urlscan.io logo urlscan.io
SecurityTrails logo

lahbakzm9.cloudzip.online Open in urlscan Pro
142.250.176.19  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://lahbakzm9.cloudzip.online/
Effective URL: https://lahbakzm9.cloudzip.online/?m=1
Submission Tags: @phish_report
Submission: On November 04 via api from FI — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 1 countries across 9 domains to perform 23 HTTP transactions. The main IP is 142.250.176.19, located in United States and belongs to GOOGLE, US. The main domain is lahbakzm9.cloudzip.online.
TLS certificate: Issued by WR3 on November 3rd 2024. Valid for: 3 months.
This is the only time lahbakzm9.cloudzip.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 4 142.250.176.19 15169 (GOOGLE)
3 142.251.221.66 15169 (GOOGLE)
1 172.217.24.42 15169 (GOOGLE)
1 142.251.221.65 15169 (GOOGLE)
1 142.250.204.10 15169 (GOOGLE)
2 142.250.176.3 15169 (GOOGLE)
1 172.217.24.33 15169 (GOOGLE)
7 172.217.12.130 15169 (GOOGLE)
1 142.250.76.98 15169 (GOOGLE)
2 142.250.71.65 15169 (GOOGLE)
1 142.250.66.196 15169 (GOOGLE)
23 12
4    142.250.176.19 (United States)

ASN15169 (GOOGLE, US)
PTR: lax17s51-in-f19.1e100.net
lahbakzm9.cloudzip.online
3    142.251.221.66 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f2.1e100.net
pagead2.googlesyndication.com
1    172.217.24.42 (United States)

ASN15169 (GOOGLE, US)
PTR: hkg07s23-in-f42.1e100.net
fonts.googleapis.com
1    142.251.221.65 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f1.1e100.net
blogger.googleusercontent.com
1    142.250.204.10 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f10.1e100.net
ajax.googleapis.com
2    142.250.176.3 (United States)

ASN15169 (GOOGLE, US)
PTR: lax17s51-in-f3.1e100.net
fonts.gstatic.com
1    172.217.24.33 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s20-in-f1.1e100.net
3.bp.blogspot.com
7    172.217.12.130 (United States)

ASN15169 (GOOGLE, US)
PTR: lax02s27-in-f2.1e100.net
googleads.g.doubleclick.net
1    142.250.76.98 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s24-in-f2.1e100.net
ep1.adtrafficquality.google
2    142.250.71.65 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s17-in-f1.1e100.net
ep2.adtrafficquality.google
1    142.250.66.196 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s23-in-f4.1e100.net
www.google.com
Apex Domain
Subdomains		 Transfer
7 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
4 cloudzip.online
lahbakzm9.cloudzip.online
35 KB
3 adtrafficquality.google
ep1.adtrafficquality.google — Cisco Umbrella Rank: 233245
ep2.adtrafficquality.google — Cisco Umbrella Rank: 204383
19 KB
3 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 116
256 KB
2 gstatic.com
fonts.gstatic.com
18 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
ajax.googleapis.com — Cisco Umbrella Rank: 412
31 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 3
1 blogspot.com
3.bp.blogspot.com — Cisco Umbrella Rank: 19611
2 KB
1 googleusercontent.com
blogger.googleusercontent.com — Cisco Umbrella Rank: 10512
13 KB
23 9
Domain Requested by
7 googleads.g.doubleclick.net pagead2.googlesyndication.com
4 lahbakzm9.cloudzip.online 2 redirects
3 pagead2.googlesyndication.com lahbakzm9.cloudzip.online
pagead2.googlesyndication.com
2 ep2.adtrafficquality.google pagead2.googlesyndication.com
ep2.adtrafficquality.google
2 fonts.gstatic.com fonts.googleapis.com
1 www.google.com ep2.adtrafficquality.google
1 ep1.adtrafficquality.google pagead2.googlesyndication.com
1 3.bp.blogspot.com lahbakzm9.cloudzip.online
1 ajax.googleapis.com lahbakzm9.cloudzip.online
1 blogger.googleusercontent.com lahbakzm9.cloudzip.online
1 fonts.googleapis.com client
23 11

This site contains links to these domains. Also see Links.

