www.zdg.md Open in urlscan Pro
116.202.113.159 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.zdg.md/
Effective URL:
https://www.zdg.md/
Submission: On March 04 via manual (March 4th 2022, 1:31:06 pm UTC) from RO — Scanned from DE

Summary HTTP 153 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 31 IPs in 7 countries across 25 domains to perform 153 HTTP transactions. The main IP is 116.202.113.159, located in Germany and belongs to HETZNER-AS, DE. The main domain is www.zdg.md.
TLS certificate: Issued by R3 on March 4th 2022. Valid for: 3 months.

This is the only time www.zdg.md was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 51	116.202.113.159 116.202.113.159	24940 (HETZNER-AS) (HETZNER-AS)
2	2001:4de0:ac1... 2001:4de0:ac18::1:a:2a	20446 (HIGHWINDS3) (HIGHWINDS3)
17	2a03:90c0:41:... 2a03:90c0:41:2801::254	199524 (GCORE) (GCORE)
1	52.217.163.240 52.217.163.240	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
3	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
20	146.0.227.109 146.0.227.109	29066 (VELIANET-...) (VELIANET-AS velia.net Internetdienste GmbH)
1 4	128.140.224.227 128.140.224.227	5606 (GTS-BACKB...) (GTS-BACKBONE GTS Telecom)
3	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
5	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	146.59.30.96 146.59.30.96	16276 (OVH) (OVH)
1	37.139.1.159 37.139.1.159	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	138.201.197.100 138.201.197.100	24940 (HETZNER-AS) (HETZNER-AS)
2 2	195.209.108.47 195.209.108.47	52007 (ADRIVER-AS) (ADRIVER-AS)
2 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
2	193.200.65.6 193.200.65.6	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
1	72.251.249.9 72.251.249.9	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 2	168.119.9.59 168.119.9.59	24940 (HETZNER-AS) (HETZNER-AS)
1	96.46.186.57 96.46.186.57	7979 (SERVERS-COM) (SERVERS-COM)
1	37.18.16.21 37.18.16.21	205675 (HYBRID-AS) (HYBRID-AS)
1 1	80.64.106.152 80.64.106.152	20764 (RASCOM-AS...) (RASCOM-AS CJSC RASCOM ISP)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
153	31

51 116.202.113.159 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.159.113.202.116.clients.your-server.de

www.zdg.md	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)

cdn.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.163.240 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 146.0.227.109 (Ascension Island)

ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE)

prebid-inv-eu.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 128.140.224.227 (Romania) 1 redirects

ASN5606 (GTS-BACKBONE GTS Telecom, RO)

gamd.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.59.30.96 (France)

ASN16276 (OVH, FR)
PTR: ip96.ip-146-59-30.eu

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.139.1.159 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

api.openweathermap.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.197.100 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.100.197.201.138.clients.your-server.de

openweathermap.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 195.209.108.47 (Russian Federation) 2 redirects

ASN52007 (ADRIVER-AS, RU)

ad.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.65 (Amsterdam, Netherlands) 1 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.200.65.6 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: adforce.team

m.trafmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.249.9 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 168.119.9.59 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.59.9.119.168.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.46.186.57 (United States)

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.18.16.21 (Russian Federation)

ASN205675 (HYBRID-AS, RU)

dm.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.64.106.152 (Redkino, Russian Federation) 1 redirects

ASN20764 (RASCOM-AS CJSC RASCOM ISP, RU)
PTR: s-fr7.rutarget.ru

admixer-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1aebb9d615daf4f4979eff4ba1eab6a7.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	zdg.md 1 redirects www.zdg.md	1 MB
37	admixer.net cdn.admixer.net — Cisco Umbrella Rank: 39073 prebid-inv-eu.admixer.net — Cisco Umbrella Rank: 137816 inv-nets.admixer.net — Cisco Umbrella Rank: 2365	318 KB
12	gstatic.com fonts.gstatic.com www.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn0.gstatic.com	486 KB
11	googlesyndication.com 1aebb9d615daf4f4979eff4ba1eab6a7.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 tpc.googlesyndication.com — Cisco Umbrella Rank: 122	42 KB
7	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 57	41 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 343	111 KB
5	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159	164 KB
5	gemius.pl 1 redirects gamd.hit.gemius.pl — Cisco Umbrella Rank: 100307 ls.hit.gemius.pl — Cisco Umbrella Rank: 11780	15 KB
3	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 828	100 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	2 KB
2	buzzoola.com 1 redirects exchange.buzzoola.com — Cisco Umbrella Rank: 21041	543 B
2	trafmag.com m.trafmag.com — Cisco Umbrella Rank: 89993	702 B
2	creativecdn.com 1 redirects creativecdn.com — Cisco Umbrella Rank: 614	678 B
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 476	2 KB
2	adriver.ru 2 redirects ad.adriver.ru — Cisco Umbrella Rank: 21675	1 KB
2	openweathermap.org api.openweathermap.org — Cisco Umbrella Rank: 11821 openweathermap.org — Cisco Umbrella Rank: 9992	3 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2181	40 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 588	112 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 8832	792 B
1	rutarget.ru 1 redirects admixer-sync.rutarget.ru — Cisco Umbrella Rank: 81908	288 B
1	hybrid.ai dm.hybrid.ai — Cisco Umbrella Rank: 21464	238 B
1	betweendigital.com ads.betweendigital.com — Cisco Umbrella Rank: 1509	159 B
1	lijit.com ce.lijit.com — Cisco Umbrella Rank: 734	348 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 194	7 KB
1	amazonaws.com s3.amazonaws.com	140 KB
153	25

	Domain	Requested by
51	www.zdg.md	1 redirects www.zdg.md
17	cdn.admixer.net	www.zdg.md cdn.admixer.net prebid-inv-eu.admixer.net
11	inv-nets.admixer.net	cdn.admixer.net www.zdg.md
9	prebid-inv-eu.admixer.net	code.jquery.com cdn.admixer.net
7	fonts.gstatic.com	fonts.googleapis.com
6	www.google.com	www.zdg.md www.gstatic.com www.google.com tpc.googlesyndication.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.zdg.md
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
5	securepubads.g.doubleclick.net	cdn.admixer.net securepubads.g.doubleclick.net www.zdg.md
4	gamd.hit.gemius.pl	1 redirects www.zdg.md gamd.hit.gemius.pl
3	www.gstatic.com	www.google.com
3	use.fontawesome.com	www.zdg.md use.fontawesome.com
3	fonts.googleapis.com	www.zdg.md securepubads.g.doubleclick.net
2	exchange.buzzoola.com	1 redirects www.zdg.md
2	m.trafmag.com	www.zdg.md
2	creativecdn.com	1 redirects www.zdg.md
2	ssum-sec.casalemedia.com	2 redirects
2	ad.adriver.ru	2 redirects
2	stackpath.bootstrapcdn.com	www.zdg.md
2	code.jquery.com	www.zdg.md
1	encrypted-tbn0.gstatic.com	www.zdg.md
1	encrypted-tbn3.gstatic.com	www.zdg.md
1	1aebb9d615daf4f4979eff4ba1eab6a7.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	admixer-sync.rutarget.ru	1 redirects
1	dm.hybrid.ai	www.zdg.md
1	ads.betweendigital.com	www.zdg.md
1	ce.lijit.com	www.zdg.md
1	openweathermap.org	www.zdg.md
1	api.openweathermap.org	www.zdg.md
1	ls.hit.gemius.pl	gamd.hit.gemius.pl
1	cdnjs.cloudflare.com	www.zdg.md
1	s3.amazonaws.com	www.zdg.md
153	35

This site contains links to these domains. Also see Links.

Domain
abonare.md
www.patreon.com
www.justitietransparenta.md
www.facebook.com
twitter.com
www.youtube.com
goo.gl
consiliuldepresa.md
saglikagi.net
dinamobet.club
bahsegel.club
cratosbet.club
casinovale.club
superbetin.live
benjabetgiris.com
kolaybet.club
betgaranti.org
jojobet.pro

Subject Issuer	Validity	Valid
www.zdg.md R3	`2022-03-04` - `2022-06-02`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.admixer.net Sectigo RSA Domain Validation Secure Server CA	`2021-06-08` - `2022-06-21`	a year	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-06-23` - `2022-07-24`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2021-09-08` - `2022-09-25`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.openweathermap.org Sectigo RSA Domain Validation Secure Server CA	`2020-03-17` - `2022-06-19`	2 years	crt.sh
*.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.trafmag.com Sectigo RSA Domain Validation Secure Server CA	`2021-06-10` - `2022-06-22`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
*.ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2021-12-15` - `2023-01-15`	a year	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2020-07-07` - `2022-10-05`	2 years	crt.sh
*.google.de GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://www.zdg.md/
Frame ID: BCF9D52516FC71F7309BA4AD637FF839
Requests: 121 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/44184/c.html?b=44184
Frame ID: 82F5F82B5996DD148E666BCE80202290
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/44184/c.html?b=44184
Frame ID: E5882903F72F21537F5F6521784F7188
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/44184/c.html?b=44184
Frame ID: F277454712BB10FA5C79E5B033996110
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/44184/c.html?b=44184
Frame ID: AFBBB6C7A195F766B7A7DE5A5F7C0050
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/44184/c.html?b=44184
Frame ID: 6520E0E196D01A780A8509EEF3DE6FC6
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/44184/c.html?b=44184
Frame ID: 0EC401D4AB9CAFEB4666CCFCACFF5151
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/44184/c.html?b=44184
Frame ID: EB712D2B815760E7F43A273854102394
Requests: 1 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 511E5C7CBB3793A9F982CAD3F43975C9
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LezBtsUAAAAANM4ECUmzxXVKnvEIYY5ZqaBwkk6&co=aHR0cHM6Ly93d3cuemRnLm1kOjQ0Mw..&hl=de&v=_exWVY_hlNJJl2Abm8pI9i1L&size=invisible&cb=em6bpxv1ob51
Frame ID: 38C2C18F613619EA6043078F53DBD53F
Requests: 5 HTTP requests in this frame

Frame: https://1aebb9d615daf4f4979eff4ba1eab6a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9FC9411643856E98CF4A0817293226CF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2BB8432DED82808355FA2785EB7DC4C9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 15FD9DA35889BA780145DBC19E4867C1
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/032202142035000/amp4ads-v0.mjs
Frame ID: 0B13E6C70301BEC852023E50D96EED69
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ziarul de Gardă – Singurul ziar de investigații din Republica Moldova.

Page URL History Show full URLs

http://www.zdg.md/ HTTP 301
https://www.zdg.md/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Gemius (Analytics) Expand

Overall confidence: 100%
Detected patterns

hit\.gemius\.pl/xgemius\.js
hit\.gemius\.pl
xgemius\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

MailChimp (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

s3\.amazonaws\.com/downloads\.mailchimp\.com/js/mc-validate\.js

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/popper\.js/([0-9.]+)

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

153
Requests

96 %
HTTPS

48 %
IPv6

25
Domains

35
Subdomains

31
IPs

7
Countries

2711 kB
Transfer

7441 kB
Size

20
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://abonare.md/1
Title: Abonează-te

Search URL Search Domain Scan URL

URL: https://www.patreon.com/zdg
Title: ZdG pe Patreon

Search URL Search Domain Scan URL

URL: https://www.justitietransparenta.md/ong-uri-care-ofera-asistenta-juridica-gratuita/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/zdg.md

Search URL Search Domain Scan URL

URL: https://twitter.com/ziarul_de_garda

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCkCsCF9VgO-yXDc4rvRDydA

Search URL Search Domain Scan URL

URL: https://goo.gl/maps/LWYHFnvCyjeidrqn7

Search URL Search Domain Scan URL

URL: https://consiliuldepresa.md/ro/page/lista-semnatarilor
Title: <img style="height:80px;" src="https://www.zdg.md/app_new/uploads/2020/06/LOGO-campanie-RO.png">

Search URL Search Domain Scan URL

URL: https://saglikagi.net/memur-maasi-hesaplama/
Title: Memur Maaşı Hesaplama

Search URL Search Domain Scan URL

URL: https://dinamobet.club/
Title: dinamobet.club

Search URL Search Domain Scan URL

URL: https://bahsegel.club/
Title: bahsegel.club

Search URL Search Domain Scan URL

URL: https://cratosbet.club/
Title: cratosbet.club

Search URL Search Domain Scan URL

URL: https://casinovale.club/
Title: casinovale.club

Search URL Search Domain Scan URL

URL: http://superbetin.live/
Title: süperbetin

Search URL Search Domain Scan URL

URL: https://benjabetgiris.com/
Title: benjabet

Search URL Search Domain Scan URL

URL: https://kolaybet.club/
Title: kolaybet

Search URL Search Domain Scan URL

URL: https://betgaranti.org/
Title: betgaranti

Search URL Search Domain Scan URL

URL: https://jojobet.pro/
Title: jojobet.pro

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.zdg.md/ HTTP 301
https://www.zdg.md/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 101

https://gamd.hit.gemius.pl/_1646400660849/rexdot.js?l=100&id=pzMwOvbL5vz9YC1NCyPEtreO7zekqAOkFaG5TjMi2S7.L7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.zdg.md%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=259&lsdata=a_BmwTFGk5.zUW7hY409OQtuwVW66n8R4gnlm7FcpEH.f7cU3UDrH5LhlgsZSHro2jO5nFRCnWazVNxHqKKjhLVMLO5a/srXTgl1bV4YKh/&fpdata=S3sRhZY.Fv0UZ3VDQi3DOsL3_4jsANfW0cJd2L9hNxP.K7&vis=1&fpcap= HTTP 301
https://gamd.hit.gemius.pl/__/_1646400660849/rexdot.js?l=100&id=pzMwOvbL5vz9YC1NCyPEtreO7zekqAOkFaG5TjMi2S7.L7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.zdg.md%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=259&lsdata=a_BmwTFGk5.zUW7hY409OQtuwVW66n8R4gnlm7FcpEH.f7cU3UDrH5LhlgsZSHro2jO5nFRCnWazVNxHqKKjhLVMLO5a/srXTgl1bV4YKh/&fpdata=S3sRhZY.Fv0UZ3VDQi3DOsL3_4jsANfW0cJd2L9hNxP.K7&vis=1&fpcap=

Request Chain 108

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6845806 HTTP 302
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6845806&tuid=-5914717368 HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=AA391812-3D60-4352-AC90-6449D7D09A7A&id=AHQth9fVRlit5f4JKPWUz1g

Request Chain 109

https://ssum-sec.casalemedia.com/usermatchredir?s=197200&cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D&s=197200&C=1 HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=FCC51D18-EB58-4B22-B884-02E238CDD6F2&id=YiIUlJjHw4v87yQVlKxE_gAABGIAAAIB

Request Chain 110

https://creativecdn.com/cm-notify?pi=admixer HTTP 302
https://creativecdn.com/cm-notify?pi=admixer&tc=1

Request Chain 114

https://exchange.buzzoola.com/cookiesync/ssp/admixer?uid=921fb8eaaf0345c1b1c55b49728e9414 HTTP 307
https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=921fb8eaaf0345c1b1c55b49728e9414

Request Chain 117

https://admixer-sync.rutarget.ru/sync HTTP 302
https://inv-nets.admixer.net/adxcm.aspx?ssp=76391747-8C01-44B5-BA9C-B7DA670E100C&id=4eRVx8prQwF8

153 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.zdg.md/
Redirect Chain

http://www.zdg.md/
https://www.zdg.md/

322 KB
48 KB

65ms
40ms

Document
text/html

116.202.113.159
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zdg.md/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.113.159 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.159.113.202.116.clients.your-server.de
Software: nginx /
Resource Hash: a277233744ae6bbe3030bed76714e6c7ef3f8a39a186599b083e4e9e3d2df7fe

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx
Date: Fri, 04 Mar 2022 13:30:59 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Fri, 04 Mar 2022 13:26:02 GMT
Content-Encoding: gzip

Redirect headers

Server: nginx
Date: Fri, 04 Mar 2022 13:30:59 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: https://www.zdg.md/

GET
H/1.1 200
OK device.js Show response
www.zdg.md/ 7 KB
2 KB 16ms
16ms Script
application/javascript 116.202.113.159
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zdg.md/device.js
Requested by: Host: www.zdg.md
URL: https://www.zdg.md/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.113.159 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.159.113.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 8b4fd7bcadd8d9e95b7aebae2f7b233dab0453cc931ba13add8a313dc3c61033

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 13:30:59 GMT
Content-Encoding: gzip
Last-Modified: Mon, 09 Aug 2021 13:12:58 GMT
Server: nginx
ETag: W/"611129da-1cc4"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 03 Apr 2022 13:30:59 GMT

GET
H2 200 jquery-3.5.0.js Show response
code.jquery.com/ 281 KB
83 KB 211ms
43ms Script
application/javascript 2001:4de0:ac18::1:a:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.5.0.js
Requested by: Host: www.zdg.md
URL: https://www.zdg.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: aff01a147aeccc9b70a5efad1f2362fd709f3316296ec460d94aa7d31decdb37

