zondaglobal.com Open in urlscan Pro
104.18.31.178 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://metflix.pl/
Effective URL:
https://zondaglobal.com/en/home
Submission Tags: @phishunt_io
Submission: On December 28 via api (December 28th 2021, 5:55:46 am UTC) from DE — Scanned from DE

Summary HTTP 206 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 50 IPs in 10 countries across 61 domains to perform 206 HTTP transactions. The main IP is 104.18.31.178, located in and belongs to CLOUDFLARENET, US. The main domain is zondaglobal.com.
TLS certificate: Issued by R3 on December 2nd 2021. Valid for: 3 months.

This is the only time zondaglobal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	185.253.212.22 185.253.212.22	48707 (GREENER-AS) (GREENER-AS)
1 1	185.253.212.10 185.253.212.10	48707 (GREENER-AS) (GREENER-AS)
1 22	104.18.4.135 104.18.4.135	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
14	91.235.133.182 91.235.133.182	30286 (THM) (THM)
1 4	91.235.132.130 91.235.132.130	30286 (THM) (THM)
1	91.235.134.131 91.235.134.131	30286 (THM) (THM)
1 91	104.18.31.178 104.18.31.178	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
3	104.18.25.204 104.18.25.204	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
1 3	172.217.18.102 172.217.18.102	15169 (GOOGLE) (GOOGLE)
4 19	37.157.4.23 37.157.4.23	198622 (ADFORM) (ADFORM)
1	37.157.5.73 37.157.5.73	198622 (ADFORM) (ADFORM)
9	2.16.186.211 2.16.186.211	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	37.157.4.25 37.157.4.25	198622 (ADFORM) (ADFORM)
1 2	99.81.7.40 99.81.7.40	16509 (AMAZON-02) (AMAZON-02)
1	104.111.218.85 104.111.218.85	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	35.157.138.20 35.157.138.20	16509 (AMAZON-02) (AMAZON-02)
1	185.86.137.133 185.86.137.133	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	18.192.154.98 18.192.154.98	16509 (AMAZON-02) (AMAZON-02)
1 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1	2.18.234.233 2.18.234.233	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	18.194.0.84 18.194.0.84	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:272	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
4 5	77.243.60.138 77.243.60.138	42697 (NETIC-AS) (NETIC-AS)
2 2	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
4 4	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
4 4	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
2	52.57.150.20 52.57.150.20	16509 (AMAZON-02) (AMAZON-02)
2 2	18.198.69.109 18.198.69.109	16509 (AMAZON-02) (AMAZON-02)
1	2a02:6ea0:c70... 2a02:6ea0:c700::2	60068 (CDN77 ^_^) (CDN77 ^_^)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 2	52.17.84.146 52.17.84.146	16509 (AMAZON-02) (AMAZON-02)
2	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1 1	54.77.170.127 54.77.170.127	16509 (AMAZON-02) (AMAZON-02)
1	52.218.61.75 52.218.61.75	16509 (AMAZON-02) (AMAZON-02)
1	51.210.112.236 51.210.112.236	16276 (OVH) (OVH)
4 5	80.82.217.103 80.82.217.103	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	139.162.141.41 139.162.141.41	63949 (LINODE-AP...) (LINODE-AP Linode)
1 1	80.82.217.90 80.82.217.90	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	52.212.131.178 52.212.131.178	16509 (AMAZON-02) (AMAZON-02)
2 3	185.33.221.50 185.33.221.50	29990 (ASN-APPNEX) (ASN-APPNEX)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	143.204.98.67 143.204.98.67	16509 (AMAZON-02) (AMAZON-02)
2 2	54.236.81.149 54.236.81.149	14618 (AMAZON-AES) (AMAZON-AES)
2 2	34.253.7.226 34.253.7.226	16509 (AMAZON-02) (AMAZON-02)
1 1	52.59.43.26 52.59.43.26	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	18.194.149.16 18.194.149.16	16509 (AMAZON-02) (AMAZON-02)
1	51.89.21.21 51.89.21.21	16276 (OVH) (OVH)
2 2	35.190.16.14 35.190.16.14	15169 (GOOGLE) (GOOGLE)
1	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	88.99.213.228 88.99.213.228	24940 (HETZNER-AS) (HETZNER-AS)
1	2600:9000:215... 2600:9000:2156:3000:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1	46.19.11.36 46.19.11.36	51790 (SIEL) (SIEL)
1 2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:802::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
206	50

1 185.253.212.22 (Poland)

ASN48707 (GREENER-AS, PL)

metflix.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.253.212.10 (Poland) 1 redirects

ASN48707 (GREENER-AS, PL)

t2712.am-track.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 104.18.4.135 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

auth.bitbay.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bitbay.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 91.235.133.182 (United States)

ASN30286 (THM, US)

thmep.bitbay.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 91.235.132.130 (United States) 1 redirects

ASN30286 (THM, US)
PTR: h.online-metrix.net

h.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.235.134.131 (United States)

ASN30286 (THM, US)

8wmmckk2wgzoc54bba6iwbtog6ozqnr6q7bzym7r2798482e94dd5fb5am1.e.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

91 104.18.31.178 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

zondaglobal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.25.204 (None, )

ASN13335 (CLOUDFLARENET, US)

api.zonda.exchange	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.102 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f102.1e100.net

11067916.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 37.157.4.23 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dmp.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.5.73 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2.16.186.211 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-211.deploy.static.akamaitechnologies.com

cdn.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
accounts.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.4.25 (Denmark)

