application/javascript
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
X-Request-ID: 355415bde9a397fe7512fa1598ca2f21
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H/1.1 200
OK t.dhj Show response
t.sharethis.com/1/k/ 2 KB
2 KB 104ms
14ms Script
application/javascript 23.59.168.112
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1/k/t.dhj?cid=c010&cls=B&dmn=kanzalia.com&rnd=1709067098993

Requested by

Host: platform-api.sharethis.com
URL: http://platform-api.sharethis.com/js/sharethis.js?ver=8.4.12

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.59.168.112 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-59-168-112.deploy.static.akamaitechnologies.com

Software

Resource Hash

33a84e0bcb8d233ebb1d0a2a90b0618266c4316278f076ba3164fb16dc3f1020

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://kanzalia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 20:51:39 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: application/javascript
Cache-Control: private, max-age=3600
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 1365
Expires: Tue, 27 Feb 2024 21:51:39 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
242 B 376ms
34ms Ping
text/plain 64.233.170.113
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-NWMSVYLZZH&gtm=45je42q1v869258177za200&_p=1709067098078&gcd=13l3l3l3l1&npa=0&dma=0&gdid=dZTNiMT&cid=1587048101.1709067099&ul=en-us&sr=1600x1200&pscdl=noapi&_s=1&sid=1709067099&sct=1&seg=0&dl=http%3A%2F%2Fkanzalia.com%2F&dt=Kanzalia.com%20%7C%20Mod%20Ets2%20Indonesia&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1360
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NWMSVYLZZH
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.233.170.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sg-in-f113.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://kanzalia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Feb 2024 20:51:39 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://kanzalia.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK AUlRtZWgxOwMDVyY9CVhRa2VbU1x0Ph4KBiJpDh8gPywKJ1gnE0sREjZpVUMEMzoKWE43Og5YWXQ1CQdVZnIZFQc5aR0DHSgzFQkKKyNLEAlvOQIfAT44DEBaFGFDVU1gZEUSATwwAhIbd2ZdCxx3Zl1UWHxkSFYqd2ZdEgE8YllAWxBxX1UQZGBEQFpiNR-0VBDc... Show response
d34cixo0lr52lw.cloudfront.net/ Frame 0F60 818 B
964 B 204ms
204ms Script
text/plain 13.35.21.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://d34cixo0lr52lw.cloudfront.net/AUlRtZWgxOwMDVyY9CVhRa2VbU1x0Ph4KBiJpDh8gPywKJ1gnE0sREjZpVUMEMzoKWE43Og5YWXQ1CQdVZnIZFQc5aR0DHSgzFQkKKyNLEAlvOQIfAT44DEBaFGFDVU1gZEUSATwwAhIbd2ZdCxx3Zl1UWHxkSFYqd2ZdEgE8YllAWxBxX1UQZGBEQFpiNR-0VBDcjCAcDOyBIVy5nZ1pLW2RxX1VAOTwZCAR3Zi5AWmI4BA4Nd2ZdAg0xPwJMTWBkDg0aPTkIQFoUZV9XRmJ6W1deY3pbXE1gZB4EDjMmBEBaFGFeUkZhYksQVWM
Requested by: Host: ourtshipanditlas.info
URL: http://ourtshipanditlas.info/VkNuMUw3IQ1cczd+DBc5JC9TFH4QZlx3KGV3DVg0OXMCQ3lkLxkfLzosG1UqJCwARWI4JhoUfhACO10eIhk5VjQZNCN1Gi8aV3IaPhEPAxo0Fl9JfAYrWnoOPwkedSRuJD5IOx0JX1YiE3MdYwk8GR5nGRsGI0sjHRQrBX8ZJFtoGw4SX3IdMhU0XwUMBT9SeTcRXnUEBSQUdx09CCVIAhoGL106GRInVw0Cd1p1CRQiKHYKEhU7ACsMBjtiDQI0GXAkHyEKAxYyABZJfwwvX2QbHjsFYgoPMgoDFjIGCXR0Dy8CcBsuARZpfQMSNHYOExIoQSUYEUMBGhQHDVsPFyAqfjUUCjhIeTgZX0EAAXE8SRRnFS9+GCEZLXAeZRkHBA0BLicFDhd3IFV+DCcvVnwuExl7AQIULFoIMXMPYRg9Cj93IwMZOAgUBC4kBxtnJwtofyYhNnR9MRksBQkSKSNcDhMBD3cLECY7WhY+GgVCHQAUIxcmJSwAQXE1OSZcNDEBXkQL
Protocol: HTTP/1.1
Server: 13.35.21.182 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-21-182.sin5.r.cloudfront.net
Software: /
Resource Hash: f1198e655c58ed4f8391879cbc01af01cf9a7821336f917a01144bb3e8bdf8d7

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://ourtshipanditlas.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 20:51:39 GMT
Content-Encoding: gzip
Via: 1.1 490cd3b4c8c8e2aafa0be58f76446f44.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: SIN5-C1
X-Cache: Miss from cloudfront
access-control-allow-origin: *
Cache-Control: max-age=31556926
Connection: keep-alive
Content-Length: 578
X-Amz-Cf-Id: L08onB00YjGxTiXqeKg8ELrOQX5VOwyqRQGE3bYkp_cMpJfV-jyqnQ==

GET
H/1.1 200
OK IjpTRiowPV9Fam-AQAwJ4fGUAFH1ifl1ZOz86EwMMd2QGXSY5MxMDfzUzVVoge3MEASw6JFlcKndkcAB9YHgGH3lgYAcfeWtzBAE8MzBXQyZ3ZHAEfGV4BQdpJ2sH Show response
d34cixo0lr52lw.cloudfront.net/eMU9SVjZSIDwwCUUmNmsPCH5kYAMXJSE5WEFyJyFQZQ0qAmBnLShleWEYdCJMVXJqcFpQITVrEFQhMWsHFy42NAsFaSc3C1wgKD9aXS53ZHAEYWJzBAFnJT9YVSAlJRMDfzwiEwN/Y2YYAWphFBMDfyU/WAd7d2V0FH1iLg... Frame BDDB 211 B
587 B 176ms
176ms Script
text/plain 13.35.21.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://d34cixo0lr52lw.cloudfront.net/eMU9SVjZSIDwwCUUmNmsPCH5kYAMXJSE5WEFyJyFQZQ0qAmBnLShleWEYdCJMVXJqcFpQITVrEFQhMWsHFy42NAsFaSc3C1wgKD9aXS53ZHAEYWJzBAFnJT9YVSAlJRMDfzwiEwN/Y2YYAWphFBMDfyU/WAd7d2V0FH1iLgAFZndkBlA/IjpTRiowPV9Fam-AQAwJ4fGUAFH1ifl1ZOz86EwMMd2QGXSY5MxMDfzUzVVoge3MEASw6JFlcKndkcAB9YHgGH3lgYAcfeWtzBAE8MzBXQyZ3ZHAEfGV4BQdpJ2sH
Requested by: Host: ourtshipanditlas.info
URL: http://ourtshipanditlas.info/aWhLekQICigXewhVKVwxGwR2X3YvTXk8IFpcKBM8BlgnCHFbBDxUJwUHPh4iGwclDmoHDT9fdi8NBi99Oj4hIBcgLDwNBzw9JjQpGjgIMnECMQo3HCM7Dk8TLC4yMD0vORErdBgpJjgqJTsjFiE+LRIeByMlHSIOGAsNChUgPB0IAS85IzcTGiANA3BbJgoJAgg7KEkHWB8sMQBQCRMpcVoyAzsBMD8BAAYoLiUwEFAxHSkFBSIZNwAPEjwTAR4mbkgCMFoSIwU+GCM8BiQsLQMRTFoNLQUNXy9IElkuA0stJQ8KPB4HDCA4KChNeTwNAxgfKC0GHxssfS8JJlcFOCk8MHAPLx47AiFZIhwoWDIEAHxfLTw3CQ1aGj0cOjF+NzwkLC0AERM+HRUjDFsGPwU6H30wAgULABQgAgsKOH0wICw9DFoELCMFCg4uLTATKgo/fCQSCSIVEDJ4IAwoLS09El0qGh40I1o4MmIDGyQUNFQdPBwQKxAfLBILEng1FD4
Protocol: HTTP/1.1
Server: 13.35.21.182 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-21-182.sin5.r.cloudfront.net
Software: /
Resource Hash: c437e16e9437467281fb2e549ba790aca8e8d26820d544888c4d66a4b6f04a9e

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://ourtshipanditlas.info/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 20:51:39 GMT
Content-Encoding: gzip
Via: 1.1 c38127ef40e972ba03fa4e269bbdb780.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: SIN5-C1
X-Cache: Miss from cloudfront
access-control-allow-origin: *
Cache-Control: max-age=31556926
Connection: keep-alive
Content-Length: 201
X-Amz-Cf-Id: tY9pn0bp_q3fEDhtrFUgWdyCWmum0Jvvh5lbxCe4vnxvOuvaQ8kaPQ==

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402200101/ 428 KB
135 KB 20ms
19ms Script
text/javascript 142.251.10.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202402200101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.157 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f157.1e100.net

Software

cafe /

Resource Hash

7ae3dcf8002e428f15567c5a304172fe086cf525cc41c02a83c091989152e4cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://kanzalia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 15:44:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18425
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137981
x-xss-protection: 0
server: cafe
etag: 12437356588311396475
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 26 Feb 2025 15:44:34 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/ 408 KB
139 KB 673ms
42ms Script
text/javascript 172.253.118.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7418199738286529

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f155.1e100.net

Software

cafe /

Resource Hash

3d30c698d1ec06254ffe1e9776574f6ea070000fe8e0953a0614d9641e5601e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://kanzalia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 20:51:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141442
x-xss-protection: 0
server: cafe
etag: 1809167669043622476
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Feb 2024 20:51:39 GMT

GET
H2 200 zrt_lookup_nohtml_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240221/r20190131/ Frame F4B1 9 KB
5 KB 381ms
13ms Document
text/html 74.125.200.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240221/r20190131/zrt_lookup_nohtml_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7418199738286529

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f154.1e100.net

Software

cafe /

Resource Hash

01ee09d4737fa546dbce90c0e3527462179fe7f558a6b74c2a10fb6fcafa8853

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://kanzalia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

age: 76830
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4193
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 26 Feb 2024 23:31:09 GMT
etag: 9539045072340585784
expires: Mon, 11 Mar 2024 23:31:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 count.html Show response
storage.multstorage.com/log/ Frame 26DD 882 B
894 B 563ms
184ms Document
text/html 104.21.30.242
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.multstorage.com/log/count.html
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.30.242 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a7b1ca4bbf273b32ea865d4785a1944d1b2b133678d9b5fe7ee0406f6fd64b2

Request headers

Referer: http://kanzalia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 85c34e9c3e658948-SIN
content-encoding: br
content-type: text/html
date: Tue, 27 Feb 2024 20:51:39 GMT
last-modified: Mon, 18 Sep 2023 14:39:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=01ge4lumrz1BKttwDgizFJ12qCLRq%2BpopWfPiVM9ZkmCzDFR0pzvsZZwLUP6j7K4SIi0%2F9MAVyeYClj37JsFUi27Xwy2hJmUGjZPvWaVigvEUjG%2BsO5m9hFl%2B6%2BG%2BpOhnyZ09KsdMW5Paw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-request-id: 0e8f2c916b7d6ebc47d045baa421bebd

