www.zabasearch.com Open in urlscan Pro
2606:4700:3035::681f:5049 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.isearch.com/
Effective URL:
https://www.zabasearch.com/
Submission: On January 10 via api (January 10th 2021, 12:33:52 am UTC) from US

Summary HTTP 72 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 29 IPs in 7 countries across 21 domains to perform 72 HTTP transactions. The main IP is 2606:4700:3035::681f:5049, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.zabasearch.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 5th 2020. Valid for: a year.

This is the only time www.zabasearch.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	165.160.13.20 165.160.13.20	19574 (CSC) (CSC)
1 11	2606:4700:303... 2606:4700:3035::681f:5049	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:816::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:81e::2002	15169 (GOOGLE) (GOOGLE)
2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:400c:c04::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:817::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:818::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE)
1	34.120.207.148 34.120.207.148	15169 (GOOGLE) (GOOGLE)
1	52.17.171.52 52.17.171.52	16509 (AMAZON-02) (AMAZON-02)
3	65.9.68.126 65.9.68.126	16509 (AMAZON-02) (AMAZON-02)
3	172.217.21.226 172.217.21.226	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:814::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:fa8:8806... 2a02:fa8:8806:12::1460	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	72.251.249.14 72.251.249.14	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
2	2606:2800:233... 2606:2800:233:97b6:26be:138a:cba8:bb01	15133 (EDGECAST) (EDGECAST)
1 3	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	23.37.38.181 23.37.38.181	16625 (AKAMAI-AS) (AKAMAI-AS)
1	185.33.221.15 185.33.221.15	29990 (ASN-APPNEX) (ASN-APPNEX)
1	69.173.144.141 69.173.144.141	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	52.95.124.165 52.95.124.165	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:825::2001	15169 (GOOGLE) (GOOGLE)
72	29

1 165.160.13.20 (United States) 1 redirects

ASN19574 (CSC, US)

www.isearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:3035::681f:5049 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.zabasearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.zabasearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:816::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

contributor.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:818::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.207.148 (United States)

ASN15169 (GOOGLE, US)
PTR: 148.207.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.171.52 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-171-52.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.68.126 (Seattle, United States)

ASN16509 (AMAZON-02, US)

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.21.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s13-in-f226.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:814::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1460 (Sweden)

ASN41041 (VCLK-EU-SE, US)

web.hb.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.249.14 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:233:97b6:26be:138a:cba8:bb01 (United States)

ASN15133 (EDGECAST, US)

adserver-us.adtech.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.64.218 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

classmates-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.38.181 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.33.221.15 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.124.165 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:825::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

d8d26d952c4c5676aafdc9d0bff850d3.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	google.com contributor.google.com www.google.com adservice.google.com fundingchoicesmessages.google.com	127 KB
11	zabasearch.com 1 redirects www.zabasearch.com assets.zabasearch.com	58 KB
10	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com d8d26d952c4c5676aafdc9d0bff850d3.safeframe.googlesyndication.com	180 KB
7	doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net securepubads.g.doubleclick.net	143 KB
6	google-analytics.com www.google-analytics.com	52 KB
5	amazon-adsystem.com 1 redirects c.amazon-adsystem.com aax-eu.amazon-adsystem.com	34 KB
3	openx.net 1 redirects classmates-d.openx.net eu-u.openx.net	1 KB
3	google.de www.google.de adservice.google.de	1 KB
2	casalemedia.com htlb.casalemedia.com as-sec.casalemedia.com	1 KB
2	advertising.com adserver-us.adtech.advertising.com	349 B
1	rubiconproject.com fastlane.rubiconproject.com	2 KB
1	adnxs.com ib.adnxs.com	1 KB
1	lijit.com ap.lijit.com	815 B
1	dotomi.com web.hb.ad.cpe.dotomi.com	339 B
1	adsrvr.org match.adsrvr.org	546 B
1	rlcdn.com api.rlcdn.com	223 B
1	googletagservices.com www.googletagservices.com	28 KB
1	googleadservices.com partner.googleadservices.com	645 B
1	indexww.com js-sec.indexww.com	41 KB
1	googletagmanager.com www.googletagmanager.com	52 KB
1	isearch.com 1 redirects www.isearch.com	215 B
72	21

	Domain	Requested by
11	fundingchoicesmessages.google.com	www.zabasearch.com
9	assets.zabasearch.com	www.zabasearch.com assets.zabasearch.com
6	www.google-analytics.com	www.zabasearch.com www.google-analytics.com
5	pagead2.googlesyndication.com	www.zabasearch.com pagead2.googlesyndication.com
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net
3	securepubads.g.doubleclick.net	www.googletagmanager.com securepubads.g.doubleclick.net
3	c.amazon-adsystem.com	www.zabasearch.com c.amazon-adsystem.com
2	d8d26d952c4c5676aafdc9d0bff850d3.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	aax-eu.amazon-adsystem.com	1 redirects c.amazon-adsystem.com
2	classmates-d.openx.net	1 redirects
2	adserver-us.adtech.advertising.com	js-sec.indexww.com
2	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	www.google.de	www.zabasearch.com
2	www.google.com	www.zabasearch.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	contributor.google.com	www.googletagmanager.com
2	www.zabasearch.com	1 redirects
1	as-sec.casalemedia.com	js-sec.indexww.com
1	eu-u.openx.net	js-sec.indexww.com
1	fastlane.rubiconproject.com	js-sec.indexww.com
1	ib.adnxs.com	js-sec.indexww.com
1	htlb.casalemedia.com	js-sec.indexww.com
1	ap.lijit.com	js-sec.indexww.com
1	web.hb.ad.cpe.dotomi.com	js-sec.indexww.com
1	match.adsrvr.org	js-sec.indexww.com
1	api.rlcdn.com	js-sec.indexww.com
1	www.googletagservices.com	pagead2.googlesyndication.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	js-sec.indexww.com	www.googletagmanager.com
1	www.googletagmanager.com	www.zabasearch.com
1	www.isearch.com	1 redirects
72	33

This site contains links to these domains. Also see Links.

Domain
www.peopleconnect.us
www.intelius.com
www.goodhire.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-06-05` - `2021-06-05`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
www.google.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
www.google.de GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-14` - `2021-04-23`	a year	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
c.amazon-adsystem.com Amazon	`2020-08-04` - `2021-08-02`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-12-15` - `2021-03-09`	3 months	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2020-03-30` - `2022-06-25`	2 years	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2020-03-11` - `2021-05-10`	a year	crt.sh
*.adtech.advertising.com DigiCert SHA2 Secure Server CA	`2020-04-16` - `2022-04-21`	2 years	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2020-06-24` - `2021-02-17`	8 months	crt.sh
aax-eu.amazon-adsystem.com Amazon	`2020-06-15` - `2021-06-15`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://www.zabasearch.com/
Frame ID: E30C6035669B415A236D330435FA1A43
Requests: 66 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/zrt_lookup.html
Frame ID: 2F4CBAA3B1C8E78053526B13E70BA901
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5413153010344125&output=html&adk=522671305&adf=1178619241&lmt=1610238815&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fwww.zabasearch.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1610238815289&bpp=12&bdt=679&idt=75&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=98369424568&frm=20&pv=2&ga_vid=656687739.1610238815&ga_sid=1610238815&ga_hid=1801166025&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300%2C21068108%2C21068769&oid=3&pvsid=2047682795442334&pem=644&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=91
Frame ID: 9A928C146147AB50186579861A2B46A5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html
Frame ID: 36AD336985E345BFF8AD953DCECFCCB1
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_rbd_r1u_dm_cnv&dcc=t
Frame ID: F1152FED8AED3E8348A3F1F96C95A76F
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=2169094f-6799-4582-a8ab-4400493937d7&gdpr=0
Frame ID: A5895A30AA0D367165B5E11064CFAA0E
Requests: 1 HTTP requests in this frame

Frame: https://d8d26d952c4c5676aafdc9d0bff850d3.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 31150E665BAFDBC4576C36FC3AC60FA6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.isearch.com/ HTTP 301
http://www.zabasearch.com/ HTTP 301
https://www.zabasearch.com/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

72
Requests

100 %
HTTPS

57 %
IPv6

21
Domains

33
Subdomains

29
IPs

7
Countries

722 kB
Transfer

2076 kB
Size

11
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: http://www.peopleconnect.us/privacy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://www.intelius.com/background-check
Title: Run a Background Check

Search URL Search Domain Scan URL

URL: https://www.intelius.com/reverse-phone-lookup
Title: Search by Phone Number

Search URL Search Domain Scan URL

URL: https://www.goodhire.com/
Title: GoodHire

Search URL Search Domain Scan URL

URL: https://www.intelius.com/ccpa
Title: Do not sell my info

Search URL Search Domain Scan URL

URL: https://www.intelius.com/privacy-policy/
Title: Privacy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.isearch.com/ HTTP 301
http://www.zabasearch.com/ HTTP 301
https://www.zabasearch.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59

https://classmates-d.openx.net/w/1.0/arj?auid=540867691&aus=728x90%2C970x90&ju=https%3A%2F%2Fwww.zabasearch.com%2F&jr=&ch=UTF-8&tz=-60&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._295LAZBh&cache=1610238816560&ttduuid=445005fa-77b1-4ab9-8373-10f4a353cabf HTTP 302
https://classmates-d.openx.net/w/1.0/arj?cc=1&auid=540867691&aus=728x90%2C970x90&ju=https%3A%2F%2Fwww.zabasearch.com%2F&jr=&ch=UTF-8&tz=-60&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._295LAZBh&cache=1610238816560&ttduuid=445005fa-77b1-4ab9-8373-10f4a353cabf

