urlscan.io logo urlscan.io
SecurityTrails logo

galtro.xyz Open in urlscan Pro
2606:4700:3035::6815:3df6  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://zivbod-streaming.fr/
Effective URL: https://galtro.xyz/zivbod/
Submission: On May 19 via api from US — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 11 domains to perform 38 HTTP transactions. The main IP is 2606:4700:3035::6815:3df6, located in United States and belongs to CLOUDFLARENET, US. The main domain is galtro.xyz.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on January 26th 2023. Valid for: a year.
This is the only time galtro.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 18 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 2620:1ec:4e:1... 8075 (MICROSOFT...)
1 2001:4860:480... 15169 (GOOGLE)
3 52.152.143.207 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2 68.219.88.97 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
38 12
1    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
zivbod-streaming.fr
18    2606:4700:3035::6815:3df6 (United States)

ASN13335 (CLOUDFLARENET, US)
galtro.xyz
1    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
2    2620:1ec:4e:1::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
3    52.152.143.207 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
o.clarity.ms
1    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    68.219.88.97 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
2    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
18 galtro.xyz
galtro.xyz
139 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 952
o.clarity.ms — Cisco Umbrella Rank: 7660
c.clarity.ms — Cisco Umbrella Rank: 1495
22 KB
6 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1856
140 KB
3 gstatic.com
fonts.gstatic.com
194 KB
2 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 93
167 KB
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
5 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 232
740 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
4 KB
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2230
251 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
69 KB
1 zivbod-streaming.fr
zivbod-streaming.fr
702 B
38 11
Domain Requested by
18 galtro.xyz 1 redirects galtro.xyz
6 fundingchoicesmessages.google.com galtro.xyz
pagead2.googlesyndication.com
3 fonts.gstatic.com fonts.googleapis.com
3 o.clarity.ms www.clarity.ms
2 pagead2.googlesyndication.com galtro.xyz
pagead2.googlesyndication.com
2 c.clarity.ms 1 redirects
2 www.clarity.ms galtro.xyz
www.clarity.ms
1 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 c.bing.com 1 redirects
1 fonts.googleapis.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com galtro.xyz
1 zivbod-streaming.fr 1 redirects
38 13

This site contains links to these domains. Also see Links.

Domain
www.arcom.fr
www.govinfo.gov
www.themoviedb.org
binmir.xyz
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-01-26 -
2024-01-26		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-01 -
2023-12-01		 a year crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 06		 2023-02-13 -
2024-02-08		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://galtro.xyz/zivbod/
Frame ID: 413570D22CAFBC41FC1548AB6324E2CD
Requests: 40 HTTP requests in this frame

Frame: https://galtro.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/invisible.js
Frame ID: 1E1F082D4DA5DF02405472F10168FF9D
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230515/r20190131/zrt_lookup.html
Frame ID: 7A65734DF7A19CB1045841EB091E9331
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Zivbod - Tous les films en streaming gratuits [mai 2023]

Page URL History Show full URLs

  1. http://zivbod-streaming.fr/ HTTP 301
    https://galtro.xyz/zivbod/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

38
Requests

95 %
HTTPS

85 %
IPv6

11
Domains

13
Subdomains

12
IPs

3
Countries

740 kB
Transfer

2040 kB
Size

13
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://zivbod-streaming.fr/ HTTP 301
    https://galtro.xyz/zivbod/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19
  • https://galtro.xyz/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
  • https://galtro.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/invisible.js
Request Chain 35
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=E68C2320630348AF883CF2A318312EC7&RedC=c.clarity.ms&MXFR=323C40424424682237BC535440246680 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=E68C2320630348AF883CF2A318312EC7&MUID=0724254C660266592A39365A67BB67A8

38 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
galtro.xyz/zivbod/
Redirect Chain
  • http://zivbod-streaming.fr/
  • https://galtro.xyz/zivbod/
258 KB
49 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://galtro.xyz/zivbod/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:3df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34cfe3cad4db40fb95f85742458dbf501dfe03138e814b91c9c99394355be498
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

age
262
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-edge-cache
cache,platform=wordpress
cf-ray
7c990fbfc9a83ca1-CDG
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 19 May 2023 02:55:31 GMT
last-modified
Fri, 19 May 2023 02:51:09 GMT
link
<https://galtro.xyz/wp-json/>; rel="https://api.w.org/", <https://galtro.xyz/wp-json/wp/v2/posts/6098>; rel="alternate"; type="application/json"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy
strict-origin-when-cross-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MoAH5G8m4JEW1d7Fsaq0XcqdcQ6OwflhrnQV2mF3sibsuWKLRY29u7OAecMwwOtG69fQ4nPSA03QIx5PYMLq2I6F%2FEc5yIrQvPyriqRBcrWAcynAz8VCemCaBmpibyuupOfek9e6h2QO"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15768000
vary
Accept-Encoding
x-cache
HIT
x-cacheable
YES
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-ua-compatible
IE=edge
x-xss-protection
1; mode=block