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 13:31:00 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-463a1"
vary: Accept-Encoding
x-hw: 1646400660.dop133.am5.t,1646400660.cds221.am5.hn,1646400660.cds130.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 84374

GET
H2 200 loader2.js Show response
cdn.admixer.net/scripts3/ 176 KB
55 KB 182ms
12ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/loader2.js
Requested by: Host: www.zdg.md
URL: https://www.zdg.md/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: e1a9f29f42c8aded9c06916867c167eeefff784bb887ea25d10959df0bbf25ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc31
date: Fri, 04 Mar 2022 13:31:00 GMT
content-encoding: gzip
last-modified: Sat, 26 Feb 2022 17:57:43 GMT
server: nginx
etag: W/"621a6a17-2c0e6"
x-cached-since: 2022-03-04T13:26:23+00:00
content-type: application/javascript
cache-control: max-age=600
cache: HIT
expires: Sat, 26 Feb 2022 18:08:55 GMT

GET
H/1.1 200
OK 373de1954f61abf2330eed2347723dd7.css
www.zdg.md/wp-content/cache/min/1/ 2 MB
221 KB 34ms
17ms Stylesheet
text/css 116.202.113.159
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zdg.md/wp-content/cache/min/1/373de1954f61abf2330eed2347723dd7.css
Requested by: Host: www.zdg.md
URL: https://www.zdg.md/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.113.159 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.159.113.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 1e008db88ca7a02a21aa9ce35c4d723f35b94e18ece18e50373e1e0ea3da1b71

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 13:30:59 GMT
Content-Encoding: gzip
Last-Modified: Tue, 01 Mar 2022 10:08:47 GMT
Server: nginx
ETag: W/"621df0af-1eddab"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 03 Apr 2022 13:30:59 GMT

GET
H/1.1 200
OK ajax-loader.gif
www.zdg.md/wp-content/themes/zdg/css/ 4 KB
4 KB 40ms
13ms Stylesheet
image/gif 116.202.113.159
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zdg.md/wp-content/themes/zdg/css/ajax-loader.gif?ver=5.9.1
Requested by: Host: www.zdg.md
URL: https://www.zdg.md/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.113.159 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.159.113.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 540bdfbad15f1c5dacc2919933bd00c6ecfa718109695a41d029609a9a955b30

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 13:30:59 GMT
Last-Modified: Sat, 14 Mar 2020 00:35:49 GMT
Server: nginx
ETag: "5e6c26e5-1052"
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4178
Expires: Sun, 03 Apr 2022 13:30:59 GMT

GET
H2 200 jquery-3.3.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 241ms
76ms Script
application/javascript 2001:4de0:ac18::1:a:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.min.js?ver=1.2.8
Requested by: Host: www.zdg.md
URL: https://www.zdg.md/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 13:31:00 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-1538f"
vary: Accept-Encoding
x-hw: 1646400660.dop133.am5.t,1646400660.cds221.am5.hn,1646400660.cds006.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30288

GET
H/1.1 200
OK jquery.waypoints.min.js Show response
www.zdg.md/wp-content/plugins/addons-for-visual-composer/assets/js/ 9 KB
3 KB 41ms
14ms Script
application/javascript 116.202.113.159
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zdg.md/wp-content/plugins/addons-for-visual-composer/assets/js/jquery.waypoints.min.js?ver=2.9.1
Requested by: Host: www.zdg.md
URL: https://www.zdg.md/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.113.159 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.159.113.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 5f4c8e76510fcde1fcc1c76ed8894b0afbb06718c75591dbb11d3b733252b5b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 13:30:59 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Feb 2022 10:13:59 GMT
Server: nginx
ETag: W/"62175a67-2354"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 03 Apr 2022 13:30:59 GMT

GET
H/1.1 200
OK lvca-frontend.min.js Show response
www.zdg.md/wp-content/plugins/addons-for-visual-composer/assets/js/ 3 KB
1 KB 27ms
13ms Script
application/javascript 116.202.113.159
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zdg.md/wp-content/plugins/addons-for-visual-composer/assets/js/lvca-frontend.min.js?ver=2.9.1
Requested by: Host: www.zdg.md
URL: https://www.zdg.md/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.113.159 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.159.113.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 4c616779f9814a86558b97b5187b420323a35d1443435c8fe4d64b6bf4a33f26

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 13:30:59 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Feb 2022 10:13:59 GMT
Server: nginx
ETag: W/"62175a67-b48"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 03 Apr 2022 13:30:59 GMT

GET
H/1.1 200
OK posts-carousel.min.js Show response
www.zdg.md/wp-content/plugins/addons-for-visual-composer/includes/addons/posts-carousel/js/ 986 B
745 B 19ms
16ms Script
application/javascript 116.202.113.159
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zdg.md/wp-content/plugins/addons-for-visual-composer/includes/addons/posts-carousel/js/posts-carousel.min.js?ver=2.9.1
Requested by: Host: www.zdg.md
URL: https://www.zdg.md/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.113.159 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.159.113.202.116.clients.your-server.de
Software: nginx /
Resource Hash: fefa3b7ddf55edaebebf8b665c8ec1231dbba25e91c1b9a6f685e1a6e76323c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 13:30:59 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Feb 2022 10:13:59 GMT
Server: nginx
ETag: W/"62175a67-3da"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 03 Apr 2022 13:30:59 GMT

GET
H/1.1 200
OK slick.min.js Show response
www.zdg.md/wp-content/plugins/addons-for-visual-composer/assets/js/ 47 KB
10 KB 20ms
18ms Script
application/javascript 116.202.113.159
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zdg.md/wp-content/plugins/addons-for-visual-composer/assets/js/slick.min.js?ver=2.9.1
Requested by: Host: www.zdg.md
URL: https://www.zdg.md/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.113.159 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.159.113.202.116.clients.your-server.de
Software: nginx /
Resource Hash: c009ee7b0ff395016980733d1c7f8277b4425fe5b1cad0d780379e3c0023abea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 13:30:59 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Feb 2022 10:13:59 GMT
Server: nginx
ETag: W/"62175a67-bd6f"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 03 Apr 2022 13:30:59 GMT

GET
H/1.1 200
OK services.min.js Show response
www.zdg.md/wp-content/plugins/addons-for-visual-composer/includes/addons/services/js/ 728 B
666 B 18ms
16ms Script
application/javascript 116.202.113.159
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zdg.md/wp-content/plugins/addons-for-visual-composer/includes/addons/services/js/services.min.js?ver=2.9.1
Requested by: Host: www.zdg.md
URL: https://www.zdg.md/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.113.159 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.159.113.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 7d28203037ba98815f408afb19842b365f6b5581d62405f6423f34ecf6328d6b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 13:30:59 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Feb 2022 10:13:59 GMT
Server: nginx
ETag: W/"62175a67-2d8"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 03 Apr 2022 13:30:59 GMT

GET
H/1.1 200
OK tabs.min.js Show response
www.zdg.md/wp-content/plugins/addons-for-visual-composer/includes/addons/tabs/js/ 1 KB
918 B 18ms
17ms Script
application/javascript 116.202.113.159
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zdg.md/wp-content/plugins/addons-for-visual-composer/includes/addons/tabs/js/tabs.min.js?ver=2.9.1
Requested by: Host: www.zdg.md
URL: https://www.zdg.md/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.113.159 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.159.113.202.116.clients.your-server.de
Software: nginx /
Resource Hash: e11a5ac72bea720c89def194185cc6dd5a671c11bf786e4942b581118b29cdc2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 13:30:59 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Feb 2022 10:13:59 GMT
Server: nginx
ETag: W/"62175a67-5cc"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 03 Apr 2022 13:30:59 GMT

GET
H/1.1 200
OK jquery.flexslider.min.js Show response
www.zdg.md/wp-content/plugins/addons-for-visual-composer/assets/js/ 30 KB
7 KB 13ms
12ms Script
application/javascript 116.202.113.159
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zdg.md/wp-content/plugins/addons-for-visual-composer/assets/js/jquery.flexslider.min.js?ver=2.9.1
Requested by: Host: www.zdg.md
URL: https://www.zdg.md/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.113.159 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.159.113.202.116.clients.your-server.de
Software: nginx /
Resource Hash: a5005b6d981acbae1e0f3637d76927718785fcf90989c45b9e329b6568b880be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 13:30:59 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Feb 2022 10:13:59 GMT
Server: nginx
ETag: W/"62175a67-786f"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 03 Apr 2022 13:30:59 GMT

GET
H/1.1 200
OK testimonials.min.js Show response
www.zdg.md/wp-content/plugins/addons-for-visual-composer/includes/addons/testimonials-slider/js/ 1 KB
812 B 11ms
11ms Script
application/javascript 116.202.113.159
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zdg.md/wp-content/plugins/addons-for-visual-composer/includes/addons/testimonials-slider/js/testimonials.min.js?ver=2.9.1
Requested by: Host: www.zdg.md
URL: https://www.zdg.md/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.113.159 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.159.113.202.116.clients.your-server.de
Software: nginx /
Resource Hash: c7f60558c3dabc921766aad1a2a676c9ae7e1fbb6cc7cdf73e6fe6ec322aa250

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 13:30:59 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Feb 2022 10:13:59 GMT
Server: nginx
ETag: W/"62175a67-41b"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 03 Apr 2022 13:30:59 GMT

GET
H/1.1 200
OK isotope.pkgd.min.js Show response
www.zdg.md/wp-content/plugins/addons-for-visual-composer/assets/js/ 48 KB
12 KB 14ms
14ms Script
application/javascript 116.202.113.159
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zdg.md/wp-content/plugins/addons-for-visual-composer/assets/js/isotope.pkgd.min.js?ver=2.9.1
Requested by: Host: www.zdg.md
URL: https://www.zdg.md/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.113.159 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.159.113.202.116.clients.your-server.de
Software: nginx /
Resource Hash: ac1f323852a36632f8dfe30353a701c696c19790d925f66a030a9ddd275eb7c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 13:30:59 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Feb 2022 10:13:59 GMT
Server: nginx
ETag: W/"62175a67-bed4"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 03 Apr 2022 13:30:59 GMT

GET
H/1.1 200
OK imagesloaded.pkgd.min.js Show response
www.zdg.md/wp-content/plugins/addons-for-visual-composer/assets/js/ 7 KB
2 KB 14ms
13ms Script
application/javascript 116.202.113.159
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zdg.md/wp-content/plugins/addons-for-visual-composer/assets/js/imagesloaded.pkgd.min.js?ver=2.9.1
Requested by: Host: www.zdg.md
URL: https://www.zdg.md/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.113.159 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.159.113.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 27fc765db7aa744154046374d0de6f76f19cba5203ef8f29ddfd8ca3d5d2b4aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 13:30:59 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Feb 2022 10:13:59 GMT
Server: nginx
ETag: W/"62175a67-1cb2"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 03 Apr 2022 13:30:59 GMT

GET
H/1.1 200
OK portfolio.min.js Show response
www.zdg.md/wp-content/plugins/addons-for-visual-composer/includes/addons/portfolio/js/ 2 KB
1 KB 12ms
12ms Script
application/javascript 116.202.113.159
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zdg.md/wp-content/plugins/addons-for-visual-composer/includes/addons/portfolio/js/portfolio.min.js?ver=2.9.1
Requested by: Host: www.zdg.md
URL: https://www.zdg.md/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.113.159 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.159.113.202.116.clients.your-server.de
Software: nginx /
Resource Hash: c919fdf1d93278991898c7128dfcbb3cdb60b3b21be2be64a8184876a54dccf1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 13:30:59 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Feb 2022 10:13:59 GMT
Server: nginx
ETag: W/"62175a67-884"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 03 Apr 2022 13:30:59 GMT

GET
H/1.1 200
OK fontello.woff2
www.zdg.md/wp-content/themes/zdg/assets/fonts/fontello/font/ 2 KB
2 KB 40ms
14ms Font
application/octet-stream 116.202.113.159
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zdg.md/wp-content/themes/zdg/assets/fonts/fontello/font/fontello.woff2?75455710
Requested by: Host: www.zdg.md
URL: https://www.zdg.md/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.113.159 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.159.113.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 89ffc605b82c511527e56eb53b7d8100b2fc952bcac64b5360cdcd323fcc2a3b

Request headers

Referer: https://www.zdg.md/
Origin: https://www.zdg.md
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 13:30:59 GMT
Last-Modified: Sat, 14 Mar 2020 00:35:24 GMT
Server: nginx
ETag: "5e6c26cc-8c0"
Content-Type: application/octet-stream
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2240

GET
H/1.1 200
OK mc-validate.js Show response
s3.amazonaws.com/downloads.mailchimp.com/js/ 140 KB
140 KB 425ms
115ms Script
application/javascript 52.217.163.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/downloads.mailchimp.com/js/mc-validate.js
Requested by: Host: www.zdg.md
URL: https://www.zdg.md/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.163.240 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b15aceb04dbf5604df5617cfe984f48479cb131c1df02825d1c24e9f35d01857

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 13:31:01 GMT
Last-Modified: Mon, 20 Aug 2018 17:42:38 GMT
Server: AmazonS3
x-amz-request-id: SN27QYP4YQFJ555J
ETag: "6465dd4a8331265e6629cd069e03504c"
Content-Type: application/javascript
Cache-Control: public,max-age=2592000
Accept-Ranges: bytes
Content-Length: 143249
x-amz-id-2: hm1PAzQuhyqadE2iiXM7hBsAcZ5ETAzVpowCZoFE+7I+rSt9yJhOyKpNgTqA0QEWdSmx9qbYDTI=

GET
H/1.1 200
OK coblocks-animation.js Show response
www.zdg.md/wp-content/plugins/coblocks/dist/js/ 412 B
621 B 12ms
11ms Script
application/javascript 116.202.113.159
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zdg.md/wp-content/plugins/coblocks/dist/js/coblocks-animation.js?ver=2.22.1
Requested by: Host: www.zdg.md
URL: https://www.zdg.md/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.113.159 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.159.113.202.116.clients.your-server.de
Software: nginx /
Resource Hash: a2c1967d4bc375b190863aabb8bb22a2da4ec5461f8dfd8add4987e3687a26ed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 13:30:59 GMT
Content-Encoding: gzip
Last-Modified: Sat, 26 Feb 2022 09:29:48 GMT
Server: nginx
ETag: W/"6219f30c-19c"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 03 Apr 2022 13:30:59 GMT

GET
H/1.1 200
OK regenerator-runtime.min.js Show response
www.zdg.md/wp-includes/js/dist/vendor/ 6 KB
3 KB 13ms
12ms Script
application/javascript 116.202.113.159
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zdg.md/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
Requested by: Host: www.zdg.md
URL: https://www.zdg.md/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.113.159 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.159.113.202.116.clients.your-server.de
Software: nginx /
Resource Hash: a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 13:30:59 GMT
Content-Encoding: gzip
Last-Modified: Sun, 27 Feb 2022 11:57:50 GMT
Server: nginx
ETag: W/"621b673e-195e"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 03 Apr 2022 13:30:59 GMT

GET
H/1.1 200
OK wp-polyfill.min.js Show response
www.zdg.md/wp-includes/js/dist/vendor/ 19 KB
7 KB 41ms
14ms Script
application/javascript 116.202.113.159
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zdg.md/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by: Host: www.zdg.md
URL: https://www.zdg.md/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.113.159 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.159.113.202.116.clients.your-server.de
Software: nginx /
Resource Hash: e20ddb9ed1fa044cb624f0253bb06b13c92ed9915063bd63a5806440c6b1ce7c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 13:30:59 GMT
Content-Encoding: gzip
Last-Modified: Sun, 27 Feb 2022 11:57:50 GMT
Server: nginx
ETag: W/"621b673e-4b3d"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 03 Apr 2022 13:30:59 GMT

GET
H/1.1 200
OK index.js Show response
www.zdg.md/wp-content/plugins/contact-form-7/includes/js/ 9 KB
4 KB 13ms
13ms Script
application/javascript 116.202.113.159
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zdg.md/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6
Requested by: Host: www.zdg.md
URL: https://www.zdg.md/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.113.159 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.159.113.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 13:30:59 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Feb 2022 12:06:00 GMT
Server: nginx
ETag: W/"62162328-25f8"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 03 Apr 2022 13:30:59 GMT

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/ 21 KB
7 KB 187ms
23ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js?ver=1.2.8

Requested by

Host: www.zdg.md
URL: https://www.zdg.md/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 13:31:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1316697
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6646
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-520c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eRDHCL8%2F0SPf%2Fo4jqewDIFH4GLnNpTUVAvxtn5Tl%2FIdXj6HoYjD1Cr6F9o28vN4EXtGFxi8pNffzUqJrrTJTwCoY9Qkt9Ry4Ndm0iMfYerPEGe9%2FZFnQ8fYEUlvTeAV2eW3IiMB%2Fc2crkkBtxT2KtS4x"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6e6af83d2aa4692d-FRA
expires: Wed, 22 Feb 2023 13:31:00 GMT