ASN198622 (ADFORM, DK)

server.seadform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.81.7.40 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-7-40.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.218.85 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-218-85.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.138.20 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-138-20.eu-central-1.compute.amazonaws.com

ih.adscale.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.133 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.192.154.98 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-154-98.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.194.0.84 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-0-84.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 77.243.60.138 (Aalborg, Denmark) 4 redirects

ASN42697 (NETIC-AS, DK)

uipglob.semasio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.201 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.33.220.150 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.181.226 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.57.150.20 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-150-20.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.198.69.109 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c700::2 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

load77.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.17.84.146 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-84-146.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.77.170.127 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-170-127.eu-west-1.compute.amazonaws.com

api.adrtx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.218.61.75 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: s3-eu-west-1.amazonaws.com

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.210.112.236 (France)

ASN16276 (OVH, FR)
PTR: pikafka-1.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 80.82.217.103 (Krefeld, Germany) 4 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

cm.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.162.141.41 (Frankfurt am Main, Germany) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: tags1.adsafety.net

tags.adsafety.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.82.217.90 (Krefeld, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

ads.smartstream.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.212.131.178 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-131-178.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.50 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-67.fra50.r.cloudfront.net

pdw-adf.userreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.236.81.149 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-236-81-149.compute-1.amazonaws.com

a.audrte.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.253.7.226 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-7-226.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.59.43.26 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-43-26.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.194.149.16 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-149-16.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.21.21 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: p13.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.16.14 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 14.16.190.35.bc.googleusercontent.com

redirect.frontend.weborama.fr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.99.213.228 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.88-99-213-228.clients.your-server.de

sync.1dmp.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:3000:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.19.11.36 (Ljubljana, Slovenia)

ASN51790 (SIEL, SI)
PTR: ilog.vsn.si

match.contentexchange.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
91	zondaglobal.com 1 redirects zondaglobal.com	1 MB
36	bitbay.net 1 redirects auth.bitbay.net thmep.bitbay.net bitbay.net	930 KB
20	adform.net 4 redirects track.adform.net s2.adform.net c1.adform.net dmp.adform.net	39 KB
9	livechatinc.com cdn.livechatinc.com api.livechatinc.com secure.livechatinc.com accounts.livechatinc.com	268 KB
7	doubleclick.net 5 redirects 11067916.fls.doubleclick.net cm.g.doubleclick.net	2 KB
6	adsafety.net 5 redirects cm.adsafety.net tags.adsafety.net	10 KB
5	semasio.net 4 redirects uipglob.semasio.net	3 KB
5	online-metrix.net 1 redirects h.online-metrix.net 8wmmckk2wgzoc54bba6iwbtog6ozqnr6q7bzym7r2798482e94dd5fb5am1.e.aa.online-metrix.net	17 KB
4	adsrvr.org 4 redirects match.adsrvr.org	2 KB
3	adnxs.com 2 redirects secure.adnxs.com	3 KB
3	exelator.com 2 redirects loadm.exelator.com load77.exelator.com	2 KB
3	zonda.exchange api.zonda.exchange	14 KB
3	gstatic.com www.gstatic.com fonts.gstatic.com	169 KB
2	facebook.com www.facebook.com	496 B
2	3lift.com 1 redirects eb2.3lift.com	717 B
2	tapad.com 2 redirects pixel.tapad.com	904 B
2	1dmp.io 1 redirects sync.1dmp.io	805 B
2	weborama.fr 2 redirects redirect.frontend.weborama.fr	519 B
2	w55c.net 2 redirects pm.w55c.net	1 KB
2	demdex.net 2 redirects dpm.demdex.net	2 KB
2	audrte.com 2 redirects a.audrte.com	1 KB
2	bluekai.com tags.bluekai.com	1 KB
2	crwdcntrl.net 1 redirects sync.crwdcntrl.net	1015 B
2	eyeota.net ps.eyeota.net	688 B
2	mathtag.com 2 redirects pixel.mathtag.com	1 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com	2 KB
2	bidswitch.net 2 redirects x.bidswitch.net	1 KB
2	yahoo.com 1 redirects ups.analytics.yahoo.com	814 B
2	advertising.com 2 redirects pixel.advertising.com	677 B
2	adscale.de 2 redirects ih.adscale.de	691 B
2	360yield.com 1 redirects ad.360yield.com	827 B
2	facebook.net connect.facebook.net	113 KB
2	google-analytics.com www.google-analytics.com	20 KB
2	google.com www.google.com adservice.google.com	1 KB
1	googleapis.com fonts.googleapis.com	1 KB
1	contentexchange.me match.contentexchange.me	49 B
1	smaato.net s.ad.smaato.net	240 B
1	teads.tv sync.teads.tv	172 B
1	id5-sync.com id5-sync.com	1009 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	456 B
1	agkn.com 1 redirects aa.agkn.com	343 B
1	userreport.com pdw-adf.userreport.com	444 B
1	pubmatic.com simage2.pubmatic.com	544 B
1	krxd.net beacon.krxd.net	339 B
1	smartstream.tv 1 redirects ads.smartstream.tv	849 B
1	onaudience.com pixel.onaudience.com	248 B
1	amazonaws.com s3-eu-west-1.amazonaws.com	390 B
1	adrtx.net 1 redirects api.adrtx.net	406 B
1	openx.net eu-u.openx.net	274 B
1	rlcdn.com idsync.rlcdn.com
1	4dex.io mp.4dex.io	472 B
1	stickyadstv.com ads.stickyadstv.com	712 B
1	smartadserver.com rtb-csync.smartadserver.com	163 B
1	rubiconproject.com token.rubiconproject.com	214 B
1	yieldlab.net ad.yieldlab.net	522 B
1	seadform.net server.seadform.net	343 B
1	googletagmanager.com www.googletagmanager.com	57 KB
1	am-track.pl 1 redirects t2712.am-track.pl	510 B
1	metflix.pl metflix.pl	743 B
0	ib-ibi.com Failed global.ib-ibi.com Failed
0	Failed function sub() { [native code] }. Failed
206	61