Domain
www.blogger.com
Subject Issuer Validity Valid
lahbakzm9.cloudzip.online
WR3		 2024-11-03 -
2025-02-01		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
upload.video.google.com
WE2		 2024-10-14 -
2025-01-06		 3 months crt.sh
*.googleusercontent.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
misc-sni.blogspot.com
WE2		 2024-10-14 -
2025-01-06		 3 months crt.sh
adtrafficquality.google
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh
*.google.com
WR2		 2024-10-07 -
2024-12-30		 3 months crt.sh

This page contains 10 frames:

Primary Page: https://lahbakzm9.cloudzip.online/?m=1
Frame ID: BB79C1A919DEC1A0003B807DF84B31AE
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241030/r20190131/zrt_lookup_fy2021.html
Frame ID: F324CD85F360F11099BEFC964C98E824
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9299410703914085&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1730638772&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x675_l%7C500x675_r&format=0x0&url=https%3A%2F%2Flahbakzm9.cloudzip.online%2F%3Fm%3D1&host=ca-host-pub-1556223355139109&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aipaq=1&aiombap=1&aiopts=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730729127459&bpp=5&bdt=261&idt=456&shv=r20241030&mjsv=m202410280101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=6653877093179&frm=20&pv=2&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31088129%2C31088481%2C95344188%2C95335246%2C95345472%2C95345788%2C95345963&oid=2&pvsid=4112015901756469&tmod=302479969&uas=0&nvt=1&fsapi=1&fc=1920&brdim=370%2C370%2C370%2C370%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=1&uci=a!1&fsb=1&dtd=484
Frame ID: D2CC7B7EA5B2047EEB1F7F1625BE7700
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9299410703914085&output=html&h=280&slotname=4451698209&adk=1271624695&adf=2678925376&pi=t.ma~as.4451698209&w=1100&abgtt=6&fwrn=4&fwrnh=100&lmt=1730638772&rafmt=1&format=1100x280&url=https%3A%2F%2Flahbakzm9.cloudzip.online%2F%3Fm%3D1&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730729127558&bpp=8&bdt=360&idt=414&shv=r20241030&mjsv=m202410280101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=6653877093179&frm=20&pv=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=162&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31088129%2C31088481%2C95344188%2C95335246%2C95345472%2C95345788%2C95345963&oid=2&pvsid=4112015901756469&tmod=302479969&uas=0&nvt=1&fc=1920&brdim=370%2C370%2C370%2C370%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CoevE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=2&uci=a!2&fsb=1&dtd=424
Frame ID: 52701B23BC7E2E988A969D260BBF8363
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241030/r20190131/zrt_lookup_fy2021.html
Frame ID: 8EAEC9EB384B8ED0E650C0B442A95353
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241030/r20190131/zrt_lookup_fy2021.html
Frame ID: 94B8DBCA6B1BAC0B1AB0DB891E8A3E39
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241030/r20190131/zrt_lookup_fy2021.html
Frame ID: A47742E00156F91CF34EF76944021DF5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241030/r20190131/zrt_lookup_fy2021.html
Frame ID: 943290BB579B18FC05DDBE7114C4C883
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: 139EA16D8697DAFDC702B14F5EDC019B
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C38A008FF4C8CB4153B0EA2C9456C324
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

lahbakzm9.cloudzip.online

Page URL History Show full URLs

  1. http://lahbakzm9.cloudzip.online/ HTTP 307
    https://lahbakzm9.cloudzip.online/ HTTP 302
    https://lahbakzm9.cloudzip.online/?m=1 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

23
Requests

91 %
HTTPS

0 %
IPv6

9
Domains

11
Subdomains

12
IPs

1
Countries

374 kB
Transfer

1055 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://lahbakzm9.cloudzip.online/ HTTP 307
    https://lahbakzm9.cloudzip.online/ HTTP 302
    https://lahbakzm9.cloudzip.online/?m=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18
  • https://lahbakzm9.cloudzip.online/favicon.ico HTTP 302
  • https://lahbakzm9.cloudzip.online/favicon.ico?m=1