Request Chain 63

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_rbd_r1u_dm_cnv HTTP 302
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_rbd_r1u_dm_cnv&dcc=t

72 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.zabasearch.com/
Redirect Chain

http://www.isearch.com/
http://www.zabasearch.com/
https://www.zabasearch.com/

16 KB
5 KB

751ms
735ms

Document
text/html

2606:4700:3035::681f:5049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.zabasearch.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8aaa832bba0264a0f17689864368c546dacc50d0bc8b1333962a67c50a7d66d6

Request headers

:method: GET
:authority: www.zabasearch.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 00:33:34 GMT
content-type: text/html;charset=UTF-8
set-cookie: __cfduid=d964023de15f59fc7828ca68fd260cd4f1610238813; expires=Tue, 09-Feb-21 00:33:33 GMT; path=/; domain=.zabasearch.com; HttpOnly; SameSite=Lax; Secure PHPSESSID=orhev57djqusi56pkfjetb0dc6; path=/; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
cf-cache-status: DYNAMIC
cf-request-id: 078b4f7d9d000006149ca25000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ET%2BOaXy3A4XNwYNZVsMPgGqDqaLTbn2IGTI1IxWPZenVo1QOjxVhblc5r3elmDI0qZ4PAoYEYnoOQntSeMFrxwWkIycZJfXqOfK23GQ%2Fy5ewTjbm%2B4FRBKwlbv2Q5Lc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 60f24ea8fa920614-FRA
content-encoding: br

Redirect headers

Date: Sun, 10 Jan 2021 00:33:33 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 10 Jan 2021 01:33:33 GMT
Location: https://www.zabasearch.com/
cf-request-id: 078b4f7d78000006292fbfd000000001
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Bpm%2FELhgcHNHRxWkzyZb8Whv5BzhsIAVwLCoJ4587VuholDgmmoI%2F4ELkF1Rnim%2BQVfxnc%2BjWUZOG%2FJzEsYdxN0meoK3giXp%2BBlaZv1tts5%2FGD942lqOUixNMWd%2FBIs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 60f24ea8bd2a0629-FRA

GET
H2 200 jquery-3.5.1.min.js Show response
assets.zabasearch.com/funnel/assets/shared/js/jquery/ 87 KB
30 KB 544ms
530ms Script
application/javascript 2606:4700:3035::681f:5049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.zabasearch.com/funnel/assets/shared/js/jquery/jquery-3.5.1.min.js
Requested by: Host: www.zabasearch.com
URL: https://www.zabasearch.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 00:33:35 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 11 Dec 2020 21:54:37 GMT
server: cloudflare
etag: W/"5fd3ea9d-15d84"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NGYsw0gkVvWNG2BqUA4ag0qth5XahbnpL8VzRrJ59YE0EyidncbCOd0B8Ut4reZY3AXZzLnekMQ4h%2FYhaTBV8uJGmPA6C5sqkL4H7CFpRbmu8ltkqfHpRe7HaCNNUtxH%2BrM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 60f24eaf6c740614-FRA
cf-request-id: 078b4f81a100000614d4901000000001
x-robots-tag: noindex

GET
H2 200 index.js Show response
assets.zabasearch.com/funnel/assets/sections/_partials/header/ 710 B
706 B 541ms
527ms Script
application/javascript 2606:4700:3035::681f:5049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.zabasearch.com/funnel/assets/sections/_partials/header/index.js
Requested by: Host: www.zabasearch.com
URL: https://www.zabasearch.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb877d30ff59c405e8c2c3dfbed2b23376d81ecf94e4bc57e1bda813790c91ee

Request headers

Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 00:33:35 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Mon, 04 May 2020 19:48:22 GMT
server: cloudflare
etag: W/"5eb07186-2c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=E9B03dyfeUMKY5Tj%2BMzRcCZGzte9hq92CTAn0wkcxm9446slOC54kZ0q%2Fznq3xAvnWdfS%2Ba6bzyuyC06DbCMO21SAfdeRzpd2QKCzkJv6JMY%2BDYukPhbzLiW5523dnmAkUg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 60f24eaf6c770614-FRA
cf-request-id: 078b4f81a100000614ab9c4000000001
x-robots-tag: noindex

GET
H2 200 index.js Show response
assets.zabasearch.com/funnel/assets/sections/_partials/footer/ 6 KB
2 KB 530ms
530ms Script
application/javascript 2606:4700:3035::681f:5049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.zabasearch.com/funnel/assets/sections/_partials/footer/index.js
Requested by: Host: www.zabasearch.com
URL: https://www.zabasearch.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81b95bcf2baab3f5cc6dec7f2d8e6dcf367032490216d548ce9dac8aeba5b78a

Request headers

Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 00:33:35 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Mon, 04 May 2020 19:48:11 GMT
server: cloudflare
etag: W/"5eb0717b-17a1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GPMs5YsKbxoFxHJ7A%2FFEds7jH2c%2FXT0JOM0Mm0s3qI4fyEVHSanS9OyEy84tIgb1A%2BToZ0rdW3ksP6MH6zZ5pSsrZ0RvMx%2Fnh8xuDekICXUdmn4iQILDg5TiDvI3F5jpo7w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 60f24eb2b9480614-FRA
cf-request-id: 078b4f83b100000614753e1000000001
x-robots-tag: noindex

GET
H2 200 index.css
assets.zabasearch.com/funnel/assets/sections/home/ 21 KB
4 KB 531ms
517ms Stylesheet
text/css 2606:4700:3035::681f:5049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.zabasearch.com/funnel/assets/sections/home/index.css
Requested by: Host: www.zabasearch.com
URL: https://www.zabasearch.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fa8b94d886bab8c529cf2d05ebe09742e01a928d3f381174628b70479c4d7e7

Request headers

Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 00:33:35 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Fri, 11 Dec 2020 21:54:27 GMT
server: cloudflare
etag: W/"5fd3ea93-55bc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SSnAKrmrWFIFXs8LRJ3AA8L1TOmyDAVN5UKcj2a2qPY2SLMicdnpPsL3m3VP5v2hZymBGEeQigTlRukeil5evmQ%2B0JEkXObJejOEesK3pZSx3ku8RIGAV%2FUJEtk6WgCyp3M%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 60f24eaf6c720614-FRA
cf-request-id: 078b4f81a000000614cb1e6000000001
x-robots-tag: noindex

GET
H2 200 index.css
assets.zabasearch.com/funnel/assets/sections/_partials/header/ 5 KB
2 KB 514ms
500ms Stylesheet
text/css 2606:4700:3035::681f:5049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.zabasearch.com/funnel/assets/sections/_partials/header/index.css
Requested by: Host: www.zabasearch.com
URL: https://www.zabasearch.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce36db6a41e54ec30582f0c40f48148afa13106e735660a3105d966c31df531f

Request headers

Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 00:33:35 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Mon, 04 May 2020 19:48:15 GMT
server: cloudflare
etag: W/"5eb0717f-13a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=s4y7WFpqma1L%2BNUj7pLx0GV%2BryzYpBslB%2BQpHVAAViThBw%2BGS4mafksoR%2B77RY8DXMgUML7RK88NVAPEMfcBSCxhOIwZgBzhxyURk9C5yVwchS%2BEaJD6xgJz9KuJ38%2BrkSc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 60f24eaf6c730614-FRA
cf-request-id: 078b4f81a100000614753c0000000001
x-robots-tag: noindex

GET
H2 200 index.css
assets.zabasearch.com/funnel/assets/sections/_partials/footer/ 2 KB
840 B 527ms
513ms Stylesheet
text/css 2606:4700:3035::681f:5049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.zabasearch.com/funnel/assets/sections/_partials/footer/index.css
Requested by: Host: www.zabasearch.com
URL: https://www.zabasearch.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57a2b5cb2e3f9cc29d6706ef9e34467411e60b2bcdb3497ca3467707debd96f9

Request headers

Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 00:33:35 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 04 May 2020 19:48:15 GMT
server: cloudflare
etag: W/"5eb0717f-620"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hGqTDkAmdH27xNpEVDOzC6JZNIALPjuOWaNsNOo9J9e%2Bbn3wWneQgSbKni2nnVZBkqW13QSjrtqrJGaGyHGao2u53SuJe7%2BFeTn7lzWzJO8NJC9hOsAcecHkTHn6ecwf3p0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 60f24eaf6c710614-FRA
cf-request-id: 078b4f81a0000006147d96a000000001
x-robots-tag: noindex

GET
H2 200 zabasearch.png
assets.zabasearch.com/funnel/assets/images/ 9 KB
9 KB 512ms
512ms Image
image/png 2606:4700:3035::681f:5049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.zabasearch.com/funnel/assets/images/zabasearch.png
Requested by: Host: www.zabasearch.com
URL: https://www.zabasearch.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a4c7891db3130e5373acfc0f8c9f6152e778f20bc42006c656edf075f0e70f0