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/ 57 KB
16 KB 192ms
25ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js?ver=1.2.8

Requested by

Host: www.zdg.md
URL: https://www.zdg.md/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 13:31:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 617, 617
age: 3303257
cdn-cachedat: 2021-06-08 14:30:03
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 254c2e68648a40e269a9b98583cfa14e
cf-ray: 6e6af83d38359b82-FRA
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H/1.1 200
OK jquery.fancybox.js Show response
www.zdg.md/wp-content/themes/zdg/assets/scripts/ 157 KB
39 KB 19ms
19ms Script
application/javascript 116.202.113.159
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zdg.md/wp-content/themes/zdg/assets/scripts/jquery.fancybox.js?ver=1.2.8
Requested by: Host: www.zdg.md
URL: https://www.zdg.md/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.113.159 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.159.113.202.116.clients.your-server.de
Software: nginx /
Resource Hash: c836ab144528f3b6748bb49a0ba6fbd3118028282185660067fde9fbcf68e251

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 13:30:59 GMT
Content-Encoding: gzip
Last-Modified: Sat, 14 Mar 2020 00:35:56 GMT
Server: nginx
ETag: W/"5e6c26ec-2739b"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 03 Apr 2022 13:30:59 GMT

GET
H/1.1 200
OK jquery.scrollbar.js Show response
www.zdg.md/wp-content/themes/zdg/assets/scripts/ 31 KB
7 KB 20ms
20ms Script
application/javascript 116.202.113.159
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zdg.md/wp-content/themes/zdg/assets/scripts/jquery.scrollbar.js?ver=1.2.8
Requested by: Host: www.zdg.md
URL: https://www.zdg.md/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.113.159 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.159.113.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 7f1551f90ab3ca65e29db51c05ec8bcb16750deb40ace91e62573dadb9eac7eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 13:30:59 GMT
Content-Encoding: gzip
Last-Modified: Sat, 14 Mar 2020 00:35:56 GMT
Server: nginx
ETag: W/"5e6c26ec-7dab"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 03 Apr 2022 13:30:59 GMT

GET
H/1.1 200
OK slick.min.js Show response
www.zdg.md/wp-content/themes/zdg/assets/scripts/ 43 KB
11 KB 19ms
19ms Script
application/javascript 116.202.113.159
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zdg.md/wp-content/themes/zdg/assets/scripts/slick.min.js?ver=1.2.8
Requested by: Host: www.zdg.md
URL: https://www.zdg.md/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.113.159 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.159.113.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 357452f2a55c999ddd3afdcbce2c339d41cf7a01613d9d45ff88a753bb82f21d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 13:30:59 GMT
Content-Encoding: gzip
Last-Modified: Sat, 14 Mar 2020 00:35:55 GMT
Server: nginx
ETag: W/"5e6c26eb-ab69"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 03 Apr 2022 13:30:59 GMT

GET
H/1.1 200
OK tabs.js Show response
www.zdg.md/wp-content/themes/zdg/assets/scripts/ 1 KB
705 B 18ms
18ms Script
application/javascript 116.202.113.159
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zdg.md/wp-content/themes/zdg/assets/scripts/tabs.js?ver=1.2.8
Requested by: Host: www.zdg.md
URL: https://www.zdg.md/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.113.159 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.159.113.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 031774994d7b9ec734f4f2d1023dde8bbafe39c4905f718f13920364d6cfbdea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 13:30:59 GMT
Content-Encoding: gzip
Last-Modified: Sat, 14 Mar 2020 00:35:55 GMT
Server: nginx
ETag: W/"5e6c26eb-424"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 03 Apr 2022 13:30:59 GMT

GET
H/1.1 200
OK mainss.js Show response
www.zdg.md/wp-content/themes/zdg/assets/scripts/ 32 KB
10 KB 12ms
12ms Script
application/javascript 116.202.113.159
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zdg.md/wp-content/themes/zdg/assets/scripts/mainss.js?ver=1.2.8
Requested by: Host: www.zdg.md
URL: https://www.zdg.md/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.113.159 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.159.113.202.116.clients.your-server.de
Software: nginx /
Resource Hash: e7de376cfc3d34771f7f9ed2ac61d82e30d82c9913232ff3a1ba8f572261dbe0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 13:30:59 GMT
Content-Encoding: gzip
Last-Modified: Fri, 13 Nov 2020 17:32:54 GMT
Server: nginx
ETag: W/"5faec346-7fea"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 03 Apr 2022 13:30:59 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
999 B 224ms
53ms Script
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LezBtsUAAAAANM4ECUmzxXVKnvEIYY5ZqaBwkk6&ver=3.0

Requested by

Host: www.zdg.md
URL: https://www.zdg.md/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e4247db0e8b3cd0b10fc9f1c76b5d364b45dfa7b426b29afb9b28c1475a73c17

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 13:31:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 586
x-xss-protection: 1; mode=block
expires: Fri, 04 Mar 2022 13:31:00 GMT

GET
H/1.1 200
OK index.js Show response
www.zdg.md/wp-content/plugins/contact-form-7/modules/recaptcha/ 999 B
884 B 12ms
12ms Script
application/javascript 116.202.113.159
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zdg.md/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.5.6
Requested by: Host: www.zdg.md
URL: https://www.zdg.md/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.113.159 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.159.113.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 2648a1333fa24d383fd73a6beaac17156ae78f4267ff7407ad60e05a788df44c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 13:30:59 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Feb 2022 12:06:00 GMT
Server: nginx
ETag: W/"62162328-3e7"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 03 Apr 2022 13:30:59 GMT

GET
H/1.1 200
OK public.bundle.base-2.4.1.min.js Show response
www.zdg.md/wp-content/plugins/ultimate-ads-manager/public/js/ 234 KB
70 KB 15ms
15ms Script
application/javascript 116.202.113.159
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zdg.md/wp-content/plugins/ultimate-ads-manager/public/js/public.bundle.base-2.4.1.min.js?ver=1
Requested by: Host: www.zdg.md
URL: https://www.zdg.md/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.113.159 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.159.113.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 74ebf9cf691be6ed558e79c9200883d1786868ff13116eacc95f0b8a60853b73

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 13:30:59 GMT
Content-Encoding: gzip
Last-Modified: Sat, 14 Mar 2020 01:14:35 GMT
Server: nginx
ETag: W/"5e6c2ffb-3a66b"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 03 Apr 2022 13:30:59 GMT

GET
H/1.1 200
OK lazyload.min.js Show response
www.zdg.md/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/ 8 KB
3 KB 13ms
13ms Script
application/javascript 116.202.113.159
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zdg.md/wp-content/plugins/wp-rocket/assets/js/lazyload/16.1/lazyload.min.js
Requested by: Host: www.zdg.md
URL: https://www.zdg.md/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.113.159 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.159.113.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 13:30:59 GMT
Content-Encoding: gzip
Last-Modified: Sun, 14 Mar 2021 20:32:24 GMT
Server: nginx
ETag: W/"604e72d8-1ed2"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 03 Apr 2022 13:30:59 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 147ms
49ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700&display=swap

Requested by

Host: www.zdg.md
URL: https://www.zdg.md/wp-content/cache/min/1/373de1954f61abf2330eed2347723dd7.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e55d07bfd9aa8919c00ba173b1cf6fbc0fc35851b107001f3f3f6ed6418c9a90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 11:35:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 04 Mar 2022 13:31:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 04 Mar 2022 13:31:00 GMT

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/ 152 KB
24 KB 128ms
30ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css

Requested by

Host: www.zdg.md
URL: https://www.zdg.md/wp-content/cache/min/1/373de1954f61abf2330eed2347723dd7.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 13:31:00 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 756
age: 335635
cdn-cachedat: 12/27/2021 07:28:05
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.02
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 5a4f218ff2cc791bfca3e2943b0791a7
cf-ray: 6e6af83d38319b82-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 all.css
use.fontawesome.com/releases/v5.9.0/css/ 55 KB
13 KB 122ms
24ms Stylesheet
text/css 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.9.0/css/all.css
Requested by: Host: www.zdg.md
URL: https://www.zdg.md/wp-content/cache/min/1/373de1954f61abf2330eed2347723dd7.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 13:31:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 335825
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: 6Y8PV89KC9XPDZ8T
x-amz-id-2: CFX12FCvmZfEL+oB8PSM7BkmXntBiIF/Cy4Nwcxa2rCvbH0f99j2xL2eaLpYcI1CUjOY8b8jPi8=
last-modified: Wed, 30 Jun 2021 15:48:06 GMT
server: cloudflare
etag: W/"dbf9d822cefe851ba6f66e1ad57e8987"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iO4ClRWu9LzyxfQeT9QQ%2FWmNcuC%2F%2FakQ8FucyjM%2BUCd44ytL3P7P7E1Gt9RpDYYKRP1bx087klKRHeZnLmaZah32nXo%2BkmM58gftn5sl%2F%2FklY99pG3GvT%2Fl9KkNuFLKO9qKvcn9KZyjV%2B5JENz6fqwji"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 6e6af83d3c539090-FRA

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
803 B 152ms
54ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans+Condensed:ital,wght@0,300;0,700;1,300&display=swap

Requested by

Host: www.zdg.md
URL: https://www.zdg.md/wp-content/cache/min/1/373de1954f61abf2330eed2347723dd7.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f287efe0435fa82bc67334016d6ff203ad940a368916fb5892823dfc47675cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 12:15:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 04 Mar 2022 13:31:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 04 Mar 2022 13:31:00 GMT

GET
H2 200 c.html Show response
cdn.admixer.net/scripts3/44184/ Frame 82F5 738 B
510 B 9ms
8ms Document
text/html 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/44184/c.html?b=44184
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/

Response headers

server: nginx
date: Fri, 04 Mar 2022 13:31:00 GMT
content-type: text/html
last-modified: Sat, 26 Feb 2022 17:57:57 GMT
vary: Accept-Encoding
etag: W/"621a6a25-2e2"
expires: Mon, 27 Feb 2023 17:58:56 GMT
cache-control: max-age=31622400
cache: HIT
x-cached-since: 2022-02-26T17:58:56+00:00
x-id: fr5-up-gc31
content-encoding: gzip

GET
H2 200 0967ebea4a2a8854ab82.b.js Show response
cdn.admixer.net/scripts3/44184/ 23 KB
8 KB 10ms
8ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/44184/0967ebea4a2a8854ab82.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 09ef43311f60323feb3ecd8c3f5e81064548c7e632d58e27253e6fef25bc0e7f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc31
date: Fri, 04 Mar 2022 13:31:00 GMT
content-encoding: gzip
last-modified: Sat, 26 Feb 2022 17:57:44 GMT
server: nginx
etag: W/"621a6a18-5d41"
vary: Accept-Encoding
x-cached-since: 2022-02-26T17:58:56+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Mon, 27 Feb 2023 17:58:56 GMT

GET
H2 200 849bc7976a13501da8fc.b.js Show response
cdn.admixer.net/scripts3/44184/ 74 KB
19 KB 11ms
10ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/44184/849bc7976a13501da8fc.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: ad8d6790c4653e3bd078031ffcd5b9c231056162ff04ae386ad85fb74e89407e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc31
date: Fri, 04 Mar 2022 13:31:00 GMT
content-encoding: gzip
last-modified: Sat, 26 Feb 2022 17:57:52 GMT
server: nginx
etag: W/"621a6a20-12993"
vary: Accept-Encoding
x-cached-since: 2022-03-03T10:00:50+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Sat, 04 Mar 2023 10:00:50 GMT

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK search.svg
www.zdg.md/wp-content/themes/zdg/assets/images/ 722 B
735 B 12ms
11ms Image
image/svg+xml 116.202.113.159
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zdg.md/wp-content/themes/zdg/assets/images/search.svg
Requested by: Host: www.zdg.md
URL: https://www.zdg.md/wp-content/cache/min/1/373de1954f61abf2330eed2347723dd7.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.113.159 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.159.113.202.116.clients.your-server.de
Software: nginx /
Resource Hash: a198baa1694f9f38a126af0f5e176c4d2c705beff820ef2b3227c05608ba7475

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/wp-content/cache/min/1/373de1954f61abf2330eed2347723dd7.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 13:31:00 GMT
Content-Encoding: gzip
Last-Modified: Sat, 14 Mar 2020 00:35:30 GMT
Server: nginx
ETag: W/"5e6c26d2-2d2"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 03 Apr 2022 13:31:00 GMT

GET
H/1.1 200
OK ico1.svg
www.zdg.md/wp-content/themes/zdg/assets/images/ 985 B
804 B 11ms
11ms Image
image/svg+xml 116.202.113.159
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zdg.md/wp-content/themes/zdg/assets/images/ico1.svg
Requested by: Host: www.zdg.md
URL: https://www.zdg.md/wp-content/cache/min/1/373de1954f61abf2330eed2347723dd7.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.113.159 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.159.113.202.116.clients.your-server.de
Software: nginx /
Resource Hash: fbba571930499cb86d738ffa9cefe55a8bef0b1f140e08dc3281f1a6787842f4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/wp-content/cache/min/1/373de1954f61abf2330eed2347723dd7.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 13:31:00 GMT
Content-Encoding: gzip
Last-Modified: Sat, 14 Mar 2020 00:35:45 GMT
Server: nginx
ETag: W/"5e6c26e1-3d9"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 03 Apr 2022 13:31:00 GMT

GET
H/1.1 200
OK Arrow.svg
www.zdg.md/wp-content/themes/zdg/assets/images/ 508 B
641 B 11ms
11ms Image
image/svg+xml 116.202.113.159
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zdg.md/wp-content/themes/zdg/assets/images/Arrow.svg
Requested by: Host: www.zdg.md
URL: https://www.zdg.md/wp-content/cache/min/1/373de1954f61abf2330eed2347723dd7.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.113.159 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.159.113.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 6c4f7fd7d26f8cf3a1638ee63a31173844fb69143f1abe8685c046f05b2eca3d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/wp-content/cache/min/1/373de1954f61abf2330eed2347723dd7.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 13:31:00 GMT
Content-Encoding: gzip
Last-Modified: Sat, 14 Mar 2020 00:35:48 GMT
Server: nginx
ETag: W/"5e6c26e4-1fc"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 03 Apr 2022 13:31:00 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v23/ 30 KB
31 KB 123ms
40ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v23/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.zdg.md
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 08:55:44 GMT
x-content-type-options: nosniff
age: 189316
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30876
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:11:59 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Mar 2023 08:55:44 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
fonts.gstatic.com/s/montserrat/v23/ 25 KB
25 KB 134ms
83ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v23/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

672305a06578c62e801efdb067fffad21042eb1f0b66f41eb6f744b9f46114a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.zdg.md
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 19:01:18 GMT
x-content-type-options: nosniff
age: 239382
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25088
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:11:58 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 01 Mar 2023 19:01:18 GMT

GET
H2 200 c.html Show response
cdn.admixer.net/scripts3/44184/ Frame E588 738 B
396 B 8ms
8ms Document
text/html 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/44184/c.html?b=44184
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/

Response headers

server: nginx
date: Fri, 04 Mar 2022 13:31:00 GMT
content-type: text/html
last-modified: Sat, 26 Feb 2022 17:57:57 GMT
vary: Accept-Encoding
etag: W/"621a6a25-2e2"
expires: Mon, 27 Feb 2023 17:58:56 GMT
cache-control: max-age=31622400
cache: HIT
x-cached-since: 2022-02-26T17:58:56+00:00
x-id: fr5-up-gc31
content-encoding: gzip

GET
H/1.1 200
OK prebid-loader2.aspx Show response
prebid-inv-eu.admixer.net/ 8 KB
8 KB 80ms
23ms Script
application/javascript 146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-inv-eu.admixer.net/prebid-loader2.aspx?adguid=5f9b6f67-21f0-49f7-b55b-f86073c56ebc&_=1646400660158
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.5.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software: nginx /
Resource Hash: 424618fa03db07b6ea253a7e4bf7ed8a65e9d26d90fba3a18d5c5d9f88561389

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 13:31:00 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H2 200 JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2
fonts.gstatic.com/s/montserrat/v23/ 20 KB
20 KB 98ms
98ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v23/JTUSjIg1_i6t8kCHKm459W1hyzbi.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93a1679cf7d6af1e698e3712191d26fb7aa77ea00cfa2df453d05e0964b32b5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.zdg.md
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 23:45:07 GMT
x-content-type-options: nosniff
age: 308753
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20480
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:11:59 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 28 Feb 2023 23:45:07 GMT

GET
H/1.1 200
OK Rectangle-9.jpg
www.zdg.md/wp-content/uploads/2020/01/ 87 KB
88 KB 13ms
13ms Image
image/jpeg 116.202.113.159
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zdg.md/wp-content/uploads/2020/01/Rectangle-9.jpg
Requested by: Host: www.zdg.md
URL: https://www.zdg.md/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.113.159 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.159.113.202.116.clients.your-server.de
Software: nginx /
Resource Hash: b41f8319432095f7405382dc9d477073e97f247df9e039e63f6f8b6959724cd0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 13:31:00 GMT
Last-Modified: Fri, 03 Apr 2020 10:14:59 GMT
Server: nginx
ETag: "5e870ca3-15da6"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 89510
Expires: Sun, 03 Apr 2022 13:31:00 GMT