GET
H2 200 track Show response
0af597d3bd.ce26c78a4e.com/in/ 0
207 B 574ms
532ms XHR
text/plain 45.133.44.52
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://0af597d3bd.ce26c78a4e.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiIyOTM1NjIyMzcxNjc3MTI2NzAwIiwidGltZXpvbmUiOjgsInZlciI6IjMuMTA1LjAiLCJ0YWdfaWQiOjEzMjY0NSwic2NyZWVuX3Jlc29sdXRpb24iOiIxNjAweDEyMDAiLCJhZGJsb2NrIjowLCJ0aW1lem9uZV9vbHNvbiI6IkFzaWEvU2luZ2Fwb3JlIiwidXRtX3NvdXJjZSI6IiIsInV0bV9tZWRpdW0iOiIiLCJ1dG1fY2FtcGFpZ24iOiIiLCJ1dG1fY29udGVudCI6IiIsIm1tIjowLCJpbml0X3N0YXJ0X2xhdGVuY3kiOjAuMjcsImlzX3YyIjowLCJpc192Ml9lbXB0eSI6MCwidXNlcl9rZXl3b3JkcyI6IkthbnphbGlhLmNvbSUyQ01vZCUyQ0V0czIlMkNJbmRvbmVzaWElMkNJbmZvcm1hc2klMkNwZXJrZW1iYW5nYW4lMkNHYW1lJTJDRXVybyUyQ1RydWNrJTJDU2ltdWxhdG9yJTJDMiUyQ01vZCUyQ0V0czIlMkNJbmRvbmVzaWElMkNtdWxhaSUyQ2RhcmklMkNNb2QlMkNCdXMlMkNNb2QlMkNNYXAlMkNNb2QlMkNUcmFmZmljJTJDTW9kJTJDR3JhcGhpYyUyQ0RPV05MT0FEJTJDRElTSU5JJTJDMTAwJTI1JTJDR1JBVElTJTJDISEifQ==
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.52 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://kanzalia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Feb 2024 20:51:39 GMT
server: nginx/1.18.0
vary: Origin
access-control-allow-methods: *
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 0

GET
H2 200 build.m.js Show response
js.capndr.com/popunder-admanager/ 95 KB
27 KB 15ms
15ms Script
application/javascript 45.133.44.53
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js.capndr.com/popunder-admanager/build.m.js
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.133.44.53 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 09ac1748442c59a61749b8a75ad69257468d140d8583d85c50f89bbcec99e7df

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://kanzalia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

expires: Tue, 27 Feb 2024 20:56:39 GMT
date: Tue, 27 Feb 2024 20:51:39 GMT
content-encoding: gzip
last-modified: Wed, 14 Feb 2024 10:35:55 GMT
server: nginx/1.18.0
etag: W/"65cc978b-17d8b"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=300
x-proxy-cache: HIT

OPTIONS
H/1.1 204
No Content fp
fp.metricswpsh.com/ Frame 0
0 548ms
173ms Preflight 157.90.84.242
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.metricswpsh.com/fp?tag_id=132645
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.84.242 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.242.84.90.157.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://kanzalia.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: http://kanzalia.com
Connection: keep-alive
Date: Tue, 27 Feb 2024 20:51:39 GMT
Server: nginx/1.20.1
Vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H/1.1 200
OK fp Show response
fp.metricswpsh.com/ 58 B
429 B 533ms
184ms XHR
application/json 157.90.84.242
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.metricswpsh.com/fp?tag_id=132645
Requested by: Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 157.90.84.242 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.242.84.90.157.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: e85d2011e8f8ad0cc88097d02cdc04bbfdec3558547c55c0cdeb8d0954440ea3

Request headers

Referer: http://kanzalia.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

Date: Tue, 27 Feb 2024 20:51:40 GMT
Server: nginx/1.20.1
Vary: Origin
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: http://kanzalia.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 58

GET
H/1.1

200
OK

t_.htm Show response
t.sharethis.com/a/ Frame 322F
Redirect Chain

http://t.sharethis.com/a/t_.htm?ver=1.1280.23384&cid=c010&cls=B
https://t.sharethis.com/a/t_.htm?ver=1.1280.23384&cid=c010&cls=B

2 KB
1 KB

23ms
23ms

Document
text/html

23.59.168.112
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/a/t_.htm?ver=1.1280.23384&cid=c010&cls=B

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/1/k/t.dhj?cid=c010&cls=B&dmn=kanzalia.com&rnd=1709067098993

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.59.168.112 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-59-168-112.deploy.static.akamaitechnologies.com

Software

Resource Hash

ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

Referer: http://kanzalia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

Cache-Control: max-age=604800
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1160
Content-Type: text/html
Date: Tue, 27 Feb 2024 20:51:39 GMT
Expires: Tue, 05 Mar 2024 20:51:39 GMT
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
X-Robots-Tag: noindex, nofollow

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://t.sharethis.com/a/t_.htm?ver=1.1280.23384&cid=c010&cls=B#cid=c010&cls=B&dmn=kanzalia.com&rnd=1709067098993&tt=t.dhj&dhjLcy=207&lbl=pxcel&flbl=pxcel&ll=d&ver=1.1280.23384&ell=d&cck=__stid&pn=%2F&qs=na&rdn=kanzalia.com&rpn=%2F&rqs=na&cc=SG&cont=AS&ipaddr=
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK t_.js Show response
t.sharethis.com/1.1280.23384/a/SG/ Frame 5CE6 24 KB
9 KB 21ms
20ms Script
text/javascript 23.59.168.112
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://t.sharethis.com/1.1280.23384/a/SG/t_.js?cid=c010&cls=B

Requested by

Host: t.sharethis.com
URL: https://t.sharethis.com/a/t_.htm?ver=1.1280.23384&cid=c010&cls=B

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.59.168.112 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-59-168-112.deploy.static.akamaitechnologies.com

Software

Resource Hash

0cd23f728f676108fa5d0b1605217bc9fdf86cca6014de376b335cd2852a458d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000 ; includeSubDomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://t.sharethis.com/a/t_.htm?ver=1.1280.23384&cid=c010&cls=B
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 20:51:39 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=2628000 ; includeSubDomains
Content-Type: text/javascript
Cache-Control: max-age=604800
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 9374
Expires: Tue, 05 Mar 2024 20:51:39 GMT

GET
H2

403

identifier
accounts.google.com/v3/signin/
Redirect Chain

https://accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ATuJsjxPKKvTaJa5sFAcfgmuyIHwwFqaBT0Xn55krrdXhlmAHal2AxAUPZh_5...
https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ATuJsjwcxgOgNvYcuEGBfBSIV71UFWXrwpXhFEhoTcmELxBagcNqJ6YpFsjXFGLz3EkvPNHC9Zq4Ug&passive...

0
0

66ms
65ms

Image
text/html

142.251.175.84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ATuJsjwcxgOgNvYcuEGBfBSIV71UFWXrwpXhFEhoTcmELxBagcNqJ6YpFsjXFGLz3EkvPNHC9Zq4Ug&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S84802345%3A1709067099398818&theme=glif
Requested by: Host: kanzalia.com
URL: http://kanzalia.com/
Protocol: H2
Server: 142.251.175.84 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS: sh-in-f84.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Redirect headers

date: Tue, 27 Feb 2024 20:51:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-sZRsJWSGwFusotbhFWVzZA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport, require-trusted-types-for 'script';report-uri /cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 401
x-xss-protection: 1; mode=block
pragma: no-cache
server: GSE
x-frame-options: DENY
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-type: text/html; charset=UTF-8
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ATuJsjwcxgOgNvYcuEGBfBSIV71UFWXrwpXhFEhoTcmELxBagcNqJ6YpFsjXFGLz3EkvPNHC9Zq4Ug&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S84802345%3A1709067099398818&theme=glif
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK d69f2db9-5bfb-4f54-919d-a4181e7d764a
http://kanzalia.com/ 204 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://kanzalia.com/d69f2db9-5bfb-4f54-919d-a4181e7d764a
Requested by: Host: kanzalia.com
URL: http://kanzalia.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 270fb9f71a35c9aac351e9fb4c18d5d8e7d2d40488bfc802b5bae62d3b133bee

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://kanzalia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Length: 204
Content-Type: text/javascript

GET
H2 204 /
loadus.exelator.com/load/ Frame 5CE6 0
299 B 771ms
247ms Image
text/plain 50.16.197.56
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadus.exelator.com/load/?p=847&g=001&j=0&gdpr=0&gdpr_consent=
Requested by: Host: kanzalia.com
URL: http://kanzalia.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 50.16.197.56 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-16-197-56.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 20:51:39 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H/1.1

200
OK

lotame
sync.sharethis.com/int/ Frame 5CE6
Redirect Chain

https://bcp.crwdcntrl.net/5/c=9084/tp=SARE/tpid=ZHOAA2XeS1oAAAAICTx%2FAw%3D%3D&gdpr=0&gdpr_consent=?https%3A%2F%2Fsync.sharethis.com%2Fint%2Flotame%3Fuid%3D%24%7Bprofile_id%7D%26gdpr%3D0%26gdpr_con...
https://bcp.crwdcntrl.net/5/ct=y/c=9084/tp=SARE/tpid=ZHOAA2XeS1oAAAAICTx%2FAw%3D%3D&gdpr=0&gdpr_consent=?https%3A%2F%2Fsync.sharethis.com%2Fint%2Flotame%3Fuid%3D%24%7Bprofile_id%7D%26gdpr%3D0%26gdp...
https://sync.sharethis.com/int/lotame?uid=756ec56545a2fc123f2b5e6486b743b3&gdpr=0&gdpr_consent=

42 B
297 B

782ms
209ms

Image
image/gif

35.156.226.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/int/lotame?uid=756ec56545a2fc123f2b5e6486b743b3&gdpr=0&gdpr_consent=

Requested by

Host: kanzalia.com
URL: http://kanzalia.com/

Protocol

HTTP/1.1

Server

35.156.226.144 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-226-144.eu-central-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 20:51:40 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
Stid: ZHOAA2XeS1oAAAAICTx/Aw==
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 27 Feb 2024 20:51:39 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.sharethis.com/int/lotame?uid=756ec56545a2fc123f2b5e6486b743b3&gdpr=0&gdpr_consent=
cache-control: no-cache
x-server: 10.42.11.254
content-length: 0
expires: 0

GET
H/1.1

200
OK

ttd
sync.sharethis.com/ Frame 5CE6
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=1h1y1a7&ttd_tpi=1&gdpr=0&gdpr_consent=
https://sync.sharethis.com/ttd?uid=71a896f5-ddf3-42b7-99c1-d199458dc3f4&gdpr=0&gdpr_consent=

42 B
297 B

803ms
208ms

Image
image/gif

35.156.226.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/ttd?uid=71a896f5-ddf3-42b7-99c1-d199458dc3f4&gdpr=0&gdpr_consent=

Requested by

Host: kanzalia.com
URL: http://kanzalia.com/

Protocol

HTTP/1.1

Server

35.156.226.144 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-226-144.eu-central-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 20:51:40 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
Stid: ZHOAA2XeS1oAAAAICTx/Aw==
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

Redirect headers

location: https://sync.sharethis.com/ttd?uid=71a896f5-ddf3-42b7-99c1-d199458dc3f4&gdpr=0&gdpr_consent=
date: Tue, 27 Feb 2024 20:51:39 GMT
server: Kestrel
content-length: 215

GET
H/1.1

200
OK

eyeota
sync.sharethis.com/ Frame 5CE6
Redirect Chain

https://ps.eyeota.net/pixel?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
https://ps.eyeota.net/pixel/bounce/?pid=1mpb5m0&t=gif&gdpr=0&gdpr_consent=
https://sync.sharethis.com/eyeota?uid=2lg824FQhlEg_eEwUC2D3wE81dKEVw-hc4jhWlXNNKiA&gdpr=0&gdpr_consent=

42 B
297 B

785ms
206ms

Image
image/gif

35.156.226.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/eyeota?uid=2lg824FQhlEg_eEwUC2D3wE81dKEVw-hc4jhWlXNNKiA&gdpr=0&gdpr_consent=

Requested by

Host: kanzalia.com
URL: http://kanzalia.com/

Protocol

HTTP/1.1

Server

35.156.226.144 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-226-144.eu-central-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 20:51:40 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
Stid: ZHOAA2XeS1oAAAAICTx/Aw==
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