	Domain	Requested by
91	zondaglobal.com	1 redirects auth.bitbay.net zondaglobal.com
21	auth.bitbay.net	metflix.pl auth.bitbay.net
14	thmep.bitbay.net	auth.bitbay.net thmep.bitbay.net
12	c1.adform.net	2 redirects track.adform.net c1.adform.net
5	cm.adsafety.net	4 redirects c1.adform.net
5	uipglob.semasio.net	4 redirects c1.adform.net
4	dmp.adform.net	c1.adform.net
4	cm.g.doubleclick.net	4 redirects
4	match.adsrvr.org	4 redirects
4	cdn.livechatinc.com	zondaglobal.com secure.livechatinc.com
4	h.online-metrix.net	1 redirects thmep.bitbay.net
3	secure.adnxs.com	2 redirects c1.adform.net
3	api.livechatinc.com	cdn.livechatinc.com
3	track.adform.net	2 redirects zondaglobal.com
3	11067916.fls.doubleclick.net	1 redirects www.googletagmanager.com zondaglobal.com
3	api.zonda.exchange	zondaglobal.com
2	fonts.gstatic.com	fonts.googleapis.com
2	www.facebook.com	11067916.fls.doubleclick.net
2	eb2.3lift.com	1 redirects c1.adform.net
2	pixel.tapad.com	2 redirects
2	sync.1dmp.io	1 redirects c1.adform.net
2	redirect.frontend.weborama.fr	2 redirects
2	pm.w55c.net	2 redirects
2	dpm.demdex.net	2 redirects
2	a.audrte.com	2 redirects
2	tags.bluekai.com	c1.adform.net
2	sync.crwdcntrl.net	1 redirects c1.adform.net
2	loadm.exelator.com	2 redirects
2	ps.eyeota.net	c1.adform.net
2	pixel.mathtag.com	2 redirects
2	dsum-sec.casalemedia.com	1 redirects c1.adform.net
2	x.bidswitch.net	2 redirects
2	ups.analytics.yahoo.com	1 redirects c1.adform.net
2	pixel.advertising.com	2 redirects
2	ih.adscale.de	2 redirects
2	ad.360yield.com	1 redirects c1.adform.net
2	connect.facebook.net	11067916.fls.doubleclick.net connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	accounts.livechatinc.com	cdn.livechatinc.com
1	fonts.googleapis.com	secure.livechatinc.com
1	secure.livechatinc.com	cdn.livechatinc.com
1	match.contentexchange.me	c1.adform.net
1	s.ad.smaato.net	c1.adform.net
1	sync.teads.tv	c1.adform.net
1	id5-sync.com	c1.adform.net
1	dsp.adfarm1.adition.com	1 redirects
1	aa.agkn.com	1 redirects
1	pdw-adf.userreport.com	c1.adform.net
1	simage2.pubmatic.com	c1.adform.net
1	beacon.krxd.net	c1.adform.net
1	ads.smartstream.tv	1 redirects
1	tags.adsafety.net	1 redirects
1	pixel.onaudience.com	c1.adform.net
1	s3-eu-west-1.amazonaws.com	c1.adform.net
1	api.adrtx.net	1 redirects
1	eu-u.openx.net	c1.adform.net
1	idsync.rlcdn.com	c1.adform.net
1	load77.exelator.com	c1.adform.net
1	mp.4dex.io	c1.adform.net
1	ads.stickyadstv.com	c1.adform.net
1	rtb-csync.smartadserver.com	c1.adform.net
1	token.rubiconproject.com	c1.adform.net
1	ad.yieldlab.net	c1.adform.net
1	server.seadform.net	zondaglobal.com
1	adservice.google.com	11067916.fls.doubleclick.net
1	s2.adform.net	zondaglobal.com
1	www.googletagmanager.com	zondaglobal.com
1	bitbay.net	1 redirects
1	8wmmckk2wgzoc54bba6iwbtog6ozqnr6q7bzym7r2798482e94dd5fb5am1.e.aa.online-metrix.net
1	www.gstatic.com	www.google.com
1	www.google.com	auth.bitbay.net
1	t2712.am-track.pl	1 redirects
1	metflix.pl
0	global.ib-ibi.com Failed	c1.adform.net
0	ghbmnnjooekpmoecnnnilnnbdlolhkhi Failed	thmep.bitbay.net
206	75

This site contains links to these domains. Also see Links.

Domain
auth.zonda.exchange
apps.apple.com
play.google.com
docs.zonda.exchange
www.facebook.com
twitter.com
www.instagram.com
pl.linkedin.com