GET
H/1.1 200
OK slash.svg
www.zdg.md/wp-content/themes/zdg/assets/images/ 18 KB
2 KB 12ms
12ms Image
image/svg+xml 116.202.113.159
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zdg.md/wp-content/themes/zdg/assets/images/slash.svg
Requested by: Host: www.zdg.md
URL: https://www.zdg.md/wp-content/cache/min/1/373de1954f61abf2330eed2347723dd7.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.113.159 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.159.113.202.116.clients.your-server.de
Software: nginx /
Resource Hash: f7fade5794bd7bc1a2572df88613ae6deeb1d82ab5c9e42dce2bdee008ccb4c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/wp-content/cache/min/1/373de1954f61abf2330eed2347723dd7.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 13:31:00 GMT
Content-Encoding: gzip
Last-Modified: Sat, 14 Mar 2020 00:35:29 GMT
Server: nginx
ETag: W/"5e6c26d1-486d"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 03 Apr 2022 13:31:00 GMT

GET
H2 200 z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
fonts.gstatic.com/s/opensanscondensed/v22/ 16 KB
16 KB 107ms
107ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensanscondensed/v22/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans+Condensed:ital,wght@0,300;0,700;1,300&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0aa6a7045a55ddcb25bbee4d1edcb864081cf59f7fc9bdc1ada22a32ed4ad3ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.zdg.md
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 23:10:17 GMT
x-content-type-options: nosniff
age: 224443
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16324
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 21:48:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Mar 2023 23:10:17 GMT

GET
H2 200 c.html Show response
cdn.admixer.net/scripts3/44184/ Frame F277 738 B
396 B 9ms
9ms Document
text/html 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/44184/c.html?b=44184
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/

Response headers

server: nginx
date: Fri, 04 Mar 2022 13:31:00 GMT
content-type: text/html
last-modified: Sat, 26 Feb 2022 17:57:57 GMT
vary: Accept-Encoding
etag: W/"621a6a25-2e2"
expires: Mon, 27 Feb 2023 17:58:56 GMT
cache-control: max-age=31622400
cache: HIT
x-cached-since: 2022-02-26T17:58:56+00:00
x-id: fr5-up-gc31
content-encoding: gzip

GET
H2 200 c.html Show response
cdn.admixer.net/scripts3/44184/ Frame AFBB 738 B
396 B 7ms
7ms Document
text/html 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/44184/c.html?b=44184
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/

Response headers

server: nginx
date: Fri, 04 Mar 2022 13:31:00 GMT
content-type: text/html
last-modified: Sat, 26 Feb 2022 17:57:57 GMT
vary: Accept-Encoding
etag: W/"621a6a25-2e2"
expires: Mon, 27 Feb 2023 17:58:56 GMT
cache-control: max-age=31622400
cache: HIT
x-cached-since: 2022-02-26T17:58:56+00:00
x-id: fr5-up-gc31
content-encoding: gzip

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea4cb2dbe69c87cfcb23890afc5053fb1b8c3b0fcb6c4cce738a408c73c1d8ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK prebid-loader2.aspx Show response
prebid-inv-eu.admixer.net/ 8 KB
8 KB 40ms
31ms Script
application/javascript 146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-inv-eu.admixer.net/prebid-loader2.aspx?adguid=8c8905ad-bf2f-4bdb-936b-c2a93363d582&_=1646400660159
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.5.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software: nginx /
Resource Hash: ef8f91d73556ee8db4eb53dbc798cb70071d5732b8fa91886c93ed294dd77caf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 13:31:00 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK quote-big.svg
www.zdg.md/wp-content/themes/zdg/assets/images/ 1 KB
897 B 12ms
11ms Image
image/svg+xml 116.202.113.159
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zdg.md/wp-content/themes/zdg/assets/images/quote-big.svg
Requested by: Host: www.zdg.md
URL: https://www.zdg.md/wp-content/cache/min/1/373de1954f61abf2330eed2347723dd7.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.113.159 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.159.113.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 3895296f7bf9ea6712d6676751317cb60c735ff47bba41b06f75baeabc939453

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/wp-content/cache/min/1/373de1954f61abf2330eed2347723dd7.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 13:31:00 GMT
Content-Encoding: gzip
Last-Modified: Sat, 14 Mar 2020 00:35:38 GMT
Server: nginx
ETag: W/"5e6c26da-428"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 03 Apr 2022 13:31:00 GMT

GET
H/1.1 200
OK quote.svg
www.zdg.md/wp-content/themes/zdg/assets/images/ 1 KB
921 B 11ms
11ms Image
image/svg+xml 116.202.113.159
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zdg.md/wp-content/themes/zdg/assets/images/quote.svg
Requested by: Host: www.zdg.md
URL: https://www.zdg.md/wp-content/cache/min/1/373de1954f61abf2330eed2347723dd7.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.113.159 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.159.113.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 7b962f26f50d961a55788b94597597ec5d122144e1271593cecf0fcebd5da088

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/wp-content/cache/min/1/373de1954f61abf2330eed2347723dd7.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 13:31:00 GMT
Content-Encoding: gzip
Last-Modified: Sat, 14 Mar 2020 00:35:38 GMT
Server: nginx
ETag: W/"5e6c26da-476"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 03 Apr 2022 13:31:00 GMT

GET
H2 200 z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuvMR6WR.woff2
fonts.gstatic.com/s/opensanscondensed/v22/ 12 KB
12 KB 63ms
62ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensanscondensed/v22/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuvMR6WR.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans+Condensed:ital,wght@0,300;0,700;1,300&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c000066f2b27add17d55cfec67196d43c6a529f550da7877663e34632c927bcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.zdg.md
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 03:34:26 GMT
x-content-type-options: nosniff
age: 208594
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12388
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 21:48:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Mar 2023 03:34:26 GMT

GET
H2 200 c.html Show response
cdn.admixer.net/scripts3/44184/ Frame 6520 738 B
396 B 8ms
7ms Document
text/html 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/44184/c.html?b=44184
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/

Response headers

server: nginx
date: Fri, 04 Mar 2022 13:31:00 GMT
content-type: text/html
last-modified: Sat, 26 Feb 2022 17:57:57 GMT
vary: Accept-Encoding
etag: W/"621a6a25-2e2"
expires: Mon, 27 Feb 2023 17:58:56 GMT
cache-control: max-age=31622400
cache: HIT
x-cached-since: 2022-02-26T17:58:56+00:00
x-id: fr5-up-gc31
content-encoding: gzip

GET
H2 200 c.html Show response
cdn.admixer.net/scripts3/44184/ Frame 0EC4 738 B
396 B 8ms
6ms Document
text/html 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/44184/c.html?b=44184
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/

Response headers

server: nginx
date: Fri, 04 Mar 2022 13:31:00 GMT
content-type: text/html
last-modified: Sat, 26 Feb 2022 17:57:57 GMT
vary: Accept-Encoding
etag: W/"621a6a25-2e2"
expires: Mon, 27 Feb 2023 17:58:56 GMT
cache-control: max-age=31622400
cache: HIT
x-cached-since: 2022-02-26T17:58:56+00:00
x-id: fr5-up-gc31
content-encoding: gzip

GET
H/1.1 200
OK prebid-loader2.aspx Show response
prebid-inv-eu.admixer.net/ 8 KB
8 KB 25ms
23ms Script
application/javascript 146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-inv-eu.admixer.net/prebid-loader2.aspx?adguid=41b2e174-c6e3-4c54-ada7-bbc75c2f48da&_=1646400660160
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.5.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software: nginx /
Resource Hash: 57b6518d9b53c441e2e74143e5941ec1f6cdadd9c2013827c9573745dcff89fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 13:31:00 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK Rectangle-38-scaled.jpg
www.zdg.md/wp-content/uploads/2020/01/ 98 KB
98 KB 12ms
12ms Image
image/jpeg 116.202.113.159
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zdg.md/wp-content/uploads/2020/01/Rectangle-38-scaled.jpg
Requested by: Host: www.zdg.md
URL: https://www.zdg.md/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.113.159 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.159.113.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 175c04e10c995c8e667e7cbe403b547eac9f60bf17ac4d76e3ba740bca1fd9b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 13:31:00 GMT
Last-Modified: Fri, 03 Apr 2020 10:20:29 GMT
Server: nginx
ETag: "5e870ded-1868e"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 99982
Expires: Sun, 03 Apr 2022 13:31:00 GMT

GET
H/1.1 200
OK prebid-loader2.aspx Show response
prebid-inv-eu.admixer.net/ 8 KB
8 KB 132ms
132ms Script
application/javascript 146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-inv-eu.admixer.net/prebid-loader2.aspx?adguid=dd47bcff-35d4-4d54-8cb8-6c9d897bd89a&_=1646400660161
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.5.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),
Reverse DNS
Software: nginx /
Resource Hash: 35aea8a8b560fce73743e9a90aa31ba91af991668146140a2e589eb9c7067f27

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 13:31:00 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H2 200 prebidcdn.js Show response
cdn.admixer.net/prebidcdn/ 215 KB
79 KB 28ms
13ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,currency,intersectionRtdProvider,schain&dev=true&rnd=268435462&hash=1385267621-
Requested by: Host: prebid-inv-eu.admixer.net
URL: https://prebid-inv-eu.admixer.net/prebid-loader2.aspx?adguid=5f9b6f67-21f0-49f7-b55b-f86073c56ebc&_=1646400660158
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 33e13339440e41848ddb1b1863fdd2a0ca0d288f50756fff89a8febf1bb16549

Request headers

Referer: https://www.zdg.md/
Origin: https://www.zdg.md
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc35
date: Fri, 04 Mar 2022 13:31:00 GMT
content-encoding: gzip
last-modified: Thu, 20 Jan 2022 10:02:09 GMT
server: nginx
etag: W/"61e93321-35b69"
vary: Accept-Encoding
x-cached-since: 2022-02-04T12:05:00+00:00
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: content-range
cache-control: max-age=31622400
cache: HIT
expires: Sun, 05 Feb 2023 12:05:00 GMT

GET
H2 200 load-gpt.js Show response
cdn.admixer.net/scripts/ 505 B
471 B 7ms
7ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts/load-gpt.js
Requested by: Host: prebid-inv-eu.admixer.net
URL: https://prebid-inv-eu.admixer.net/prebid-loader2.aspx?adguid=5f9b6f67-21f0-49f7-b55b-f86073c56ebc&_=1646400660158
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 00dd96081977e3c4392669bd136716d853546208a5259586111293d312b6596f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc31
date: Fri, 04 Mar 2022 13:31:00 GMT
content-encoding: gzip
last-modified: Tue, 30 Mar 2021 14:31:56 GMT
server: nginx
etag: W/"6063365c-1f9"
vary: Accept-Encoding
x-cached-since: 2022-02-02T13:18:03+00:00
content-type: application/javascript
access-control-expose-headers: content-range
cache-control: max-age=31622400
access-control-allow-credentials: true
cache: HIT
expires: Fri, 03 Feb 2023 13:18:03 GMT

GET
H2 200 c.html Show response
cdn.admixer.net/scripts3/44184/ Frame EB71 738 B
396 B 7ms
7ms Document
text/html 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/44184/c.html?b=44184
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/

Response headers

server: nginx
date: Fri, 04 Mar 2022 13:31:00 GMT
content-type: text/html
last-modified: Sat, 26 Feb 2022 17:57:57 GMT
vary: Accept-Encoding
etag: W/"621a6a25-2e2"
expires: Mon, 27 Feb 2023 17:58:56 GMT
cache-control: max-age=31622400
cache: HIT
x-cached-since: 2022-02-26T17:58:56+00:00
x-id: fr5-up-gc31
content-encoding: gzip

GET
H3 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.9.0/webfonts/ 73 KB
74 KB 43ms
22ms Font
font/woff2 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.9.0/webfonts/fa-brands-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.9.0/css/all.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f49b8706547682e2c5ed6642a2f2dcbd287da458314b967c60d774aa7edb473

Request headers

Referer: https://use.fontawesome.com/releases/v5.9.0/css/all.css
Origin: https://www.zdg.md
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 13:31:00 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 335861
cf-ray: 6e6af8400bb89193-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 74508
x-amz-id-2: le07Uul5suHdlpU/3w/IpbeqGgYawl9RILXGgbar8HWcaCcg1OOQnRdHuYHXCnA0u8n1KN3m68s=
last-modified: Wed, 30 Jun 2021 15:48:27 GMT
server: cloudflare
etag: "7559b3774a0625e8ca6c0160f8f6cfd8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SEdwVpSvgNxL2ccVwYHFCNVLN29lpO%2F7agT6F5ZruPubVFSR0QU84i5wTqvtQQjizbXYOxzZXT6sOWBtA%2BD%2F8Tdm0lfAmG9Loq7iiwq7xcq3aYygsRuMii7WSl7Sl4nrbLWE2vzdqNdeZXhxcCpvaURt"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: J0VNB42BVSRAAJ67
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-type: font/woff2

GET
H2 200 xgemius.js Show response
gamd.hit.gemius.pl/ 40 KB
11 KB 118ms
35ms Script
application/x-javascript 128.140.224.227
GTS-BACKBONE GTS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://gamd.hit.gemius.pl/xgemius.js
Requested by: Host: www.zdg.md
URL: https://www.zdg.md/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 128.140.224.227 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
Software: GHC /
Resource Hash: f62da9fa67a86fc30d576a01706e20a58fbe41ff7b9ac45671746fb2ac766d39

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 13:31:00 GMT
content-encoding: gzip
last-modified: Fri, 18 Feb 2022 08:43:58 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 10838
expires: Sat, 05 Mar 2022 01:31:00 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/_exWVY_hlNJJl2Abm8pI9i1L/ 360 KB
142 KB 136ms
39ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_exWVY_hlNJJl2Abm8pI9i1L/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LezBtsUAAAAANM4ECUmzxXVKnvEIYY5ZqaBwkk6&ver=3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84d00511d9ac2d60f4b43ad8dd4c237a8093c7a45f1e8da88f5c233866d408f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zdg.md/
Origin: https://www.zdg.md
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 12:56:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2041
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 145103
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 23:43:01 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Mar 2023 12:56:59 GMT

GET
H/1.1 200
OK adress.svg
www.zdg.md/wp-content/themes/zdg/assets/images/ 489 B
636 B 11ms
11ms Image
image/svg+xml 116.202.113.159
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zdg.md/wp-content/themes/zdg/assets/images/adress.svg
Requested by: Host: www.zdg.md
URL: https://www.zdg.md/wp-content/cache/min/1/373de1954f61abf2330eed2347723dd7.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.113.159 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.159.113.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 6802c5b5afe5a5344277003821601f4eea78dd496e740c5fd782c3e92fa3001d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/wp-content/cache/min/1/373de1954f61abf2330eed2347723dd7.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 13:31:00 GMT
Content-Encoding: gzip
Last-Modified: Sat, 14 Mar 2020 00:35:49 GMT
Server: nginx
ETag: W/"5e6c26e5-1e9"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 03 Apr 2022 13:31:00 GMT

GET
H/1.1 200
OK phone.svg
www.zdg.md/wp-content/themes/zdg/assets/images/ 762 B
816 B 11ms
11ms Image
image/svg+xml 116.202.113.159
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zdg.md/wp-content/themes/zdg/assets/images/phone.svg
Requested by: Host: www.zdg.md
URL: https://www.zdg.md/wp-content/cache/min/1/373de1954f61abf2330eed2347723dd7.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.113.159 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.159.113.202.116.clients.your-server.de
Software: nginx /
Resource Hash: e8bbc09c9d8ad4c5c95cbc60ab1bd4e3c394e0e7ca5132830b8c5f3dbe817767

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/wp-content/cache/min/1/373de1954f61abf2330eed2347723dd7.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 13:31:00 GMT
Content-Encoding: gzip
Last-Modified: Sat, 14 Mar 2020 00:35:38 GMT
Server: nginx
ETag: W/"5e6c26da-2fa"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 03 Apr 2022 13:31:00 GMT