Redirect headers

Location: https://sync.sharethis.com/eyeota?uid=2lg824FQhlEg_eEwUC2D3wE81dKEVw-hc4jhWlXNNKiA&gdpr=0&gdpr_consent=
Date: Tue, 27 Feb 2024 20:51:39 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

200

csync.ashx
ml314.com/ Frame 5CE6
Redirect Chain

https://ml314.com/utsync.ashx?eid=50131&et=13&cid=lr&fp=ZHOAA2XeS1oAAAAICTx%2FAw%3D%3D&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fidsync.rlcdn.com%2F395886.gif%3Fpartner_uid%3D%5BPersonID%5D
https://idsync.rlcdn.com/395886.gif?partner_uid=3642374046808539173
https://idsync.rlcdn.com/1000.gif?memo=CO6UGBIeChoIARCuXxoTMzY0MjM3NDA0NjgwODUzOTE3MxAAGg0I25b5rgYSBQjoBxAAQgBKAA
https://ml314.com/csync.ashx?fp=1be9b95cf7f40596163e01ece2221ce8d35bd05cd0a4ec3372c403b691e9000ef4cb09cee1a4f8eb&person_id=3642374046808539173&eid=50082

43 B
124 B

37ms
37ms

Image
image/gif

34.117.77.79
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/csync.ashx?fp=1be9b95cf7f40596163e01ece2221ce8d35bd05cd0a4ec3372c403b691e9000ef4cb09cee1a4f8eb&person_id=3642374046808539173&eid=50082
Requested by: Host: kanzalia.com
URL: http://kanzalia.com/
Protocol: H2
Server: 34.117.77.79 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 79.77.117.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

expires: Wed, 28 Feb 2024 20:51:39 GMT
date: Tue, 27 Feb 2024 20:51:39 GMT
via: 1.1 google, 1.1 google
server: Google Frontend
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

Redirect headers

date: Tue, 27 Feb 2024 20:51:39 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ml314.com/csync.ashx?fp=1be9b95cf7f40596163e01ece2221ce8d35bd05cd0a4ec3372c403b691e9000ef4cb09cee1a4f8eb&person_id=3642374046808539173&eid=50082
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

yahoo
sync.sharethis.com/ Frame 5CE6
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=SHARE&gdpr=0&euconsent=
https://ups.analytics.yahoo.com/ups/58724/cms?partner_id=SHARE&gdpr=0&euconsent=
https://sync.sharethis.com/yahoo?uid=y-TjDEtlRE2oNL.aSdw9I70dgUXF7v49Q82sI-~A&gdpr=0

42 B
297 B

770ms
187ms

Image
image/gif

35.156.226.144
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/yahoo?uid=y-TjDEtlRE2oNL.aSdw9I70dgUXF7v49Q82sI-~A&gdpr=0

Requested by

Host: kanzalia.com
URL: http://kanzalia.com/

Protocol

HTTP/1.1

Server

35.156.226.144 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-156-226-144.eu-central-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://t.sharethis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 20:51:40 GMT
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Connection: keep-alive
Stid: ZHOAA2XeS1oAAAAICTx/Aw==
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Content-Type: image/gif

Redirect headers

location: https://sync.sharethis.com/yahoo?uid=y-TjDEtlRE2oNL.aSdw9I70dgUXF7v49Q82sI-~A&gdpr=0
date: Tue, 27 Feb 2024 20:51:39 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

POST
H2 200 / Show response
mcpuwpsh.com/get/ 3 KB
4 KB 1275ms
567ms Fetch
application/json 94.130.197.240
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://mcpuwpsh.com/get/
Requested by: Host: js.capndr.com
URL: https://js.capndr.com/popunder-admanager/build.m.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.130.197.240 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.240.197.130.94.clients.your-server.de
Software: nginx/1.16.0 /
Resource Hash: fe655e1760d68d57fc1b827e328f78f949062bc743b098c4ead4556691e2d270

Request headers

Referer: http://kanzalia.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 27 Feb 2024 20:51:40 GMT
server: nginx/1.16.0
vary: Origin
access-control-allow-methods: *
content-type: application/json
access-control-allow-origin: *
cache-control: no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers: Content-Type
content-length: 3450

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D344 22 KB
6 KB 181ms
180ms Document
text/html 74.125.200.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7418199738286529&output=html&adk=1812271804&adf=3025194257&lmt=1709067099&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fkanzalia.com%2F&host=ca-host-pub-2644536267352236&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17&dt=1709067099093&bpp=4&bdt=1160&idt=715&shv=r20240221&mjsv=m202402210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8707743788369&frm=20&pv=2&ga_vid=1587048101.1709067099&ga_sid=1709067100&ga_hid=1953439567&ga_fc=1&u_tz=480&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081348%2C44795921%2C95325066%2C95322329%2C95321865%2C95324161%2C95325784&oid=2&pvsid=2596066692080926&tmod=1064607128&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=33792&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=738

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f154.1e100.net

Software

cafe /

Resource Hash

fdff0d9e120c83e0d06ddc8f102052e2801a776e67b1923c28fe068d45cc3ecf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://kanzalia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 5971
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Feb 2024 20:51:40 GMT
expires: Tue, 27 Feb 2024 20:51:40 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 16ms
15ms Image
image/gif 172.253.118.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=mhu38qe&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: kanzalia.com
URL: http://kanzalia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f155.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://kanzalia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Feb 2024 20:51:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
112 B 15ms
14ms Image
image/gif 172.253.118.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=mhu38qe&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: kanzalia.com
URL: http://kanzalia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f155.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://kanzalia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Feb 2024 20:51:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E01D 850 B
580 B 178ms
178ms Document
text/html 74.125.200.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7418199738286529&output=html&h=280&slotname=4379629484&adk=2313007747&adf=2333189052&pi=t.ma~as.4379629484&w=960&fwrn=4&fwrnh=100&lmt=1709067099&rafmt=1&format=960x280&url=http%3A%2F%2Fkanzalia.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1709067099097&bpp=2&bdt=1164&idt=743&shv=r20240221&mjsv=m202402210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8707743788369&frm=20&pv=1&ga_vid=1587048101.1709067099&ga_sid=1709067100&ga_hid=1953439567&ga_fc=1&u_tz=480&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1520&ady=170&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081348%2C44795921%2C95325066%2C95322329%2C95321865%2C95324161%2C95325784&oid=2&pvsid=2596066692080926&tmod=1064607128&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=1152&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=749

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f154.1e100.net

Software

cafe /

Resource Hash

96ca9a0d2bcf64209fe170fea415cec96ddc7b70267d8d53ee4868ee362873ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://kanzalia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 408
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Feb 2024 20:51:40 GMT
expires: Tue, 27 Feb 2024 20:51:40 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F9FD 104 KB
44 KB 344ms
342ms Document
text/html 74.125.200.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7418199738286529&output=html&h=600&slotname=8704436977&adk=3254328442&adf=984076758&pi=t.ma~as.8704436977&w=300&fwrn=4&fwrnh=100&lmt=1709067099&rafmt=1&format=300x600&url=http%3A%2F%2Fkanzalia.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1709067099099&bpp=1&bdt=1166&idt=758&shv=r20240221&mjsv=m202402210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C960x280&nras=1&correlator=8707743788369&frm=20&pv=1&ga_vid=1587048101.1709067099&ga_sid=1709067100&ga_hid=1953439567&ga_fc=1&u_tz=480&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=2180&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081348%2C44795921%2C95325066%2C95322329%2C95321865%2C95324161%2C95325784&oid=2&pvsid=2596066692080926&tmod=1064607128&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=1152&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=761

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f154.1e100.net

Software

cafe /

Resource Hash

2f750d52f5f7c943aadb1518406dcaad45fc5eb188c158d9a6c54bcf315fca35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://kanzalia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 44511
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Feb 2024 20:51:40 GMT
expires: Tue, 27 Feb 2024 20:51:40 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 21ED 850 B
581 B 170ms
169ms Document
text/html 74.125.200.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7418199738286529&output=html&h=280&slotname=3946139089&adk=291703267&adf=2556019162&pi=t.ma~as.3946139089&w=728&fwrn=4&fwrnh=100&lmt=1709067099&rafmt=1&format=728x280&url=http%3A%2F%2Fkanzalia.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1709067099100&bpp=1&bdt=1167&idt=770&shv=r20240221&mjsv=m202402210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C960x280%2C300x600&nras=1&correlator=8707743788369&frm=20&pv=1&ga_vid=1587048101.1709067099&ga_sid=1709067100&ga_hid=1953439567&ga_fc=1&u_tz=480&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=920&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081348%2C44795921%2C95325066%2C95322329%2C95321865%2C95324161%2C95325784&oid=2&pvsid=2596066692080926&tmod=1064607128&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CfeoE%7C&abl=NF&pfx=0&fu=1152&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=773

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f154.1e100.net

Software

cafe /

Resource Hash

a321e0738ed2d8fd2fe1c9b91e8e0730373d2f6c34d94cb3ec3d04bd5ce99fb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://kanzalia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 409
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Feb 2024 20:51:40 GMT
expires: Tue, 27 Feb 2024 20:51:40 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ca-pub-7418199738286529 Show response
fundingchoicesmessages.google.com/i/ 183 KB
61 KB 494ms
57ms Script
application/javascript 172.253.118.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-7418199738286529?ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f102.1e100.net

Software

ESF /

Resource Hash

2e1cf78d9c744aae013c8bb30eb5517c755a8e1de3d844b956f08644eee1b5fd

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-EGKvN7IsBJ491LF6dlBOKw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://kanzalia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 20:51:40 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-EGKvN7IsBJ491LF6dlBOKw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjamHU4pJicNGQYjjvdIfpOhBfVHnKdBOIaxmeMbUC8YPwZ0wvgNhA4zmTBRAz_nnBxAnE7768ZOL4-pJJAojVgPid5Cumb0C8w8eDhW_ddFYVINZcP501EIhjnk9nTQFip_QZrAFA7FM_gzUKiE1Xnme1BWIhHo47036uYxN48en7P0YAgAE-GA"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 12ms
12ms Image
image/gif 172.253.118.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pflna&evt=place&vh=1200&eid=44759876%2C44759927%2C44759837%2C31081348%2C44795921%2C95325066%2C95322329%2C95321865%2C95324161%2C95325784&hl=id&pvc=2596066692080926

Requested by

Host: kanzalia.com
URL: http://kanzalia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f155.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://kanzalia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Feb 2024 20:51:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame F9FD 42 B
110 B 25ms
24ms Image
image/gif 172.253.118.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BIUNVj2wy8MAtiaSRTOYK32KnAe0AndE2C8fZOLAkRfZozzP0bGMfODdsgbuGeUZWDzZ0V45UISCKVedEZpaDy1ic_qP1nxRssHQCpwQSzmcnPglc

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7418199738286529&output=html&h=600&slotname=8704436977&adk=3254328442&adf=984076758&pi=t.ma~as.8704436977&w=300&fwrn=4&fwrnh=100&lmt=1709067099&rafmt=1&format=300x600&url=http%3A%2F%2Fkanzalia.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1709067099099&bpp=1&bdt=1166&idt=758&shv=r20240221&mjsv=m202402210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C960x280&nras=1&correlator=8707743788369&frm=20&pv=1&ga_vid=1587048101.1709067099&ga_sid=1709067100&ga_hid=1953439567&ga_fc=1&u_tz=480&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=2180&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081348%2C44795921%2C95325066%2C95322329%2C95321865%2C95324161%2C95325784&oid=2&pvsid=2596066692080926&tmod=1064607128&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=1152&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=761

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f155.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Feb 2024 20:51:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240226/r20110914/client/ Frame F9FD 3 KB
1 KB 366ms
19ms Script
text/javascript 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240226/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 23:09:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78139
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Mar 2024 23:09:21 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240226/r20110914/client/ Frame F9FD 20 KB
8 KB 364ms
18ms Script
text/javascript 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240226/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f132.1e100.net