Subject Issuer	Validity	Valid
metflix.pl R3	`2021-12-27` - `2022-03-27`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
thmep.bitbay.net Sectigo RSA Domain Validation Secure Server CA	`2021-09-22` - `2022-10-07`	a year	crt.sh
h.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2021-01-21` - `2022-01-21`	a year	crt.sh
*.e.aa.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2021-07-30` - `2022-08-01`	a year	crt.sh
*.zondaglobal.com R3	`2021-12-02` - `2022-03-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
livechat.com DigiCert SHA2 Secure Server CA	`2021-04-20` - `2022-04-25`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-10-06` - `2022-01-04`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.seadform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-11-04`	a year	crt.sh
*.yieldlab.net DigiCert SHA2 Secure Server CA	`2021-03-09` - `2022-03-14`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
ads.stickyadstv.com DigiCert SHA2 Secure Server CA	`2021-09-19` - `2022-09-20`	a year	crt.sh
*.eyeota.net R3	`2021-10-26` - `2022-01-24`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-11-24` - `2022-04-26`	5 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.onaudience.com Certyfikat SSL	`2021-05-28` - `2022-05-28`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.userreport.com Amazon	`2021-02-18` - `2022-03-19`	a year	crt.sh
*.id5-sync.com R3	`2021-12-20` - `2022-03-20`	3 months	crt.sh
teads.tv R3	`2021-11-03` - `2022-02-01`	3 months	crt.sh
s.ad.smaato.net Amazon	`2021-09-21` - `2022-10-20`	a year	crt.sh
*.contentexchange.me Sectigo RSA Domain Validation Secure Server CA	`2021-05-05` - `2022-06-04`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://zondaglobal.com/en/home
Frame ID: 99AFF52562AAB7AFE86B74A94F011D6A
Requests: 119 HTTP requests in this frame

Frame: https://thmep.bitbay.net/m8yLQT_7bbzQ8Cfy?ecacb0200160fca3=sDGusfdy_Y-L1oZHCuNlkbOn7xGAb8IvrXs8mZyoroXPSgajjlqjKVOt5p9Wn2aRKK5y9nafBPLvI68M2F54NbK-17OTAokayqoezu7tL4ZywPKbyWtxOJnwaGsxygu3IVX0DgvPT02arsPGwpHydPlOBscG-PpCqVs0V5-CcKQojFVnrtA3AUmc-x8yT18MABzgPTfGf6AXAf4l&jb=363b26266a736d75354c6b6c77702662716d354e696c77702e687162753f4368726f6567246873623d436a72676d67273038393e
Frame ID: 5098F886C0712F472373C3726A19E205
Requests: 12 HTTP requests in this frame

Frame: https://auth.bitbay.net/auth/new/next/index.html
Frame ID: F1A552AA726062F0B510C2067D74FAAD
Requests: 10 HTTP requests in this frame

Frame: https://thmep.bitbay.net/wnsce-sA7g9Nz-nb?f095bf4d27fccf17=agHfVNt1rE0BfwhIYIbxocjnfYeua5yT3c3zK-fxl820Cr5iQymddcZM9qdzLlhfrsv5uLnulOtrbTltGXgTegXUCd70s3sQhzCcJ2gIg83dDeKY77NggvsrC60B8s2Xez9fDK8dEUndpb1Uv3Na4G_nT0jTLyqAMDoCA7X9-xcRlxQaM4K060rqcjjZAFFUo7Gbbff7VqLZZA6Xy9Y
Frame ID: D51AFD71CC7B9ED302369F644B885682
Requests: 2 HTTP requests in this frame

Frame: https://h.online-metrix.net/-kXX3iMtvgHn-EE9?7081e3f3d1859696=7w93cAwtlmXBDbqRyF8041I3ljXarwvovSbZJYbHjxqLL6rEd3VZpf7j7tQyQipWRrcm-k_EVUSs2gUy3rY1oAqw1TkasFKs3hJkMtpTwYcD5zNJFNvS-l4SG4BQiOgzGcWok4Zpt_kcETTFm197Wm_qTFYQGCjbPE2-0FtOEWmGXGD19csluYF_g27Oj4Mr5VJqa22y54N10eiJUqqu
Frame ID: FEBB38A3CD9F65865C4E2B043810445D
Requests: 2 HTTP requests in this frame

Frame: https://thmep.bitbay.net/H-ldRmaFhw7lW9HD?84cdeee47170d0c4=Qnxhvzesf0-JKpjjagMWz5L61lOI9DXFUnH6IACuh0EsUC3G0NCPSIK0LqJp2u7_XqaiVpAmUpjaRpch1OlygCyydYxRPU-j4zg8ouqDHnu1U2ej4D7l_JJk6G1L5W1HGGU7CQ5ZA89hUb7N_4FsOE5xpXaqjh6TXYGAFXb6f0u4DPnjYugYPbA2IKgYBRMaaU6W-w8koqmFQZD06Ghs
Frame ID: 529238DC4A4E14F6494096A1ABFDA600
Requests: 2 HTTP requests in this frame

Frame: https://11067916.fls.doubleclick.net/activityi;dc_pre=CICC-sXnhfUCFUsO0wods9IKHA;src=11067916;type=bite00;cat=lp_zo0;ord=7094546056878;gtm=2wgc10;auiddc=1286076809.1640670943;ps=1;~oref=https%3A%2F%2Fzondaglobal.com%2Fen%2Fhome
Frame ID: A082450633DC5DF5521C35CABF3CAB47
Requests: 6 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?uid=527415736575725998&agencyId=8066&advertiserId=2104127&src=tp&rnd=22938
Frame ID: 19BD3BD6E64E2EF4DABA9C691EF87E84
Requests: 45 HTTP requests in this frame

Frame: https://secure.livechatinc.com/customer/action/open_chat?license_id=11644358&group=1&embedded=1&widget_version=3&unique_groups=0
Frame ID: E20AE1712DC31B98B7C8FDD23BFDA99F
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Zonda: Buy & Sell Bitcoin and Altcoins on trusted Crypto Exchange - Zonda

Page URL History Show full URLs

https://metflix.pl/ Page URL
https://t2712.am-track.pl/track.php?track=b035a6f11df898bc3fee05bed01599a2&ref=&url=https%3A%2F%2Fauth... HTTP 301
https://auth.bitbay.net/ref/mafhGi Page URL
https://bitbay.net/ HTTP 301
https://zondaglobal.com/en HTTP 301
https://zondaglobal.com/en/home Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