Request headers

Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 00:33:35 GMT
cf-cache-status: EXPIRED
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 60f24eb2b9540614-FRA
content-length: 9200
cf-request-id: 078b4f83b7000006147d98b000000001
last-modified: Mon, 04 May 2020 19:48:15 GMT
server: cloudflare
etag: "5eb0717f-23f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CLVaG61daKoNxIHeoAiJtLKQ9whyMZNUKKnQdcvlYlsvOMVi1qNDThKLwadlUsMhCcSGk8QxTooCYZd7iVUbF4X%2B2dzPvvUE49NSUjiSZBoJp8DiZPPEhGFGj5els8csEB4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
x-robots-tag: noindex

GET
H2 200 index.js Show response
assets.zabasearch.com/funnel/assets/sections/home/ 7 KB
3 KB 512ms
511ms Script
application/javascript 2606:4700:3035::681f:5049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.zabasearch.com/funnel/assets/sections/home/index.js
Requested by: Host: www.zabasearch.com
URL: https://www.zabasearch.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bcab36a12e9c0faa72188bf7aa8e001daf123d904c3eac998cc5c609ca22208

Request headers

Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 00:33:35 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 14 Dec 2020 20:03:19 GMT
server: cloudflare
etag: W/"5fd7c507-1cdb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=h4diI%2FSD8K%2FmhVWEfIwntur5sF2CWEXasvENDhnLgSgBjR83OGzM82oqQkLfI%2BzqOC8zfIJnk0AQ69GG4%2FIssMwcXEnMy0PTtwzbYnSIp7WXr7PZSGp3lfQDGCv842GrUPE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=14400
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 60f24eb2c9680614-FRA
cf-request-id: 078b4f83c100000614df1b7000000001
x-robots-tag: noindex

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 226 KB
52 KB 33ms
32ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NCXFGZ6

Requested by

Host: www.zabasearch.com
URL: https://www.zabasearch.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e20724a3c66b7c5c0b9a4fdd59d52afae288e388e4404a37967eeaf334f66deb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 00:33:35 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53248
x-xss-protection: 0
last-modified: Sun, 10 Jan 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 10 Jan 2021 00:33:35 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.zabasearch.com
URL: https://www.zabasearch.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 4443
date: Sat, 09 Jan 2021 23:19:32 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Sun, 10 Jan 2021 01:19:32 GMT

GET
H2 200 dropdown-arrow.png
assets.zabasearch.com/funnel/assets/images/ 1 KB
1 KB 534ms
533ms Image
image/png 2606:4700:3035::681f:5049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.zabasearch.com/funnel/assets/images/dropdown-arrow.png
Requested by: Host: assets.zabasearch.com
URL: https://assets.zabasearch.com/funnel/assets/sections/home/index.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::681f:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8b787653b708e7dbbc6c1608f0d51016a33198a1da96faf634c0dbbb797459b

Request headers

Referer: https://assets.zabasearch.com/funnel/assets/sections/home/index.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 00:33:35 GMT
cf-cache-status: EXPIRED
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 60f24eb2d96d0614-FRA
content-length: 1029
cf-request-id: 078b4f83c600000614c12d1000000001
last-modified: Mon, 04 May 2020 19:48:15 GMT
server: cloudflare
etag: "5eb0717f-405"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xwkI%2FNX9AcQywx7W272M7ByA%2BMwInnhmeS0pGF6mByjotqYNZSnEyqme8ZN%2BG0KJnjLsZdMwgfc%2BG9aZsQ%2Fxggig6vW9kAGgeG6lHq6QoDY9nFQYGJX0YhZV5DHNHmY5H7o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
x-robots-tag: noindex

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
130 B 45ms
13ms XHR
text/plain 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1801166025&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.zabasearch.com%2F&ul=en-us&de=UTF-8&dt=Popular%20Name%20Searches%20%7C%20Zabasearch&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=collection&ea=choose&el=zabasearch&_u=IEBAAEABAAAAAC~&jid=926847473&gjid=1773452651&cid=656687739.1610238815&tid=UA-8810863-1&_gid=683496948.1610238815&_r=1&_slc=1&z=515557485

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 10 Jan 2021 00:33:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.zabasearch.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
384 B 29ms
19ms Image
image/gif 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=1801166025&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.zabasearch.com%2F&ul=en-us&de=UTF-8&dt=Popular%20Name%20Searches%20%7C%20Zabasearch&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=a1848907-1890-4891-9a2d-7516e2b9dfc2&ea=experiment%3Aparticipation&el=26465a8f-4a63-4beb-bee3-0a9c5c9996e6&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=656687739.1610238815&tid=UA-8810863-1&_gid=683496948.1610238815&z=838134235

Requested by

Host: www.zabasearch.com
URL: https://www.zabasearch.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jan 2021 14:01:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 37934
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
58 B 29ms
20ms Image
image/gif 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=1801166025&t=pageview&_s=3&dl=https%3A%2F%2Fwww.zabasearch.com%2F&ul=en-us&de=UTF-8&dt=Popular%20Name%20Searches%20%7C%20Zabasearch&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=&gjid=&cid=656687739.1610238815&tid=UA-8810863-1&_gid=683496948.1610238815&z=752606987

Requested by

Host: www.zabasearch.com
URL: https://www.zabasearch.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Jan 2021 14:01:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 37934
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 js Show response
www.google-analytics.com/gtm/ 82 KB
33 KB 19ms
19ms Script
application/javascript 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-MHQ2SSN&t=gtm3&cid=656687739.1610238815

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

17aff59c7a157e2a33da8513a34de6a6ef8ee2f156f2a81a978a7435a89e6794

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 00:33:35 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33358
x-xss-protection: 0
last-modified: Sun, 10 Jan 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 10 Jan 2021 00:33:35 GMT

GET
H2 200 loader.js Show response
contributor.google.com/scripts/5b5e81128841dfc3/ 102 KB
35 KB 169ms
147ms Script
application/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://contributor.google.com/scripts/5b5e81128841dfc3/loader.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NCXFGZ6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a4f4a659fecf32556567af771d23588b8e74ad8b930ac63db9379733b0b133d0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-eD0QI/A/Da/2VQ2nETybmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorTargetingHttp/cspreport;worker-src 'self', script-src 'nonce-eD0QI/A/Da/2VQ2nETybmA' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorTargetingHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 00:33:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private, max-age=86400
content-security-policy: script-src 'report-sample' 'nonce-eD0QI/A/Da/2VQ2nETybmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorTargetingHttp/cspreport;worker-src 'self', script-src 'nonce-eD0QI/A/Da/2VQ2nETybmA' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorTargetingHttp/cspreport
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Sun, 10 Jan 2021 00:33:35 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 132 KB
46 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.zabasearch.com
URL: https://www.zabasearch.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7cd6c76a10fe27d9e6f00a11328b5d233bd90d38c8407a85877a55c8fd2a3530

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 00:33:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 47080
x-xss-protection: 0
server: cafe
etag: 16593419199845738291
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 10 Jan 2021 00:33:35 GMT

GET
H/1.1 200
OK 185274-232463692003415.js Show response
js-sec.indexww.com/ht/p/ 151 KB
41 KB 784ms
721ms Script
text/javascript 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/185274-232463692003415.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NCXFGZ6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a0332aef4e5861cca4ca2bb103c14c2339787d57787c237fc7b64cb21d4de06b

Request headers

Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 10 Jan 2021 00:33:36 GMT
Content-Encoding: gzip
Last-Modified: Sun, 10 Jan 2021 00:34:24 GMT
Server: Apache
ETag: "da4bcc-25a58-5b880f38bb008"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3599
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 41388
Expires: Sun, 10 Jan 2021 01:33:35 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
90 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-8810863-1&cid=656687739.1610238815&jid=926847473&gjid=1773452651&_gid=683496948.1610238815&_u=IEBAAEAAAAAAAC~&z=1996077648

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 10 Jan 2021 00:33:35 GMT
content-type: text/plain
access-control-allow-origin: https://www.zabasearch.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
27 B 13ms
12ms XHR
text/plain 2a00:1450:4001:816::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=1801166025&t=pageview&_s=1&dl=https%3A%2F%2Fwww.zabasearch.com%2F&ul=en-us&de=UTF-8&dt=Popular%20Name%20Searches%20%7C%20Zabasearch&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADQAAAAC~&jid=269867306&gjid=1628353885&cid=656687739.1610238815&tid=UA-8810863-1&_gid=683496948.1610238815&_r=1&gtm=2wgbu0NCXFGZ6&z=379140351

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:816::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 10 Jan 2021 00:33:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.zabasearch.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 17ms
17ms Image
image/gif 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-8810863-1&cid=656687739.1610238815&jid=926847473&_u=IEBAAEAAAAAAAC~&z=152582189

Requested by

Host: www.zabasearch.com
URL: https://www.zabasearch.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Jan 2021 00:33:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 30ms
30ms Image
image/gif 2a00:1450:4001:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-8810863-1&cid=656687739.1610238815&jid=926847473&_u=IEBAAEAAAAAAAC~&z=152582189