Redirect headers

CF-RAY
7c990fbf4b0d0181-CDG
Cache-Control
max-age=3600
Connection
keep-alive
Date
Fri, 19 May 2023 02:55:31 GMT
Expires
Fri, 19 May 2023 03:55:31 GMT
Location
https://galtro.xyz/zivbod/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qpyZSgBJncipYobD1Be54mXmgwbb1yJ023Q6WpYzQcU4Z%2BtO0Ju5XfshoMgMdKIMuszJiCK2Fq%2FP3kabp6CJGaN84%2BYij2k%2B9fjv66eFRtCM0RRKy5lYkOU0GFaYv2lq650NQ87mwaX7hmkfPbbRfWGT"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
jquery.min.js
galtro.xyz/wp-includes/js/jquery/ 		88 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://galtro.xyz/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by
Host: galtro.xyz
URL: https://galtro.xyz/zivbod/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:3df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://galtro.xyz/zivbod/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 02:55:31 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
cf-cache-status
HIT
x-cacheable
YES
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
580
content-encoding
br
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 20 Feb 2023 14:20:18 GMT
server
cloudflare
etag
W/"63f381a2-15e54"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
cache-control
max-age=315360000
access-control-allow-credentials
true
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qHFyL7iE3x8dBuQ%2BwsgOmu%2B8vA7Co%2BkksiyuX0U3KgkIzpAJ98kRtgcBEFzAqEcvJq8EQEs3enLJAqbhkqDT%2F1LkT6WNF2483mJ6ps%2FnJw5qYBdaKx4o54vaP67D79CziQPTS1mtKKbU"}],"group":"cf-nel","max_age":604800}
cf-ray
7c990fc019c23ca1-CDG
access-control-allow-headers
User-Agent,Keep-Alive,Content-Type
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery-migrate.min.js
galtro.xyz/wp-includes/js/jquery/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://galtro.xyz/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: galtro.xyz
URL: https://galtro.xyz/zivbod/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:3df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://galtro.xyz/zivbod/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 02:55:31 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
cf-cache-status
HIT
x-cacheable
YES
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
580
content-encoding
br
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 02 Feb 2021 07:47:34 GMT
server
cloudflare
etag
W/"60190396-2bd8"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
cache-control
max-age=315360000
access-control-allow-credentials
true
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wBxBWuzjmf%2FPhVqxpE8FDDHBo0WK3141QnM5YTvaUCOEmnyVz8LjSzD3B4Nfqa0pdHCHSMq%2Bmj8uISX3zQxtCN5%2ByCB%2Flsa%2B5vxteZzf4cWc0RkUo3irrH6%2F2OeJj25RjoUmFIS34wCI"}],"group":"cf-nel","max_age":604800}
cf-ray
7c990fc029c33ca1-CDG
access-control-allow-headers
User-Agent,Keep-Alive,Content-Type
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.lib.min.js
galtro.xyz/wp-includes/js/jquery/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://galtro.xyz/wp-includes/js/jquery/jquery.lib.min.js
Requested by
Host: galtro.xyz
URL: https://galtro.xyz/zivbod/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:3df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea45a828e2428e2fb266dce7777503e43e4c1ccd2bf0256fc129fba2c4cdad6a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://galtro.xyz/zivbod/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 02:55:31 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
cf-cache-status
HIT
x-cacheable
YES
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
664
content-encoding
br
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 15 Nov 2022 23:43:37 GMT
server
cloudflare
etag
W/"63742429-450"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
cache-control
max-age=315360000
access-control-allow-credentials
true
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nKzoDypDgzB2%2F%2BYQ%2FAsmilsaamTaVBnUfxko5h3tdVkC8%2Fq%2BzsT3D0Peed1WHhgCozeQlEANI9PhOduPhu3X5KSTf71DAn2umbgsdhB%2FAc%2BXRZUq57n%2BgxR1S45WgtUbILjlq0ct6F6E"}],"group":"cf-nel","max_age":604800}
cf-ray
7c990fc058c50171-CDG
access-control-allow-headers
User-Agent,Keep-Alive,Content-Type
expires
Thu, 31 Dec 2037 23:55:55 GMT
js
www.googletagmanager.com/gtag/ 		188 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-3LPKQFRQLJ
Requested by
Host: galtro.xyz
URL: https://galtro.xyz/zivbod/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b7d63e9cf48d11646a0bbbf041d918663224839361b9cc32201722113e30184f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://galtro.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 02:55:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
70380
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 19 May 2023 02:55:32 GMT
pub-8958958545580541
fundingchoicesmessages.google.com/i/ 		132 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/pub-8958958545580541?ers=1
Requested by
Host: galtro.xyz
URL: https://galtro.xyz/zivbod/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
de1d959861fe2324fa523c5c5b6238c131714a7f7896baf854e4ecb78f5398bc
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-i0IjSAYvQSXH0vUJcIGz0w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://galtro.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 02:55:32 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-i0IjSAYvQSXH0vUJcIGz0w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
cv.js
galtro.xyz/wp-content/plugins/content-views-query-and-display-post-page/public/assets/js/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://galtro.xyz/wp-content/plugins/content-views-query-and-display-post-page/public/assets/js/cv.js?ver=2.5.0.1
Requested by
Host: galtro.xyz
URL: https://galtro.xyz/zivbod/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:3df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d061f9626d9361fad79e4fc876baea08ff330d55c8e8b8dbb6a2b390e6d8961e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://galtro.xyz/zivbod/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 02:55:31 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
cf-cache-status
HIT
x-cacheable
YES
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
580
cf-polished
origSize=23328
content-encoding
br
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Wed, 23 Nov 2022 15:10:32 GMT
server
cloudflare
etag
W/"637e37e8-5b20"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
content-type
application/javascript
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LqUHH1NlcbgnQZcaSObcvkDmzqYeAVzsEJt1Bo4iIZX5kQUR9YlGNkW9k2PH7Vi3jUU%2BiIkHafiMeaWfumfNE77P%2BZ5e6CAxD%2BttDcHZyj%2FgXtXGcLLA8A%2Ftr3jR1SlyH5NlH7WNXd14"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=315360000
access-control-allow-credentials
true
cf-ray
7c990fc029c53ca1-CDG
access-control-allow-headers
User-Agent,Keep-Alive,Content-Type
expires
Thu, 31 Dec 2037 23:55:55 GMT
main.min.js
galtro.xyz/wp-content/themes/generatepress/assets/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://galtro.xyz/wp-content/themes/generatepress/assets/js/main.min.js?ver=3.0.2
Requested by
Host: galtro.xyz
URL: https://galtro.xyz/zivbod/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:3df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0901279dec1117310802c450665b34a60788da4a00e066d2de367327cd13456