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
lahbakzm9.cloudzip.online/
Redirect Chain
  • http://lahbakzm9.cloudzip.online/
  • https://lahbakzm9.cloudzip.online/
  • https://lahbakzm9.cloudzip.online/?m=1
130 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lahbakzm9.cloudzip.online/?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.19 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax17s51-in-f19.1e100.net
Software
GSE /
Resource Hash
f13218da173f20f30fdfaa17a86283786b4f502e82081cbf58b115d899d83fa6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

cache-control
private, max-age=0
content-encoding
gzip
content-length
34463
content-type
text/html; charset=UTF-8
date
Mon, 04 Nov 2024 14:05:27 GMT
etag
W/"9131c4f76cbe29fa49f6704d7f1bd600606c1c93a05f39744539e1308d5d0582"
expires
Mon, 04 Nov 2024 14:05:27 GMT
last-modified
Sun, 03 Nov 2024 12:59:32 GMT
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

cache-control
private, max-age=0
content-encoding
gzip
content-length
204
content-security-policy
frame-ancestors 'self'
content-type
text/html; charset=UTF-8
date
Mon, 04 Nov 2024 14:05:26 GMT
expires
Mon, 04 Nov 2024 14:05:26 GMT
location
https://lahbakzm9.cloudzip.online/?m=1
server
GSE
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		156 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9299410703914085
Requested by
Host: lahbakzm9.cloudzip.online
URL: https://lahbakzm9.cloudzip.online/?m=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
b53e2680f0eadd4062e20e8c5b9ae5c89f8597a470ca35a5a0649b135a0a7986
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Origin
https://lahbakzm9.cloudzip.online
Referer
https://lahbakzm9.cloudzip.online/

Response headers

content-encoding
br
etag
14526613283253072445
x-content-type-options
nosniff
expires
Mon, 04 Nov 2024 14:05:27 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 04 Nov 2024 14:05:27 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
53322
x-xss-protection
0
server
cafe
css2
fonts.googleapis.com/ 		1 KB
866 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Tajawal:wght@500&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.42 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f42.1e100.net
Software
ESF /
Resource Hash
8ef1a9ac4d5059f1254f11ffe521a20561163560989117f8297f033d7acd6328
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://lahbakzm9.cloudzip.online/

Response headers

strict-transport-security
max-age=31536000
cache-control
private, max-age=86400
timing-allow-origin
*
content-encoding
gzip
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Mon, 04 Nov 2024 14:05:27 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000
date
Mon, 04 Nov 2024 14:05:27 GMT
x-xss-protection
0
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
server
ESF
x-frame-options
SAMEORIGIN
AVvXsEiSreBs-QheLukgf5KL7K7ICLyZ67FhkQRX7g83DGumOjLCloOHzGDZsP5CGe1cte0-0aYAGJlAkXoZqkiCGUD6X1V5VgUgWP-nJSEl_SNAt0cpDUAmNYeJFcUDoqrL1s6V2hlzr3nrj2F6-DQ2EYhWSyFW2pBTe5DjUjiAqyAPUJ4xdG9ibxVX-w=s603
blogger.googleusercontent.com/img/a/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://blogger.googleusercontent.com/img/a/AVvXsEiSreBs-QheLukgf5KL7K7ICLyZ67FhkQRX7g83DGumOjLCloOHzGDZsP5CGe1cte0-0aYAGJlAkXoZqkiCGUD6X1V5VgUgWP-nJSEl_SNAt0cpDUAmNYeJFcUDoqrL1s6V2hlzr3nrj2F6-DQ2EYhWSyFW2pBTe5DjUjiAqyAPUJ4xdG9ibxVX-w=s603
Requested by
Host: lahbakzm9.cloudzip.online
URL: https://lahbakzm9.cloudzip.online/?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
fife /
Resource Hash
a3ba8fb0fc8f5a877553092cd0608bddaec2d13d2235748bf70f705070f70a34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://lahbakzm9.cloudzip.online/

Response headers

access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
etag
"v6e3"
x-content-type-options
nosniff
expires
Tue, 05 Nov 2024 14:05:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12513
date
Mon, 04 Nov 2024 14:05:28 GMT
x-xss-protection
0
content-type
image/png
vary
Origin
server
fife
content-disposition
inline;filename="____-____.png";filename*=UTF-8''%D8%B4%D8%B9%D8%A7%D8%B1-%D9%86%D9%8A%D9%88%D8%B2.png
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: lahbakzm9.cloudzip.online
URL: https://lahbakzm9.cloudzip.online/?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f10.1e100.net
Software
sffe /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://lahbakzm9.cloudzip.online/