Requested by

Host: www.zabasearch.com
URL: https://www.zabasearch.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Jan 2021 00:33:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/ 234 KB
88 KB 54ms
39ms Script
text/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe5d97969e5d98e03eaacc671edb2e30373f05070f5a37d69f5a5f6f91b79149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 00:33:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 89527
x-xss-protection: 0
server: cafe
etag: 1810063338415286733
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Jan 2021 00:33:35 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/ Frame 2F4C 0
0 7ms
5ms Document
text/html 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20201203/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20201203/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.zabasearch.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.zabasearch.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 09 Jan 2021 12:24:21 GMT
expires: Sat, 23 Jan 2021 12:24:21 GMT
content-type: text/html; charset=UTF-8
etag: 10723747146953794269
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4923
x-xss-protection: 0
age: 43754
cache-control: public, max-age=1209600
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

POST
H3-Q050 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
426 B 42ms
14ms XHR
text/plain 2a00:1450:400c:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-8810863-1&cid=656687739.1610238815&jid=269867306&gjid=1628353885&_gid=683496948.1610238815&_u=aGDAAEADQAAAAC~&z=1009411482

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 10 Jan 2021 00:33:35 GMT
content-type: text/plain
access-control-allow-origin: https://www.zabasearch.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
271 B 47ms
17ms Image
image/gif 2a00:1450:4001:81a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-8810863-1&cid=656687739.1610238815&jid=269867306&_u=aGDAAEADQAAAAC~&z=1825541475

Requested by

Host: www.zabasearch.com
URL: https://www.zabasearch.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Jan 2021 00:33:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.de/ads/ 42 B
483 B 45ms
31ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-8810863-1&cid=656687739.1610238815&jid=269867306&_u=aGDAAEADQAAAAC~&z=1825541475

Requested by

Host: www.zabasearch.com
URL: https://www.zabasearch.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Jan 2021 00:33:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 204 B
645 B 88ms
32ms Script
text/javascript 216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.zabasearch.com&callback=_gfp_s_&client=ca-pub-5413153010344125

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f130.1e100.net

Software

cafe /

Resource Hash

abef7291d5663aa56a9acc53739c05c55ebc1406f8eb884c403cbe2d77c8f1c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 00:33:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 196
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
803 B 35ms
16ms Script
application/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.zabasearch.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 10 Jan 2021 00:33:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
169 B 16ms
16ms Script
application/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.zabasearch.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 10 Jan 2021 00:33:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads
googleads.g.doubleclick.net/pagead/ Frame 9A92 0
0 60ms
59ms Document
text/html 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5413153010344125&output=html&adk=522671305&adf=1178619241&lmt=1610238815&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fwww.zabasearch.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1610238815289&bpp=12&bdt=679&idt=75&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=98369424568&frm=20&pv=2&ga_vid=656687739.1610238815&ga_sid=1610238815&ga_hid=1801166025&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300%2C21068108%2C21068769&oid=3&pvsid=2047682795442334&pem=644&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=91

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-5413153010344125&output=html&adk=522671305&adf=1178619241&lmt=1610238815&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&format=0x0&url=https%3A%2F%2Fwww.zabasearch.com%2F&ea=0&flash=0&pra=5&wgl=1&dt=1610238815289&bpp=12&bdt=679&idt=75&shv=r20201203&cbv=r20190131&ptt=9&saldr=aa&abxe=1&nras=1&correlator=98369424568&frm=20&pv=2&ga_vid=656687739.1610238815&ga_sid=1610238815&ga_hid=1801166025&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=182982100%2C182982300%2C21068108%2C21068769&oid=3&pvsid=2047682795442334&pem=644&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=0&uci=a!0&fsb=1&dtd=91
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.zabasearch.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.zabasearch.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 10 Jan 2021 00:33:35 GMT
server: cafe
content-length: 34
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 10-Jan-2021 00:48:35 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Sun, 10 Jan 2021 00:33:35 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a2c24123bf9e2d278064a1c1596653f626b24deeda2c4422de8882840f82e83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 00:33:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1609936916402840"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28340
x-xss-protection: 0
expires: Sun, 10 Jan 2021 00:33:35 GMT

GET
H3-Q050 200 checksub Show response
contributor.google.com/scripts/5b5e81128841dfc3:D:29dbb40acc85067d/ 392 B
1 KB 154ms
140ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://contributor.google.com/scripts/5b5e81128841dfc3:D:29dbb40acc85067d/checksub

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorTargetingClientJs.en_US.4MZFyKoyOxA.es5.O/d=1/ct=zgms/rs=AJlcJMzJ24Ch-MfIrI4s2XWVzmshUl7ioQ/m=contributor

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f1eb87c1e2a3e9ec07d6f0344989d738459801be3e6cea577baf4aa419cff951

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-RAcKC2VKhBCw18koS6KZJw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorTargetingHttp/cspreport;worker-src 'self', script-src 'nonce-RAcKC2VKhBCw18koS6KZJw' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorTargetingHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 00:33:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.zabasearch.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-RAcKC2VKhBCw18koS6KZJw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorTargetingHttp/cspreport;worker-src 'self', script-src 'nonce-RAcKC2VKhBCw18koS6KZJw' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorTargetingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxXwrUh9-v2JEQuN4Qs1vvQWZVKwLxAJufyIuHiofQUiebH8UUI0TCpAxzTUTj9CUxtkdj-pRBQ-rOqWgT19 Show response
fundingchoicesmessages.google.com/f/ 83 KB
31 KB 30ms
29ms Script
application/javascript 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXwrUh9-v2JEQuN4Qs1vvQWZVKwLxAJufyIuHiofQUiebH8UUI0TCpAxzTUTj9CUxtkdj-pRBQ-rOqWgT19

Requested by

Host: www.zabasearch.com
URL: https://www.zabasearch.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a14781c6112a3839ba0637c77d6a22c391d59186615a7af4f6369d92b4116b2f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-AmZb6NUjLMBLdujE7y9JCQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-AmZb6NUjLMBLdujE7y9JCQ' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Jan 2021 00:33:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-AmZb6NUjLMBLdujE7y9JCQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-AmZb6NUjLMBLdujE7y9JCQ' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 204 AGSKWxXhnAz1e6V_UVEYUa7VJx9TZKVkhYzAYWPh9UBcj7FwozQ9eU5ST39PUZ2_kRSbNN_YHhGgei8pKQdhxQ28 Show response
fundingchoicesmessages.google.com/l/ 0
818 B 49ms
17ms XHR
text/html 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/l/AGSKWxXhnAz1e6V_UVEYUa7VJx9TZKVkhYzAYWPh9UBcj7FwozQ9eU5ST39PUZ2_kRSbNN_YHhGgei8pKQdhxQ28?pvid=C291D5F3-8FC0-41F0-96B0-EE45CEE00F0B&anonid=5C1EBBDE-5317-4B8A-8522-3B382C826605

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.en_US.FOStm_i_Ohw.es5.O/d=1/ct=zgms/rs=AJlcJMzuqsx40swPU8PIrDY8hRUvVADAYg/m=loader_js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-go/VwGsXBYIQyCmrgerOXw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-go/VwGsXBYIQyCmrgerOXw' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 10 Jan 2021 00:33:35 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.zabasearch.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-go/VwGsXBYIQyCmrgerOXw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-go/VwGsXBYIQyCmrgerOXw' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 AGSKWxWE0cfxRAOw6zNo6aqgwE0Jxni2IBzdS0lgWiTlMIgwHhAVB2TWe86drjsPu7Q7hGCWFUXgEX9Oh5_E27FT Show response
fundingchoicesmessages.google.com/f/ 81 KB
31 KB 60ms
47ms Script
application/javascript 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWE0cfxRAOw6zNo6aqgwE0Jxni2IBzdS0lgWiTlMIgwHhAVB2TWe86drjsPu7Q7hGCWFUXgEX9Oh5_E27FT?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCwyLFsxNjEwMjM4ODE1LDUyNTAwMDAwMF0sIkMyOTFENUYzLThGQzAtNDFGMC05NkIwLUVFNDVDRUUwMEYwQiIsIjVDMUVCQkRFLTUzMTctNEI4QS04NTIyLTNCMzgyQzgyNjYwNSIsbnVsbCxbbnVsbCxbN11dXQ

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1141f07e1d233332db30e8ae59c16b459f53ce482153d0fad22d373379ae4bd0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-43XMlqdwi/ZK6bAEExvlMg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-43XMlqdwi/ZK6bAEExvlMg' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Jan 2021 00:33:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-43XMlqdwi/ZK6bAEExvlMg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-43XMlqdwi/ZK6bAEExvlMg' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 451 identity Show response
api.rlcdn.com/api/ 0
223 B 70ms
31ms XHR
text/plain 34.120.207.148
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185274-232463692003415.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.207.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 148.207.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 10 Jan 2021 00:33:36 GMT
via: 1.1 google
alt-svc: clear
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.zabasearch.com
access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 109 B
546 B 140ms
46ms XHR
application/json 52.17.171.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=185274
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185274-232463692003415.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.171.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-171-52.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 449e2a2cebfd8779625004b2941d52cfd0b7673220bc6b1dd882a3f65e16089b

Request headers

Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Sun, 10 Jan 2021 00:33:36 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.zabasearch.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Tue, 09 Feb 2021 00:33:36 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 116 KB
30 KB 91ms
40ms Script
application/javascript 65.9.68.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.zabasearch.com
URL: https://www.zabasearch.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.68.126 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: dde5dcb02f349d5cd1f36d6afe709ddfd5713b27129dbae727f456cde6582883