LiveChat (Live Chat) Expand

Overall confidence: 100%
Detected patterns

cdn\.livechatinc\.com/.*tracking\.js

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

206
Requests

86 %
HTTPS

18 %
IPv6

61
Domains

75
Subdomains

50
IPs

10
Countries

2941 kB
Transfer

59885 kB
Size

114
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://auth.zonda.exchange/login
Title: Login

Search URL Search Domain Scan URL

URL: https://auth.zonda.exchange/register
Title: Register

Search URL Search Domain Scan URL

URL: https://apps.apple.com/app/id1409644952

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=net.bitbay.bitcoin

Search URL Search Domain Scan URL

URL: https://docs.zonda.exchange/
Title: Trading API

Search URL Search Domain Scan URL

URL: https://www.facebook.com/zondaglobal

Search URL Search Domain Scan URL

URL: https://twitter.com/zondaglobal

Search URL Search Domain Scan URL

URL: https://www.instagram.com/bitbay/

Search URL Search Domain Scan URL

URL: https://pl.linkedin.com/company/zondaglobal

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://metflix.pl/ Page URL
https://t2712.am-track.pl/track.php?track=b035a6f11df898bc3fee05bed01599a2&ref=&url=https%3A%2F%2Fauth.bitbay.net%2Fref%2FmafhGi HTTP 301
https://auth.bitbay.net/ref/mafhGi Page URL
https://bitbay.net/ HTTP 301
https://zondaglobal.com/en HTTP 301
https://zondaglobal.com/en/home Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://t2712.am-track.pl/track.php?track=b035a6f11df898bc3fee05bed01599a2&ref=&url=https%3A%2F%2Fauth.bitbay.net%2Fref%2FmafhGi HTTP 301
https://auth.bitbay.net/ref/mafhGi

Request Chain 16

https://h.online-metrix.net/0lIIoNRn9oM9lqhN?e13eb0398b8edfae=4R9mPxMSsbIaBXvT60AZpssR9xYotc-9wP0AJbM-d2_8h03VATZE-Vuq99cj41_oXKRrMpcxI_VCvv5cD1hvi5727wHbS38Wci2J9bhIB6ld4WN4OcMaBJoDPKAH9YIEtGH4EbYPpqSM7CXDDhEhBSaBrrjboNqNObbEZoB8EJ2shEY HTTP 302
https://h.online-metrix.net/0lIIoNRn9oM9lqhN?76da74fc491145a7=4R9mPxMSsbIaBXvT60AZpssR9xYotc-9wP0AJbM-d2_8h03VATZE-Vuq99cj41_oXKRrMpcxI_VCvv5cD1hvi5727wHbS38Wci2J9bhIB6ld4WN4OcMaBJoDPKAH9YIEtGH4ESpBQYzDTE294MZmcM2HZuQ&k=2

Request Chain 106

https://11067916.fls.doubleclick.net/activityi;src=11067916;type=bite00;cat=lp_zo0;ord=7094546056878;gtm=2wgc10;auiddc=1286076809.1640670943;ps=1;~oref=https%3A%2F%2Fzondaglobal.com%2Fen%2Fhome HTTP 302
https://11067916.fls.doubleclick.net/activityi;dc_pre=CICC-sXnhfUCFUsO0wods9IKHA;src=11067916;type=bite00;cat=lp_zo0;ord=7094546056878;gtm=2wgc10;auiddc=1286076809.1640670943;ps=1;~oref=https%3A%2F%2Fzondaglobal.com%2Fen%2Fhome

Request Chain 107

https://track.adform.net/serving/scripts/trackpoint/async/ HTTP 301
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Request Chain 143

https://track.adform.net/Serving/TrackPoint/?pm=2454768&ADFPageName=Landing%20Page%20Zonda&ADFdivider=%7C&ord=815762198927&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fauth.bitbay.net%2F&ADFtpmode=2&loc=https%3A%2F%2Fzondaglobal.com%2Fen%2Fhome HTTP 302
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2454768&ADFPageName=Landing%20Page%20Zonda&ADFdivider=%7C&ord=815762198927&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fauth.bitbay.net%2F&ADFtpmode=2&loc=https%3A%2F%2Fzondaglobal.com%2Fen%2Fhome

Request Chain 147

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=527415736575725998&Expiration=1641880543 HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=527415736575725998&Expiration=1641880543

Request Chain 150

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=527415736575725998&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__ HTTP 302
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=527415736575725998&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=d6ecd754300d408eb102f45136b15b3f HTTP 307
https://c1.adform.net/serving/cookie/match?party=9&uid=7e1010a15b64bc558b77f1894300ce0484d5017ed51c7b44ff2bcea66e1e2ba2

Request Chain 152

https://pixel.advertising.com/ups/55944/sync?uid=527415736575725998&_origin=1 HTTP 302
https://pixel.advertising.com/ups/55944/sync?uid=527415736575725998&_origin=1&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55944/sync?uid=527415736575725998&_origin=1&apid=UPcb4062d1-67a2-11ec-81d7-06453e459354 HTTP 302
https://ups.analytics.yahoo.com/ups/55944/sync?uid=527415736575725998&_origin=1&apid=UPcb4062d1-67a2-11ec-81d7-06453e459354&verify=true

Request Chain 154

https://x.bidswitch.net/sync?dsp_id=70&user_id=527415736575725998 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=527415736575725998 HTTP 302
https://mp.4dex.io/setuid?bidder=bidswitch&uid=62957df1-7df5-4942-82cb-8a3044671c5a&gdpr=&gdpr_consent=&us_privacy=

Request Chain 155

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=527415736575725998&expiration=1641880543 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=527415736575725998&expiration=1641880543&C=1