Response headers

content-encoding
gzip
age
159346
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Sun, 02 Nov 2025 17:49:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 02 Nov 2024 17:49:41 GMT
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
30306
x-xss-protection
0
server
sffe
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/ 		434 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9299410703914085
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
7ac5d4a6a356134e719c9decb781a6dd5544acd45b4355321bdb92becfbeea39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://lahbakzm9.cloudzip.online/

Response headers

content-encoding
br
etag
8316480100650629647
x-content-type-options
nosniff
expires
Mon, 04 Nov 2024 14:05:27 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 04 Nov 2024 14:05:27 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
147979
x-xss-protection
0
server
cafe
Iurf6YBj_oCad4k1l8KiHrRpiZtK6GwN9w.woff2
fonts.gstatic.com/s/tajawal/v10/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/tajawal/v10/Iurf6YBj_oCad4k1l8KiHrRpiZtK6GwN9w.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Tajawal:wght@500&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax17s51-in-f3.1e100.net
Software
sffe /
Resource Hash
46d9e2f3b2d68c51d15133cc8bf8ccd76b29e72d2fa5ed8b56b81a1d584f2373
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Origin
https://lahbakzm9.cloudzip.online
Referer
https://fonts.googleapis.com/

Response headers

age
492327
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 29 Oct 2025 21:20:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 29 Oct 2024 21:20:00 GMT
last-modified
Mon, 12 Aug 2024 17:13:55 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
8868
x-xss-protection
0
server
sffe
Iurf6YBj_oCad4k1l8KiHrFpiZtK6Gw.woff2
fonts.gstatic.com/s/tajawal/v10/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/tajawal/v10/Iurf6YBj_oCad4k1l8KiHrFpiZtK6Gw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Tajawal:wght@500&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax17s51-in-f3.1e100.net
Software
sffe /
Resource Hash
b2a8db0526f0253bee86936628a510dd073b954107c51e60c6484609f152f632
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Origin
https://lahbakzm9.cloudzip.online
Referer
https://fonts.googleapis.com/

Response headers

age
7772
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Tue, 04 Nov 2025 11:55:55 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 04 Nov 2024 11:55:55 GMT
last-modified
Mon, 12 Aug 2024 17:13:54 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
9868
x-xss-protection
0
server
sffe
truncated
/ 		627 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6a217480aa6975d5cca42e735655916610429fe4c60dc7f1a21c75badff47d33

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer

Response headers

Content-Type
image/svg+xml;charset=utf8
256-256.png
3.bp.blogspot.com/-T-V-PJOU4v0/XZYzHfq1dYI/AAAAAAAABOw/obz8rMcwKgEvPkHP1ahM2tyAqm8fRYZYwCK4BGAYYCw/w27-h27-p-k-nu/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://3.bp.blogspot.com/-T-V-PJOU4v0/XZYzHfq1dYI/AAAAAAAABOw/obz8rMcwKgEvPkHP1ahM2tyAqm8fRYZYwCK4BGAYYCw/w27-h27-p-k-nu/256-256.png
Requested by
Host: lahbakzm9.cloudzip.online
URL: https://lahbakzm9.cloudzip.online/?m=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s20-in-f1.1e100.net
Software
fife /
Resource Hash
fdc94d53d1796c028c474c2f2fa236f730b1f0869a42108d706c307422329e21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://lahbakzm9.cloudzip.online/

Response headers

access-control-expose-headers
Content-Length
etag
"v4ed"
age
1278
x-content-type-options
nosniff
expires
Tue, 05 Nov 2024 13:44:10 GMT
alt-svc
h3=":443"; ma=2592000
date
Mon, 04 Nov 2024 13:44:10 GMT
content-disposition
inline;filename="256-256.png"
content-type
image/png
vary
Origin
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
1286
x-xss-protection
0
server
fife
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241030/r20190131/ Frame F324 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241030/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.12.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax02s27-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lahbakzm9.cloudzip.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