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://galtro.xyz/zivbod/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 02:55:31 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
cf-cache-status
HIT
x-cacheable
YES
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
580
content-encoding
br
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 09 Feb 2021 09:57:21 GMT
server
cloudflare
etag
W/"60225c81-1c98"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
cache-control
max-age=315360000
access-control-allow-credentials
true
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cKPBLnWBRYlLPPMIAWCG7dt1JmOdceszQSyKGH%2F%2BhSrpeP2uDzdqcYUEf1USjvufcihQWnvs2sq4o5LJiJx2OE9F7dOEhA%2FvDsHeKO6AkSkoTbayDQE%2BBs3tE0EYQ%2FdwPLbP7bkCdDuv"}],"group":"cf-nel","max_age":604800}
cf-ray
7c990fc029c73ca1-CDG
access-control-allow-headers
User-Agent,Keep-Alive,Content-Type
expires
Thu, 31 Dec 2037 23:55:55 GMT
navigation-search.min.js
galtro.xyz/wp-content/themes/generatepress/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://galtro.xyz/wp-content/themes/generatepress/assets/js/navigation-search.min.js?ver=3.0.2
Requested by
Host: galtro.xyz
URL: https://galtro.xyz/zivbod/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:3df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
199898d01ee6a242c64dc62559177261862ebfd52ee6903eddb87017cfa6d295
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://galtro.xyz/zivbod/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 02:55:31 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
cf-cache-status
HIT
x-cacheable
YES
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
580
content-encoding
br
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 09 Feb 2021 09:57:21 GMT
server
cloudflare
etag
W/"60225c81-87a"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
cache-control
max-age=315360000
access-control-allow-credentials
true
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2F1hDGxCrWVo94BTFx8WAPWbFJ7y0FMFPS5Oxyaz7Yl8VrbKfmDbWTZcU5gtrbIUn%2BYdx42Feck6H6IxZl9D%2BLHcInfyrgfYzsMHc22GA1MR2rckMMTexc80lm8wKWnEsF9iLLvolEvg"}],"group":"cf-nel","max_age":604800}
cf-ray
7c990fc029c83ca1-CDG
access-control-allow-headers
User-Agent,Keep-Alive,Content-Type
expires
Thu, 31 Dec 2037 23:55:55 GMT
back-to-top.min.js
galtro.xyz/wp-content/themes/generatepress/assets/js/ 		712 B
653 B 		Script
General
Check archive.org
Download Go to
Full URL
https://galtro.xyz/wp-content/themes/generatepress/assets/js/back-to-top.min.js?ver=3.0.2
Requested by
Host: galtro.xyz
URL: https://galtro.xyz/zivbod/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:3df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3768f04f42b79eb4e04658f9afcdab75362a71eed99e851b05312b74964907aa
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://galtro.xyz/zivbod/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 02:55:31 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
cf-cache-status
HIT
x-cacheable
YES
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
580
content-encoding
br
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 09 Feb 2021 09:57:21 GMT
server
cloudflare
etag
W/"60225c81-2c8"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
cache-control
max-age=315360000
access-control-allow-credentials
true
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=98V%2FJxRCEeOOG%2For3m%2BRB2c2K4LcujPUTx1QVUqp4dXW%2FxUWQ04RVO%2FZGez6Wa%2FyOMfkcvE29Af92F%2BdrXQmEvNVw%2Fji4SblYDDqJaSU8BuaP61rPdxtJjwpdNoII8r0igstUGdFySZ4"}],"group":"cf-nel","max_age":604800}
cf-ray
7c990fc029ca3ca1-CDG
access-control-allow-headers
User-Agent,Keep-Alive,Content-Type
expires
Thu, 31 Dec 2037 23:55:55 GMT
main.min.js
galtro.xyz/wp-content/plugins/luckywp-table-of-contents/front/assets/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://galtro.xyz/wp-content/plugins/luckywp-table-of-contents/front/assets/main.min.js?ver=2.1.4
Requested by
Host: galtro.xyz
URL: https://galtro.xyz/zivbod/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::6815:3df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
995456f7211327129612b97dc0a2baa2288f1e3065d1d6ed1882a0eb89d6baac
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://galtro.xyz/zivbod/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 02:55:31 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
cf-cache-status
HIT
x-cacheable
YES
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
293
content-encoding
br
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 22 Oct 2020 04:19:34 GMT
server
cloudflare
etag
W/"5f910856-e5e"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
cache-control
max-age=315360000
access-control-allow-credentials
true
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0gIaTnBSXjYNsH7KHJhPwm0thziIsRFGrs5IkQxL5vM%2FLl0TDufVhQQ3B9nzioW5ErhoK3%2F3g%2FZYl9V8GzhlhnGC06yukQsqzgdQOIPZac4T12eTR%2FiNSLhZq0lKggPXv87MdyNetSO2"}],"group":"cf-nel","max_age":604800}
cf-ray
7c990fc029cb3ca1-CDG
access-control-allow-headers
User-Agent,Keep-Alive,Content-Type
expires
Thu, 31 Dec 2037 23:55:55 GMT
lazyload.min.js
galtro.xyz/wp-content/plugins/rocket-lazy-load/assets/js/16.1/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://galtro.xyz/wp-content/plugins/rocket-lazy-load/assets/js/16.1/lazyload.min.js
Requested by
Host: galtro.xyz
URL: https://galtro.xyz/zivbod/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:3df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://galtro.xyz/zivbod/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 02:55:31 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
cf-cache-status
HIT
x-cacheable
YES
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
663
content-encoding
br
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 02 May 2022 16:30:04 GMT
server
cloudflare
etag
W/"6270070c-1ed2"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
cache-control
max-age=315360000
access-control-allow-credentials
true
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UICT0eJkEkhcn3S1wRc4zd1DiUTH75HYK%2BuerJjhFqV2xQ7jWPxQPswMh99VKOyCSa4Ddte1yJp1YQRxxoJwu5bkWgHzxshMJGESbWC3uZvAFpH89okchvFHT4q%2Fq0Evr7cOn%2BXMrbRb"}],"group":"cf-nel","max_age":604800}
cf-ray
7c990fc0a8e30171-CDG
access-control-allow-headers
User-Agent,Keep-Alive,Content-Type
expires
Thu, 31 Dec 2037 23:55:55 GMT
pub-8958958545580541
fundingchoicesmessages.google.com/b/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/b/pub-8958958545580541
Requested by
Host: galtro.xyz
URL: https://galtro.xyz/zivbod/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
42fa51cb3c863a9638f8672fff260658dfe9e184ad3e101d5ce7d5716869ce39
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-TTy9VGTX8YXLiAkfP6dNgw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://galtro.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 02:55:32 GMT
content-security-policy
script-src 'report-sample' 'nonce-TTy9VGTX8YXLiAkfP6dNgw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
3y3nba14xx
www.clarity.ms/tag/ 		811 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/3y3nba14xx
Requested by
Host: galtro.xyz
URL: https://galtro.xyz/zivbod/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4e:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ca2fb228e428017f54d87fb1d03820e7ca7fa6f0e3d71a682047bbc4ffeeb897