Request Chain 156

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=527415736575725998&sInitiator=external HTTP 302
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=527415736575725998&sInitiator=external HTTP 302
https://pixel.mathtag.com/sync/img?mt_exid=10041&gdpr=&gdpr_consent=&redir=https%3A%2F%2Fuipglob.semasio.net%2Fmediamath%2F1%2Finfo%3FsType%3Dsync%26sExtCookieId%3D[MM_UUID]%26sInitiator%3Dinternal HTTP 302
https://uipglob.semasio.net/mediamath/1/info?sType=sync&sExtCookieId=5f0561ca-a6df-4400-b6cd-c3ac67183131&sInitiator=internal&gdpr=&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent= HTTP 302
https://uipglob.semasio.net/tradedesk/1/info?sType=sync&gdpr=1&gdpr_consent=&sInitiator=internal&sExtCookieId=7a61c5b7-b5db-4aaa-8980-d8653c8d3f50 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=RDhEMjBBMEM2RjNFMDI5RQ&gdpr=1&gdpr_consent= HTTP 302
https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEBuoHLbGkFYmpVX-2VPGk6g&sInitiator=internal&google_cver=1&gdpr=1&gdpr_consent=&google_cver=1

Request Chain 158

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=527415736575725998 HTTP 302
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=527415736575725998&xl8blockcheck=1 HTTP 302
https://load77.exelator.com/pixel.gif

Request Chain 160

https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=527415736575725998 HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=527415736575725998

Request Chain 163

https://api.adrtx.net/thirdparty/click?p=adfo HTTP 302
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

Request Chain 165

https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=527415736575725998 HTTP 302
https://tags.adsafety.net/v1/cm?cm_uid=CM12021122805937f64825319e8d3aef&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Dcommon%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D HTTP 302
https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=common&idt=100&did=7d01cd39ad40bc95b469c524b7dbf962 HTTP 302
https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM12021122805937f64825319e8d3aef&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent= HTTP 302
https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=7d01cd39ad40bc95b469c524b7dbf962&idt_did_status=added&gdpr_consent=&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyMTEyMjgwNTkzN2Y2NDgyNTMxOWU4ZDNhZWY HTTP 302
https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESEBVIMRJO9y_fcywFn1XAdmk&google_cver=1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=28&cid=CM12021122805937f64825319e8d3aef HTTP 302
https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=527415736575725998

Request Chain 167

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=NTI3NDE1NzM2NTc1NzI1OTk4 HTTP 302
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOZ-tEIaAjaZm_fXIcrtG94&google_cver=1&google_ula=1641347,0

Request Chain 169

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=3&id=3175450700954040848&redirect=1 HTTP 302
https://secure.adnxs.com/setuid?entity=91&code=527415736575725998

Request Chain 172

https://a.audrte.com/a?adform_uid=527415736575725998 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent=&google_gid=CAESEDe42BkfKHn6NnTRlurbJz0&google_cver=1 HTTP 302
https://ps.eyeota.net/match?bid=kh51m51&uid=4hdMPDO8yheTeigNAjuh1PGPw&gdpr=0&gdpr_consent=

Request Chain 173

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=527415736575725998&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=527415736575725998&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1 HTTP 302
https://c1.adform.net/serving/cookie/match?party=1007&cid=39998085032659055671417648284766197305&noredirect=1

Request Chain 174

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=527415736575725998 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=165001004014000048515

Request Chain 175

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7046628043692963993

Request Chain 177

https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D HTTP 302
https://c1.adform.net/serving/cookie/match?party=1066&cid=5f0561ca-a6df-4400-b6cd-c3ac67183131

Request Chain 178

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_ HTTP 302
https://c1.adform.net/serving/cookie/match?party=1084&cid=lY1pZAuL1N25sz5

Request Chain 179

https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=71ei9rr&ttd_tpi=1 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=7a61c5b7-b5db-4aaa-8980-d8653c8d3f50

Request Chain 182

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D HTTP 302
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=1950477057 HTTP 302
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=YkTSw8m/F3OGV3PLusOPcu

Request Chain 184

https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=527415736575725998 HTTP 302
https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=527415736575725998&cs=1

Request Chain 186

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=527415736575725998&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=527415736575725998&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://c1.adform.net/serving/cookie/match?party=2007&cid=eb8d7c85-014e-4825-897e-4c1979e72814

Request Chain 188

https://eb2.3lift.com/xuid?mid=7354&xuid=527415736575725998&dongle=AD20 HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=527415736575725998&dongle=AD20&gdpr=1&cmp_cs=&us_privacy=

206 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK /
metflix.pl/ 399 B
743 B 123ms
34ms Document
text/html 185.253.212.22
GREENER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://metflix.pl/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.253.212.22 , Poland, ASN48707 (GREENER-AS, PL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx
Date: Tue, 28 Dec 2021 05:55:40 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close

GET
H2

200

mafhGi Show response
auth.bitbay.net/ref/
Redirect Chain

https://t2712.am-track.pl/track.php?track=b035a6f11df898bc3fee05bed01599a2&ref=&url=https%3A%2F%2Fauth.bitbay.net%2Fref%2FmafhGi
https://auth.bitbay.net/ref/mafhGi

9 KB
4 KB

168ms
140ms

Document
text/html

104.18.4.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.bitbay.net/ref/mafhGi