age
38382
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4124
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Nov 2024 03:25:46 GMT
etag
7893594074132303741
expires
Mon, 18 Nov 2024 03:25:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D2CC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9299410703914085&output=html&adk=1812271804&adf=3025194257&abgtt=6&lmt=1730638772&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x675_l%7C500x675_r&format=0x0&url=https%3A%2F%2Flahbakzm9.cloudzip.online%2F%3Fm%3D1&host=ca-host-pub-1556223355139109&pra=5&wgl=1&aihb=0&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aipaq=1&aiombap=1&aiopts=1&aief=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730729127459&bpp=5&bdt=261&idt=456&shv=r20241030&mjsv=m202410280101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=6653877093179&frm=20&pv=2&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31088129%2C31088481%2C95344188%2C95335246%2C95345472%2C95345788%2C95345963&oid=2&pvsid=4112015901756469&tmod=302479969&uas=0&nvt=1&fsapi=1&fc=1920&brdim=370%2C370%2C370%2C370%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=1&uci=a!1&fsb=1&dtd=484
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.12.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax02s27-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lahbakzm9.cloudzip.online/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
78727
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Nov 2024 14:05:28 GMT
expires
Mon, 04 Nov 2024 14:05:28 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 5270 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9299410703914085&output=html&h=280&slotname=4451698209&adk=1271624695&adf=2678925376&pi=t.ma~as.4451698209&w=1100&abgtt=6&fwrn=4&fwrnh=100&lmt=1730638772&rafmt=1&format=1100x280&url=https%3A%2F%2Flahbakzm9.cloudzip.online%2F%3Fm%3D1&host=ca-host-pub-1556223355139109&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1730729127558&bpp=8&bdt=360&idt=414&shv=r20241030&mjsv=m202410280101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=6653877093179&frm=20&pv=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=250&ady=162&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31088129%2C31088481%2C95344188%2C95335246%2C95345472%2C95345788%2C95345963&oid=2&pvsid=4112015901756469&tmod=302479969&uas=0&nvt=1&fc=1920&brdim=370%2C370%2C370%2C370%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CoevE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&td=1&tdf=2&nt=1&ifi=2&uci=a!2&fsb=1&dtd=424
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.12.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax02s27-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lahbakzm9.cloudzip.online/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
404
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Nov 2024 14:05:28 GMT
expires
Mon, 04 Nov 2024 14:05:28 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/ 		178 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
03f6841694c063652bfae377609e577122ecc3f4a9b8a01cf7671688857c5c3e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://lahbakzm9.cloudzip.online/

Response headers

content-encoding
br
etag
6662172211638502815
x-content-type-options
nosniff
expires
Mon, 04 Nov 2024 14:05:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Mon, 04 Nov 2024 14:05:29 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=1209600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
61053
x-xss-protection
0
server
cafe
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241030/r20190131/ Frame 8EAE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241030/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.12.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax02s27-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lahbakzm9.cloudzip.online/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

age
38382
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4124
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Nov 2024 03:25:46 GMT
etag
7893594074132303741
expires
Mon, 18 Nov 2024 03:25:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241030/r20190131/ Frame 94B8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241030/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.12.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax02s27-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lahbakzm9.cloudzip.online/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

age
38382
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4124
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Nov 2024 03:25:46 GMT
etag
7893594074132303741
expires
Mon, 18 Nov 2024 03:25:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241030/r20190131/ Frame A477 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241030/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.12.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax02s27-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lahbakzm9.cloudzip.online/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

age
38382
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4124
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Nov 2024 03:25:46 GMT
etag
7893594074132303741
expires
Mon, 18 Nov 2024 03:25:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241030/r20190131/ Frame 9432 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20241030/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.12.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax02s27-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lahbakzm9.cloudzip.online/
Sec-Browsing-Topics
();p=P0000000000000000000000000000000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

age
38382
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4124
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Nov 2024 03:25:46 GMT
etag
7893594074132303741
expires
Mon, 18 Nov 2024 03:25:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
ep1.adtrafficquality.google/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20241030&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.76.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s24-in-f2.1e100.net
Software
cafe /
Resource Hash
ef9b8be9d3dedaa80529b06d2d15296dda2b570d3cf24c600ad2f682a3578f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://lahbakzm9.cloudzip.online/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
12842
date
Mon, 04 Nov 2024 14:05:30 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
favicon.ico
lahbakzm9.cloudzip.online/
Redirect Chain
  • https://lahbakzm9.cloudzip.online/favicon.ico
  • https://lahbakzm9.cloudzip.online/favicon.ico?m=1
4 KB
505 B 		Other
General
Check archive.org
Download Go to
Full URL
https://lahbakzm9.cloudzip.online/favicon.ico?m=1
Protocol
H2
Server
142.250.176.19 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lax17s51-in-f19.1e100.net
Software
GSE /
Resource Hash
a1495da3cf3db37bf105a12658636ff628fee7b73975b9200049af7747e60b1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://lahbakzm9.cloudzip.online/?m=1