Software

cafe /

Resource Hash

e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Mon, 26 Feb 2024 23:09:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78141
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8211
x-xss-protection: 0
server: cafe
etag: 3968847549730513390
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Mar 2024 23:09:19 GMT

GET
H2 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame F9FD 204 KB
62 KB 12ms
12ms Script
text/javascript 172.253.118.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f155.1e100.net

Software

cafe /

Resource Hash

1be58ac66106f8f26b344b506dbca6968b96606a5bb9f89dac5678dfaf9522ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 20:02:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2948
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62895
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 27 Feb 2024 21:02:32 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame F72B 624 B
508 B 56ms
55ms Document
text/html 74.125.200.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNqbIxDQwvCnBRi2n9SIAjAB&v=APEucNV-8TDZX_vxfYe5oIMDzP9Pw_aA9fjJ_A6x6gcVjk424UzjwjwW7-PBlsHSxIJRygiiHrb2xf8O4HI2vFmFT6gqDKHe6A

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f154.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7418199738286529&output=html&h=600&slotname=8704436977&adk=3254328442&adf=984076758&pi=t.ma~as.8704436977&w=300&fwrn=4&fwrnh=100&lmt=1709067099&rafmt=1&format=300x600&url=http%3A%2F%2Fkanzalia.com%2F&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1709067099099&bpp=1&bdt=1166&idt=758&shv=r20240221&mjsv=m202402210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C960x280&nras=1&correlator=8707743788369&frm=20&pv=1&ga_vid=1587048101.1709067099&ga_sid=1709067100&ga_hid=1953439567&ga_fc=1&u_tz=480&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=2180&ady=470&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081348%2C44795921%2C95325066%2C95322329%2C95321865%2C95324161%2C95325784&oid=2&pvsid=2596066692080926&tmod=1064607128&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=1152&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=761
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 27 Feb 2024 20:51:40 GMT
expires: Tue, 27 Feb 2024 20:51:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame F9FD 111 KB
39 KB 371ms
19ms Script
text/javascript 74.125.130.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: kanzalia.com
URL: http://kanzalia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f148.1e100.net

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 03:50:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61294
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 28 Feb 2024 03:50:06 GMT

GET
H2 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240226/r20110914/elements/html/ Frame F9FD 8 KB
3 KB 20ms
20ms Script
text/javascript 172.253.118.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240226/r20110914/elements/html/omrhp_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f155.1e100.net

Software

cafe /

Resource Hash

ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 17:59:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10308
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3206
x-xss-protection: 0
server: cafe
etag: 12640889860211258669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Mar 2024 17:59:52 GMT

GET
H2 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240226/r20110914/ Frame F9FD 23 KB
9 KB 22ms
21ms Script
text/javascript 172.253.118.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240226/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f155.1e100.net

Software

cafe /

Resource Hash

8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 12:58:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28361
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8947
x-xss-protection: 0
server: cafe
etag: 12299188824252842506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Mar 2024 12:58:59 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame F9FD 41 KB
14 KB 353ms
20ms Script
text/javascript 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: kanzalia.com
URL: http://kanzalia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f132.1e100.net

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Fri, 23 Feb 2024 15:52:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 363578
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Feb 2025 15:52:02 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame F72B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFqsBEZHimgKmHQPSqhS30k&google_cver=1

43 B
331 B

68ms
68ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFqsBEZHimgKmHQPSqhS30k&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNqbIxDQwvCnBRi2n9SIAjAB&v=APEucNV-8TDZX_vxfYe5oIMDzP9Pw_aA9fjJ_A6x6gcVjk424UzjwjwW7-PBlsHSxIJRygiiHrb2xf8O4HI2vFmFT6gqDKHe6A
Protocol: H2
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Feb 2024 20:51:40 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2qgm6F4gQyqe2nJq0vJod95xmUNuumGWy9haQ6s7BTe6GTopTMtHKRJzU0Ka84ikpAYVtobTp0axmtNtoNi21t0IKbCuv31dUdrrJQ9DadOzWdcx1xm4vMBOXjOAg1ynsj%2BC29Zu74FCYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 85c34ea35b7e3dfa-SIN
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 27 Feb 2024 20:51:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFqsBEZHimgKmHQPSqhS30k&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame F72B
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Zd5LXIsFVpAAAAdQAAQu1gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFqsBEZHimgKmHQPSqhS30k&google_cver=1

43 B
773 B

31ms
30ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFqsBEZHimgKmHQPSqhS30k&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNqbIxDQwvCnBRi2n9SIAjAB&v=APEucNV-8TDZX_vxfYe5oIMDzP9Pw_aA9fjJ_A6x6gcVjk424UzjwjwW7-PBlsHSxIJRygiiHrb2xf8O4HI2vFmFT6gqDKHe6A
Protocol: H3
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Feb 2024 20:51:40 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dwuDi89r0%2F32QBM1xxUEw3bSZ4jbqWXvCHja%2B3BVkKveWhisFjy6ppyf5%2FvPVbYPgDK5pUNe%2BfVTztKl2%2FYGFUiZtvdkNSy36G0OmjAn7hWX47xR5KMb8VipD%2BzntsCWDyxnvmMVFWuRSg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 85c34ea34ec24bda-SIN
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 27 Feb 2024 20:51:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFqsBEZHimgKmHQPSqhS30k&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame F72B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEBO8J8ZVwprXp6eBpFIVQhM&google_cver=1

43 B
1 KB

62ms
62ms

Image
image/gif

103.43.90.114
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEBO8J8ZVwprXp6eBpFIVQhM&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNqbIxDQwvCnBRi2n9SIAjAB&v=APEucNV-8TDZX_vxfYe5oIMDzP9Pw_aA9fjJ_A6x6gcVjk424UzjwjwW7-PBlsHSxIJRygiiHrb2xf8O4HI2vFmFT6gqDKHe6A

Protocol

Server

103.43.90.114 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

602.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Feb 2024 20:51:40 GMT
an-x-request-uuid: 6a6fdac8-b0c3-4722-becf-4a995c0d4cbe
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 223.25.67.132; 223.25.67.132; 602.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 27 Feb 2024 20:51:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEBO8J8ZVwprXp6eBpFIVQhM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F72B
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQ4MDMyMTg2NzA2MjkxMjMwNA%3D%3D

170 B
188 B

16ms
16ms

Image
image/png

74.125.24.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQ4MDMyMTg2NzA2MjkxMjMwNA%3D%3D

Requested by

Protocol

Server

74.125.24.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f157.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Feb 2024 20:51:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 27 Feb 2024 20:51:40 GMT
an-x-request-uuid: 615ab947-51ea-4357-9aa3-bf6175d2ef6c
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQ4MDMyMTg2NzA2MjkxMjMwNA%3D%3D
x-proxy-origin: 223.25.67.132; 223.25.67.132; 602.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 AGSKWxU0ri_W_skTFpVbl3IJu7cG5tCChQwI4bXIwF7sBxUOa6b64GqPtkcN79DdeyGs2x7K1jCtmBe0fPu2k9CxZ_cw0jT8piuQ8ABbT-CAsh9zOjSIXEtjsrypHDc5IbsZA-hYzdudVw== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 46ms
45ms Script
application/javascript 172.253.118.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxU0ri_W_skTFpVbl3IJu7cG5tCChQwI4bXIwF7sBxUOa6b64GqPtkcN79DdeyGs2x7K1jCtmBe0fPu2k9CxZ_cw0jT8piuQ8ABbT-CAsh9zOjSIXEtjsrypHDc5IbsZA-hYzdudVw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA5MDY3MTAwLDU4NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cDovL2thbnphbGlhLmNvbS8iLG51bGwsW1s4LCJkVXI4YlgxWlFIYyJdLFs5LCJ6aC1DTiJdLFsxOCwiW1tbMF1dXSJdLFsyMCwiW251bGwsbnVsbCxbOTUzMjU5OTJdLDUsMTddIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.dUr8bX1ZQHc.es5.O/am=wA/d=1/rs=AJlcJMxBkMDzVk4EPP3_khunN7InTmdTOw/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f102.1e100.net

Software

ESF /

Resource Hash

2c21a727048530f4a3462343a0a5103ac866d4dae84df92372a721dbc2fb8d26

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-wsRv8eVOvJgK31Q5-55b4Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://kanzalia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 20:51:40 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-wsRv8eVOvJgK31Q5-55b4Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjamHU4pJi8NWQYjjvdIfpOhBfVHnKdBOIaxmeMbUC8YPwZ0wvgNhA4zmTBRAz_nnBxAnE7768ZOL4-pJJAojVgPid5Cumb0C8w8eDhW_ddFYVINZcP501EIhjnk9nTQFip_QZrAFA7FM_gzUKiE1Xnme1BWIhHo47036uYxP4sfr3SiYAg5Y9mg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxVsbzsN2HULe4xVhF9JxzZ2jUarf_vpDVSusJVUh_wKikF6fGU8oVtji6MjREtDFtYOtVI8eK8a9I4F3HjNjQtBx66aQgq59LTC1qsJ-81myN3emDCHc3gVvzjqjsMbUA9nEvDLqw== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 55ms
55ms Script
application/javascript 172.253.118.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxVsbzsN2HULe4xVhF9JxzZ2jUarf_vpDVSusJVUh_wKikF6fGU8oVtji6MjREtDFtYOtVI8eK8a9I4F3HjNjQtBx66aQgq59LTC1qsJ-81myN3emDCHc3gVvzjqjsMbUA9nEvDLqw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA5MDY3MTAwLDYzOTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsInpoLUNOIl0sImh0dHA6Ly9rYW56YWxpYS5jb20vIixudWxsLFtbOCwiZFVyOGJYMVpRSGMiXSxbOSwiemgtQ04iXSxbMTgsIltbWzBdXV0iXSxbMjAsIltudWxsLG51bGwsWzk1MzI1OTkyXSw1LDE3XSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f102.1e100.net

Software

ESF /

Resource Hash

a0db162b858d9dbc15344d2e13d22247ca6ec06ed754022a244b0b37f05d6f35

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-TUpNgZ7WytlvXqXmj-jrzw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://kanzalia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 20:51:40 GMT
content-security-policy: script-src 'report-sample' 'nonce-TUpNgZ7WytlvXqXmj-jrzw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjamHU4pJiCNKQYjjvdIfpOhBfVHnKdBOIaxmeMbUC8YPwZ0wvgNhA4zmTBRAz_nnBxAnE7768ZOL4-pJJAojVgPid5Cumb0C8w8eDhW_ddFYVINZcP501EIhjnk9nTQFip_QZrAFA7FM_gzUKiE1Xnme1BWIhHo47036uYxPYcKrxMBMAhDY9Fg"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame F9FD 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3c4600a0b6349e5c712776c1da9bf45002076b11631eb73f69dc9efccda25cb6

Request headers

accept-language: zh-SG,zh;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 8D3D 38 KB
13 KB 19ms
17ms Document
text/html 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f132.1e100.net

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 363738
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 23 Feb 2024 15:49:22 GMT
expires: Sat, 22 Feb 2025 15:49:22 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 index.html Show response
s0.2mdn.net/sadbundle/10425133677361861805/SUTD_DRONE_300x600/ Frame E926 138 KB
26 KB 690ms
21ms Document
text/html 74.125.130.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10425133677361861805/SUTD_DRONE_300x600/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f148.1e100.net