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://galtro.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-type
application/x-javascript
date
Fri, 19 May 2023 02:55:31 GMT
cache-control
no-cache, no-store
expires
-1
x-azure-ref
0JOVmZAAAAAApQKcQ3Zc3TZ4KeFV0KQXAUEFSMDJFREdFMDYyMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
CONFIG_NOCACHE
request-context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
truncated
/ 		64 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b3bd14ca785edc63784d522936e3b9b7a7535fe3d1acaefbf2e44a706aa655f7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0f8c15004f2ccabb778bcdeb55a1f7a52eeea9f0126093a81b8d58f403d8d0df

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
61bfedc8a9606b4c184427954bba1d1e5eac7d2917b5098270636069069c2eaf

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
411c3cb20fd2bb8fe09088ab23eb12fd11dba2e9bb0313b94f31cb9ec133fc61

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d2f24b6daf4b8415367b0a774d1ecfc4da2e7eb632bc5304f0dc399dd6a46082

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
image/svg+xml
invisible.js
galtro.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/ Frame 1E1F
Redirect Chain
  • https://galtro.xyz/cdn-cgi/challenge-platform/scripts/invisible.js
  • https://galtro.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/invisible.js
23 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://galtro.xyz/cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/invisible.js
Requested by
Host: galtro.xyz
URL: https://galtro.xyz/zivbod/
Protocol
H3
Server
2606:4700:3035::6815:3df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe0923c51af5562f6b51e94445ce56fdfdc288e39997914faa1316b19afbbeeb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 02:55:32 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AHXVL42T%2FeOpr%2FLaoMoah8kCUSLQ%2BbKKQMeDym7qGHBh%2FLyJAeDGFn9abxg0TwlNdmEhsmP0PLqfG3JJCj314FGzpM1RKhoI%2Fv9XHN0LNh56uSpMQJSWHXTiVF0mxcnu9%2FsV%2BeTaAGQa"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
7c990fc149260171-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Fri, 19 May 2023 02:55:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QylPMR5c33Pl5XoI3k4KU1u3hS%2BMOCZvv2qD7nl7UGc8TS5vsO2i56hrnmADtSaGGlgnG%2FjtKP7nJpkNqPvDwIEPrW9XR%2BqeILFPwfL%2B5S%2FVF3%2B%2BPXBn9Ze6FMaFhwhKm7nfJzqKErB3"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/invisible.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
7c990fc119150171-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
galtroxyz_logo.png
galtro.xyz/wp-content/uploads/2020/04/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://galtro.xyz/wp-content/uploads/2020/04/galtroxyz_logo.png
Requested by
Host: galtro.xyz
URL: https://galtro.xyz/zivbod/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:3df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e9dd3bf182559ba59e3dde5f3355b6c4540e88fe82f9b000e29c677ffa4d95e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://galtro.xyz/zivbod/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 02:55:32 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
cf-cache-status
HIT
x-cacheable
YES
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
664
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2080
x-xss-protection
1; mode=block
last-modified
Sat, 26 Nov 2022 22:39:03 GMT
server
cloudflare
etag
"63829587-820"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
content-type
image/png
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WTx%2BmkxszIhRJxMmZlgxBmlltxz286%2FGxRIr4awPgjdALL0Nqw%2FKrZ4ib7TPpE23GMxi7OvclVAU0yDAKxyTGgwC2OPtuKAPuXBWNYraiJqg2i9KMdoqGkUYeyOcQ7c5KLVZ07O0vqWm"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7c990fc129190171-CDG
access-control-allow-headers
User-Agent,Keep-Alive,Content-Type
expires
Thu, 31 Dec 2037 23:55:55 GMT
zivbod_capa.jpg
galtro.xyz/wp-content/uploads/2023/05/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://galtro.xyz/wp-content/uploads/2023/05/zivbod_capa.jpg
Requested by
Host: galtro.xyz
URL: https://galtro.xyz/zivbod/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:3df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9db29bb190897d9eb7590f410caf908799a12d52854ecc0241b7ba61f3ec86a
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://galtro.xyz/zivbod/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 02:55:32 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
cf-cache-status
MISS
x-cacheable
YES
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15684
x-xss-protection
1; mode=block
last-modified
Thu, 18 May 2023 15:43:29 GMT
server
cloudflare
etag
"646647a1-3d44"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
content-type
image/jpeg
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a1TBvQyI2PCyj5GaZfkvV2e424xcdhnC%2FQ3VEmFLHhC7TGJsO4wMyw06PXnt6CaLJ2ddNR%2FDMLJHygwHSe5UwczqnP%2FqOjUMzjYSJlh4LWPP1MacHb1QIr%2BMJNobZHtwKLad62TMj1%2B2"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7c990fc1291a0171-CDG
access-control-allow-headers
User-Agent,Keep-Alive,Content-Type
expires
Thu, 31 Dec 2037 23:55:55 GMT
pica.js
galtro.xyz/cdn-cgi/challenge-platform/h/g/scripts/ Frame 1E1F 		6 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://galtro.xyz/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by
Host: galtro.xyz
URL: https://galtro.xyz/zivbod/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:3df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d536e29eb69b85dcba4eb465c080c81f0cb00020477079b87c5f7640f0fa80ca
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 02:55:32 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GJP8p%2FtAm1z7hnGj8mEzoPKxMNf%2BJADS4kbZhXm7pVPgeIKDNck28dFhek2I8vnc%2F0f5C0E5r7r3f908LaKGWMrN0rbAVnao5M42ozG55MC4hMtGetetxPL%2BX618P0moCDOXlVF836XJ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
7c990fc1893e0171-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
AGSKWxV6dlYi7zFaKImcceikopNStyCOhb9XdLqkrIAk_qptigjmtQCnkz38BDvf3i0zr_oUTz7JvHW2jBJOhBhwgHM=
fundingchoicesmessages.google.com/f/ 		310 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxV6dlYi7zFaKImcceikopNStyCOhb9XdLqkrIAk_qptigjmtQCnkz38BDvf3i0zr_oUTz7JvHW2jBJOhBhwgHM=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjg0NDY0OTMyLDExOTAwMDAwMF0sIjBDNkJBQjEzLTY2QzAtNDY3OS04RUYxLTEyNTUxNjk5NkI4RCIsbnVsbCxudWxsLFtudWxsLFs3XV0sImh0dHBzOi8vZ2FsdHJvLnh5ei96aXZib2QvIixudWxsLFtbOCwibGxqeVpsdEpjWU0iXSxbOSwiZnIiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.fr.lljyZltJcYM.es5.O/d=1/rs=AJlcJMwXBcu2aZKJ8hRyeSv6TvwXjgEbwA/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d4dca04a0fe633ad0785f898c0b3f538167e449388dc93ae65977d3c88c163f5