GET
H/1.1 200
OK mail.svg
www.zdg.md/wp-content/themes/zdg/assets/images/ 1 KB
895 B 11ms
11ms Image
image/svg+xml 116.202.113.159
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zdg.md/wp-content/themes/zdg/assets/images/mail.svg
Requested by: Host: www.zdg.md
URL: https://www.zdg.md/wp-content/cache/min/1/373de1954f61abf2330eed2347723dd7.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.113.159 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.159.113.202.116.clients.your-server.de
Software: nginx /
Resource Hash: c04b2a271cc7a3d2f05e2d2eef3c87d7b0baa491ce4d609edb53e25b983600dd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/wp-content/cache/min/1/373de1954f61abf2330eed2347723dd7.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 13:31:00 GMT
Content-Encoding: gzip
Last-Modified: Sat, 14 Mar 2020 00:35:40 GMT
Server: nginx
ETag: W/"5e6c26dc-406"
Vary: Accept-Encoding
Content-Type: image/svg+xml
Cache-Control: max-age=2592000
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sun, 03 Apr 2022 13:31:00 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 82 KB
28 KB 145ms
49ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts/load-gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

b88d7d38e30818e3e170b366bd69d211a090996abb122737d4dffb0fbbe24274

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 13:31:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28020
x-xss-protection: 0
server: sffe
etag: "1149 / 469 of 1000 / last-modified: 1646395724"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 04 Mar 2022 13:31:00 GMT

GET
H/1.1 200
OK logo.png
www.zdg.md/wp-content/themes/zdg/assets/images/ 25 KB
26 KB 13ms
12ms Image
image/png 116.202.113.159
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zdg.md/wp-content/themes/zdg/assets/images/logo.png
Requested by: Host: www.zdg.md
URL: https://www.zdg.md/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.113.159 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.159.113.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 81f397f76a9090a63ea65da6572574bcabacd2dc056bc49837d52a673f581a39

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 13:31:00 GMT
Last-Modified: Sat, 14 Mar 2020 00:35:44 GMT
Server: nginx
ETag: "5e6c26e0-65cd"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 26061
Expires: Sun, 03 Apr 2022 13:31:00 GMT

GET
H/1.1 200
OK podoliac-636x477-c-default.jpg
www.zdg.md/wp-content/uploads/2022/03/ 34 KB
34 KB 16ms
15ms Image
image/jpeg 116.202.113.159
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zdg.md/wp-content/uploads/2022/03/podoliac-636x477-c-default.jpg
Requested by: Host: www.zdg.md
URL: https://www.zdg.md/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.113.159 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.159.113.202.116.clients.your-server.de
Software: nginx /
Resource Hash: ad4112f98660b1af722d840c98dba682dbc0dfa5f1914786fac8e1b1421601d0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 13:31:00 GMT
Last-Modified: Thu, 03 Mar 2022 17:43:58 GMT
Server: nginx
ETag: "6220fe5e-8712"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 34578
Expires: Sun, 03 Apr 2022 13:31:00 GMT

GET
H/1.1 200
OK protest-melitopol-303x227-c-default.jpg
www.zdg.md/wp-content/uploads/2022/03/ 18 KB
18 KB 22ms
21ms Image
image/jpeg 116.202.113.159
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zdg.md/wp-content/uploads/2022/03/protest-melitopol-303x227-c-default.jpg
Requested by: Host: www.zdg.md
URL: https://www.zdg.md/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.113.159 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.159.113.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 93049ec1861f6b0ca27677006c4bf791ce45eb2a0867f463bc774efbdd664aab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 13:31:00 GMT
Last-Modified: Fri, 04 Mar 2022 13:26:02 GMT
Server: nginx
ETag: "6222136a-484e"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18510
Expires: Sun, 03 Apr 2022 13:31:00 GMT

GET
H/1.1 200
OK bursa-principala-303x227-c-default.jpg
www.zdg.md/wp-content/uploads/2022/03/ 11 KB
12 KB 20ms
19ms Image
image/jpeg 116.202.113.159
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zdg.md/wp-content/uploads/2022/03/bursa-principala-303x227-c-default.jpg
Requested by: Host: www.zdg.md
URL: https://www.zdg.md/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.113.159 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.159.113.202.116.clients.your-server.de
Software: nginx /
Resource Hash: d68c40e3ddf63af6de0455d1b642074990816e54d148b0d17cb1c9e4b2bf49b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 13:31:00 GMT
Last-Modified: Fri, 04 Mar 2022 13:09:41 GMT
Server: nginx
ETag: "62220f95-2d15"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11541
Expires: Sun, 03 Apr 2022 13:31:00 GMT

GET
H/1.1 200
OK tanc-1-303x227-c-default.jpg
www.zdg.md/wp-content/uploads/2022/03/ 16 KB
16 KB 22ms
21ms Image
image/jpeg 116.202.113.159
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zdg.md/wp-content/uploads/2022/03/tanc-1-303x227-c-default.jpg
Requested by: Host: www.zdg.md
URL: https://www.zdg.md/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.113.159 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.159.113.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 5afeb2ba15665dfe0c39950eb675f5cf00d1c8f588414a0634eed4f60f743401

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 13:31:00 GMT
Last-Modified: Fri, 04 Mar 2022 12:47:52 GMT
Server: nginx
ETag: "62220a78-3e1a"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15898
Expires: Sun, 03 Apr 2022 13:31:00 GMT

GET
H/1.1 200
OK kuleba-flag-303x227-c-default.jpg
www.zdg.md/wp-content/uploads/2022/03/ 11 KB
11 KB 14ms
14ms Image
image/jpeg 116.202.113.159
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zdg.md/wp-content/uploads/2022/03/kuleba-flag-303x227-c-default.jpg
Requested by: Host: www.zdg.md
URL: https://www.zdg.md/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.113.159 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.159.113.202.116.clients.your-server.de
Software: nginx /
Resource Hash: c9df5025b2f82506c55acb032ac21a262d69c7ced47d644649a5b075bc91db36

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 13:31:00 GMT
Last-Modified: Fri, 04 Mar 2022 12:25:41 GMT
Server: nginx
ETag: "62220545-2bde"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11230
Expires: Sun, 03 Apr 2022 13:31:00 GMT

GET
H/1.1 200
OK cover-refugiat%CC%A6i-415x311-c-default.png
www.zdg.md/wp-content/uploads/2022/03/ 253 KB
254 KB 13ms
12ms Image
image/png 116.202.113.159
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zdg.md/wp-content/uploads/2022/03/cover-refugiat%CC%A6i-415x311-c-default.png
Requested by: Host: www.zdg.md
URL: https://www.zdg.md/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.113.159 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.159.113.202.116.clients.your-server.de
Software: nginx /
Resource Hash: 6be77e66527b53318b042909a859ea1e292ec2236cc8bd0aa32f6f5b8f9e68a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 13:31:00 GMT
Last-Modified: Fri, 04 Mar 2022 12:54:57 GMT
Server: nginx
ETag: "62220c21-3f5ac"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 259500
Expires: Sun, 03 Apr 2022 13:31:00 GMT

GET
H/1.1 200
OK Edit-PGrozavu-3-martie-190x143-c-default.png
www.zdg.md/wp-content/uploads/2022/03/ 38 KB
38 KB 19ms
19ms Image
image/png 116.202.113.159
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zdg.md/wp-content/uploads/2022/03/Edit-PGrozavu-3-martie-190x143-c-default.png
Requested by: Host: www.zdg.md
URL: https://www.zdg.md/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.113.159 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.159.113.202.116.clients.your-server.de
Software: nginx /
Resource Hash: aac43b5ab7d66f2f6faae142de2bd548dac9eb018fd3a7e719ada607218c3128

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 13:31:00 GMT
Last-Modified: Thu, 03 Mar 2022 11:20:05 GMT
Server: nginx
ETag: "6220a465-9628"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 38440
Expires: Sun, 03 Apr 2022 13:31:00 GMT

POST
H/1.1 200
OK prebid.1.2.aspx Show response
inv-nets.admixer.net/ 42 B
500 B 83ms
22ms XHR
text/javascript 146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/prebid.1.2.aspx

Requested by

Host: cdn.admixer.net
URL: https://cdn.admixer.net/prebidcdn/prebidcdn.js?pm=adServer,adServerDFP,admixerAnalyticsAdapter,admixerBidAdapter,admixerIdSystem,currency,intersectionRtdProvider,schain&dev=true&rnd=268435462&hash=1385267621-

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.zdg.md/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Mar 2022 13:31:00 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: https://www.zdg.md
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Keep-Alive: timeout=25
Content-Length: 42
X-Xss-Protection: 0

POST
H/1.1 200
OK prebid.1.2.aspx Show response
inv-nets.admixer.net/ 42 B
500 B 83ms
23ms XHR
text/javascript 146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/prebid.1.2.aspx

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.zdg.md/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Mar 2022 13:31:00 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: https://www.zdg.md
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Keep-Alive: timeout=25
Content-Length: 42
X-Xss-Protection: 0

POST
H/1.1 200
OK prebid.1.2.aspx Show response
inv-nets.admixer.net/ 42 B
500 B 83ms
24ms XHR
text/javascript 146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/prebid.1.2.aspx

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.zdg.md/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Mar 2022 13:31:00 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: https://www.zdg.md
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Keep-Alive: timeout=25
Content-Length: 42
X-Xss-Protection: 0

GET
H2 200 fpdata.js Show response
gamd.hit.gemius.pl/ 275 B
389 B 32ms
31ms Script
application/x-javascript 128.140.224.227
GTS-BACKBONE GTS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://gamd.hit.gemius.pl/fpdata.js?href=www.zdg.md
Requested by: Host: gamd.hit.gemius.pl
URL: https://gamd.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 128.140.224.227 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
Software: GHC /
Resource Hash: 6caee481ea7386c670a4708adc275826dd8e9c21db441ee35eb13ed8da71a28a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 13:31:00 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 275
expires: Sun, 03 Apr 2022 13:31:00 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame 511E 5 KB
3 KB 77ms
22ms Document
text/html 146.59.30.96
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gamd.hit.gemius.pl
URL: https://gamd.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.96 , France, ASN16276 (OVH, FR),
Reverse DNS: ip96.ip-146-59-30.eu
Software: GHC /
Resource Hash: 5edaf92540d598dda232ac37f813e7e944c32c0358f1ed29551f0e5ede97f784

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/

Response headers

date: Fri, 04 Mar 2022 13:31:00 GMT
expires: Sun, 03 Apr 2022 13:31:00 GMT
server: GHC
accept-ranges: none
cache-control: private, max-age=2592000
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
etag: PRIVATE7520710249
vary: Accept-Encoding,Origin,User-Agent
cross-origin-resource-policy: cross-origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
content-type: text/html;charset=utf-8
content-length: 2717
content-encoding: gzip

GET
H/1.1 200
OK weather Show response
api.openweathermap.org/data/2.5/ 479 B
844 B 83ms
13ms Fetch
application/json 37.139.1.159
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://api.openweathermap.org/data/2.5/weather?q=Chisinau,md&APPID=6ffff3389e6ab667f9a8884d99489543
Requested by: Host: www.zdg.md
URL: https://www.zdg.md/wp-content/themes/zdg/assets/scripts/mainss.js?ver=1.2.8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.139.1.159 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: openresty /
Resource Hash: 36da5c994c78eee30d2a2d1aa6216d4830d737e028d19054f2f4b15f3145ec3e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 13:31:00 GMT
Server: openresty
X-Cache-Key: /data/2.5/weather?APPID=6ffff3389e6ab667f9a8884d99489543&q=chisinau,md
Access-Control-Allow-Methods: GET, POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 479

GET
H3 200 fa-regular-400.woff2
use.fontawesome.com/releases/v5.9.0/webfonts/ 13 KB
14 KB 25ms
25ms Font
font/woff2 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.9.0/webfonts/fa-regular-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.9.0/css/all.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a16c04229bc2b4da226eb97e68d94f49ba6437b7b5e16c14a101b21a29384e9

Request headers

Referer: https://use.fontawesome.com/releases/v5.9.0/css/all.css
Origin: https://www.zdg.md
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 13:31:00 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3306249
cf-ray: 6e6af8412e8f9193-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13580
x-amz-id-2: KnitOaxS+O0j+03i3utuinvi9JpiprQVbMBHbDZ11+q4PCckYBDGTdT+bLxt3T5z6jZsloUcP9k=
last-modified: Wed, 30 Jun 2021 15:48:27 GMT
server: cloudflare
etag: "e07d9e40b26048d9abe2ef966cd6e263"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NjNmIjT0crJkf0Op2Pi%2BaoZOkp8Zh%2FYQ3I8pPaWOYPh2dzOPhFAlJrQGULucC%2FrMqStLjgw19v525aMj%2FX8y%2Fm1xzdAlAhWrJ2BBFV6jDuvABnQQnb%2FRomEfcQSuQZj9BGEVVMPR6zHgL3UziPxvOjaS"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: XMYJDFA77T95KQJP
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-type: font/woff2

GET
H/1.1 200
OK ajax-loader.gif
www.zdg.md/wp-content/themes/zdg/css/ 4 KB
4 KB 11ms
11ms Image
image/gif 116.202.113.159
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zdg.md/wp-content/themes/zdg/css/ajax-loader.gif
Requested by: Host: www.zdg.md
URL: https://www.zdg.md/wp-content/cache/min/1/373de1954f61abf2330eed2347723dd7.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.113.159 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.159.113.202.116.clients.your-server.de
Software: nginx /
Resource Hash: e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/wp-content/cache/min/1/373de1954f61abf2330eed2347723dd7.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 13:31:00 GMT
Last-Modified: Sat, 14 Mar 2020 00:35:49 GMT
Server: nginx
ETag: "5e6c26e5-1052"
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4178
Expires: Sun, 03 Apr 2022 13:31:00 GMT

POST
H/1.1 204
No Content hb_analytics.aspx
prebid-inv-eu.admixer.net/ 0
237 B 23ms
23ms Ping
text/plain 146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://prebid-inv-eu.admixer.net/hb_analytics.aspx

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.zdg.md/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary00f6hEH3yXG8V62H

Response headers

Access-Control-Allow-Origin: https://www.zdg.md
Date: Fri, 04 Mar 2022 13:31:00 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

POST
H/1.1 204
No Content hb_analytics.aspx
prebid-inv-eu.admixer.net/ 0
237 B 23ms
23ms Ping
text/plain 146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://prebid-inv-eu.admixer.net/hb_analytics.aspx

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.zdg.md/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryYXPsu73Cn3BNiJAh

Response headers

Access-Control-Allow-Origin: https://www.zdg.md
Date: Fri, 04 Mar 2022 13:31:00 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

POST
H/1.1 204
No Content hb_analytics.aspx
prebid-inv-eu.admixer.net/ 0
237 B 47ms
25ms Ping
text/plain 146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://prebid-inv-eu.admixer.net/hb_analytics.aspx

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.zdg.md/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryHBzBcQb2AsEANoNS

Response headers

Access-Control-Allow-Origin: https://www.zdg.md
Date: Fri, 04 Mar 2022 13:31:00 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

POST
H/1.1 200
OK prebid.1.2.aspx Show response
inv-nets.admixer.net/ 42 B
500 B 24ms
24ms XHR
text/javascript 146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/prebid.1.2.aspx

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.zdg.md/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Mar 2022 13:31:00 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: https://www.zdg.md
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Keep-Alive: timeout=25
Content-Length: 42
X-Xss-Protection: 0

GET
H/1.1 200
OK ong300x250.gif
www.zdg.md/wp-content/uploads/2021/02/ 43 KB
44 KB 12ms
12ms Image
image/gif 116.202.113.159
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.zdg.md/wp-content/uploads/2021/02/ong300x250.gif
Requested by: Host: www.zdg.md
URL: https://www.zdg.md/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 116.202.113.159 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.159.113.202.116.clients.your-server.de
Software: nginx /
Resource Hash: efd6a59ce31c8b9727d0dd60081dda2975a483e611753baac09d714f9448cf97

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 13:31:00 GMT
Last-Modified: Mon, 01 Feb 2021 11:56:27 GMT
Server: nginx
ETag: "6017ec6b-ad9c"
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 44444
Expires: Sun, 03 Apr 2022 13:31:00 GMT

GET
H3 200 pubads_impl_2022030101.js Show response
securepubads.g.doubleclick.net/gpt/ 365 KB
122 KB 83ms
38ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js?cb=31065443

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

0bc44ea79e71bea23b78759ad6113a2106a0708b2db4988b73f47f3aa10f78fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 17:35:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71728
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124868
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 09:35:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 03 Mar 2023 17:35:32 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 60 B
92 B 100ms
53ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.zdg.md

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

7b769ca2e76d50cae32a312a13da0bc5593450bcc047354d99cb70cd752dc98a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Mar 2022 13:31:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Fri, 04 Mar 2022 13:31:00 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 38C2 41 KB
21 KB 102ms
55ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LezBtsUAAAAANM4ECUmzxXVKnvEIYY5ZqaBwkk6&co=aHR0cHM6Ly93d3cuemRnLm1kOjQ0Mw..&hl=de&v=_exWVY_hlNJJl2Abm8pI9i1L&size=invisible&cb=em6bpxv1ob51

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_exWVY_hlNJJl2Abm8pI9i1L/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c8778ddb37266b1d9485dbb640aa5d9e378561e74a7484c73f02b0687ae0a583

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Xb9kkDXckVc3xZIe+wRkeg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 04 Mar 2022 13:31:00 GMT
content-security-policy: script-src 'report-sample' 'nonce-Xb9kkDXckVc3xZIe+wRkeg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 21702
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK dsp.aspx Show response
inv-nets.admixer.net/ 2 KB
1 KB 23ms
23ms Script
application/javascript 146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=7329793362605646&cpv=43e435ad-967c-10dc-f9cc-a0589563b5f5&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22882c231d-af2d-c454-cd97-dfd5d1c4e566%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Fwww.zdg.md%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22852fa732-3229-80cd-3271-2b0a6cd388d9%22%2C%22tagid%22%3A%22cba69d7f-eece-4247-a1ab-87842a8d1207%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_async_2126304756%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3A%22admixer%22%2C%22responseType%22%3Anull%7D%2C%7B%22id%22%3A%228cf76fa4-24be-e989-c7a9-12df2efced9b%22%2C%22tagid%22%3A%221ebd4265-0ea9-4fc8-8cd3-7f1a7d61c00d%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer_async_321697647%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3A%22admixer%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A2%7D&am-uid=null&3rdEnabled=true&3rd=true

Requested by

Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

3b23d7637ea8ad215132fa9a65147a7a004be653e0894ddc3fec51b321ed5b26

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 13:31:00 GMT
Content-Encoding: gzip
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Keep-Alive: timeout=25
Content-Length: 801
X-Xss-Protection: 0

POST
H/1.1 204
No Content hb_analytics.aspx
prebid-inv-eu.admixer.net/ 0
237 B 23ms
22ms Ping
text/plain 146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://prebid-inv-eu.admixer.net/hb_analytics.aspx

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.zdg.md/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryX9CitZLwrazmKQ1q

Response headers

Access-Control-Allow-Origin: https://www.zdg.md
Date: Fri, 04 Mar 2022 13:31:00 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H2

200

rexdot.js Show response
gamd.hit.gemius.pl/__/_1646400660849/
Redirect Chain

https://gamd.hit.gemius.pl/_1646400660849/rexdot.js?l=100&id=pzMwOvbL5vz9YC1NCyPEtreO7zekqAOkFaG5TjMi2S7.L7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.zdg.md%...
https://gamd.hit.gemius.pl/__/_1646400660849/rexdot.js?l=100&id=pzMwOvbL5vz9YC1NCyPEtreO7zekqAOkFaG5TjMi2S7.L7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.zdg....