Software

sffe /

Resource Hash

dbb70033abf7208f938ae137fd7fe8cea31ee45b0e2c51cf318ddcf64c9a7682

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 111395
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 26398
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 26 Feb 2024 13:55:06 GMT
expires: Tue, 25 Feb 2025 13:55:06 GMT
last-modified: Wed, 21 Feb 2024 11:30:43 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame F9FD 0
0 58ms
24ms Fetch
image/gif 172.253.118.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsshOA_V5iuSHC6Nuk5pryTB7jSLiLFk80-c74DExemDO6n2bVa4yd4lfPFgPy4hCwqG-_ZNPDuJbA0q0PDvmcTjQu2EDnpzK93CkLkx6H5AmwgTwQ-SnA5UnTmR4XFgktz7kYCkzBW5S6lvX1j1aflEzLWL20Dv3RdsVKNziEayuALAqlt8O1MYuS5321Xeo_Koj9duQVey2KocoeFGBIQ5QNMS7CCpA3Y3kasU3POALKgSbHYebe-mbEGY4735bGbCnQef0mIQ4BCQtS6tGw9DZceHgkKRfkOVgGri9ZQD8_AEOdHTIpTxTIAPjeixzijPXaU8DMbrvA6izc-lDQ-NrL4IbmSmZew3Q9RAj25--kVhpGp0VUgPFeWh0E30wux1CnOvZPBLyBMnRk7ZgcWOxrjeamufuKxiThzwfjI9EpgVyT72O7mcbVwmrTGxeAd9D4MFMtz2ewzhuqth6cLxAv98nzOh6TeKUb3RClyWp32M4JhExtedPJkQXZo-6TlcHsQe3uzOnMD63Jje9Ng-3IepO2gEukCcS0YaVG12zJ75Vpieu4pT7HBpRhxhiI8-_SpEI_ZV9r1ddy5ZGXouelSRwOOwMuxlWsfRke58aOhShQt6QvqsfDSxoUvRpKVd_8c_-X2N-kmOtf_060TLEb-VGLk2wuZfZ7PfYJAqfbQnz2Z3biYJa_TZzjuDIRdwtiF7ZxuL4C3vyRrxLwL0mIARq_Vy5jIIMio9wz5r_q46MAzeB24P0AW00V72Oyh8PbsxSx1ub85NilNt7vcxhJJ8-0XIb66uAMiihMyVrPWp12HG1qI1szzU57Pnu0LEmpjsU1UYK5q4SdMlqreZtcwZB8XeXFWunOUAYNztbBByJRd9nFwrg7faXBZ3phGH04_xiWUaUshKiIV2WUVlsXAdnZ8Vr84wWFv0uz5jrTE88ZEuFY1WZFj7Pt1j7hIxs2USt06NZOdaiALwkVZSSlYkt_ykECa7P112a0eEHv1hHQhlTgCzjpOKmTQL5cmuUR5C1D5kiNvwYfE-Ux9Egn5LwwGHF6ayZbB59lKNvwf2MLPhAGsicUyFoxL4KyRW7uIN5Ur422cn2CjknUqhRgJeoVae50T2mXG-6E-N7IrE9kNWcmC43LupecxWBtKFWFAHolwlG2QKLhXq6jnYKkEW10QBr-LDvdsQ1FR30_SJjLMVArUBR0ViLnBHW4ma6cmydVNnY-LhC5cSnJs_27u6KQrkZ_DIy61SMCpU0LCtbazF6WRrXcZIxvSa_hNnaF-CCRdJbUw0OPIfpiSjXvRQ&sai=AMfl-YQ_lsq418c5w1SS7R91bIa9Ce-MNGLZ4HUclAVScd5jjPB0AqifGfw6-fEYklv9WDL_iwO9BYV3s8O6LOtW1IXhYYQT8fteaGaeVXdevrKFXSDrrpV043j65cOBAk92VMuoimUAADgpUT-qSI8FfYZs2iT5Mimrc2qsbgm3BM-yuZcGPWI59eejmQCB9Vn4oe-TeV0xKida4vhM7wjmuVmH2c81zw_HCJN6lyA80rw7njTKkNd_hRnrMVaIb1vfNEy-RD8ZSkdjI0bueF7RDw6ID11BOj5-3hqSQLeG705zWkwRW3vCe0HagNRbtc5HoNOtKu2PsZcvfWhK8xFEiWo1tsf-Hj26K2bHFB0_AGTJijbhyYIoHG0owaTyksqbyMtDAr_AVz_bUQKM7df3pQzop8z7RtLq5RZtx2l-eB7_TB3pIop9x43jVaUEer23OZsOJrSdBhfMjyeqht3im869elIxfk1R0dyrX3nuxZho-3dMLcmILBpBpwPgZaf6TIKK3Wg&sig=Cg0ArKJSzBcKoqXtWggZEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9zdXRkLmVkdS5zZw&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=437&cbvp=1&cstd=434&cisv=r20240226.52536&arae=0&ftch=1&adurl=

Requested by

Host: kanzalia.com
URL: http://kanzalia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f148.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 27 Feb 2024 20:51:40 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 27 Feb 2024 20:51:40 GMT

GET
H2 200 JdvibbZ7pdYNP3x_edcq2fSBaypuhp11EZJydPE6SQs.js Show response
pagead2.googlesyndication.com/bg/ Frame 8D3D 50 KB
20 KB 15ms
14ms Script
text/javascript 172.253.118.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JdvibbZ7pdYNP3x_edcq2fSBaypuhp11EZJydPE6SQs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f155.1e100.net

Software

sffe /

Resource Hash

25dbe26db67ba5d60d3f7c7f79d72ad9f4816b2a6e869d7511927274f13a490b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 05:39:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 486731
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19629
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Feb 2025 05:39:29 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8D3D 0
56 B 15ms
15ms Image
image/gif 172.253.118.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B_bcEW0veZY2IO_31z7sP0J2byAUAAAAAOAHgBAI&bg=!fn2lfTLNAAbA870Z4PM7ADQBe5WfOPRxt0P6DygcqG-qjR-oS6ZJdBDjVoRdt_n6jff-4C0WObHp5SI5j2W4arJmsnGsAgAAAF9SAAAABWgBB5kDGEqqE9wWhPv68Fdb1SC0zZUTimsKUgOgDp-NCfTaAqAZ8z3-Yb8hjV1nz9joiqZYBZVWb3I0q-TvKYB_EaMjvRMu1um0AcJKFRYlZ-ESP5AaPiY8V6tYn9RJADP2hIQrNlvXAFIKLji-Oj6pPUKKBj9LFNT3q_gyCdFCiGHaNEYqiN5IVU1qIhp3qMmXeV1lyJSn71QuwqpdwRoYDzbrC9tOcvsd6f3Ar2RaNGcJPjHCd_mxUVuih6hb8RVKRuhixL0GXqZUCUTzEr4TP1D96YpmcW4ZPZr_5-6xp8dsTsK-pt7CvMn4VIJHBInuvzJSRopKzWqB6KQ5McyIGQzRnF4LspJ0alHAklWROHSI9htu_3U9Ce8bfW0XPW_Z5GXOYxlJKOE7D4UuBVDA4yy3cmy3GYLcjg5W2miZJcss_Nc0EWlahaqN3oiC7DDbLFL_oejO-kZsVDyUinJojv6npk2l7kQbw5lEVrcEOpzaoji3ZQ3SAA9HuRIvmeu25HUO6pHxiFPXO2FNfuyQ9PLpIVWmwpSSDwMULC0MowOGlkVBtf47chSq9NKbg3Vn8-kodmVWwvbLDUjccdZCcVMamvTwI5XbMI0uXRF1NoFJDVbwT1baFGkvJSwnGoX4TEnVRFNBOmfvg0OI9tAclIEYUUMhkLXmGctSnJDA5L7Xutzp80LYLFrxyoezpk4_RddFIu7bIR5yyQpRYFsOmU3Z7Zhl96_fiatWWkAdCTJc947jJmAfTDkeqYHDpBfgbmzkbO8WnWEs4SSWLuARjJ8VsW-ehcj3NxL7r3TlmI8nSXwANtOkql4g5EcXlSkS8MTQc17MBO9pZsmL4x_7bcc5wCR5RxkRSqA-LnTjL8wF6DnXTfEtpw5OOJ_GGq43fou2rwz--VkBLkez4wyEbOqw22eJlZa1XJxGU8-PJ85_MauY4CVm0foptUdvJGZM1L-IfkCXVsPdqa2Z2B7dMeyTTJr0qMdsCo0qqTbpwLi3vzfC1fJ3QzGRMPYRibQFntU9LY_Xw6Z_U1QMTZsMtpuj0uDlHPr1ifUYtA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f155.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Feb 2024 20:51:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vghd.gif_300-250- Show response
fundingchoicesmessages.google.com/f/AGSKWxXPv-f5MTaN5CBZ2xRKGhOGhGb_Xv4hnUx5Hzh2S-vh6ZfAKbv0IOAJc1rnQqbngdXeWMTrt6Ndm1_d7-LXmdZWaaeucs6pZ8fVZ7N8ejGz0JeUTqyyfRWzPfURQ9Qb9jMDNiC3SZULB_6JLd7o6P-04fdS-... 54 B
496 B 28ms
28ms Script
application/javascript 172.253.118.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXPv-f5MTaN5CBZ2xRKGhOGhGb_Xv4hnUx5Hzh2S-vh6ZfAKbv0IOAJc1rnQqbngdXeWMTrt6Ndm1_d7-LXmdZWaaeucs6pZ8fVZ7N8ejGz0JeUTqyyfRWzPfURQ9Qb9jMDNiC3SZULB_6JLd7o6P-04fdS-EFNIFR2KgRoenAckaqCP0EoTjDHnEY6/_/adevents./callads5./ad/extra_/vghd.gif_300-250-

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.zh_CN.dUr8bX1ZQHc.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMzC4V3ejzSUf-xH3X4qvXDSAOyjUQ/m=ad_blocking_detection_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f102.1e100.net

Software

ESF /

Resource Hash

4d3e5b388bf89f87255d3e4e4c086661661bfe77a283a94dea55c7c9bb57f84b

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-jpAkE_xNIi6AVZvgS5955A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://kanzalia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 20:51:41 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-jpAkE_xNIi6AVZvgS5955A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjamHU4pJicNeQYjjvdIfpOhBfVHnKdBOIaxmeMbUC8YPwZ0wvgNhA4zmTBRAz_nnBxAnE7768ZOL4-pJJAojVgPid5Cumb0C8w8eDhW_ddFYVINZcP501EIhjnk9nTQFip_QZrAFA7FM_gzUKiE1Xnme1BWIhHo67036uYxN40ftoPSMAf0U9Uw"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 30 KB
11 KB 27ms
27ms Script
text/javascript 172.253.118.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js?fcd=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f155.1e100.net

Software

cafe /

Resource Hash

ce9e6d8a8424fac06303ac7d4233c4d4864210fb9bca1a051a7c9e6533a10519

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://kanzalia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 20:31:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1201
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11591
x-xss-protection: 0
server: cafe
etag: 14825510537479537912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 27 Feb 2024 21:31:40 GMT