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-LGKUNSWlTgOYJcyegGuL9w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://galtro.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 02:55:32 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-LGKUNSWlTgOYJcyegGuL9w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxXZsbVlMYiXQ5oY8Foi6xihjyUpMtkRgiwAH9j6MWaFsQ4nyzfsDebg60LYSPWaGKplNplQYKUwFDETwfuaruFlIA==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXZsbVlMYiXQ5oY8Foi6xihjyUpMtkRgiwAH9j6MWaFsQ4nyzfsDebg60LYSPWaGKplNplQYKUwFDETwfuaruFlIA==
Requested by
Host: galtro.xyz
URL: https://galtro.xyz/zivbod/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Veg6zLfWCo3GDS1EJ5Wi2g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://galtro.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 02:55:32 GMT
content-security-policy
script-src 'report-sample' 'nonce-Veg6zLfWCo3GDS1EJ5Wi2g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://galtro.xyz
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-3LPKQFRQLJ&gtm=45je35h0&_p=797600675&cid=1581994604.1684464932&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1684464932&sct=1&seg=0&dl=https%3A%2F%2Fgaltro.xyz%2Fzivbod%2F&dt=Zivbod%20-%20Tous%20les%20films%20en%20streaming%20gratuits%20%5Bmai%202023%5D&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-3LPKQFRQLJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://galtro.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 May 2023 02:55:32 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://galtro.xyz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
clarity.js
www.clarity.ms/s/0.7.8/ 		57 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.8/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/3y3nba14xx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:4e:1::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9987dcc652130026523219440b654a3e307d16f186019031ad60a28d6f73aa2a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://galtro.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 02:55:31 GMT
content-encoding
br
last-modified
Wed, 17 May 2023 12:35:47 GMT
x-azure-ref-originshield
0oRFmZAAAAADGKjMaId3iQpSxQRG5v+o6UEFSMjAxMDMxMDEyMDUxADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag
"0x8DB56D33D664056"
x-azure-ref
0JOVmZAAAAABpQQffY4c8SqEieQK//uxBUEFSMDJFREdFMDYyMAA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache
TCP_HIT
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
0fb949d9-b01e-007c-7c77-890024000000
cache-control
public, max-age=86400
x-ms-version
2018-03-28
accept-ranges
bytes
7c990fbfc9a83ca1
galtro.xyz/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 1E1F 		2 B
625 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://galtro.xyz/cdn-cgi/challenge-platform/h/g/cv/result/7c990fbfc9a83ca1
Requested by
Host: galtro.xyz
URL: https://galtro.xyz/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:3df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 19 May 2023 02:55:32 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d1J2jBgV4Yp8KrMRiJIKQiokz%2FM1ZeVi8Renrn77arsax1lVIRS0vo6dfPznwfJOc8MheZmsChWOnvHcaKMR8IL6nun7QQ777W3eUKQL6YAC3rRHYWuLQ%2FlKg%2BmO24FXpxWiJUx8KCVn"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7c990fc3a9fc0171-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
collect
o.clarity.ms/ 		0
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://o.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.8/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.152.143.207 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://galtro.xyz/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://galtro.xyz
Date
Fri, 19 May 2023 02:55:32 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
css
fonts.googleapis.com/ 		63 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans_old:regular,medium|Material+Icons|Google+Symbols|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.fr.lljyZltJcYM.es5.O/d=1/exm=kernel_loader,loader_js_executable/ed=1/rs=AJlcJMwXBcu2aZKJ8hRyeSv6TvwXjgEbwA/m=web_iab_tcf_v2_wall_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1b859ee6d93b127bfcd615c11bb14f6968f9bcbfd635dbcf5bdfcc34c71e1e46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://galtro.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 19 May 2023 02:55:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 19 May 2023 02:55:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 19 May 2023 02:55:32 GMT
AGSKWxW5oODL3BE_25flQ38z6wII6-wwMeGo85ox-anT4ShQPZbY4TDc_AXx62fuvr3xpE1YW9qfGgs7RV9q7V7yWNeETS9Sd-DwB7uu2VP2ekK1IsNorwqvQuxgkVOv34761R4od2EfNg==
fundingchoicesmessages.google.com/el/ 		0
28 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxW5oODL3BE_25flQ38z6wII6-wwMeGo85ox-anT4ShQPZbY4TDc_AXx62fuvr3xpE1YW9qfGgs7RV9q7V7yWNeETS9Sd-DwB7uu2VP2ekK1IsNorwqvQuxgkVOv34761R4od2EfNg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.fr.lljyZltJcYM.es5.O/d=1/rs=AJlcJMwXBcu2aZKJ8hRyeSv6TvwXjgEbwA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-5T-3GfnwGGfcDNQQWyEt7w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://galtro.xyz/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 19 May 2023 02:55:32 GMT
content-security-policy
script-src 'report-sample' 'nonce-5T-3GfnwGGfcDNQQWyEt7w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://galtro.xyz
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 		125 KB
126 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans_old:regular,medium|Material+Icons|Google+Symbols|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://galtro.xyz
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 13 May 2023 17:29:28 GMT
x-content-type-options
nosniff
age
465964
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 19:51:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 May 2024 17:29:28 GMT
1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2
fonts.gstatic.com/s/raleway/v28/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v28/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans_old:regular,medium|Material+Icons|Google+Symbols|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c78a1da5fd0868a547cf285748c7fb73006571190385eb71c0d601b6b240ffaf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://galtro.xyz
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 13 May 2023 15:45:30 GMT
x-content-type-options
nosniff
age
472202
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21280