Requested by

Host: metflix.pl
URL: https://metflix.pl/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.4.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e78771e37f99dcef4e0061170c541a77be6f9553abb55d9e02e50375c6cff7d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .bitbay.net bitbay.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' thmep.bitbay.net h.online-metrix.net .google.com google.com gstatic.com .gstatic.com www.google-analytics.com ssl.google-analytics.com; style-src 'self' 'unsafe-inline' gstatic.com https://thmep.bitbay.net; font-src 'self' gstatic.com; connect-src .bitbay.net www.google-analytics.com stats.g.doubleclick.net https://thmep.bitbay.net wss://127.0.0.1:; frame-src 'self' thmep.bitbay.net h.online-metrix.net google.com .google.com; object-src 'self' https://thmep.bitbay.net .online-metrix.net .bitbay.net; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://metflix.pl/

Response headers

date: Tue, 28 Dec 2021 05:55:40 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding Accept-Encoding
last-modified: Mon, 08 Nov 2021 04:06:09 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' *.bitbay.net bitbay.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' thmep.bitbay.net h.online-metrix.net *.google.com google.com gstatic.com *.gstatic.com www.google-analytics.com ssl.google-analytics.com; style-src 'self' 'unsafe-inline' gstatic.com https://thmep.bitbay.net; font-src 'self' gstatic.com; connect-src *.bitbay.net www.google-analytics.com stats.g.doubleclick.net https://thmep.bitbay.net wss://127.0.0.1:*; frame-src 'self' thmep.bitbay.net h.online-metrix.net google.com *.google.com; object-src 'self' https://thmep.bitbay.net *.online-metrix.net *.bitbay.net; worker-src 'self' blob:
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6c488a821f174a74-FRA
content-encoding: br

Redirect headers

expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
location: https://auth.bitbay.net/ref/mafhGi
content-type: text/html; charset=UTF-8
content-length: 0
date: Tue, 28 Dec 2021 05:55:40 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed

GET
H2 200 enterprise.js Show response
www.google.com/recaptcha/ 940 B
1000 B 40ms
16ms Script
text/javascript 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/enterprise.js

Requested by

Host: auth.bitbay.net
URL: https://auth.bitbay.net/ref/mafhGi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3d12aea2aadb062872367688861deec642a3d95ef5a6ed614a564bb2dc3348c7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.bitbay.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 587
x-xss-protection: 1; mode=block
expires: Tue, 28 Dec 2021 05:55:40 GMT

GET
H2 200 require.js Show response
auth.bitbay.net/js/libs/ 25 KB
8 KB 154ms
154ms Script
application/javascript 104.18.4.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.bitbay.net/js/libs/require.js

Requested by

Host: auth.bitbay.net
URL: https://auth.bitbay.net/ref/mafhGi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.4.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

784333ceb0d567efddfed77938f34477d51f01a4514bf917d0860f1303904af3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .bitbay.net bitbay.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' thmep.bitbay.net h.online-metrix.net .google.com google.com gstatic.com .gstatic.com www.google-analytics.com ssl.google-analytics.com; style-src 'self' 'unsafe-inline' gstatic.com https://thmep.bitbay.net; font-src 'self' gstatic.com; connect-src .bitbay.net www.google-analytics.com stats.g.doubleclick.net https://thmep.bitbay.net wss://127.0.0.1:; frame-src 'self' thmep.bitbay.net h.online-metrix.net google.com .google.com; object-src 'self' https://thmep.bitbay.net .online-metrix.net .bitbay.net; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.bitbay.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=84865
vary: Accept-Encoding, Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Mon, 31 Jul 2017 16:37:39 GMT
server: cloudflare
etag: W/"597f5cd3-14b81"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
expires: Wed, 29 Dec 2021 01:55:40 GMT
cache-control: public, max-age=72000
content-security-policy: frame-ancestors 'self' *.bitbay.net bitbay.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' thmep.bitbay.net h.online-metrix.net *.google.com google.com gstatic.com *.gstatic.com www.google-analytics.com ssl.google-analytics.com; style-src 'self' 'unsafe-inline' gstatic.com https://thmep.bitbay.net; font-src 'self' gstatic.com; connect-src *.bitbay.net www.google-analytics.com stats.g.doubleclick.net https://thmep.bitbay.net wss://127.0.0.1:*; frame-src 'self' thmep.bitbay.net h.online-metrix.net google.com *.google.com; object-src 'self' https://thmep.bitbay.net *.online-metrix.net *.bitbay.net; worker-src 'self' blob:
cf-ray: 6c488a8318254a74-FRA
cf-bgj: minify

GET
H2 200 zkouxkbg.js Show response
auth.bitbay.net/js/libs/ 3 KB
1 KB 156ms
156ms Script
application/javascript 104.18.4.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.bitbay.net/js/libs/zkouxkbg.js

Requested by

Host: auth.bitbay.net
URL: https://auth.bitbay.net/ref/mafhGi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.4.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e2d88733ca6bfa244902adc890a363abc4d1c6a516956958a7a3ee5b138aab3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .bitbay.net bitbay.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' thmep.bitbay.net h.online-metrix.net .google.com google.com gstatic.com .gstatic.com www.google-analytics.com ssl.google-analytics.com; style-src 'self' 'unsafe-inline' gstatic.com https://thmep.bitbay.net; font-src 'self' gstatic.com; connect-src .bitbay.net www.google-analytics.com stats.g.doubleclick.net https://thmep.bitbay.net wss://127.0.0.1:; frame-src 'self' thmep.bitbay.net h.online-metrix.net google.com .google.com; object-src 'self' https://thmep.bitbay.net .online-metrix.net .bitbay.net; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.bitbay.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
vary: Accept-Encoding, Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 26 Nov 2020 10:05:43 GMT
server: cloudflare
etag: W/"5fbf7df7-ad1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
expires: Wed, 29 Dec 2021 01:55:40 GMT
cache-control: public, max-age=72000
content-security-policy: frame-ancestors 'self' *.bitbay.net bitbay.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' thmep.bitbay.net h.online-metrix.net *.google.com google.com gstatic.com *.gstatic.com www.google-analytics.com ssl.google-analytics.com; style-src 'self' 'unsafe-inline' gstatic.com https://thmep.bitbay.net; font-src 'self' gstatic.com; connect-src *.bitbay.net www.google-analytics.com stats.g.doubleclick.net https://thmep.bitbay.net wss://127.0.0.1:*; frame-src 'self' thmep.bitbay.net h.online-metrix.net google.com *.google.com; object-src 'self' https://thmep.bitbay.net *.online-metrix.net *.bitbay.net; worker-src 'self' blob:
cf-ray: 6c488a8318284a74-FRA
cf-bgj: minify