POST
H2 204 AGSKWxUKaQVcErSVq32UzM3tLXeQKq1ULOyI5N3ltkEsF26rWc35VPnA-pd4_YxQhYA9HNjNusqS6JNfibTZtk1kADa9FB-jT2D7WYAV8aC8oZw_jdYzJIfrYbdnelJwJpQi-FGy2ELDoQ== Show response
fundingchoicesmessages.google.com/el/ 0
1 KB 738ms
21ms XHR
text/html 172.253.118.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUKaQVcErSVq32UzM3tLXeQKq1ULOyI5N3ltkEsF26rWc35VPnA-pd4_YxQhYA9HNjNusqS6JNfibTZtk1kADa9FB-jT2D7WYAV8aC8oZw_jdYzJIfrYbdnelJwJpQi-FGy2ELDoQ==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f102.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-eUNc1ee2yvasGFkybXsWQQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://kanzalia.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 27 Feb 2024 20:51:42 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-eUNc1ee2yvasGFkybXsWQQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tHikmLw0pBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hi1P6DNYgIBbi5rg37ec6NoEZuz6pAQAyWRVT"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: http://kanzalia.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 AGSKWxUKaQVcErSVq32UzM3tLXeQKq1ULOyI5N3ltkEsF26rWc35VPnA-pd4_YxQhYA9HNjNusqS6JNfibTZtk1kADa9FB-jT2D7WYAV8aC8oZw_jdYzJIfrYbdnelJwJpQi-FGy2ELDoQ== Show response
fundingchoicesmessages.google.com/el/ 0
312 B 712ms
24ms XHR
text/html 172.253.118.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUKaQVcErSVq32UzM3tLXeQKq1ULOyI5N3ltkEsF26rWc35VPnA-pd4_YxQhYA9HNjNusqS6JNfibTZtk1kADa9FB-jT2D7WYAV8aC8oZw_jdYzJIfrYbdnelJwJpQi-FGy2ELDoQ==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f102.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-1DEAaJMsSZucb8_junq4Vg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://kanzalia.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 27 Feb 2024 20:51:42 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-1DEAaJMsSZucb8_junq4Vg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tHikmJw05BiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hi1P6DNYgIBbi5rg37ec6NoETWw6pAwAx1BVK"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: http://kanzalia.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 AGSKWxUKaQVcErSVq32UzM3tLXeQKq1ULOyI5N3ltkEsF26rWc35VPnA-pd4_YxQhYA9HNjNusqS6JNfibTZtk1kADa9FB-jT2D7WYAV8aC8oZw_jdYzJIfrYbdnelJwJpQi-FGy2ELDoQ== Show response
fundingchoicesmessages.google.com/el/ 0
312 B 711ms
25ms XHR
text/html 172.253.118.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUKaQVcErSVq32UzM3tLXeQKq1ULOyI5N3ltkEsF26rWc35VPnA-pd4_YxQhYA9HNjNusqS6JNfibTZtk1kADa9FB-jT2D7WYAV8aC8oZw_jdYzJIfrYbdnelJwJpQi-FGy2ELDoQ==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f102.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-zuEMRB13DRuB6twhRKXzYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://kanzalia.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 27 Feb 2024 20:51:42 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-zuEMRB13DRuB6twhRKXzYw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tHikmJw1pBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hi1P6DNYgIBbi5rg37ec6NoEFm1doAAAwXxUF"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: http://kanzalia.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 AGSKWxUKaQVcErSVq32UzM3tLXeQKq1ULOyI5N3ltkEsF26rWc35VPnA-pd4_YxQhYA9HNjNusqS6JNfibTZtk1kADa9FB-jT2D7WYAV8aC8oZw_jdYzJIfrYbdnelJwJpQi-FGy2ELDoQ== Show response
fundingchoicesmessages.google.com/el/ 0
312 B 712ms
27ms XHR
text/html 172.253.118.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUKaQVcErSVq32UzM3tLXeQKq1ULOyI5N3ltkEsF26rWc35VPnA-pd4_YxQhYA9HNjNusqS6JNfibTZtk1kADa9FB-jT2D7WYAV8aC8oZw_jdYzJIfrYbdnelJwJpQi-FGy2ELDoQ==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f102.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-UEPJJtleHc4S10X_VVsYRQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://kanzalia.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 27 Feb 2024 20:51:42 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-UEPJJtleHc4S10X_VVsYRQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tHikmJw0ZBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hi1P6DNYgIBbi5rg37ec6NoEJD_5oAAAxgxV3"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: http://kanzalia.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxWZq_KoUUaSGtCjk3qpVG1dpC8JNyHnx1T24jW7BNepU8VOxQtJgksrgwfAQQ3AGkgsaH4z1NC9IfpYmH7mJiUm4E4vH1lBdiNa6bzUTXZIgAaI9b8w6XC9UWo3N0Z7FYKB7REHgQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 59ms
58ms Script
application/javascript 172.253.118.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWZq_KoUUaSGtCjk3qpVG1dpC8JNyHnx1T24jW7BNepU8VOxQtJgksrgwfAQQ3AGkgsaH4z1NC9IfpYmH7mJiUm4E4vH1lBdiNa6bzUTXZIgAaI9b8w6XC9UWo3N0Z7FYKB7REHgQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA5MDY3MTAxLDM4MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiemgtQ04iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cDovL2thbnphbGlhLmNvbS8iLG51bGwsW1s4LCJkVXI4YlgxWlFIYyJdLFs5LCJ6aC1DTiJdLFsxOCwiW1tbMF1dXSJdLFsyMCwiW251bGwsbnVsbCxbOTUzMjU5OTJdLDUsMTddIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f102.1e100.net

Software

ESF /

Resource Hash

eff0faa1076e590c7678fa51d113e95f0e0b131a5f5f608efcf26b8f52df5da1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IJBvUv9UDESaTanCd5rVkQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://kanzalia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 20:51:41 GMT
content-security-policy: script-src 'report-sample' 'nonce-IJBvUv9UDESaTanCd5rVkQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjamHU4pJi8NSQYjjvdIfpOhBfVHnKdBOIaxmeMbUC8YPwZ0wvgNhA4zmTBRAz_nnBxAnE7768ZOL4-pJJAojVgPid5Cumb0C8w8eDhW_ddFYVINZcP501EIhjnk9nTQFip_QZrAFA7FM_gzUKiE1Xnme1BWIhHo67036uYxP40HzoLCMAgD09UQ"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin: *
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 DcmEnabler_01_250.js Show response
s0.2mdn.net/879366/ Frame E926 32 KB
11 KB 32ms
32ms Script
text/javascript 74.125.130.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10425133677361861805/SUTD_DRONE_300x600/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f148.1e100.net

Software

sffe /

Resource Hash

fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10425133677361861805/SUTD_DRONE_300x600/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 13:59:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24755
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11558
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 28 Feb 2024 13:59:06 GMT

POST
H2 204 AGSKWxX5-RpY_10rEYPD3hi5YBfr-H9h_kN0Ea5pAjSvOzGQwurhXpmCuA3ZtL40fqYgyaajGVGnO9iMXlDW5KbgW4UEyuu_aR9YqBLnggU7ULwcloPR-FDjtqiYUHdZkHZ6ZZxy7mPvCA== Show response
fundingchoicesmessages.google.com/el/ 0
312 B 633ms
26ms XHR
text/html 172.253.118.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxX5-RpY_10rEYPD3hi5YBfr-H9h_kN0Ea5pAjSvOzGQwurhXpmCuA3ZtL40fqYgyaajGVGnO9iMXlDW5KbgW4UEyuu_aR9YqBLnggU7ULwcloPR-FDjtqiYUHdZkHZ6ZZxy7mPvCA==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f102.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1V-qYUD7QjNT7tCf8v9fRQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://kanzalia.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 27 Feb 2024 20:51:42 GMT
content-security-policy: script-src 'report-sample' 'nonce-1V-qYUD7QjNT7tCf8v9fRQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tHikmLw1pBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hi1P6DNYgIBbi5rg37ec6NoET31ZqAAAzchV5"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
access-control-max-age: 86400
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
access-control-allow-origin: http://kanzalia.com
access-control-allow-methods: POST, GET, OPTIONS
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 AGSKWxUKaQVcErSVq32UzM3tLXeQKq1ULOyI5N3ltkEsF26rWc35VPnA-pd4_YxQhYA9HNjNusqS6JNfibTZtk1kADa9FB-jT2D7WYAV8aC8oZw_jdYzJIfrYbdnelJwJpQi-FGy2ELDoQ== Show response
fundingchoicesmessages.google.com/el/ 0
311 B 631ms
25ms XHR
text/html 172.253.118.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUKaQVcErSVq32UzM3tLXeQKq1ULOyI5N3ltkEsF26rWc35VPnA-pd4_YxQhYA9HNjNusqS6JNfibTZtk1kADa9FB-jT2D7WYAV8aC8oZw_jdYzJIfrYbdnelJwJpQi-FGy2ELDoQ==

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f102.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-FHJodyKi1Y1NB9sLyIpOsw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://kanzalia.com/
accept-language: zh-SG,zh;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 27 Feb 2024 20:51:42 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-FHJodyKi1Y1NB9sLyIpOsw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tHikmLw1pBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hi1P6DNYgIBbi5rg37ec6NoGOX5M1ADJSFSc"
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: http://kanzalia.com
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options: SAMEORIGIN
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame F9FD 0
0 40ms
39ms Fetch
image/gif 172.253.118.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsshOA_V5iuSHC6Nuk5pryTB7jSLiLFk80-c74DExemDO6n2bVa4yd4lfPFgPy4hCwqG-_ZNPDuJbA0q0PDvmcTjQu2EDnpzK93CkLkx6H5AmwgTwQ-SnA5UnTmR4XFgktz7kYCkzBW5S6lvX1j1aflEzLWL20Dv3RdsVKNziEayuALAqlt8O1MYuS5321Xeo_Koj9duQVey2KocoeFGBIQ5QNMS7CCpA3Y3kasU3POALKgSbHYebe-mbEGY4735bGbCnQef0mIQ4BCQtS6tGw9DZceHgkKRfkOVgGri9ZQD8_AEOdHTIpTxTIAPjeixzijPXaU8DMbrvA6izc-lDQ-NrL4IbmSmZew3Q9RAj25--kVhpGp0VUgPFeWh0E30wux1CnOvZPBLyBMnRk7ZgcWOxrjeamufuKxiThzwfjI9EpgVyT72O7mcbVwmrTGxeAd9D4MFMtz2ewzhuqth6cLxAv98nzOh6TeKUb3RClyWp32M4JhExtedPJkQXZo-6TlcHsQe3uzOnMD63Jje9Ng-3IepO2gEukCcS0YaVG12zJ75Vpieu4pT7HBpRhxhiI8-_SpEI_ZV9r1ddy5ZGXouelSRwOOwMuxlWsfRke58aOhShQt6QvqsfDSxoUvRpKVd_8c_-X2N-kmOtf_060TLEb-VGLk2wuZfZ7PfYJAqfbQnz2Z3biYJa_TZzjuDIRdwtiF7ZxuL4C3vyRrxLwL0mIARq_Vy5jIIMio9wz5r_q46MAzeB24P0AW00V72Oyh8PbsxSx1ub85NilNt7vcxhJJ8-0XIb66uAMiihMyVrPWp12HG1qI1szzU57Pnu0LEmpjsU1UYK5q4SdMlqreZtcwZB8XeXFWunOUAYNztbBByJRd9nFwrg7faXBZ3phGH04_xiWUaUshKiIV2WUVlsXAdnZ8Vr84wWFv0uz5jrTE88ZEuFY1WZFj7Pt1j7hIxs2USt06NZOdaiALwkVZSSlYkt_ykECa7P112a0eEHv1hHQhlTgCzjpOKmTQL5cmuUR5C1D5kiNvwYfE-Ux9Egn5LwwGHF6ayZbB59lKNvwf2MLPhAGsicUyFoxL4KyRW7uIN5Ur422cn2CjknUqhRgJeoVae50T2mXG-6E-N7IrE9kNWcmC43LupecxWBtKFWFAHolwlG2QKLhXq6jnYKkEW10QBr-LDvdsQ1FR30_SJjLMVArUBR0ViLnBHW4ma6cmydVNnY-LhC5cSnJs_27u6KQrkZ_DIy61SMCpU0LCtbazF6WRrXcZIxvSa_hNnaF-CCRdJbUw0OPIfpiSjXvRQ&sai=AMfl-YQ_lsq418c5w1SS7R91bIa9Ce-MNGLZ4HUclAVScd5jjPB0AqifGfw6-fEYklv9WDL_iwO9BYV3s8O6LOtW1IXhYYQT8fteaGaeVXdevrKFXSDrrpV043j65cOBAk92VMuoimUAADgpUT-qSI8FfYZs2iT5Mimrc2qsbgm3BM-yuZcGPWI59eejmQCB9Vn4oe-TeV0xKida4vhM7wjmuVmH2c81zw_HCJN6lyA80rw7njTKkNd_hRnrMVaIb1vfNEy-RD8ZSkdjI0bueF7RDw6ID11BOj5-3hqSQLeG705zWkwRW3vCe0HagNRbtc5HoNOtKu2PsZcvfWhK8xFEiWo1tsf-Hj26K2bHFB0_AGTJijbhyYIoHG0owaTyksqbyMtDAr_AVz_bUQKM7df3pQzop8z7RtLq5RZtx2l-eB7_TB3pIop9x43jVaUEer23OZsOJrSdBhfMjyeqht3im869elIxfk1R0dyrX3nuxZho-3dMLcmILBpBpwPgZaf6TIKK3Wg&sig=Cg0ArKJSzBcKoqXtWggZEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9zdXRkLmVkdS5zZw&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1188&vt=11&dtpt=751&dett=3&cstd=434&cisv=r20240226.52536&arae=0&ftch=1&adurl=