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:57:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 May 2024 15:45:30 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v35/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v35/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Archivo|Arimo|Bitter|EB+Garamond|Lato|Libre+Baskerville|Libre+Franklin|Lora|Google+Sans_old:regular,medium|Material+Icons|Google+Symbols|Merriweather|Montserrat|Mukta|Muli|Nunito|Open+Sans:400,600,700|Open+Sans+Condensed:300,400,600,700|Oswald|Playfair+Display|Poppins|Raleway|Roboto|Roboto+Condensed|Roboto+Slab|Slabo+27px|Source+Sans+Pro|Ubuntu|Volkhov&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://galtro.xyz
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 13 May 2023 05:45:28 GMT
x-content-type-options
nosniff
age
508204
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48412
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 12 May 2024 05:45:28 GMT
collect
o.clarity.ms/ 		0
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://o.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.8/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.152.143.207 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://galtro.xyz/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://galtro.xyz
Date
Fri, 19 May 2023 02:55:32 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=E68C2320630348AF883CF2A318312EC7&RedC=c.clarity.ms&MXFR=323C40424424682237BC535440246680
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=E68C2320630348AF883CF2A318312EC7&MUID=0724254C660266592A39365A67BB67A8
42 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=E68C2320630348AF883CF2A318312EC7&MUID=0724254C660266592A39365A67BB67A8
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://galtro.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 May 2023 02:55:32 GMT
last-modified
Thu, 04 May 2023 15:33:28 GMT
server
Microsoft-IIS/10.0
etag
"6de038c69d7ed91:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Fri, 19 May 2023 02:55:32 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: FBF69ECBF0184DDABB05A6BAAD13C66C Ref B: PAR02EDGE0821 Ref C: 2023-05-19T02:55:32Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=E68C2320630348AF883CF2A318312EC7&MUID=0724254C660266592A39365A67BB67A8
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
collect
o.clarity.ms/ 		0
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://o.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.8/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.152.143.207 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://galtro.xyz/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://galtro.xyz
Date
Fri, 19 May 2023 02:55:34 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:238681e8-7d6b-453a-acb6-7dcad74f3111
zupra10.js
galtro.xyz/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://galtro.xyz/zupra10.js
Requested by
Host: galtro.xyz
URL: https://galtro.xyz/zivbod/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:3df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ca9be19e463d0f15379523d262fba36cf3bfcdd68ab853f30253d563424df54
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://galtro.xyz/zivbod/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 02:55:34 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
cf-cache-status
HIT
x-cacheable
YES
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
664
cf-polished
origSize=2646
content-encoding
br
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Tue, 15 Nov 2022 23:51:14 GMT
server
cloudflare
etag
W/"637425f2-a56"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, DELETE, PUT
content-type
application/javascript
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FMCMqXxMLydgElWqFWU8eB00mBnSVoLTaylmADvIGACQdNbX%2BIhWryleXjHRtX5dUEgY1wp5n%2FHxG809rD5vAIQmUSp3ayUJmVLB%2ByKwvWpn19h2c4WO4sbJIcCm9IyRk3gQKCZrEty1"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=315360000
access-control-allow-credentials
true
cf-ray
7c990fd3a9040171-CDG
access-control-allow-headers
User-Agent,Keep-Alive,Content-Type
expires
Thu, 31 Dec 2037 23:55:55 GMT
zuma.json
galtro.xyz/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://galtro.xyz/zuma.json
Requested by
Host: galtro.xyz
URL: https://galtro.xyz/zupra10.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:3df6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66b68ca6a8e687c7c7582994c19fe606ceff8ea96590f98a03072564131a7823
Security Headers
Name Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://galtro.xyz/zivbod/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 02:55:35 GMT
strict-transport-security
max-age=15768000
x-content-type-options
nosniff
cf-cache-status
HIT
x-cacheable
YES
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
664
content-encoding
br
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 17 Nov 2022 15:26:21 GMT
server
cloudflare
etag
W/"6376529d-bd1"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UvPM7DrSqa28nCGkeq5CyofyYLvfAHEP53JlhNi%2Br2zX66I9V6joEdMvj6txyKp1NS96BZRlyB%2FZffQUjZ%2BJF%2FOu2uRBcDS8niedtV173bEELhAnSlgcdPb1qYvGHSzT%2B6NQpT5IcWxD"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=14400
cf-ray
7c990fd3d9150171-CDG
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		136 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8958958545580541
Requested by
Host: galtro.xyz
URL: https://galtro.xyz/zupra10.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9d74c8a50cc875b3ff8551fcdec2f8dd1428ae386c68b0d3fc8ab58e647233b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://galtro.xyz/
Origin
https://galtro.xyz
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 02:55:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47437
x-xss-protection
0
server
cafe
etag
4557408738349314061
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 19 May 2023 02:55:35 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/ 		355 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8958958545580541&plah=galtro.xyz&bust=31074673
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8958958545580541
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f80a12678dda52010e8329377dcce7c09c5bd6619eb68b171adf40e7e39b09fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://galtro.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 02:55:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122677
x-xss-protection
0
server
cafe
etag
10788394816392526686
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 19 May 2023 02:55:35 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230515/r20190131/ Frame 7A65 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230515/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8958958545580541
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://galtro.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