Request headers

Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 00:24:46 GMT
content-encoding: gzip
server: Server
age: 529
etag: 089c185b065ebe3e9c21625b16dea242
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 cae542650fb32c773cc494fc6e7e71e7.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-version-id: _tJcEejvI3lMG1vG763SOdL7bPxWjlBE
x-amz-cf-id: USDL3zexQ0o2W6O12_RMQ0JT21WnKiBSEvV6PzAccPG1LuhB3ej99g==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 56 KB
19 KB 87ms
32ms Script
text/javascript 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NCXFGZ6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

sffe /

Resource Hash

a857e144312d1c185e5b19ef2475efd7d00534e195025cfb12ea9d8deb321f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 00:33:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "750 / 341 of 1000 / last-modified: 1610154819"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19000
x-xss-protection: 0
expires: Sun, 10 Jan 2021 00:33:36 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 74ms
26ms XHR
application/javascript 65.9.68.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.68.126 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: qvfBoISJ5ymXoV8clHCjrjeaYCNnawpM
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 16563
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 23 Dec 2020 21:52:09 GMT
server: AmazonS3
date: Sat, 09 Jan 2021 19:57:34 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: Z5Cp0ymUEB8nqRraYzLX87Ua7DibKgsKXs2bM5AmIG95CUAaU4zaHA==

GET
H3-Q050 200 pubads_impl_2021010704.js Show response
securepubads.g.doubleclick.net/gpt/ 275 KB
97 KB 80ms
47ms Script
text/javascript 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010704.js?21069766

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

sffe /

Resource Hash

9c1f123177047bbabef989226b0bdd205a3a28620da71f9a6e6920b6470cbac0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 00:33:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 07 Jan 2021 20:45:43 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99119
x-xss-protection: 0
expires: Sun, 10 Jan 2021 00:33:36 GMT

GET
H3-Q050 200 iframe Show response
fundingchoicesmessages.google.com/f/AGSKWxWAcJR2Lny6TWsFZbbID8AYXaELNcBTpbnhjf1F2B-Y2Iw3SZnRjjUfcaj42tfBJYKkv9z2qDoDfdXQ1mUcGifF8A0lnFIZA3sj94TNKUc9baWvdtXrwOujo31mRhMg_B5tES-eXIs54HTn_coDhTzvJjlee... 54 B
444 B 23ms
22ms Script
application/javascript 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWAcJR2Lny6TWsFZbbID8AYXaELNcBTpbnhjf1F2B-Y2Iw3SZnRjjUfcaj42tfBJYKkv9z2qDoDfdXQ1mUcGifF8A0lnFIZA3sj94TNKUc9baWvdtXrwOujo31mRhMg_B5tES-eXIs54HTn_coDhTzvJjleeXAJEVt0gPK7xNoj28rXinJ_WgpbCSP5Yyj8gxWWswi9XvwT1_qSRUVyPq0GDqGqXGUBmtmlrmgrFBTLo3U=/_/SmpAds./adfactor_/250x250-adverts./randomad160x600nsfw./ads/iframe

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.en_US.bnJ0eLAx98U.es5.O/d=1/ct=zgms/rs=AJlcJMxSnWUi8aXjDyHQ-te5x--JrD0Jgw/m=detection

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

52fde5f99842a7f6b0d368e779cd4ffe71231b30c78c2c3fa2cbaf2d4bbf9d36

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uJcix8WaSYmG3OjGEtiadQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-uJcix8WaSYmG3OjGEtiadQ' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Jan 2021 00:33:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-uJcix8WaSYmG3OjGEtiadQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-uJcix8WaSYmG3OjGEtiadQ' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 91 KB
32 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c034ae9048b3bf355ad9acf408321d67ebe7cdfb49f26f7a472df5b7cd95e59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 00:33:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 33076
x-xss-protection: 0
server: cafe
etag: 10461119156362163573
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 10 Jan 2021 00:33:36 GMT

POST
H3-Q050 204 AGSKWxWSEOybAQEe6hJnslG3laqRohdCi_fy-GeQXASWe13lQTW8NVj0b8tTfSB5UCZzUMJdqor-4Xl0qIFm_AVJTzmroJErTfvTe5HlWuh_am9ifK9ZbSg4WakQ6ZqQBKpEY7Soz6SpsVrIKfNfPQPc2GMNMpPOCH3WFdjFLFp2E_CEouAVXFxXVANi4g== Show response
fundingchoicesmessages.google.com/l/ 0
370 B 19ms
19ms XHR
text/html 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/l/AGSKWxWSEOybAQEe6hJnslG3laqRohdCi_fy-GeQXASWe13lQTW8NVj0b8tTfSB5UCZzUMJdqor-4Xl0qIFm_AVJTzmroJErTfvTe5HlWuh_am9ifK9ZbSg4WakQ6ZqQBKpEY7Soz6SpsVrIKfNfPQPc2GMNMpPOCH3WFdjFLFp2E_CEouAVXFxXVANi4g==

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XEYEHmuoD8dQ3nKnNWEe1w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-XEYEHmuoD8dQ3nKnNWEe1w' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 10 Jan 2021 00:33:36 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.zabasearch.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-XEYEHmuoD8dQ3nKnNWEe1w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-XEYEHmuoD8dQ3nKnNWEe1w' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 204 AGSKWxWSEOybAQEe6hJnslG3laqRohdCi_fy-GeQXASWe13lQTW8NVj0b8tTfSB5UCZzUMJdqor-4Xl0qIFm_AVJTzmroJErTfvTe5HlWuh_am9ifK9ZbSg4WakQ6ZqQBKpEY7Soz6SpsVrIKfNfPQPc2GMNMpPOCH3WFdjFLFp2E_CEouAVXFxXVANi4g== Show response
fundingchoicesmessages.google.com/l/ 0
350 B 19ms
19ms XHR
text/html 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YyFVF6+yhP+ZJSJ4lsNEPw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-YyFVF6+yhP+ZJSJ4lsNEPw' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 10 Jan 2021 00:33:36 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.zabasearch.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-YyFVF6+yhP+ZJSJ4lsNEPw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-YyFVF6+yhP+ZJSJ4lsNEPw' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 204 AGSKWxWSEOybAQEe6hJnslG3laqRohdCi_fy-GeQXASWe13lQTW8NVj0b8tTfSB5UCZzUMJdqor-4Xl0qIFm_AVJTzmroJErTfvTe5HlWuh_am9ifK9ZbSg4WakQ6ZqQBKpEY7Soz6SpsVrIKfNfPQPc2GMNMpPOCH3WFdjFLFp2E_CEouAVXFxXVANi4g== Show response
fundingchoicesmessages.google.com/l/ 0
346 B 19ms
19ms XHR
text/html 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Vx+q669SjdoCgSy2aaadeQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-Vx+q669SjdoCgSy2aaadeQ' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 10 Jan 2021 00:33:36 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.zabasearch.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-Vx+q669SjdoCgSy2aaadeQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-Vx+q669SjdoCgSy2aaadeQ' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 AGSKWxXPXddqObpHNg3s5WbnpooMKu1cmaq07dAFyeZN5ZGT7Ym8Bapw-Gxa7bxAfd0q_84TixudM0WXFjEG2UrvXt4-YasPlsvOkT3gmktKE1WdvF6SQPkPn50_MYOOQnhjUjU0e4t7JTCPv1DPATnvjPn9s32AfHGQcXaccyK3UB28O3Jm5ZfltWKjdQ== Show response
fundingchoicesmessages.google.com/f/ 63 KB
24 KB 44ms
43ms Script
application/javascript 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXPXddqObpHNg3s5WbnpooMKu1cmaq07dAFyeZN5ZGT7Ym8Bapw-Gxa7bxAfd0q_84TixudM0WXFjEG2UrvXt4-YasPlsvOkT3gmktKE1WdvF6SQPkPn50_MYOOQnhjUjU0e4t7JTCPv1DPATnvjPn9s32AfHGQcXaccyK3UB28O3Jm5ZfltWKjdQ==?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCwyLFsxNjEwMjM4ODE2LDI5OTAwMDAwMF0sbnVsbCxudWxsLG51bGwsWzEsWzcsNl1dXQ

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

36dad83a053b3d38150f973b294815d7bbc01dfeadce36e1978579c2433d173b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-R/O9AYi3yHehBdKsPuIq8g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-R/O9AYi3yHehBdKsPuIq8g' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Jan 2021 00:33:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-R/O9AYi3yHehBdKsPuIq8g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-R/O9AYi3yHehBdKsPuIq8g' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 204 AGSKWxWSEOybAQEe6hJnslG3laqRohdCi_fy-GeQXASWe13lQTW8NVj0b8tTfSB5UCZzUMJdqor-4Xl0qIFm_AVJTzmroJErTfvTe5HlWuh_am9ifK9ZbSg4WakQ6ZqQBKpEY7Soz6SpsVrIKfNfPQPc2GMNMpPOCH3WFdjFLFp2E_CEouAVXFxXVANi4g== Show response
fundingchoicesmessages.google.com/l/ 0
346 B 18ms
18ms XHR
text/html 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Conzr6YdMCnYSIKt2Ph6sw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-Conzr6YdMCnYSIKt2Ph6sw' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 10 Jan 2021 00:33:36 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.zabasearch.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-Conzr6YdMCnYSIKt2Ph6sw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-Conzr6YdMCnYSIKt2Ph6sw' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 123 B
510 B 223ms
222ms XHR
text/javascript 65.9.68.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.zabasearch.com%2F&pid=lV4LMN3mfp0Pq&cb=0&ws=1600x1200&v=7.58.01&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F77506920%2FIN_ZS_HOME_20%22%7D%5D&pubid=ed5c4ba2-d702-4c5a-8bcb-8b2a4e0cdbd9&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.68.126 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 26909472b955645221590d0d0d8fc2542456502700a7c24fa9f8d48f4255f506