169 B
422 B

63ms
62ms

Script
application/x-javascript

128.140.224.227
GTS-BACKBONE GTS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://gamd.hit.gemius.pl/__/_1646400660849/rexdot.js?l=100&id=pzMwOvbL5vz9YC1NCyPEtreO7zekqAOkFaG5TjMi2S7.L7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.zdg.md%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=259&lsdata=a_BmwTFGk5.zUW7hY409OQtuwVW66n8R4gnlm7FcpEH.f7cU3UDrH5LhlgsZSHro2jO5nFRCnWazVNxHqKKjhLVMLO5a/srXTgl1bV4YKh/&fpdata=S3sRhZY.Fv0UZ3VDQi3DOsL3_4jsANfW0cJd2L9hNxP.K7&vis=1&fpcap=
Requested by: Host: www.zdg.md
URL: https://www.zdg.md/
Protocol: H2
Server: 128.140.224.227 , Romania, ASN5606 (GTS-BACKBONE GTS Telecom, RO),
Reverse DNS
Software: GHC /
Resource Hash: ac931b44425b536bb31c2ce2f5a10130a2b142d50d22a5bd13d842afc6223c99

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 13:31:00 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 169
expires: Thu, 03 Mar 2022 13:31:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 04 Mar 2022 13:31:00 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1646400660849/rexdot.js?l=100&id=pzMwOvbL5vz9YC1NCyPEtreO7zekqAOkFaG5TjMi2S7.L7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fwww.zdg.md%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=259&lsdata=a_BmwTFGk5.zUW7hY409OQtuwVW66n8R4gnlm7FcpEH.f7cU3UDrH5LhlgsZSHro2jO5nFRCnWazVNxHqKKjhLVMLO5a/srXTgl1bV4YKh/&fpdata=S3sRhZY.Fv0UZ3VDQi3DOsL3_4jsANfW0cJd2L9hNxP.K7&vis=1&fpcap=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Thu, 03 Mar 2022 13:31:00 GMT

GET
H/1.1 200
OK 04d@2x.png
openweathermap.org/img/wn/ 2 KB
2 KB 54ms
12ms Image
image/png 138.201.197.100
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://openweathermap.org/img/wn/04d@2x.png
Requested by: Host: www.zdg.md
URL: https://www.zdg.md/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.201.197.100 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.100.197.201.138.clients.your-server.de
Software: openresty/1.9.7.1 /
Resource Hash: 5b93d1d05564bfdedf759cd96adff916da7b9af18fb30064f5a99a5270d599f0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 13:31:00 GMT
Last-Modified: Mon, 24 Jun 2019 13:32:32 GMT
Server: openresty/1.9.7.1
ETag: "5d10d0f0-74d"
Access-Control-Allow-Methods: GET
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin, content-type, accept
Content-Length: 1869
Expires: Fri, 11 Mar 2022 13:31:00 GMT

GET
H2 200 e1eee23f36481a69453f.b.js Show response
cdn.admixer.net/scripts3/44184/ 28 KB
11 KB 13ms
12ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/44184/e1eee23f36481a69453f.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc31
date: Fri, 04 Mar 2022 13:31:00 GMT
content-encoding: gzip
last-modified: Sat, 26 Feb 2022 17:57:58 GMT
server: nginx
etag: W/"621a6a26-702f"
vary: Accept-Encoding
x-cached-since: 2022-02-26T17:58:57+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Mon, 27 Feb 2023 17:58:57 GMT

GET
H2 200 fdabe098f34289659a17.b.js Show response
cdn.admixer.net/scripts3/44184/ 42 KB
18 KB 15ms
14ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/44184/fdabe098f34289659a17.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc31
date: Fri, 04 Mar 2022 13:31:00 GMT
content-encoding: gzip
last-modified: Sat, 26 Feb 2022 17:58:00 GMT
server: nginx
etag: W/"621a6a28-a793"
vary: Accept-Encoding
x-cached-since: 2022-02-26T17:58:57+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Mon, 27 Feb 2023 17:58:57 GMT

GET
H2 200 84011c43c3075e543c6d.b.js Show response
cdn.admixer.net/scripts3/44184/ 13 KB
5 KB 14ms
13ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/44184/84011c43c3075e543c6d.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc31
date: Fri, 04 Mar 2022 13:31:00 GMT
content-encoding: gzip
last-modified: Sat, 26 Feb 2022 17:57:52 GMT
server: nginx
etag: W/"621a6a20-326c"
vary: Accept-Encoding
x-cached-since: 2022-02-26T17:58:57+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Mon, 27 Feb 2023 17:58:57 GMT

GET
H2 200 182f2d74c34963cea11e.b.js Show response
cdn.admixer.net/scripts3/44184/ 11 KB
4 KB 13ms
12ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/44184/182f2d74c34963cea11e.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 51963d3074e03b274597ec8a657697e989d104197d060d7f71e4df8971c25edb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc31
date: Fri, 04 Mar 2022 13:31:00 GMT
content-encoding: gzip
last-modified: Sat, 26 Feb 2022 17:57:44 GMT
server: nginx
etag: W/"621a6a18-2a79"
vary: Accept-Encoding
x-cached-since: 2022-02-26T17:58:57+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Mon, 27 Feb 2023 17:58:57 GMT

GET
H2 200 631117330f3e56489daa.b.js Show response
cdn.admixer.net/scripts3/44184/ 214 KB
74 KB 17ms
17ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/44184/631117330f3e56489daa.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 2cb6aa168491f0d76255839ccbed19fba4f560bcf0b95aea1dc84aa257ac685c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc31
date: Fri, 04 Mar 2022 13:31:00 GMT
content-encoding: gzip
last-modified: Sat, 26 Feb 2022 17:57:49 GMT
server: nginx
etag: W/"621a6a1d-3594f"
vary: Accept-Encoding
x-cached-since: 2022-02-26T17:58:57+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Mon, 27 Feb 2023 17:58:57 GMT

GET
H/1.1

200
OK

adxcm.aspx
inv-nets.admixer.net/
Redirect Chain

https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6845806
https://ad.adriver.ru/cgi-bin/rle.cgi?sid=1&ad=608223&bt=21&pid=2551979&bid=6845806&tuid=-5914717368
https://inv-nets.admixer.net/adxcm.aspx?ssp=AA391812-3D60-4352-AC90-6449D7D09A7A&id=AHQth9fVRlit5f4JKPWUz1g

43 B
463 B

24ms
24ms

Image
image/gif

146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/adxcm.aspx?ssp=AA391812-3D60-4352-AC90-6449D7D09A7A&id=AHQth9fVRlit5f4JKPWUz1g

Requested by

Host: www.zdg.md
URL: https://www.zdg.md/

Protocol

HTTP/1.1

Server

146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 13:31:01 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

Redirect headers

Pragma: no-cache
Date: Fri, 04 Mar 2022 13:31:00 GMT
Transfer-Encoding: chunked
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Location: https://inv-nets.admixer.net/adxcm.aspx?ssp=AA391812-3D60-4352-AC90-6449D7D09A7A&id=AHQth9fVRlit5f4JKPWUz1g
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection: keep-alive
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

adxcm.aspx
inv-nets.admixer.net/
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=197200&cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DFCC51D18-EB58-4B22-B884-02E238CDD6F2%26id%3D&s=197200&C=1
https://inv-nets.admixer.net/adxcm.aspx?ssp=FCC51D18-EB58-4B22-B884-02E238CDD6F2&id=YiIUlJjHw4v87yQVlKxE_gAABGIAAAIB

43 B
463 B

22ms
22ms

Image
image/gif

146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/adxcm.aspx?ssp=FCC51D18-EB58-4B22-B884-02E238CDD6F2&id=YiIUlJjHw4v87yQVlKxE_gAABGIAAAIB

Requested by

Host: www.zdg.md
URL: https://www.zdg.md/

Protocol

HTTP/1.1

Server

146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 13:31:00 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

Redirect headers

Pragma: no-cache
Date: Fri, 04 Mar 2022 13:31:00 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://inv-nets.admixer.net/adxcm.aspx?ssp=FCC51D18-EB58-4B22-B884-02E238CDD6F2&id=YiIUlJjHw4v87yQVlKxE_gAABGIAAAIB
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 304
Expires: Fri, 04 Mar 2022 13:31:00 GMT

GET
H2

200

cm-notify
creativecdn.com/
Redirect Chain

https://creativecdn.com/cm-notify?pi=admixer
https://creativecdn.com/cm-notify?pi=admixer&tc=1

42 B
243 B

15ms
15ms

Image
image/gif

185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://creativecdn.com/cm-notify?pi=admixer&tc=1
Requested by: Host: www.zdg.md
URL: https://www.zdg.md/
Protocol: H2
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 13:31:00 GMT, Fri, 04 Mar 2022 13:31:00 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-type: image/gif
content-length: 42
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://creativecdn.com/cm-notify?pi=admixer&tc=1
date: Fri, 04 Mar 2022 13:31:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 1px-matching-go2net.gif
m.trafmag.com/images/ 35 B
351 B 78ms
18ms Image
image/gif 193.200.65.6
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.trafmag.com/images/1px-matching-go2net.gif?id=921fb8eaaf0345c1b1c55b49728e9414
Requested by: Host: www.zdg.md
URL: https://www.zdg.md/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: adforce.team
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 13:31:00 GMT
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"

GET
H/1.1 204
No Content merge
ce.lijit.com/ 0
348 B 62ms
18ms Image
text/plain 72.251.249.9
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=380632&3pid=921fb8eaaf0345c1b1c55b49728e9414&us_privacy=$(US_PRIVACY)&gdpr=&gdpr_consent=&location=https%3A%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3DA0E94EB6-7943-457A-8B17-9C99C6ADCED2%26id%3D%5BSOVRNID%5D
Requested by: Host: www.zdg.md
URL: https://www.zdg.md/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.9 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Mar 2022 13:31:00 GMT
X-MERGE: GDPR Optout true
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap3ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H/1.1 200
OK 1px-matching-admixer.gif
m.trafmag.com/images/ 35 B
351 B 77ms
18ms Image
image/gif 193.200.65.6
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.trafmag.com/images/1px-matching-admixer.gif?id=921fb8eaaf0345c1b1c55b49728e9414
Requested by: Host: www.zdg.md
URL: https://www.zdg.md/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 193.200.65.6 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: adforce.team
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 13:31:00 GMT
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Content-Length: 35
P3P: CP="NON DSP COR CURa TIA"

GET
H2

200

admixer
exchange.buzzoola.com/cookiesync/ssp/
Redirect Chain

https://exchange.buzzoola.com/cookiesync/ssp/admixer?uid=921fb8eaaf0345c1b1c55b49728e9414
https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=921fb8eaaf0345c1b1c55b49728e9414

43 B
130 B

12ms
11ms

Image
image/gif

168.119.9.59
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.buzzoola.com/cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=921fb8eaaf0345c1b1c55b49728e9414
Requested by: Host: www.zdg.md
URL: https://www.zdg.md/
Protocol: H2
Server: 168.119.9.59 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.59.9.119.168.clients.your-server.de
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 13:31:00 GMT
server: nginx
content-length: 43
serverid: TODO
content-type: image/gif

Redirect headers

location: /cookiesync/ssp/admixer?set_buzzoola_cookie=t&uid=921fb8eaaf0345c1b1c55b49728e9414
date: Fri, 04 Mar 2022 13:31:00 GMT
server: nginx
etag: W/"73af9c7d7cf13fb4bbb44e5214c0ad6310675d6992cc78f1dca83ed7afcaaddc"
content-length: 122
serverid: TODO
content-type: text/html; charset=utf-8

GET
H2 200 match
ads.betweendigital.com/ 68 B
159 B 298ms
98ms Image
image/png 96.46.186.57
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=43070&callback_url=%2F%2Finv-nets.admixer.net%2Fadxcm.aspx%3Fssp%3D70C88C54-8654-4219-A50A-E344F86A4A28%26id%3D${USER_ID}
Requested by: Host: www.zdg.md
URL: https://www.zdg.md/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.46.186.57 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

GET
H2 204 match
dm.hybrid.ai/ 0
238 B 152ms
50ms Image
text/plain 37.18.16.21
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm.hybrid.ai/match?id=128&vid=921fb8eaaf0345c1b1c55b49728e9414&gdpr=&gdpr_consent=

Requested by

Host: www.zdg.md
URL: https://www.zdg.md/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.16.21 , Russian Federation, ASN205675 (HYBRID-AS, RU),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 13:31:01 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 121
x-xss-protection: 1; mode=block
expires: -1

GET
H/1.1

200
OK

adxcm.aspx
inv-nets.admixer.net/
Redirect Chain

https://admixer-sync.rutarget.ru/sync
https://inv-nets.admixer.net/adxcm.aspx?ssp=76391747-8C01-44B5-BA9C-B7DA670E100C&id=4eRVx8prQwF8

43 B
463 B

23ms
23ms

Image
image/gif

146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/adxcm.aspx?ssp=76391747-8C01-44B5-BA9C-B7DA670E100C&id=4eRVx8prQwF8

Requested by

Host: www.zdg.md
URL: https://www.zdg.md/

Protocol

HTTP/1.1

Server

146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 13:31:01 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

Redirect headers

location: https://inv-nets.admixer.net/adxcm.aspx?ssp=76391747-8C01-44B5-BA9C-B7DA670E100C&id=4eRVx8prQwF8
date: Fri, 04 Mar 2022 13:31:01 GMT
server: nginx
content-length: 0
p3p: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/_exWVY_hlNJJl2Abm8pI9i1L/ Frame 38C2 51 KB
24 KB 88ms
40ms Stylesheet
text/css 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_exWVY_hlNJJl2Abm8pI9i1L/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LezBtsUAAAAANM4ECUmzxXVKnvEIYY5ZqaBwkk6&co=aHR0cHM6Ly93d3cuemRnLm1kOjQ0Mw..&hl=de&v=_exWVY_hlNJJl2Abm8pI9i1L&size=invisible&cb=em6bpxv1ob51

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Mar 2022 15:48:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 250969
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 23:43:01 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 01 Mar 2023 15:48:12 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/_exWVY_hlNJJl2Abm8pI9i1L/ Frame 38C2 360 KB
142 KB 87ms
39ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_exWVY_hlNJJl2Abm8pI9i1L/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84d00511d9ac2d60f4b43ad8dd4c237a8093c7a45f1e8da88f5c233866d408f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 12:56:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2042
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 145103
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 23:43:01 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Mar 2023 12:56:59 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 137ms
50ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.zdg.md

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js?cb=31065443

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Mar 2022 13:31:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 136ms
52ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.zdg.md