age
24056
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4540
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 18 May 2023 20:14:39 GMT
etag
15057649708203361565
expires
Thu, 01 Jun 2023 20:14:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ca-pub-8958958545580541
fundingchoicesmessages.google.com/i/ 		132 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-8958958545580541?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8958958545580541&plah=galtro.xyz&bust=31074673
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b2eec9dbb4238dcd2468e4b2d89c0a86dc0623926c91c51b9cc3902b57ef9d26
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-2vV2mI64LL37VRasT9QRBA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://galtro.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Fri, 19 May 2023 02:55:35 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-2vV2mI64LL37VRasT9QRBA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 boolean| credentialless undefined| $ function| jQuery function| gtag object| dataLayer function| __h82AlnkH6D91__ function| clarity function| checkz object| PT_CV_PUBLIC object| PT_CV_PAGINATION object| generatepressMenu object| generatepressNavSearch object| lwptoc function| triggerScriptLoader function| loadScripts object| lazyLoadOptions function| rrz0 function| ddf function| LazyLoad object| default_ContributorServingResponseClientJs object| __googlefc string| __fcInvoked string| __fcexpdef string| NzdjOGQyYzM3YTRiMTVjM2xvYWRlcl9qcw== string| NzdjOGQyYzM3YTRiMTVjM2NhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| images boolean| is_image object| iframes boolean| is_iframe object| rocket_lazy function| jspbGetTypeName function| __p4qa8r1lb17__ string| cHViLTg5NTg5NTg1NDU1ODA1NDE= object| google_tag_manager object| google_tag_data object| gaGlobal string| url object| xmlhttp function| fjk number| z_ads object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl boolean| adsbygoogle_ama_fc_has_run object| googleToken object| googleIMState