Response headers

cache-control
private, max-age=86400
content-encoding
gzip
etag
W/"9131c4f76cbe29fa49f6704d7f1bd600606c1c93a05f39744539e1308d5d0582"
x-content-type-options
nosniff
expires
Mon, 04 Nov 2024 14:05:30 GMT
content-length
412
date
Mon, 04 Nov 2024 14:05:30 GMT
x-xss-protection
1; mode=block
content-type
image/x-icon
last-modified
Sun, 03 Nov 2024 12:59:32 GMT
server
GSE

Redirect headers

content-security-policy
frame-ancestors 'self'
cache-control
private, max-age=0
location
https://lahbakzm9.cloudzip.online/favicon.ico?m=1
content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 04 Nov 2024 14:05:30 GMT
content-length
212
date
Mon, 04 Nov 2024 14:05:30 GMT
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
server
GSE
x-frame-options
SAMEORIGIN
sodar2.js
ep2.adtrafficquality.google/sodar/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202410280101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.65 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f1.1e100.net
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://lahbakzm9.cloudzip.online/

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Mon, 04 Nov 2024 14:05:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 04 Nov 2024 14:05:30 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame 139E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.65 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f1.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lahbakzm9.cloudzip.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

accept-ranges
bytes
age
1700
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Nov 2024 13:37:11 GMT
expires
Mon, 04 Nov 2024 14:27:11 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C38A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.66.196 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-h1OsuFzK-aT3wayLk2lWdg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://lahbakzm9.cloudzip.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'nonce-h1OsuFzK-aT3wayLk2lWdg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 04 Nov 2024 14:05:31 GMT
expires
Mon, 04 Nov 2024 14:05:31 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
sodar
ep1.adtrafficquality.google/pagead/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ep1.adtrafficquality.google
URL
https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241030&jk=4112015901756469&bg=!7-yl7KPNAAbaVSD0-lU7ADQBe5WfOBVv3ypzMywWl5SfM46gq27IU6aJwQCe4glxY0RFckNTtDr9085l7J3R_Xw8_XQHAgAAADJSAAAAAmgBB34ANZ0eAXi4T_M_4nMfP1MN-Sf-hyOgn4bKJI0NxUAdYKVyt94u44RC95-CAuCSP7Rp1Hu7BfRTCgBCJVv9ag63MarJOQ5h2G7AeV8Iuebw3GgM7bIi-1EzgUpohVlmKCGiW9f6v5K0zhGWiCpHHwI84KdbRIgShUGzq2TbmQKZgzYg2-ct5JxdaaO_endjQBVL6grMDCpjxf9pHyeVAhfvarfRVJR2TaY2VL2QTLyIfNApvdArPMQMtfwDgyetdnLvlTeQzKZidvBdPTIGpHwEeM9nzk60StdLH7NSj0V7t36WzewI-Im04_4lZ95Yd6h3FHVxT4Z1MAMExh0kxDIb8RHE7_NvdHwO6SS0fAn0AC5-sMujxDw_l80YW5TIM7PD8iurrrhlvl1xIB7kvnI5fVPTnTDbXrrtmKKUy9M-fI3T9faTIUTU18eHlrdfBzZ0tb8VBg04dllkq3dXhHVRQFV2JfEAF_C8oMDKUDCPLOV-MloZZniiDJj64jinSPABCL4kCSQpcBlOXMSYsTp-3BEPWnqJHDxi7J67poAcshen52IdB8318ybM9zhItUatsGCTfoQIUrKwbcDFmB39LtsCYviedxUO3iXTeb5x9I-IJ6VyLfN4ejvRaVSeKKzZ7Y9wFCFNv5PHKxVRVSOVQjAnoPZbS4yLtS8spMyLXyFCTTq7D2RgcBmimHAxVS9U63w4nGy9mpC76Of5Z75DnL1Fe_EtfDxiXEN9hcCqdaIXx5VrfKrzKqs9jcUu5gQTBEsfrd3dY7NfewjZiy2m0uINGtGxjC9wUqIUm-rq9Zys9YdIiquuAVEBMQTW0LGcJpFFbM4gIQzRRKUPP-CFs4R01c3bojA49WAKsVOUA9C1tBlYVgf0vgLl0JUonLmqDxN5WXFv7MWvLEBSsYlTDW-Mxynbj1t3U8g35450lfWp3VR51bT6Fdw90zFMPrO4GpwIvFQ0FNu5wWv-c6qiRoqCvUV08iXDXErRWASEJTKiF7Th7HsQdxSsfkJDr8_-QDoG64aEqfApzpaLUHm_zUng-NN6X2E