Requested by

Host: kanzalia.com
URL: http://kanzalia.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.148 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f148.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 20:51:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 27 Feb 2024 20:51:41 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 33ms
32ms XHR
application/json 172.253.118.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240221&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f155.1e100.net

Software

cafe /

Resource Hash

935cb84b515e8b32de88a991e7d5e7a41f6a60744a8ad7056bf1362a299461ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://kanzalia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 20:51:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12371
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 26ms
25ms Script
text/javascript 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f132.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://kanzalia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 20:51:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 27 Feb 2024 20:51:41 GMT

GET
H/1.1 200
OK pxf.gif
unseenreport.com/ 1 B
425 B 500ms
492ms Image
image/gif 192.243.61.227
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://unseenreport.com/pxf.gif?uuid=8da01d79-64b7-493c-bc49-8c7604d96cb9&eb=b01ee76b03548b4027f273115ffce29c&te=25a5cd182909d5a71b4605328dc82dd2&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F122.0.6261.69%20Safari%2F537.36&dev=r&res=14.29&b_frame=0&pk=b9e64d85127374594eb40640862254df&bl=en-US&sr=1200x1600&sz=1200x1600&hjs=4

Protocol

HTTP/1.1

Server

192.243.61.227 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx/1.21.6 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubdomains

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://kanzalia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Date: Tue, 27 Feb 2024 20:51:41 GMT
Strict-Transport-Security: max-age=0; includeSubdomains
Server: nginx/1.21.6
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 1
X-Request-ID: 6e18042f8fbe0157b1cbdf6705e5ee8c
Expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 52D3 13 KB
5 KB 13ms
11ms Document
text/html 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f132.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://kanzalia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

accept-ranges: bytes
age: 364040
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 23 Feb 2024 15:44:21 GMT
expires: Sat, 22 Feb 2025 15:44:21 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C848 829 B
1 KB 356ms
19ms Document
text/html 142.251.175.103
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.103 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f103.1e100.net

Software

GSE /

Resource Hash

b613796af1a452bb4c8fe79b743cf0ea006a18b0604a9aee4df861b9a932c0af

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VCaaqnfZPAmEt1xNuiiWYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://kanzalia.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language: zh-SG,zh;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-VCaaqnfZPAmEt1xNuiiWYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 27 Feb 2024 20:51:41 GMT
expires: Tue, 27 Feb 2024 20:51:41 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 BoEj1MRYnOy5BSN5ElbJySd6MGFyYBWT_ZtkFEIAVvM.js Show response
pagead2.googlesyndication.com/bg/ Frame 52D3 39 KB
15 KB 19ms
18ms Script
text/javascript 172.253.118.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BoEj1MRYnOy5BSN5ElbJySd6MGFyYBWT_ZtkFEIAVvM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f155.1e100.net

Software

sffe /

Resource Hash

068123d4c4589cecb90523791256c9c9277a306172601593fd9b6414420056f3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 05:39:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 486740
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15302
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 17:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Feb 2025 05:39:21 GMT

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame 52D3 0
40 B 11ms
10ms Image
text/plain 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?TM8Sag
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.10.132 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS: sd-in-f132.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 20:51:41 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C848 0
0 53ms
53ms Image
text/html 172.253.118.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240221&jk=2596066692080926&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sl-in-f155.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 13ms
12ms Image
text/html 172.253.118.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240221&jk=2596066692080926&bg=!SUqlSgXNAAZ3BdUuVwU7ADQBe5WfOLwghrpPFtIqTJYl0xeGf4KHtsEgNNyCVx5On-s75jSfXNePf3fp7wXoofZ8I2K0AgAAAGJSAAAABGgBBwoAicMOu6g68VItPVSM9KKKO-t8Nv77Ovez49Nq2n4FVYnnM5VlV1QslfWBh8LthH7NjXzbBr8j1e-pLDxg7HT86wi9yodHW-Vjq2_4mg_Y9Ni-t_I31UTeAazr5mF3f_HzHktz-zr13gCM4bQJ_Fc4UP7vgz9u1AvvFnAzT0j9RCKocpLKvcy20TU0mQLuBmepxvAoy9oc9ttYQQ9jbk2ohIPXq3ivgFUC2xIYvFyi53D4m-xxlIw5B89SFwD_DFlM7raBMn-9Nr96pbaXCOpIniSNE9p3R3E3a3_5kS1C7hbzvEaxIFEk6SLInSp00nIvIcQGZUxJX6jKRCNcpFauQArzKCbK0fSVY1KxHPg4cZAQg660o21OMIIURdoxXJxQGBTyS-zkhAb9zC-BOjJnQFiuFKB9_VQ2LVY4hwJyyfTvBT0Gp0G3gbdQQ7JmTt_PGsfehYAcnVskP5UqHPOZtHzeqVgOKBTIbEgiBYO_uoPaEUcFxQ8G4sPsKYPs2yr14leNFfOGhNpNh5P0x9yUxS0BeAdr0mAGki3vT25vKkLJSbuXN2QUvsNtWTtuEjic943l6LAVL0tyY-G7FT8Lzeki6S52a7QVDstfJZ9IMGYC9T99fKKz8Zar2qmF8hwNyGz-rW3sQpWzo81BemalGi7JVRCjbBN6W2v5dVqS3uaZz4Q5x5g9Me6Ng4kCJceyxXphu0mcKF9IUJRyxFNttY53xCFkDg3U_q2qWOZn6QxYJCGUvNsHuQX2dj4q-BvIbp6bNflpOj7e8hwl0uOXl3z_RbvXoi-kZtULiuxRmzJLaX2CNIvQux86rpp4_3bYELR1CC-X_Dvu-UNWG8FJM2KCdqCUYOUeF_yWjHiYkbnztPsNvgea8N3Q7u7GYQmJ0mVeKFT9kHlI-Q6O0Ceu21p-WNx1DX4kOztKALu2PHi7FmCoUdVHcV8YXaGNFvHMqRq7BjXm72uTmOw4XzkTuZ5wv2_GkZR-kLFcHqsvtq9qzsqphNvo_iaSEUq4M2Jz-kUMIkWnuJnSI_yuKUXqedG5VOiRKlhd1MSM51C80XRqV4CpjhbBat-CGQtZEOBBeZikyu7Jp9OHOB02Ot0MZdi2Xtvpv7n4z-WOL6zDWj5x-ENTVKvn2OH4GD7HTyB8Oi6sHg2ZKXwqf6ZXVU4DNXjOSyz2qvjMMfs3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sl-in-f155.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: zh-SG,zh;q=0.9
Referer: http://kanzalia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

155 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
proftrafficcounter.com/	1970-01-21 04:20:27	Name: uid_id2 Value: 8da01d79-64b7-493c-bc49-8c7604d96cb9:2:1
kanzalia.com/	1969-12-31 23:59:59	Name: dom3ic8zudi28v8lr6fgphwffqoz0j6c Value: 8da01d79-64b7-493c-bc49-8c7604d96cb9%3A2%3A1
.sharethis.com/	1970-01-21 03:31:29	Name: __stid Value: ZHOAA2XeS1oAAAAICTx/Aw==
.sharethis.com/	1970-01-21 03:31:29	Name: __stidv Value: 2
pogothere.xyz/	1970-01-21 03:22:51	Name: csu Value: 507503017093842@1@1709067098
.kanzalia.com/	1970-01-21 03:31:29	Name: fpestid Value: r6RwXl3rRKPp0dMvr9PbO38HsfrxmheRLsAldwpKoMdB4Ynqb9jyzqpi2hWdDRQEXrtO7A
.kanzalia.com/	1970-01-21 04:20:27	Name: _ga_NWMSVYLZZH Value: GS1.1.1709067099.1.0.1709067099.0.0.0
.kanzalia.com/	1970-01-21 04:20:27	Name: _ga Value: GA1.1.1587048101.1709067099
kanzalia.com/	1970-01-20 18:44:34	Name: pp_main_b9e64d85127374594eb40640862254df Value: 1
.t.sharethis.com/	1970-01-20 19:27:39	Name: pxcelPage_default_c010_B Value: 0_6_1709067099280
.adsrvr.org/	1970-01-21 03:31:29	Name: TDID Value: 71a896f5-ddf3-42b7-99c1-d199458dc3f4
.yahoo.com/	1970-01-21 03:30:24	Name: A3 Value: d=AQABBFtL3mUCEC5LaSKXL2wXTEk10nhOY5cFEgEBAQGc32XoZa9C8HgB_eMAAA&S=AQAAAqQqdNTc_CDHy_dhwFmUY-M
.ml314.com/	1970-01-21 03:31:29	Name: pi Value: 3642374046808539173
.adsrvr.org/	1970-01-21 03:31:29	Name: TDCPM Value: CAEYBSABKAIyCwjE6reFlPjbPBAFOAE.
.eyeota.net/	1970-01-21 03:31:29	Name: mako_uid Value: 18dec565d00-17120000010855ec
.eyeota.net/	1970-01-20 18:44:27	Name: SERVERID Value: 21996~DM
.analytics.yahoo.com/	1970-01-21 03:30:03	Name: IDSYNC Value: 19b8~2gzw
.crwdcntrl.net/	1970-01-21 01:13:12	Name: _cc_dc Value: 2
.crwdcntrl.net/	1970-01-21 01:13:12	Name: _cc_id Value: 756ec56545a2fc123f2b5e6486b743b3
.rlcdn.com/	1970-01-21 03:30:03	Name: rlas3 Value: TbFYjh6tSPY9BUsj8/ValkWF3ySIAKa/QvCrEK4JS2g=
.rlcdn.com/	1970-01-20 20:10:51	Name: pxrc Value: CNuW+a4GEgUI6AcQABIFCNtOEAA=
.kanzalia.com/	1970-01-21 04:06:03	Name: __gads Value: ID=0ae7c8ba5cb20091:T=1709067099:RT=1709067099:S=ALNI_MYNo2BIW9GFxe4UWTDj2kdDvsZ_Og
.kanzalia.com/	1970-01-21 04:06:03	Name: __gpi Value: UID=00000d1b145087a8:T=1709067099:RT=1709067099:S=ALNI_MYtoEevWrLqo4ip2KBuxJ1O1MUE2A
.kanzalia.com/	1970-01-20 23:03:39	Name: __eoi Value: ID=1cb72f12b6e579a7:T=1709067099:RT=1709067099:S=AA-AfjbTeHZ9S8-doxUoL4wpIoe6
fp.metricswpsh.com/	1970-01-21 03:30:03	Name: id Value: 2344037625994388770
.doubleclick.net/	1970-01-21 04:20:27	Name: IDE Value: AHWqTUl9nEGPvZsGw-_n1wd091XHwsT9nvIDRsXx_6BswB4R1p_BkXp3CWpOijVW
.adnxs.com/	1970-01-20 20:54:03	Name: XANDR_PANID Value: _Pnb2iuY_XviFjq5vHhGb562WeLyqSTrizZrFJQAIM2dGhtoko54WQSe07noIDS9B4Eohge1dcv0jAA6Tg0-yQuoh5Lee1fAQt4gsyZJLQ8.
.adnxs.com/	1970-01-21 04:20:27	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 20:54:03	Name: uuid2 Value: 1480321867062912304
.casalemedia.com/	1970-01-21 03:30:03	Name: CMID Value: Zd5LXIsFVpAAAAdQAAQu1gAA
.casalemedia.com/	1970-01-20 20:54:03	Name: CMPS Value: 5334
.casalemedia.com/	1970-01-20 20:54:03	Name: CMPRO Value: 5334
.adnxs.com/	1970-01-20 20:54:03	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GTurEMU^!]tbPl1M>e)ZlrFUfJ+tGXxp)cT2#G@-7I6?./y@[e.N@F6<Tw^NCbG8Q-263If)y3KL9D3I?+^q8(xp
.doubleclick.net/	1970-01-20 23:03:39	Name: receive-cookie-deprecation Value: 1
.kanzalia.com/	1970-01-21 03:30:03	Name: FCNEC Value: %5B%5B%22AKsRol_MmIeBTOBLgFVZysztdXqkJPwo_5AlzGRLqjrvxGj_rx5WNftn-mK9YKZetWVOptix20l8pPfhzHtiX62Zm588IcP2RdqzGwn0SiBcyxIYwR0520gnwcWnb3Z1_lfU_zu9BY79iD4KyKSmWOM1gjLjF-I10g%3D%3D%22%5D%5D