Request headers

Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 00:33:36 GMT
content-encoding: gzip
server: Server
x-amz-cf-pop: FRA56-C1
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.zabasearch.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 131
via: 1.1 cae542650fb32c773cc494fc6e7e71e7.cloudfront.net (CloudFront)
x-amz-cf-id: 7jUb3CUY8E5rcY85I0Mc70yiTBunV6gcXwOZAUb8F2jVCuhP_J2UoQ==

POST
H3-Q050 204 AGSKWxXYWYAds0VHN5at-lnWLg_j-B-1HOID-O0OzeVDC3VRE20QOEW_czUmd8drOZhSlEQIqkGND-WeLH1ZmOlo0tR9b5jEYRct6-kKwBZze6jZ0yE4SFnMiGi6ez6C3847DOLoMtaLI_Y38kLDKyy6ZDgtUPF7zjQbCl_jqaQvnhVhWxc9Xjg-p_a3DQ== Show response
fundingchoicesmessages.google.com/l/ 0
344 B 19ms
19ms XHR
text/html 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/l/AGSKWxXYWYAds0VHN5at-lnWLg_j-B-1HOID-O0OzeVDC3VRE20QOEW_czUmd8drOZhSlEQIqkGND-WeLH1ZmOlo0tR9b5jEYRct6-kKwBZze6jZ0yE4SFnMiGi6ez6C3847DOLoMtaLI_Y38kLDKyy6ZDgtUPF7zjQbCl_jqaQvnhVhWxc9Xjg-p_a3DQ==

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingCookieRefreshClientJs.en_US.0fsQVd-Kv3I.es5.O/d=1/ct=zgms/rs=AJlcJMxY-DpB6cmlkbz0pBRX6_zEy8mhmQ/m=cookie_refresh

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ovijlwOuicK9ZiKWdmsHmQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-ovijlwOuicK9ZiKWdmsHmQ' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 10 Jan 2021 00:33:36 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.zabasearch.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-ovijlwOuicK9ZiKWdmsHmQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-ovijlwOuicK9ZiKWdmsHmQ' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 204 AGSKWxXYWYAds0VHN5at-lnWLg_j-B-1HOID-O0OzeVDC3VRE20QOEW_czUmd8drOZhSlEQIqkGND-WeLH1ZmOlo0tR9b5jEYRct6-kKwBZze6jZ0yE4SFnMiGi6ez6C3847DOLoMtaLI_Y38kLDKyy6ZDgtUPF7zjQbCl_jqaQvnhVhWxc9Xjg-p_a3DQ== Show response
fundingchoicesmessages.google.com/l/ 0
750 B 24ms
24ms XHR
text/html 2a00:1450:4001:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-K/lqZ0LxHUk2vVF+TlELlA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-K/lqZ0LxHUk2vVF+TlELlA' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 10 Jan 2021 00:33:36 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.zabasearch.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-K/lqZ0LxHUk2vVF+TlELlA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-K/lqZ0LxHUk2vVF+TlELlA' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 44ms
31ms XHR
application/json 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20201203&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b927a0522ab4f702b413109ec31bfe0432bbc7a1f2485aff415eb47e25de7700

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 10 Jan 2021 00:33:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6330
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 16 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20201203/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 10 Jan 2021 00:33:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607463675096825"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6146
x-xss-protection: 0
expires: Sun, 10 Jan 2021 00:33:36 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/220/ Frame 36AD 0
0 34ms
20ms Document
text/html 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/220/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.zabasearch.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.zabasearch.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4868
date: Sat, 09 Jan 2021 20:13:14 GMT
expires: Sun, 09 Jan 2022 20:13:14 GMT
last-modified: Tue, 27 Oct 2020 18:37:37 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 15622
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ 152 B
339 B 38ms
12ms XHR
application/json 2a02:fa8:8806:12::1460
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24?cb=izGcqLAa
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185274-232463692003415.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:12::1460 , Sweden, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: 163c942735c60a026dc074b84bd1719802ac09888ca8ed57a4bb7c79f942797a

Request headers

Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 10 Jan 2021 00:33:36 GMT
server: nginx
content-type: application/json
access-control-allow-origin: https://www.zabasearch.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 152
expires: 0

GET
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 136 B
815 B 154ms
86ms XHR
application/x-javascript 72.251.249.14
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?callback=window.headertag.SovrnHtb.adResponseCallback&br=%7B%22id%22%3A%22_p8K1IGv2%22%2C%22site%22%3A%7B%22domain%22%3A%22www.zabasearch.com%22%2C%22page%22%3A%22%2F%22%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22kCuHSFNy%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%7D%2C%22tagid%22%3A%22647231%22%7D%2C%7B%22id%22%3A%22tvGhNfao%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%7D%2C%22tagid%22%3A%22647232%22%7D%5D%7D
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185274-232463692003415.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.14 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: 3d2e47db7c2c0d53e6632a67e3ed42da4e39308a50ea4ab2dfd7abbefebf932e

Request headers

Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 10 Jan 2021 00:33:36 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/x-javascript
Access-Control-Allow-Origin: https://www.zabasearch.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 144

GET
H2 200 ADTECH;v=2;cmd=bid;cors=yes;misc=1610238816559; Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10639.1/5174659/0/-1/ 47 B
80 B 124ms
102ms XHR
application/json 2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10639.1/5174659/0/-1/ADTECH;v=2;cmd=bid;cors=yes;misc=1610238816559;
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185274-232463692003415.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: d0a24c74e7411061193b3ef772d1b7cc1819d75d4ade45860ea17e60ebaad498

Request headers

Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 10 Jan 2021 00:33:36 GMT
server: Adtech Adserver
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json
access-control-allow-origin: https://www.zabasearch.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 47
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 ADTECH;v=2;cmd=bid;cors=yes;misc=1610238816559; Show response
adserver-us.adtech.advertising.com/pubapi/3.0/10639.1/5174558/0/-1/ 48 B
269 B 122ms
100ms XHR
application/json 2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/10639.1/5174558/0/-1/ADTECH;v=2;cmd=bid;cors=yes;misc=1610238816559;
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185274-232463692003415.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: efada0c11ce82868f6511cdffecb0cef0b269543ece9b803d02724b688c7069c

Request headers

Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 10 Jan 2021 00:33:36 GMT
server: Adtech Adserver
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json
access-control-allow-origin: https://www.zabasearch.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 48
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2

200

arj Show response
classmates-d.openx.net/w/1.0/
Redirect Chain

https://classmates-d.openx.net/w/1.0/arj?auid=540867691&aus=728x90%2C970x90&ju=https%3A%2F%2Fwww.zabasearch.com%2F&jr=&ch=UTF-8&tz=-60&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback...
https://classmates-d.openx.net/w/1.0/arj?cc=1&auid=540867691&aus=728x90%2C970x90&ju=https%3A%2F%2Fwww.zabasearch.com%2F&jr=&ch=UTF-8&tz=-60&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&cal...

232 B
507 B

75ms
75ms

XHR
application/json

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://classmates-d.openx.net/w/1.0/arj?cc=1&auid=540867691&aus=728x90%2C970x90&ju=https%3A%2F%2Fwww.zabasearch.com%2F&jr=&ch=UTF-8&tz=-60&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._295LAZBh&cache=1610238816560&ttduuid=445005fa-77b1-4ab9-8373-10f4a353cabf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.200.0 /
Resource Hash: b5f6c753a7b2a34182b8bbba3f8c07c80e59c747b24bd3dab890333682b2ff43

Request headers

Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Jan 2021 00:33:36 GMT
content-encoding: gzip
server: OXGW/16.200.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.zabasearch.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 220
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Sun, 10 Jan 2021 00:33:36 GMT
via: 1.1 google
server: OXGW/16.200.0
location: https://classmates-d.openx.net/w/1.0/arj?cc=1&auid=540867691&aus=728x90%2C970x90&ju=https%3A%2F%2Fwww.zabasearch.com%2F&jr=&ch=UTF-8&tz=-60&bc=hb_ix_2.1.3&be=1&res=1600x1200&tws=1600x1200&ifr=0&callback=window.headertag.OpenXHtb.adResponseCallbacks._295LAZBh&cache=1610238816560&ttduuid=445005fa-77b1-4ab9-8373-10f4a353cabf
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.zabasearch.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 66 B
730 B 192ms
114ms XHR
text/javascript 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?v=7.2&s=236720&fn=headertag.IndexExchangeHtb.adResponseCallback&r=%7B%22id%22%3A82152973%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.zabasearch.com%2F%22%7D%2C%22imp%22%3A%5B%7B%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%2226%22%2C%22siteID%22%3A%22409934%22%7D%2C%22id%22%3A%221%22%7D%2C%7B%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%2211%22%2C%22siteID%22%3A%22414002%22%7D%2C%22id%22%3A%222%22%7D%5D%2C%22ext%22%3A%7B%22source%22%3A%22ixwrapper%22%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22adserver.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22445005fa-77b1-4ab9-8373-10f4a353cabf%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID%22%7D%7D%2C%7B%22id%22%3A%22FALSE%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_LOOKUP%22%7D%7D%2C%7B%22id%22%3A%222021-01-10T00%3A33%3A36%22%2C%22ext%22%3A%7B%22rtiPartner%22%3A%22TDID_CREATED_AT%22%7D%7D%5D%7D%5D%7D%7D
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185274-232463692003415.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 527d2e58ea0fcc0f3edee919e216f3ac14f63ae5a5fb4a8b8b20ad2bf3f7bf98