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| _0x205f function| _0x53b8 function| prst object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac object| google_persistent_state_async object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| $ function| jQuery string| ArrowIcon string| BlogID object| _0x1ec6 function| _0x33fe string| $my_menu string| $my_icon string| $my_tre function| google_sa_impl object| googPageScrollPreventerInfo number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| googletag object| GoogleGcLKhOms

12 Cookies

Domain/Path Name / Value
.cloudzip.online/ Name: __gads
Value: ID=6c69dac6fe0b7845:T=1730729128:RT=1730729128:S=ALNI_MauWSl0nixB-mGrrWXZN7UXppc7Mg
.cloudzip.online/ Name: __gpi
Value: UID=00000f57d9a5962a:T=1730729128:RT=1730729128:S=ALNI_MacUEx6mkmG_qKc5pNnNYVH5s7UGw
.cloudzip.online/ Name: __eoi
Value: ID=a75513db90cc14c5:T=1730729128:RT=1730729128:S=AA-AfjaPKDUMncZkZS-1Fbar-F37
.doubleclick.net/ Name: IDE
Value: AHWqTUmEJ7AjdbzVrx3U02cV2bVJRagbrG5bJr_IFw3bNkxxGRwmRIJWRvmckM00
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.doubleclick.net/ Name: APC
Value: AfxxVi7sCD3qSLsGrTh9S7jjQ8juqvbBC6jvZFZJuRrB5oW_7t2urA
.casalemedia.com/ Name: CMPS
Value: 5338
.doubleclick.net/ Name: ar_debug
Value: 1
.flashtalking.com/ Name: flashtalkingad1
Value: "GUID=6152AAB9B1CFDF"
.casalemedia.com/ Name: CMID
Value: ZyjUqYsFVpQAAEceAbSmMwAA
.casalemedia.com/ Name: CMPRO
Value: 5338
.turn.com/ Name: uid
Value: 3345531743042435512

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3.bp.blogspot.com
ajax.googleapis.com
blogger.googleusercontent.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
lahbakzm9.cloudzip.online
pagead2.googlesyndication.com
www.google.com
ep1.adtrafficquality.google
142.250.176.19
142.250.176.3
142.250.204.10
142.250.66.196
142.250.71.65
142.250.76.98
142.251.221.65
142.251.221.66
172.217.12.130
172.217.24.33
172.217.24.42
03f6841694c063652bfae377609e577122ecc3f4a9b8a01cf7671688857c5c3e
46d9e2f3b2d68c51d15133cc8bf8ccd76b29e72d2fa5ed8b56b81a1d584f2373
6a217480aa6975d5cca42e735655916610429fe4c60dc7f1a21c75badff47d33
7ac5d4a6a356134e719c9decb781a6dd5544acd45b4355321bdb92becfbeea39
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8ef1a9ac4d5059f1254f11ffe521a20561163560989117f8297f033d7acd6328
a1495da3cf3db37bf105a12658636ff628fee7b73975b9200049af7747e60b1f
a3ba8fb0fc8f5a877553092cd0608bddaec2d13d2235748bf70f705070f70a34
b2a8db0526f0253bee86936628a510dd073b954107c51e60c6484609f152f632
b53e2680f0eadd4062e20e8c5b9ae5c89f8597a470ca35a5a0649b135a0a7986
ef9b8be9d3dedaa80529b06d2d15296dda2b570d3cf24c600ad2f682a3578f8e
f13218da173f20f30fdfaa17a86283786b4f502e82081cbf58b115d899d83fa6
fdc94d53d1796c028c474c2f2fa236f730b1f0869a42108d706c307422329e21
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99