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js?cb=31065443

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Mar 2022 13:31:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 66 KB
14 KB 679ms
679ms XHR
text/plain 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=837150778650292&correlator=3220976957945784&eid=31065443%2C31065400%2C31065430%2C31063246%2C44758228&output=ldjh&gdfp_req=1&vrg=2022030101&ptt=17&impl=fifs&sc=1&sfv=1-0-38&ecs=20220304&iu_parts=29636627%3A22582554038%2Czdg.md_desktop_1200x250_billboard_hb&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C1200x250&eri=1&cookie_enabled=1&abxe=1&dt=1646400661078&lmt=1646400362&dlt=1646400659836&idt=1136&biw=1600&bih=1200&oid=2&adxs=147&adys=186&ucis=1&adks=503692590&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fwww.zdg.md%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1306x0&msz=1306x0&ga_vid=1634002342.1646400661&ga_sid=1646400661&ga_hid=1602844331&ga_fc=false&fws=0&ohw=0&btvi=0&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js?cb=31065443

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

527268868f1317367202378748895b814d55e29014ae2fa9cbeaca63ea06ebe0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 13:31:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13827
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.zdg.md
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
1aebb9d615daf4f4979eff4ba1eab6a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9FC9 6 KB
4 KB 146ms
48ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1aebb9d615daf4f4979eff4ba1eab6a7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js?cb=31065443

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 04 Mar 2022 13:31:01 GMT
expires: Sat, 04 Mar 2023 13:31:01 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 38C2 102 B
134 B 46ms
46ms Other
text/javascript 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=_exWVY_hlNJJl2Abm8pI9i1L

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6e3d3c32ac7d28713d5d03e6317bc7135fd141a853dccbc4afb0dc4ca1649841

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LezBtsUAAAAANM4ECUmzxXVKnvEIYY5ZqaBwkk6&co=aHR0cHM6Ly93d3cuemRnLm1kOjQ0Mw..&hl=de&v=_exWVY_hlNJJl2Abm8pI9i1L&size=invisible&cb=em6bpxv1ob51
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 13:31:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Fri, 04 Mar 2022 13:31:01 GMT

GET
H/1.1 200
OK refill Show response
www.zdg.md/wp-json/contact-form-7/v1/contact-forms/1288729/ 2 B
566 B 163ms
163ms Fetch
application/json 116.202.113.159
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.zdg.md/wp-json/contact-form-7/v1/contact-forms/1288729/refill

Requested by

Host: www.zdg.md
URL: https://www.zdg.md/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.5.6

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

116.202.113.159 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.159.113.202.116.clients.your-server.de

Software

nginx /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, */*;q=0.1
Referer: https://www.zdg.md/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Fri, 04 Mar 2022 13:31:01 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
Link: <https://www.zdg.md/wp-json/>; rel="https://api.w.org/"
Allow: GET
Content-Type: application/json; charset=UTF-8
Vary: Accept-Encoding, Origin
Transfer-Encoding: chunked
Connection: keep-alive
X-Robots-Tag: noindex
Access-Control-Allow-Headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
Access-Control-Expose-Headers: X-WP-Total, X-WP-TotalPages, Link

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
11 KB 139ms
51ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022030101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js?cb=31065443

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a27398527bf1dc4c21455edf3745ea54195718e7f7dc1e0e1c8ea10bc684991

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 04 Mar 2022 13:31:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10387
x-xss-protection: 0

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame 38C2 31 KB
18 KB 72ms
72ms XHR
application/json 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LezBtsUAAAAANM4ECUmzxXVKnvEIYY5ZqaBwkk6

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/_exWVY_hlNJJl2Abm8pI9i1L/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4c2a17579c49f003bc423e457f9f4bcd36ecaf8d090ab065ec2e099dfd22a44b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LezBtsUAAAAANM4ECUmzxXVKnvEIYY5ZqaBwkk6&co=aHR0cHM6Ly93d3cuemRnLm1kOjQ0Mw..&hl=de&v=_exWVY_hlNJJl2Abm8pI9i1L&size=invisible&cb=em6bpxv1ob51
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Fri, 04 Mar 2022 13:31:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18086
x-xss-protection: 1; mode=block
expires: Fri, 04 Mar 2022 13:31:01 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 155ms
70ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js?cb=31065443

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 13:31:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 04 Mar 2022 13:31:01 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2BB8 13 KB
5 KB 83ms
37ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 04 Mar 2022 13:16:53 GMT
expires: Sat, 04 Mar 2023 13:16:53 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 848
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 15FD 783 B
536 B 49ms
49ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b570e6f51249d873e71d6c72d143ece05c3e5bc3f7629b39211c69c6bce3d1e6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MVE7cWHsMX3EzgXBMzAyQw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 04 Mar 2022 13:31:01 GMT
date: Fri, 04 Mar 2022 13:31:01 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-MVE7cWHsMX3EzgXBMzAyQw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 15FD 0
0 141ms
94ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022030101&jk=837150778650292&rc=05AFx3bKG19jmRrLBAXp6J-JcBr3_H_UAUXJDEkABDr0jgf3QrcODy4RdCEnjGaCqXd2aAmYfLYwX82k9wtt9JCdlur6ehlju714vMj6W-6jZh2ARu85x6FVxw-NHKI_iFGQX4rOkMxbOPN0OcRWQdSQDsNWmBHEZ8-kCAWbWndAP82m_t4AA3-A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 cYUZDpkDTLiaCxFKW6PIDwgD40qdhgxPHck_a-4gLzE.js Show response
pagead2.googlesyndication.com/bg/ Frame 2BB8 35 KB
13 KB 51ms
39ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/cYUZDpkDTLiaCxFKW6PIDwgD40qdhgxPHck_a-4gLzE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7185190e99034cb89a0b114a5ba3c80f0803e34a9d860c4f1dc93f6bee202f31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 12:21:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4197
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13775
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Mar 2023 12:21:04 GMT

POST
H/1.1 204
No Content hb_analytics.aspx
prebid-inv-eu.admixer.net/ 0
237 B 22ms
21ms Ping
text/plain 146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://prebid-inv-eu.admixer.net/hb_analytics.aspx

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.zdg.md/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarydLUwpKcGTBUjnRb7

Response headers

Access-Control-Allow-Origin: https://www.zdg.md
Date: Fri, 04 Mar 2022 13:31:01 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/032202142035000/ Frame 0B13 220 KB
60 KB 127ms
43ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032202142035000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js?cb=31065443

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89b542a306fd479c837bb7608bda059dcb4c0ea9b15a375844cbf4456fd722cb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 291202
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61669
x-xss-protection: 0
server: sffe
date: Tue, 01 Mar 2022 04:37:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "73c6361ffdd039ea"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 01 Mar 2023 04:37:39 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/032202142035000/v0/ Frame 0B13 16 KB
7 KB 122ms
38ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032202142035000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js?cb=31065443

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32b8fae56a7edbfe89e7f7fd22aa7df75546183f81660692c9cf03d3c8d914ba

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 291202
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5733
x-xss-protection: 0
server: sffe
date: Tue, 01 Mar 2022 04:37:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "42a91727bcc93df1"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 01 Mar 2023 04:37:39 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/032202142035000/v0/ Frame 0B13 96 KB
29 KB 197ms
113ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032202142035000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js?cb=31065443

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e02189b6990b38c43207a8c0c206a2fda1833e7b7401fa42af72671e62f43a5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 291202
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29577
x-xss-protection: 0
server: sffe
date: Tue, 01 Mar 2022 04:37:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "42f1ed997a28c2a2"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 01 Mar 2023 04:37:39 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/032202142035000/v0/ Frame 0B13 5 KB
2 KB 196ms
112ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032202142035000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js?cb=31065443

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3110966fa73dac64901ac2cec67656155bb9717286b7b0da0544cdd8ae7c888d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 291202
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1873
x-xss-protection: 0
server: sffe
date: Tue, 01 Mar 2022 04:37:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8e63b195883091b5"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 01 Mar 2023 04:37:39 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/032202142035000/v0/ Frame 0B13 42 KB
13 KB 190ms
107ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/032202142035000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js?cb=31065443

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac2a6bdf3640e1213ba9a0a900ea6864a0274b080ba3bcf05ff245bfabb5eba0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 291202
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13633
x-xss-protection: 0
server: sffe
date: Tue, 01 Mar 2022 04:37:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d3c67c66f710e82a"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 01 Mar 2023 04:37:39 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 0B13 3 KB
599 B 91ms
46ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022030101.js?cb=31065443

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4807a6369eb785c61dc62752412d0b5f58e16601fb3c0d3b4c919d52a0cf8988

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 04 Mar 2022 11:35:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 04 Mar 2022 13:31:01 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 04 Mar 2022 13:31:01 GMT

GET
H3 200 ro.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0B13 2 KB
2 KB 36ms
36ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/ro.png

Requested by

Host: www.zdg.md
URL: https://www.zdg.md/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

634452a9edacddb496182ea96d3b32aeb710730bfa32ade631ea7d194b5860e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Mar 2022 18:16:34 GMT
x-content-type-options: nosniff
server: cafe
age: 69267
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 5681779906409857437
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1785
x-xss-protection: 0
expires: Fri, 04 Mar 2022 18:16:34 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 0B13 295 B
319 B 37ms
37ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.zdg.md
URL: https://www.zdg.md/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 09:53:05 GMT
x-content-type-options: nosniff
server: cafe
age: 13076
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sat, 05 Mar 2022 09:53:05 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 0B13 0
0 44ms
44ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSiC9dbDqndaIpOU0_5kDdBYEG442e7DV0n0a6Y68O3KHsEw2x5j2B-9ikE_Fwpqw2SefVFx3VPEMXYCs-lkjytZsvtnA
Requested by: Host: www.zdg.md
URL: https://www.zdg.md/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 0B13 0
0 110ms
109ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CAPXOlRQiYpegCciNjuwPzsq3oAftutPiaJiki5SjCKzN4vCyDxABIOPgvCNgleKQgqAHoAHrtdSYA8gBBqkCHvzcQ6l6sj7gAgCoAwHIAwqqBJcCT9C9p506jfw8qrnWwOa4BAQud3xjmEkHv6HnWdo1cjkAX0qFHaPjr32vq1KccIWbm9OfrCNhIpYZYDWhEvwslT2crsHLgBDBu0SI5x-XCV243bkAjC0P3VFAvdKuU3g490z2P5bvh-0JLev_JxQ1T-xWiQWmt0RFINkXsz6CgXcjB_Cw0sJsn_suOpwX4IgxB2xxDyIiHpTmtQVCaaPJufV7CvptC5GnwWNIEkgVQrMH5tSvfbmuqQrmnsnf24cc6cdT2m7qG4gvk6zrcPRH9NCr259EdM6Ehqh73JepA9yzyJCAVTNR0htSyUiQWJZZ-5y1uJjee2V9c4aP5M-0rYt19vnnDoszR4H0MpdzghbpzD0ASHbUwATYraGM3wHgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGN4AH_cmrZ6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAfIHBBDH5g3SCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTg0MDY5MDI2NDA0OTk3MjaACgPICwHYEw7QFQGYFgGAFwGyFx4KHAgAEhRwdWItMzM3OTk2OTExNjk1MDE5ORiLuhI&sigh=lDlMIoMbiQY&uach_m=[UACH]&template_id=493
Requested by: Host: www.zdg.md
URL: https://www.zdg.md/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s05-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2BB8 0
9 B 36ms
36ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?aTUMyw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Mar 2022 13:31:01 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 0B13 19 KB
20 KB 151ms
37ms Image
image/jpeg 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQZy9Mc0kc87-4GyDrWv8EnHaJxfRpMb1guhHeEKRv4UdBQiOj3OO1A9BfhEA&usqp=CAI

Requested by

Host: www.zdg.md
URL: https://www.zdg.md/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31f9e95ec606a5a872e7d13751eda43a38bc2062cb744c282759ede9d801463d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 28 Feb 2022 22:55:50 GMT
x-content-type-options: nosniff
age: 311712
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19809
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 16:10:11 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 28 Feb 2023 22:55:50 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 0B13 13 KB
14 KB 153ms
39ms Image
image/png 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQnAT4MYcLWaSgZVCAU5soMse3aLEpeDDp_ViGdE5xn9QXrqDIm&usqp=CAI

Requested by

Host: www.zdg.md
URL: https://www.zdg.md/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a68fa20518b94b96b67cca5e59d683a0662307519828296cd0fbca0a841e4178

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Feb 2022 20:27:55 GMT
x-content-type-options: nosniff
age: 579787
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13304
x-xss-protection: 0
last-modified: Wed, 18 Apr 2018 14:42:22 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 25 Feb 2023 20:27:55 GMT

GET
DATA 200
OK truncated
/ Frame 0B13 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2614b1954000dec5c040261e6c7ad88d8607c620464249ed3639ba604a1f165

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v20/ Frame 0B13 20 KB
20 KB 37ms
36ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v20/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.zdg.md
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 19:31:22 GMT
x-content-type-options: nosniff
age: 151179
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20784
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:58:54 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Mar 2023 19:31:22 GMT

GET
H3 200 ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v20/ Frame 0B13 21 KB
21 KB 41ms
41ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v20/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.zdg.md
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Mar 2022 19:37:31 GMT
x-content-type-options: nosniff
age: 150810
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21428
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:58:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 02 Mar 2023 19:37:31 GMT

GET
H/1.1 204
No Content logcz.aspx
inv-nets.admixer.net/ 0
220 B 28ms
27ms Image
text/plain 146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/logcz.aspx?zone=cba69d7f-eece-4247-a1ab-87842a8d1207

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 04 Mar 2022 13:31:02 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 204
No Content logcz.aspx
inv-nets.admixer.net/ 0
220 B 25ms
25ms Image
text/plain 146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/logcz.aspx?zone=1ebd4265-0ea9-4fc8-8cd3-7f1a7d61c00d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 04 Mar 2022 13:31:02 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 76ms
75ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022030101&jk=837150778650292&bg=!2Nul25_NAAb7UztL-1M7ACkAdvg8WuqIo9gDtK_ncJHhFVcpuOwcnD7BsNuOv_Uw0MVUpbRxGean8AIAAABoUgAAAANoAQcKABc6Dww_ICONI4s1afAi9O9MvQnB_nLU3ZkCn1IlJO-A5qeZM3l-n4BevprR1S-cuOfpb7lR0oCGNg_mmClCGvsz-7X_AejSJ4Wd90l0ER14Y5MAG1B_b4UGhnTwm92sW7WiU93ece8W1yc93Dzrl9Yj2CLjNPaU4_QlNyppFGvR1Bbt9GMnzcp0fRt8j2VPygigdFYT-elcgPc4CJWlOLiz-YEkWRzBM-Q9XpLEkA3i1dy_MmhBFAVxya69Fya5y0TrWwRqjzpTtYrNpLcN1PLwyyox9Tlae2UmsPdAPo5QLML1Ew9Ltxl2oBASBjcKBdB-IRurmSmPxb_FdqtUWesQfDG9Rl3JSgJmwuUkk6Gnkp9ceK8UDszIyfU-dMBy3OV33-lc6cFai2hf7n5fUXjnrP6xKIGvJnDRQ4Out7_UoT2I8FwM3UIGRcuuW2-nKgv8vQsAGq9rzVB7jiBCrMfm-kPwWLnFk6sSO7oft4xH1lAa3dUsMoJnrXGr5XWXzz6n6yC7ser8IoWoRVZBtMkAXX62VOVNwlXeoyTrzRlxo9iuX8Qgfppg5OJ_VpxxDK14Z292oZwcZ8ltkEe_dclToUEcozyIqJBzNn21cp7IUKUOkTLVxVLoseTarsbGi8CYHAJI2vZhMNnv5Eh5ouYA7tWD91Db22CeEY9ZcMVsgCWas3z_EOp6J0q3nNu594ezbwkV2nYiCPrtitHX4hnq3x_EXWzcXPFJr3dGa13dGBakfDKDEEGA59Wgle23QZZGppGxHfs5jEm1ORHsVQwKZ9E9nwzef_5PHo6e1FBR8ujRhweqlSVSNSIJq9ziIS1wYg-mdBV9mQSVQI6kPCQHuhXqNO52rqV7tai2ahRKJD9JEKL5qCxoAuUlTLMD_6xaGHQ6fqgMOr1Of2oC3qJcNrc9QKWtp11k

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 13:31:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 0B13 42 B
64 B 86ms
86ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss1M0qTGR8M7el5GNSF38-Tn_8XaDSajrxGYQ-wlrtt6GsEXJYldg_Y7xuoEGGLG2xmSxc1wFTFLnyofEtWMqPmuIfedkxeZbkfwvoInjxQtG1SS4vNrA&sai=AMfl-YQnlEKIfkAeojZLIvXcxWzcuTK0kqjwvHYxYw2MlnACbbXmieLY3Hoz4MJvE8dAPJHqP8VL6r9klWXAlxXEjAN3lhbEXY4pzmQ-hkCtet8tn-5Wm7LY-KPKDAcNF5c&sig=Cg0ArKJSzGwJO0EPp8t0EAE&id=ampim&o=200,179&d=1200,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=263&tls=1263&g=100&h=100&tt=1263&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=503692590

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.zdg.md/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Mar 2022 13:31:03 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cntcm.aspx Show response
inv-nets.admixer.net/ 61 B
528 B 24ms
23ms XHR
application/json 146.0.227.109
VELIANET-AS velia...