Request headers

Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 10 Jan 2021 00:33:36 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[CH], RC:[ZH], CN:[EU], CIP:[185.156.175.107], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin: https://www.zabasearch.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-type: text/javascript
content-length: 86
x-ak-client-geo: 12
expires: Sun, 10 Jan 2021 00:33:36 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 125ms
46ms XHR
application/json 185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185274-232463692003415.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.15 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

d15110b38bde1f1d59a7483d0eeafcfdb00f3b630ad5c4dba4b48ec1709c24cc

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 10 Jan 2021 00:33:36 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 720.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.154:80
AN-X-Request-Uuid: df2361c3-ae04-434b-98b8-5c83d6775c4c
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.zabasearch.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 260 B
2 KB 181ms
96ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=16594&size_id=2&rp_floor=0.01&rf=https%3A%2F%2Fwww.zabasearch.com%2F&p_screen_res=1600x1200&site_id=285876&zone_id=1436656&kw=rp.fastlane&tk_flint=index&rand=0.791196111944755&alt_size_ids=55
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185274-232463692003415.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 0209cb9c1e1d447fd1bf9df9971468942685a3bda9231904d4c83eb820cf18d4

Request headers

Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Sun, 10 Jan 2021 00:33:36 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.zabasearch.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 260
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1

200
OK

Cookie set iu3
aax-eu.amazon-adsystem.com/s/ Frame F115
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_rbd_r1u_dm_cnv
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_rbd_r1u_dm_cnv&dcc=t

0
0

206ms
206ms

Document
text/html

52.95.124.165
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_rbd_r1u_dm_cnv&dcc=t
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.124.165 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash

Request headers

Host: aax-eu.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.zabasearch.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ad-id=Az9Dzq4pa009hgmChVnnCgQ|t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.zabasearch.com/

Response headers

Server: Server
Date: Sun, 10 Jan 2021 00:33:36 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 198
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Set-Cookie: ad-id=Az9Dzq4pa009hgmChVnnCgQ; Domain=.amazon-adsystem.com; Expires=Fri, 01-Oct-2021 00:33:36 GMT; Path=/; Secure; HttpOnly; SameSite=None ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Wed, 01-Apr-2026 00:33:36 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip

Redirect headers

Server: Server
Date: Sun, 10 Jan 2021 00:33:36 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_rbd_r1u_dm_cnv&dcc=t
Set-Cookie: ad-id=Az9Dzq4pa009hgmChVnnCgQ|t; Domain=.amazon-adsystem.com; Expires=Fri, 01-Oct-2021 00:33:36 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary: User-Agent

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
88 B 14ms
14ms Image
image/gif 2a00:1450:4001:818::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=220&t=2&li=gda_r20201203&jk=2047682795442334&bg=!yMuly-vNAAXKjztByliJ00Z2CFu4QgIAAABRUgAAAA9oAQcKAHqzZW9TLnZM7MRI6g-LbTMBX7PaNO9iIpPUIeKs7GDmdN9emDA3qw6qPkSSuW3Mkx-F3LMjwi1aeIKee99vfXKPhRtMlBmyEI8lOBk1MMu314ahFzVI7o0zS5K5FbByt08srgXPYhppH9gCI2BbX8ztw8UHmCqske8-05kBu6ch6ZI_CRbXcFc0sWAcM5pjvx32kTG63P-LVIcyMmghQ9Cr-37pIZxwFUa8GMyPOVfSMrzb8V2t84O4MdEe9bd27UYpokXUsu8Zuc4FTZnkP3iCYrGUeTD6UpP0P1zH80vGarzmqT2PI3HjW70DRwBfWs_P1uodU6q-IHgMJQyuUbZV3qgjTxrXPj1g35xwnFEUgV_NhWWoq_pBNoyAdBl3l0N6jZuTD23ylGukAuMJX3IQ66rEM0IfqNR0wuiTTyLLXH841isowHX9DP-Lzq0ofcmg-8Kyt40VdKKPeR0yawW5nHJ-dnWShyWJmPjRObG4BRxeNKeUv-wZaH-VMyFcqE14wIQHw-TkGGDzMWi7X5-gCZTBL1oXLc2TFY0hFvAHJ2kst-NvyaAniihsAq0EbSrGjJfILbTtG2ZAZ5CDrFTbal0biGmiub2FIGggOrxn3UrwuBN5NL1iVHAiSgFDRnJLdzoJ62iFlpoI4mHoDXsPY5FhpjHthZtj9rhAbnqQNcI24KFjvvlgBObG1kYioW4Yy7xSFCVQrJDoU50rpIhQTi-dECAKpO9ceejlVMhrUk4tyMYpO9AK

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 10 Jan 2021 00:33:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame A589 0
0 28ms
27ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=2169094f-6799-4582-a8ab-4400493937d7&gdpr=0
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185274-232463692003415.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.200.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=10&ph=2169094f-6799-4582-a8ab-4400493937d7&gdpr=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.zabasearch.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=7a4c68d0-4130-063d-36cb-7dd050c38e0b|1610238816
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.zabasearch.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=7a4c68d0-4130-063d-36cb-7dd050c38e0b|1610238816; Version=1; Expires=Mon, 10-Jan-2022 00:33:36 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1610238816|mOgegqnskin0vNomiygu; Version=1; Expires=Mon, 25-Jan-2021 00:33:36 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.200.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Sun, 10 Jan 2021 00:33:36 GMT
content-type: text/html
content-length: 545
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 77 KB
26 KB 372ms
371ms XHR
text/plain 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2047682795442334&correlator=2402395158773241&output=ldjh&impl=fif&adsid=NT&eid=21068773%2C21069751%2C21069766%2C21068811&vrg=2021010704&guci=2.1.0.4.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210110&iu_parts=77506920%2CIN_ZS_HOME_20&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cust_params=variant%3Dzaba_variant_3&cookie=ID%3D0d0049186c90b4a3-2289ffd99ca60091%3AT%3D1610238815%3ART%3D1610238815%3AS%3DALNI_MZ7tnjIxIpkOHV_rFTNUVjXLJjCyw&bc=31&abxe=1&lmt=1610238816&dt=1610238816766&dlt=1610238814610&idt=1729&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=995&adks=227001118&ucis=1&ifi=2&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.zabasearch.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=976x97&msz=976x90&ga_vid=656687739.1610238815&ga_sid=1610238815&ga_hid=1801166025&fws=4&ohw=1600&btvi=0&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010704.js?21069766

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f226.1e100.net

Software

cafe /

Resource Hash

16d47b74f06b7837ac840027ddb88118d5489455cc4900cb39ef1eaec39ee6a5

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15301553335605806136/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15301553335605806136/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMuluIWPkO4CFabsuwgd9tgJpg&gqi=&layout=/sadbundle/%24csp%253Der3%24/15301553335605806136/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15301553335605806136/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15301553335605806136/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMuluIWPkO4CFabsuwgd9tgJpg&gqi=&layout=/sadbundle/%24csp%253Der3%24/15301553335605806136/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25672
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Sun, 10 Jan 2021 00:33:37 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.zabasearch.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
d8d26d952c4c5676aafdc9d0bff850d3.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 71ms
39ms Other
text/html 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d8d26d952c4c5676aafdc9d0bff850d3.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010704.js?21069766
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 6ms
6ms Other
text/html 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010704.js?21069766
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

POST
H/1.1 200
OK headerstats Show response
as-sec.casalemedia.com/ 0
316 B 97ms
35ms XHR
text/plain 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=236720&u=https%3A%2F%2Fwww.zabasearch.com%2F&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185274-232463692003415.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.zabasearch.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Sun, 10 Jan 2021 00:33:36 GMT
Server: Apache
Access-Control-Allow-Origin: https://www.zabasearch.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Sun, 10 Jan 2021 00:33:36 GMT

GET
H3-Q050 200 container.html
d8d26d952c4c5676aafdc9d0bff850d3.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 3115 0
0 33ms
19ms Document
text/html 2a00:1450:4001:825::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d8d26d952c4c5676aafdc9d0bff850d3.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021010704.js?21069766

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:825::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: d8d26d952c4c5676aafdc9d0bff850d3.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.zabasearch.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.zabasearch.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Sun, 10 Jan 2021 00:33:36 GMT
expires: Mon, 10 Jan 2022 00:33:36 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Verdicts & Comments Add Verdict or Comment