94 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.youtube.com%2Ffavicon.ico&hl=en&ifkv=ATuJsjxpyqoUa8H5e3RT9wbQ95gvoey-XxnOq1C6UzYoPCUL1RaTkL8jK_EhhL7EF4G_a9MVe5iK&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-318715735%3A1709067099177947&theme=glif Message: Failed to load resource: the server responded with a status of 403 ()
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fwww.google.com%2Ffavicon.ico&hl=en&ifkv=ATuJsjyaxwIZC2FxQvAtZexYTK966rTTcMi8WLUlpv73h5oYHhyeDXpWAzpBl8p80MpaXXdTMWX8xQ&passive=true&service=mail&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1761119012%3A1709067099324531&theme=glif Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ATuJsjwcxgOgNvYcuEGBfBSIV71UFWXrwpXhFEhoTcmELxBagcNqJ6YpFsjXFGLz3EkvPNHC9Zq4Ug&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S84802345%3A1709067099398818&theme=glif Message: Failed to load resource: the server responded with a status of 403 ()
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: http://kanzalia.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0af597d3bd.ce26c78a4e.com
accounts.google.com
ad.doubleclick.net
bcp.crwdcntrl.net
blog.kanzalia.com
buttons-config.sharethis.com
capaciousdrewreligion.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
d34cixo0lr52lw.cloudfront.net
dsum-sec.casalemedia.com
fp.metricswpsh.com
friendshipmale.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
ib.adnxs.com
idsync.rlcdn.com
js.capndr.com
js.wpadmngr.com
kanzalia.com
l.sharethis.com
loadus.exelator.com
loiteringcoaltuesday.com
match.adsrvr.org
mcpuwpsh.com
ml314.com
na.nawpush.com
ourtshipanditlas.info
pagead2.googlesyndication.com
platform-api.sharethis.com
pogothere.xyz
proftrafficcounter.com
ps.eyeota.net
rbrightscarletcl.info
s0.2mdn.net
securepubads.g.doubleclick.net
storage.multstorage.com
streakattempt.com
sync.sharethis.com
t.sharethis.com
tpc.googlesyndication.com
unseenreport.com
ups.analytics.yahoo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
x8.makaronibasah.com
103.43.90.114
104.21.234.32
104.21.24.208
104.21.30.242
13.227.254.23
13.228.126.19
13.33.88.100
13.33.88.58
13.35.21.182
142.251.10.132
142.251.10.157
142.251.175.103
142.251.175.84
15.197.193.217
157.240.235.35
157.90.84.242
172.104.184.240
172.240.108.92
172.253.118.102
172.253.118.148
172.253.118.155
172.64.151.101
172.67.131.213
172.67.179.196
18.140.172.38
18.141.80.142
192.243.59.20
192.243.61.227
23.59.168.112
3.120.23.175
34.117.77.79
35.156.226.144
35.244.154.8
45.133.44.24
45.133.44.52
45.133.44.53
50.16.197.56
52.77.115.37
52.84.229.11
64.233.170.113
74.125.130.148
74.125.200.154
74.125.200.97
74.125.24.157
94.130.197.240
01ee09d4737fa546dbce90c0e3527462179fe7f558a6b74c2a10fb6fcafa8853
0450e2e1aa3c8b5435690d841f3e573c4f521864e1f8e01a5b6dbcdac922c8b4
068123d4c4589cecb90523791256c9c9277a306172601593fd9b6414420056f3
09ac1748442c59a61749b8a75ad69257468d140d8583d85c50f89bbcec99e7df
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cd23f728f676108fa5d0b1605217bc9fdf86cca6014de376b335cd2852a458d
0d4ccdb61fb27f34a2eb755463215c47acebc9ef0783264444fea77972b9f29d
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
19424969cde4822b67331990c378205f635a2995a58bd2c0de8e8ebe84414727
1afeb9a2d9a01296c575126784a1d2ab736334ac419227c76be847640f9354b8
1be58ac66106f8f26b344b506dbca6968b96606a5bb9f89dac5678dfaf9522ff
1ff3f53abe4fb5446e7357d39bc4547af57798154ef881a36ca66d4f0f148808
25dbe26db67ba5d60d3f7c7f79d72ad9f4816b2a6e869d7511927274f13a490b
270fb9f71a35c9aac351e9fb4c18d5d8e7d2d40488bfc802b5bae62d3b133bee
2c21a727048530f4a3462343a0a5103ac866d4dae84df92372a721dbc2fb8d26
2d7e3ffbe83b2d14982ca3d1ce2b606b6efc0b243207e669fb83ed26b9feda10
2e1cf78d9c744aae013c8bb30eb5517c755a8e1de3d844b956f08644eee1b5fd
2f750d52f5f7c943aadb1518406dcaad45fc5eb188c158d9a6c54bcf315fca35
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33a84e0bcb8d233ebb1d0a2a90b0618266c4316278f076ba3164fb16dc3f1020
3c4600a0b6349e5c712776c1da9bf45002076b11631eb73f69dc9efccda25cb6
3d30c698d1ec06254ffe1e9776574f6ea070000fe8e0953a0614d9641e5601e4
432c85d102b03b0980137b46fbb08e0c1fb46101be8a7f681b84a7a61a8e85d7
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d3e5b388bf89f87255d3e4e4c086661661bfe77a283a94dea55c7c9bb57f84b
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
578993f847158d1e0493ce7b0ffba058859d3ffa840b472010cd403462d71c42
61786dd29e59d453951c675df3a6d83a8c9be06d4b4e3b1560842cf4bea6cc63
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6d147577362f874e9c1ec21defc7d5a5b32f62cd488174c88c2babe4d9c4e7e9
7093535c92c8b7651ca055b34c44b3686656471359c9ec3badb15b6019dcae4b
756e2e719a642f209b84a25cae6bdb74e92324c4ad21273e8523ca20a5bd4358
788098a1c6baa5fd2dd9c88e4165cdd4b84b4bc7122393295456e9156b4d3944
7ae3dcf8002e428f15567c5a304172fe086cf525cc41c02a83c091989152e4cf
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
842fdd042483fa98e322a986ab8f21739eef3b4cffc09b637d0b3728bfb05430
846897c65d4e8dc05e65334f9038bfa1611f4b7b7f9947bf81a883cde1ac1895
885744aad10ecef26445abb495cc7dd1d8288c24247f6c74301f23edaaf0a2fd
8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460
8a7b1ca4bbf273b32ea865d4785a1944d1b2b133678d9b5fe7ee0406f6fd64b2
929843d1fc4e08015a664fd602cde5549cf47b44eef856cebbcc1d3c23e6a180
935cb84b515e8b32de88a991e7d5e7a41f6a60744a8ad7056bf1362a299461ec
96ca9a0d2bcf64209fe170fea415cec96ddc7b70267d8d53ee4868ee362873ff
9da21beba1f05fd694185c3c556066e62548bfed082789bc596aa2ca7586f60c
9e5d8e55792e4e8edbd75163ab9d1eeffb7f885cf72d29221e57543b76feba32
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0ad6879b3e537265366cc1bcfb539ccd370583d3734135154c410fbd62dbf61
a0db162b858d9dbc15344d2e13d22247ca6ec06ed754022a244b0b37f05d6f35
a1191fdd14232164b156ab8d3f6f5e0e68b930ef25a787cf5801ce5adb7e6b6f
a321e0738ed2d8fd2fe1c9b91e8e0730373d2f6c34d94cb3ec3d04bd5ce99fb5
a419bfea68e97d3437e3a55e2c019701699721b363b2ba303c9f88bd0ce4acee
a69c12ccd186a899db79fce802b46c08e71f69c2c422be2666ed8565e3add026
ac84c2f8288b59f8e04ba77287ce696052bfeee0d462a566d94dc305df646c95
aed9a790cdfb6f4fbfca3f61f0f762e39fcfe0e0ad1074c737be4e9a3121e259
afa8ea7e9b1c1f589fe5662651ad511826ae5e125e71d7c2a5661b737bbf5a88
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b613796af1a452bb4c8fe79b743cf0ea006a18b0604a9aee4df861b9a932c0af
b78c5c3f93b9d9d8dcb46d08d4f67cbcf71ff8b2ec96c03543fc377ce446b6e6
ba8cc8e945ec26698cf34d672cd00099c5ac144b3d5f0d433e17eeb3447dd3d0
bf46dce541c2d6e88c2c5b068aaec651fb0d6f5f4f4d3fb5f24ceb60f3b62449
c437e16e9437467281fb2e549ba790aca8e8d26820d544888c4d66a4b6f04a9e
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ce9e6d8a8424fac06303ac7d4233c4d4864210fb9bca1a051a7c9e6533a10519
cf9e92205faeb2fc9929f8aaf67ee6fb15084be8994babd310cfa01d62e29e5c
d1e08c32e5bf942f89164ac60372255ca276555d12f6feb792a6076ef832bbc6
dbb70033abf7208f938ae137fd7fe8cea31ee45b0e2c51cf318ddcf64c9a7682
dfa6d59d57e3b6ae87dfa5ce893036f4255a2b9d9dcc56898b41ee1091a2ca97
e0cd58f05c3e8a0af05febc2ef1d3dbd6e88776c0f2063a43b0f6945a12bfb02
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6ef188fffc554aea26b8ae5f90e66bc650fbee26493e9035e7d948a220ed1c6
e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360
e85d2011e8f8ad0cc88097d02cdc04bbfdec3558547c55c0cdeb8d0954440ea3
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec73870a124df2d105249652c84da8f949bf73bcd5ca8ad6deca84b4fbd2e9d0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
eff0faa1076e590c7678fa51d113e95f0e0b131a5f5f608efcf26b8f52df5da1
f1198e655c58ed4f8391879cbc01af01cf9a7821336f917a01144bb3e8bdf8d7
f627ca4c2c322f15db26152df306bd4f983f0146409b81a4341b9b340c365a16
f64a1073cedcb007beea92fa50c0a3a52028212fbcc520406a6654ad2e01d34f
fc260ca05d8dfd03702d4978567800f2902915697cc64ee03dc8ab496bba30f2
fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1
fdff0d9e120c83e0d06ddc8f102052e2801a776e67b1923c28fe068d45cc3ecf
fe655e1760d68d57fc1b827e328f78f949062bc743b098c4ead4556691e2d270

kanzalia.com Open in urlscan Pro 172.104.184.240 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

119 Requests

71 %HTTPS

0 %IPv6

36 Domains

48 Subdomains

40 IPs

4 Countries

1411 kBTransfer

3895 kBSize

35 Cookies

120 Outgoing links

Redirected requests

119 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

kanzalia.com Open in urlscan Pro
172.104.184.240 Public Scan

Screenshot
Live screenshot

Full Image

119
Requests

71 %
HTTPS

0 %
IPv6

36
Domains

48
Subdomains

40
IPs

4
Countries

1411 kB
Transfer

3895 kB
Size

35
Cookies

119 HTTP transactions
2 data transactions