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/cntcm.aspx?ssp=0ef5b541-739d-48ea-a90e-8cd4a3d34314

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.109 , Ascension Island, ASN29066 (VELIANET-AS velia.net Internetdienste GmbH, DE),

Reverse DNS

Software

nginx /

Resource Hash

5aee61c6f63bffa0cdaee17f0fac475f99625da1d5997cf367d78313f1e1e4fa

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.zdg.md/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 04 Mar 2022 13:31:03 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: https://www.zdg.md
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=25
X-XSS-Protection: 0

Verdicts & Comments Add Verdict or Comment

113 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 05:39:12	Name: _GRECAPTCHA Value: 09AFx3bKEl_oFOPzER4B3zKFRO67-Is7tIDWrJlWCG_fhrqyvQUClS1HpVhvsLf90qWTIrO-imu5vAAPJKLF1a8Tc
www.zdg.md/	1969-12-31 23:59:59	Name: Value: store.test
www.zdg.md/	1970-01-20 02:03:12	Name: _pbjs_userid_consent_data Value: 3524755945110770
.admixer.net/	1970-01-20 03:29:36	Name: am-uid Value: 921fb8eaaf0345c1b1c55b49728e9414
.zdg.md/	1970-01-20 10:48:48	Name: __gfp_64b Value: S3sRhZY.Fv0UZ3VDQi3DOsL3_4jsANfW0cJd2L9hNxP.K7\|1646400660
www.zdg.md/	1970-01-20 01:30:05	Name: am-uid Value: 921fb8eaaf0345c1b1c55b49728e9414
.hit.gemius.pl/	1970-01-20 01:30:05	Name: Gtest Value: KlxPXMMGQMQG5FLAsenM8i8issGMXP8c25nSGsxQ-Rg5XBG.
.exchange.buzzoola.com/	1970-01-20 02:03:12	Name: uuid Value: 63c8c114-ee3d-4745-671c-7085bb0a00bf
.casalemedia.com/	1970-01-20 10:05:36	Name: CMID Value: YiIUlJjHw4v87yQVlKxE-gAA
.casalemedia.com/	1970-01-20 03:29:36	Name: CMPS Value: 3267
.creativecdn.com/	1970-01-20 10:05:36	Name: u Value: WZlv6hATwxVDL1lUIqiN
.creativecdn.com/	1970-01-20 10:05:36	Name: ts Value: 1646400660
.hit.gemius.pl/	1970-01-20 10:48:48	Name: Gdyn Value: KlQ-fRGGQMQG5FLAsenM8i8issGMXP8c25nSGsxQ-Rg5FRxSG7RrGS6GNofBFlMMYH7hRjBGqSRxSG8.
.casalemedia.com/	1970-01-20 03:29:36	Name: CMPRO Value: 1122
.casalemedia.com/	1970-01-20 01:21:27	Name: CMST Value: YiIUlGIiFJQA
.rutarget.ru/	1970-01-20 05:39:12	Name: userId Value: 4eRVx8prQwF8
.adriver.ru/	1970-01-20 18:51:12	Name: cid Value: AHQth9fVRlit5f4JKPWUz1g
.zdg.md/	1970-01-20 10:41:36	Name: __gads Value: ID=700c664adb685eae-22b3334f54cd001e:T=1646400661:S=ALNI_MaX7054kztWfutKXzgZlwRTDJFT6A
.doubleclick.net/	1970-01-20 10:41:36	Name: IDE Value: AHWqTUlPWxOgR9ZloGU-7ahhGkNeSDRt3X8O2Wp_qbFP-VVycJwCgdcOeTs2WC3jyM0
www.zdg.md/	1970-01-20 02:03:12	Name: admixerId Value: 921fb8eaaf0345c1b1c55b49728e9414

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.ampproject.org/rtv/032202142035000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1aebb9d615daf4f4979eff4ba1eab6a7.safeframe.googlesyndication.com
ad.adriver.ru
admixer-sync.rutarget.ru
ads.betweendigital.com
adservice.google.com
adservice.google.de
api.openweathermap.org
cdn.admixer.net
cdn.ampproject.org
cdnjs.cloudflare.com
ce.lijit.com
code.jquery.com
creativecdn.com
dm.hybrid.ai
encrypted-tbn0.gstatic.com
encrypted-tbn3.gstatic.com
exchange.buzzoola.com
fonts.googleapis.com
fonts.gstatic.com
gamd.hit.gemius.pl
inv-nets.admixer.net
ls.hit.gemius.pl
m.trafmag.com
openweathermap.org
pagead2.googlesyndication.com
prebid-inv-eu.admixer.net
s3.amazonaws.com
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
stackpath.bootstrapcdn.com
tpc.googlesyndication.com
use.fontawesome.com
www.google.com
www.gstatic.com
www.zdg.md
116.202.113.159
128.140.224.227
138.201.197.100
142.250.186.66
146.0.227.109
146.59.30.96
168.119.9.59
185.184.8.65
193.200.65.6
195.209.108.47
2.18.234.21
2001:4de0:ac18::1:a:2a
2606:4700::6810:135e
2606:4700::6812:bcf
2a00:1450:4001:803::2002
2a00:1450:4001:803::200e
2a00:1450:4001:808::2001
2a00:1450:4001:827::2003
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2003
2a00:1450:4001:830::200a
2a00:1450:4001:831::2004
2a03:90c0:41:2801::254
2a06:98c1:3120::7
37.139.1.159
37.18.16.21
52.217.163.240
72.251.249.9
80.64.106.152
96.46.186.57
00dd96081977e3c4392669bd136716d853546208a5259586111293d312b6596f
031774994d7b9ec734f4f2d1023dde8bbafe39c4905f718f13920364d6cfbdea
09ef43311f60323feb3ecd8c3f5e81064548c7e632d58e27253e6fef25bc0e7f
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0aa6a7045a55ddcb25bbee4d1edcb864081cf59f7fc9bdc1ada22a32ed4ad3ad
0bc44ea79e71bea23b78759ad6113a2106a0708b2db4988b73f47f3aa10f78fb
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
175c04e10c995c8e667e7cbe403b547eac9f60bf17ac4d76e3ba740bca1fd9b4
1e008db88ca7a02a21aa9ce35c4d723f35b94e18ece18e50373e1e0ea3da1b71
1e02189b6990b38c43207a8c0c206a2fda1833e7b7401fa42af72671e62f43a5
1f49b8706547682e2c5ed6642a2f2dcbd287da458314b967c60d774aa7edb473
2648a1333fa24d383fd73a6beaac17156ae78f4267ff7407ad60e05a788df44c
27fc765db7aa744154046374d0de6f76f19cba5203ef8f29ddfd8ca3d5d2b4aa
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2cb6aa168491f0d76255839ccbed19fba4f560bcf0b95aea1dc84aa257ac685c
3110966fa73dac64901ac2cec67656155bb9717286b7b0da0544cdd8ae7c888d
31f9e95ec606a5a872e7d13751eda43a38bc2062cb744c282759ede9d801463d
32b8fae56a7edbfe89e7f7fd22aa7df75546183f81660692c9cf03d3c8d914ba
33e13339440e41848ddb1b1863fdd2a0ca0d288f50756fff89a8febf1bb16549
357452f2a55c999ddd3afdcbce2c339d41cf7a01613d9d45ff88a753bb82f21d
35aea8a8b560fce73743e9a90aa31ba91af991668146140a2e589eb9c7067f27
36da5c994c78eee30d2a2d1aa6216d4830d737e028d19054f2f4b15f3145ec3e
3895296f7bf9ea6712d6676751317cb60c735ff47bba41b06f75baeabc939453
3b23d7637ea8ad215132fa9a65147a7a004be653e0894ddc3fec51b321ed5b26
424618fa03db07b6ea253a7e4bf7ed8a65e9d26d90fba3a18d5c5d9f88561389
4807a6369eb785c61dc62752412d0b5f58e16601fb3c0d3b4c919d52a0cf8988
4c2a17579c49f003bc423e457f9f4bcd36ecaf8d090ab065ec2e099dfd22a44b
4c616779f9814a86558b97b5187b420323a35d1443435c8fe4d64b6bf4a33f26
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
51963d3074e03b274597ec8a657697e989d104197d060d7f71e4df8971c25edb
527268868f1317367202378748895b814d55e29014ae2fa9cbeaca63ea06ebe0
533143d96607d94d5d4292838e364aef656d3de58fe74368263776eab9c07542
540bdfbad15f1c5dacc2919933bd00c6ecfa718109695a41d029609a9a955b30
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57b6518d9b53c441e2e74143e5941ec1f6cdadd9c2013827c9573745dcff89fb
5aee61c6f63bffa0cdaee17f0fac475f99625da1d5997cf367d78313f1e1e4fa
5afeb2ba15665dfe0c39950eb675f5cf00d1c8f588414a0634eed4f60f743401
5b93d1d05564bfdedf759cd96adff916da7b9af18fb30064f5a99a5270d599f0
5edaf92540d598dda232ac37f813e7e944c32c0358f1ed29551f0e5ede97f784
5f4c8e76510fcde1fcc1c76ed8894b0afbb06718c75591dbb11d3b733252b5b3
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99
634452a9edacddb496182ea96d3b32aeb710730bfa32ade631ea7d194b5860e6
66f3a07e1fa9b64a686b66381e4458dbc8abf3dbbff954720c4eec07b84411c2
672305a06578c62e801efdb067fffad21042eb1f0b66f41eb6f744b9f46114a3
679e44f9b4bbbc2ad0c4000c1413fd3a88627d83f1cba8ebdac26f81bc7edb78
6802c5b5afe5a5344277003821601f4eea78dd496e740c5fd782c3e92fa3001d
6a16c04229bc2b4da226eb97e68d94f49ba6437b7b5e16c14a101b21a29384e9
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6be77e66527b53318b042909a859ea1e292ec2236cc8bd0aa32f6f5b8f9e68a3
6c4f7fd7d26f8cf3a1638ee63a31173844fb69143f1abe8685c046f05b2eca3d
6caee481ea7386c670a4708adc275826dd8e9c21db441ee35eb13ed8da71a28a
6e3d3c32ac7d28713d5d03e6317bc7135fd141a853dccbc4afb0dc4ca1649841
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
7185190e99034cb89a0b114a5ba3c80f0803e34a9d860c4f1dc93f6bee202f31
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a
74ebf9cf691be6ed558e79c9200883d1786868ff13116eacc95f0b8a60853b73
7a27398527bf1dc4c21455edf3745ea54195718e7f7dc1e0e1c8ea10bc684991
7b769ca2e76d50cae32a312a13da0bc5593450bcc047354d99cb70cd752dc98a
7b962f26f50d961a55788b94597597ec5d122144e1271593cecf0fcebd5da088
7d28203037ba98815f408afb19842b365f6b5581d62405f6423f34ecf6328d6b
7f1551f90ab3ca65e29db51c05ec8bcb16750deb40ace91e62573dadb9eac7eb
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
81f397f76a9090a63ea65da6572574bcabacd2dc056bc49837d52a673f581a39
84d00511d9ac2d60f4b43ad8dd4c237a8093c7a45f1e8da88f5c233866d408f2
89b542a306fd479c837bb7608bda059dcb4c0ea9b15a375844cbf4456fd722cb
89ffc605b82c511527e56eb53b7d8100b2fc952bcac64b5360cdcd323fcc2a3b
8b4fd7bcadd8d9e95b7aebae2f7b233dab0453cc931ba13add8a313dc3c61033
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
93049ec1861f6b0ca27677006c4bf791ce45eb2a0867f463bc774efbdd664aab
93a1679cf7d6af1e698e3712191d26fb7aa77ea00cfa2df453d05e0964b32b5d
a198baa1694f9f38a126af0f5e176c4d2c705beff820ef2b3227c05608ba7475
a277233744ae6bbe3030bed76714e6c7ef3f8a39a186599b083e4e9e3d2df7fe
a2c1967d4bc375b190863aabb8bb22a2da4ec5461f8dfd8add4987e3687a26ed
a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5005b6d981acbae1e0f3637d76927718785fcf90989c45b9e329b6568b880be
a68fa20518b94b96b67cca5e59d683a0662307519828296cd0fbca0a841e4178
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aac43b5ab7d66f2f6faae142de2bd548dac9eb018fd3a7e719ada607218c3128
ac1f323852a36632f8dfe30353a701c696c19790d925f66a030a9ddd275eb7c1
ac2a6bdf3640e1213ba9a0a900ea6864a0274b080ba3bcf05ff245bfabb5eba0
ac931b44425b536bb31c2ce2f5a10130a2b142d50d22a5bd13d842afc6223c99
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
ad4112f98660b1af722d840c98dba682dbc0dfa5f1914786fac8e1b1421601d0
ad8d6790c4653e3bd078031ffcd5b9c231056162ff04ae386ad85fb74e89407e
aff01a147aeccc9b70a5efad1f2362fd709f3316296ec460d94aa7d31decdb37
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b15aceb04dbf5604df5617cfe984f48479cb131c1df02825d1c24e9f35d01857
b41f8319432095f7405382dc9d477073e97f247df9e039e63f6f8b6959724cd0
b570e6f51249d873e71d6c72d143ece05c3e5bc3f7629b39211c69c6bce3d1e6
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a
b88d7d38e30818e3e170b366bd69d211a090996abb122737d4dffb0fbbe24274
c000066f2b27add17d55cfec67196d43c6a529f550da7877663e34632c927bcf
c009ee7b0ff395016980733d1c7f8277b4425fe5b1cad0d780379e3c0023abea
c04b2a271cc7a3d2f05e2d2eef3c87d7b0baa491ce4d609edb53e25b983600dd
c7f60558c3dabc921766aad1a2a676c9ae7e1fbb6cc7cdf73e6fe6ec322aa250
c836ab144528f3b6748bb49a0ba6fbd3118028282185660067fde9fbcf68e251
c8778ddb37266b1d9485dbb640aa5d9e378561e74a7484c73f02b0687ae0a583
c8f7c04f8d691138d54380550d91349271ca19cfc0f3f6666c401cfa892a12f8
c919fdf1d93278991898c7128dfcbb3cdb60b3b21be2be64a8184876a54dccf1
c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6
c9df5025b2f82506c55acb032ac21a262d69c7ced47d644649a5b075bc91db36
d2614b1954000dec5c040261e6c7ad88d8607c620464249ed3639ba604a1f165
d68c40e3ddf63af6de0455d1b642074990816e54d148b0d17cb1c9e4b2bf49b7
e11a5ac72bea720c89def194185cc6dd5a671c11bf786e4942b581118b29cdc2
e1a9f29f42c8aded9c06916867c167eeefff784bb887ea25d10959df0bbf25ec
e20ddb9ed1fa044cb624f0253bb06b13c92ed9915063bd63a5806440c6b1ce7c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4247db0e8b3cd0b10fc9f1c76b5d364b45dfa7b426b29afb9b28c1475a73c17
e55d07bfd9aa8919c00ba173b1cf6fbc0fc35851b107001f3f3f6ed6418c9a90
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
e7de376cfc3d34771f7f9ed2ac61d82e30d82c9913232ff3a1ba8f572261dbe0
e8bbc09c9d8ad4c5c95cbc60ab1bd4e3c394e0e7ca5132830b8c5f3dbe817767
ea4cb2dbe69c87cfcb23890afc5053fb1b8c3b0fcb6c4cce738a408c73c1d8ec
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8f91d73556ee8db4eb53dbc798cb70071d5732b8fa91886c93ed294dd77caf
efd6a59ce31c8b9727d0dd60081dda2975a483e611753baac09d714f9448cf97
f287efe0435fa82bc67334016d6ff203ad940a368916fb5892823dfc47675cad
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b
f62da9fa67a86fc30d576a01706e20a58fbe41ff7b9ac45671746fb2ac766d39
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f7fade5794bd7bc1a2572df88613ae6deeb1d82ab5c9e42dce2bdee008ccb4c2
fbba571930499cb86d738ffa9cefe55a8bef0b1f140e08dc3281f1a6787842f4
fefa3b7ddf55edaebebf8b665c8ec1231dbba25e91c1b9a6f685e1a6e76323c2

www.zdg.md Open in urlscan Pro 116.202.113.159 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

153 Requests

96 %HTTPS

48 %IPv6

25 Domains

35 Subdomains

31 IPs

7 Countries

2711 kBTransfer

7441 kBSize

20 Cookies

18 Outgoing links

Page URL History

Redirected requests

153 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.zdg.md Open in urlscan Pro
116.202.113.159 Public Scan

Screenshot
Live screenshot

Full Image

153
Requests

96 %
HTTPS

48 %
IPv6

25
Domains

35
Subdomains

31
IPs

7
Countries

2711 kB
Transfer

7441 kB
Size

20
Cookies

153 HTTP transactions
3 data transactions