222 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.zabasearch.com/	1970-01-19 16:00:30	Name: CUID Value: N,1610238815586:ALHGLuQAAAAPTiwxNjEwMjM4ODE1NTg2qkrUnubtgN2dMRbxG9+8j30F8qHXmMOFcIQbx8iAOFVwDsmauCm4ze5tL5jnVAdaJlN3vEfM/qVFkyVWuOxkVs51bdF2tjAqHUpVjIriwcltLY+w4McKr7YNKK0DiO8gw1KkJExsz48SnKnhnBwt2NiokF9CFb9uOmKi3rpl3MdmTDczfqaeeJJrxksiRhJHCOOHOBAmas+6ZYzDW1LNPQKd/Hf6ZmoUxzVN8Xinj4koYtk0V5y9aoJR6P84NFP6LMrSfO1wVV4NdKRNc58wDAhn8CPyVRD9pu6G6IB2o9KBeNY3YQZPjOKIv4xdCKVWSqGW28Xg7NWab0duapyOHA==
.zabasearch.com/	1970-01-20 00:38:54	Name: FCCDCF Value: [["AKsRol961od-68vquMFxbaAdGm9_SHnvVyt75xng_B-C2kdANW_NqEpYLH3YJeUxNrqW9S4OzO7KTpme1RekymTM6qZit3uSxZHIGA1uVja05OK8ZHP08T6jIr-zlhBaOvLIZhA7HglDjnmYInRFElC7mDmDbYXcwA=="],null,["[[],[],[],[],null,null,true]",1610238816365]]
.zabasearch.com/	1970-01-20 00:38:54	Name: __gads Value: ID=0d0049186c90b4a3-2289ffd99ca60091:T=1610238815:RT=1610238815:S=ALNI_MZ7tnjIxIpkOHV_rFTNUVjXLJjCyw
.doubleclick.net/	1970-01-19 15:17:19	Name: test_cookie Value: CheckForPermission
.zabasearch.com/	1970-01-19 15:18:45	Name: _gid Value: GA1.2.683496948.1610238815
.zabasearch.com/	1970-01-19 15:17:18	Name: _gat Value: 1
.zabasearch.com/	1970-01-20 08:48:30	Name: _ga Value: GA1.2.656687739.1610238815
www.zabasearch.com/	1970-01-20 00:02:54	Name: device-id Value: 82eb6913-bf57-443c-b8c8-89fcf4a4ae7b
www.zabasearch.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: orhev57djqusi56pkfjetb0dc6
.zabasearch.com/	1970-01-19 15:17:18	Name: _gat_UA-8810863-1 Value: 1
.zabasearch.com/	1970-01-19 16:00:30	Name: __cfduid Value: d964023de15f59fc7828ca68fd260cd4f1610238813

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aax-eu.amazon-adsystem.com
adserver-us.adtech.advertising.com
adservice.google.com
adservice.google.de
ap.lijit.com
api.rlcdn.com
as-sec.casalemedia.com
assets.zabasearch.com
c.amazon-adsystem.com
classmates-d.openx.net
contributor.google.com
d8d26d952c4c5676aafdc9d0bff850d3.safeframe.googlesyndication.com
eu-u.openx.net
fastlane.rubiconproject.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
htlb.casalemedia.com
ib.adnxs.com
js-sec.indexww.com
match.adsrvr.org
pagead2.googlesyndication.com
partner.googleadservices.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
web.hb.ad.cpe.dotomi.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.isearch.com
www.zabasearch.com
165.160.13.20
172.217.21.226
185.33.221.15
2.18.234.21
216.58.212.130
23.37.38.181
2606:2800:233:97b6:26be:138a:cba8:bb01
2606:4700:3035::681f:5049
2a00:1450:4001:800::2003
2a00:1450:4001:802::2008
2a00:1450:4001:803::200e
2a00:1450:4001:80b::200e
2a00:1450:4001:814::2001
2a00:1450:4001:816::200e
2a00:1450:4001:817::2003
2a00:1450:4001:818::2002
2a00:1450:4001:81a::2004
2a00:1450:4001:81e::2002
2a00:1450:4001:821::200e
2a00:1450:4001:825::2001
2a00:1450:400c:c04::9a
2a00:1450:400c:c04::9b
2a02:fa8:8806:12::1460
34.120.207.148
34.98.64.218
52.17.171.52
52.95.124.165
65.9.68.126
69.173.144.141
72.251.249.14
0209cb9c1e1d447fd1bf9df9971468942685a3bda9231904d4c83eb820cf18d4
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
1141f07e1d233332db30e8ae59c16b459f53ce482153d0fad22d373379ae4bd0
163c942735c60a026dc074b84bd1719802ac09888ca8ed57a4bb7c79f942797a
16d47b74f06b7837ac840027ddb88118d5489455cc4900cb39ef1eaec39ee6a5
17aff59c7a157e2a33da8513a34de6a6ef8ee2f156f2a81a978a7435a89e6794
26909472b955645221590d0d0d8fc2542456502700a7c24fa9f8d48f4255f506
36dad83a053b3d38150f973b294815d7bbc01dfeadce36e1978579c2433d173b
3d2e47db7c2c0d53e6632a67e3ed42da4e39308a50ea4ab2dfd7abbefebf932e
449e2a2cebfd8779625004b2941d52cfd0b7673220bc6b1dd882a3f65e16089b
4a4c7891db3130e5373acfc0f8c9f6152e778f20bc42006c656edf075f0e70f0
4bcab36a12e9c0faa72188bf7aa8e001daf123d904c3eac998cc5c609ca22208
527d2e58ea0fcc0f3edee919e216f3ac14f63ae5a5fb4a8b8b20ad2bf3f7bf98
52fde5f99842a7f6b0d368e779cd4ffe71231b30c78c2c3fa2cbaf2d4bbf9d36
57a2b5cb2e3f9cc29d6706ef9e34467411e60b2bcdb3497ca3467707debd96f9
7a2c24123bf9e2d278064a1c1596653f626b24deeda2c4422de8882840f82e83
7cd6c76a10fe27d9e6f00a11328b5d233bd90d38c8407a85877a55c8fd2a3530
81b95bcf2baab3f5cc6dec7f2d8e6dcf367032490216d548ce9dac8aeba5b78a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8aaa832bba0264a0f17689864368c546dacc50d0bc8b1333962a67c50a7d66d6
8fa8b94d886bab8c529cf2d05ebe09742e01a928d3f381174628b70479c4d7e7
9c034ae9048b3bf355ad9acf408321d67ebe7cdfb49f26f7a472df5b7cd95e59
9c1f123177047bbabef989226b0bdd205a3a28620da71f9a6e6920b6470cbac0
a0332aef4e5861cca4ca2bb103c14c2339787d57787c237fc7b64cb21d4de06b
a14781c6112a3839ba0637c77d6a22c391d59186615a7af4f6369d92b4116b2f
a4f4a659fecf32556567af771d23588b8e74ad8b930ac63db9379733b0b133d0
a857e144312d1c185e5b19ef2475efd7d00534e195025cfb12ea9d8deb321f7e
abef7291d5663aa56a9acc53739c05c55ebc1406f8eb884c403cbe2d77c8f1c8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b5f6c753a7b2a34182b8bbba3f8c07c80e59c747b24bd3dab890333682b2ff43
b927a0522ab4f702b413109ec31bfe0432bbc7a1f2485aff415eb47e25de7700
baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5
c8b787653b708e7dbbc6c1608f0d51016a33198a1da96faf634c0dbbb797459b
ce36db6a41e54ec30582f0c40f48148afa13106e735660a3105d966c31df531f
d0a24c74e7411061193b3ef772d1b7cc1819d75d4ade45860ea17e60ebaad498
d15110b38bde1f1d59a7483d0eeafcfdb00f3b630ad5c4dba4b48ec1709c24cc
dde5dcb02f349d5cd1f36d6afe709ddfd5713b27129dbae727f456cde6582883
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e20724a3c66b7c5c0b9a4fdd59d52afae288e388e4404a37967eeaf334f66deb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
eb877d30ff59c405e8c2c3dfbed2b23376d81ecf94e4bc57e1bda813790c91ee
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efada0c11ce82868f6511cdffecb0cef0b269543ece9b803d02724b688c7069c
f1eb87c1e2a3e9ec07d6f0344989d738459801be3e6cea577baf4aa419cff951
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fe5d97969e5d98e03eaacc671edb2e30373f05070f5a37d69f5a5f6f91b79149

www.zabasearch.com Open in urlscan Pro 2606:4700:3035::681f:5049 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

72 Requests

100 %HTTPS

57 %IPv6

21 Domains

33 Subdomains

29 IPs

7 Countries

722 kBTransfer

2076 kBSize

11 Cookies

6 Outgoing links

Page URL History

Redirected requests

72 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.zabasearch.com Open in urlscan Pro
2606:4700:3035::681f:5049 Public Scan

Screenshot
Live screenshot

Full Image

72
Requests

100 %
HTTPS

57 %
IPv6

21
Domains

33
Subdomains

29
IPs

7
Countries

722 kB
Transfer

2076 kB
Size

11
Cookies

72 HTTP transactions
0 data transactions