13 Cookies

Domain/Path Name / Value
www.clarity.ms/ Name: CLID
Value: e0936a6ce5584800a221e64ca07beded.20230519.20240518
.galtro.xyz/ Name: _ga_3LPKQFRQLJ
Value: GS1.1.1684464932.1.0.1684464932.0.0.0
.galtro.xyz/ Name: _ga
Value: GA1.1.1581994604.1684464932
.galtro.xyz/ Name: _clck
Value: 1ce4q69|2|fbq|0|1234
.galtro.xyz/ Name: __cf_bm
Value: .Ff5ppAsVrLLSrcX7FaKfDe04lMYTzCIZ843IQuh5_o-1684464932-0-AV3s3SJCLqcPIPSNRe5ktOUG8NmMtqm4dWuVt6mJTR93TYvXSlqTeUiw3xOk1PzT0Y4QBkRuPcWsC7C8nqecm5JkoQnpTEiXT/ANqKFn4akq
.galtro.xyz/ Name: _clsk
Value: jxnoow|1684464932769|1|1|o.clarity.ms/collect
.bing.com/ Name: MUID
Value: 0724254C660266592A39365A67BB67A8
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 0724254C660266592A39365A67BB67A8
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 0724254C660266592A39365A67BB67A8
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15768000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.bing.com
c.clarity.ms
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
galtro.xyz
googleads.g.doubleclick.net
o.clarity.ms
pagead2.googlesyndication.com
region1.google-analytics.com
www.clarity.ms
www.googletagmanager.com
zivbod-streaming.fr
2001:4860:4802:34::36
2606:4700:3035::6815:3df6
2620:1ec:4e:1::45
2620:1ec:c11::200
2a00:1450:4001:802::2002
2a00:1450:4001:813::200a
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2002
2a06:98c1:3120::3
52.152.143.207
68.219.88.97
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0f8c15004f2ccabb778bcdeb55a1f7a52eeea9f0126093a81b8d58f403d8d0df
199898d01ee6a242c64dc62559177261862ebfd52ee6903eddb87017cfa6d295
1b859ee6d93b127bfcd615c11bb14f6968f9bcbfd635dbcf5bdfcc34c71e1e46
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
34cfe3cad4db40fb95f85742458dbf501dfe03138e814b91c9c99394355be498
3768f04f42b79eb4e04658f9afcdab75362a71eed99e851b05312b74964907aa
411c3cb20fd2bb8fe09088ab23eb12fd11dba2e9bb0313b94f31cb9ec133fc61
42fa51cb3c863a9638f8672fff260658dfe9e184ad3e101d5ce7d5716869ce39
61bfedc8a9606b4c184427954bba1d1e5eac7d2917b5098270636069069c2eaf
66b68ca6a8e687c7c7582994c19fe606ceff8ea96590f98a03072564131a7823
6ca9be19e463d0f15379523d262fba36cf3bfcdd68ab853f30253d563424df54
6e86a52a9858206302e32036d89907e3ac87762055e7f9c6364aec33221b3e41
7c7818c25a18e8a38553fcbcbc2ad0b5e964103a7d2e494f82815e3f70bf3fc5
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
8e9dd3bf182559ba59e3dde5f3355b6c4540e88fe82f9b000e29c677ffa4d95e
995456f7211327129612b97dc0a2baa2288f1e3065d1d6ed1882a0eb89d6baac
9987dcc652130026523219440b654a3e307d16f186019031ad60a28d6f73aa2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9d74c8a50cc875b3ff8551fcdec2f8dd1428ae386c68b0d3fc8ab58e647233b4
b2eec9dbb4238dcd2468e4b2d89c0a86dc0623926c91c51b9cc3902b57ef9d26
b3bd14ca785edc63784d522936e3b9b7a7535fe3d1acaefbf2e44a706aa655f7
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a
b7d63e9cf48d11646a0bbbf041d918663224839361b9cc32201722113e30184f
c0901279dec1117310802c450665b34a60788da4a00e066d2de367327cd13456
c78a1da5fd0868a547cf285748c7fb73006571190385eb71c0d601b6b240ffaf
c9db29bb190897d9eb7590f410caf908799a12d52854ecc0241b7ba61f3ec86a
ca2fb228e428017f54d87fb1d03820e7ca7fa6f0e3d71a682047bbc4ffeeb897
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
d061f9626d9361fad79e4fc876baea08ff330d55c8e8b8dbb6a2b390e6d8961e
d2f24b6daf4b8415367b0a774d1ecfc4da2e7eb632bc5304f0dc399dd6a46082
d4dca04a0fe633ad0785f898c0b3f538167e449388dc93ae65977d3c88c163f5
d536e29eb69b85dcba4eb465c080c81f0cb00020477079b87c5f7640f0fa80ca
de1d959861fe2324fa523c5c5b6238c131714a7f7896baf854e4ecb78f5398bc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea45a828e2428e2fb266dce7777503e43e4c1ccd2bf0256fc129fba2c4cdad6a
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
f80a12678dda52010e8329377dcce7c09c5bd6619eb68b171adf40e7e39b09fb
fe0923c51af5562f6b51e94445ce56fdfdc288e39997914faa1316b19afbbeeb