GET
H2 200 big-logo.svg
auth.bitbay.net/img/ 6 KB
3 KB 143ms
142ms Image
image/svg+xml 104.18.4.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://auth.bitbay.net/img/big-logo.svg

Requested by

Host: auth.bitbay.net
URL: https://auth.bitbay.net/ref/mafhGi

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.4.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3520a0803d966b560a6f1b7ec4e37099dc67358c81543f4ef041770de497dca8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .bitbay.net bitbay.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' thmep.bitbay.net h.online-metrix.net .google.com google.com gstatic.com .gstatic.com www.google-analytics.com ssl.google-analytics.com; style-src 'self' 'unsafe-inline' gstatic.com https://thmep.bitbay.net; font-src 'self' gstatic.com; connect-src .bitbay.net www.google-analytics.com stats.g.doubleclick.net https://thmep.bitbay.net wss://127.0.0.1:; frame-src 'self' thmep.bitbay.net h.online-metrix.net google.com .google.com; object-src 'self' https://thmep.bitbay.net .online-metrix.net .bitbay.net; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.bitbay.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
last-modified: Mon, 15 Apr 2019 19:00:49 GMT
server: cloudflare
etag: W/"5cb4d4e1-1940"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=72000
content-security-policy: frame-ancestors 'self' *.bitbay.net bitbay.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' thmep.bitbay.net h.online-metrix.net *.google.com google.com gstatic.com *.gstatic.com www.google-analytics.com ssl.google-analytics.com; style-src 'self' 'unsafe-inline' gstatic.com https://thmep.bitbay.net; font-src 'self' gstatic.com; connect-src *.bitbay.net www.google-analytics.com stats.g.doubleclick.net https://thmep.bitbay.net wss://127.0.0.1:*; frame-src 'self' thmep.bitbay.net h.online-metrix.net google.com *.google.com; object-src 'self' https://thmep.bitbay.net *.online-metrix.net *.bitbay.net; worker-src 'self' blob:
cf-ray: 6c488a8419354a74-FRA
expires: Wed, 29 Dec 2021 01:55:40 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/ 348 KB
137 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

295409307a58f3d19608932eac3c022cff1cacc8671dd26b5614a28f7e25e0b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://auth.bitbay.net/
Origin: https://auth.bitbay.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:40:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 906
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139097
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 05:04:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 28 Dec 2022 05:40:34 GMT

GET
H/1.1 200
OK uhyxkvwbjrw68s0f.js Show response
thmep.bitbay.net/ 80 KB
11 KB 65ms
16ms Script
text/javascript 91.235.133.182
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://thmep.bitbay.net/uhyxkvwbjrw68s0f.js?v2jjrm0e4l5w2ker=8wmmckk2&mns7vwfg8nmk875n=2bdd0470-ebf7-4922-b433-9bbea6011487

Requested by

Host: auth.bitbay.net
URL: https://auth.bitbay.net/js/libs/zkouxkbg.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.182 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

a2b0223558ad5f0df8e19c7ec88efceb3204d4e9d1b5dc978405ffd842c69c10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.bitbay.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Dec 2021 05:55:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
P3P: CP=IVAa PSAa
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Connection: Keep-Alive, Keep-Alive
Content-Type: text/javascript;charset=UTF-8
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=2, max=100
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 build.min.js Show response
auth.bitbay.net/ 2 MB
437 KB 154ms
154ms Script
application/javascript 104.18.4.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.bitbay.net/build.min.js?v=2.00.89

Requested by

Host: auth.bitbay.net
URL: https://auth.bitbay.net/js/libs/require.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.4.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b72c61c281561433b7272f7ee86b617fd92dc9aa6206ca95e54cc0d60cb07115

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .bitbay.net bitbay.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' thmep.bitbay.net h.online-metrix.net .google.com google.com gstatic.com .gstatic.com www.google-analytics.com ssl.google-analytics.com; style-src 'self' 'unsafe-inline' gstatic.com https://thmep.bitbay.net; font-src 'self' gstatic.com; connect-src .bitbay.net www.google-analytics.com stats.g.doubleclick.net https://thmep.bitbay.net wss://127.0.0.1:; frame-src 'self' thmep.bitbay.net h.online-metrix.net google.com .google.com; object-src 'self' https://thmep.bitbay.net .online-metrix.net .bitbay.net; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.bitbay.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:40 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
last-modified: Mon, 08 Nov 2021 04:05:05 GMT
server: cloudflare
etag: W/"6188a1f1-1a5758"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=72000
content-security-policy: frame-ancestors 'self' *.bitbay.net bitbay.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' thmep.bitbay.net h.online-metrix.net *.google.com google.com gstatic.com *.gstatic.com www.google-analytics.com ssl.google-analytics.com; style-src 'self' 'unsafe-inline' gstatic.com https://thmep.bitbay.net; font-src 'self' gstatic.com; connect-src *.bitbay.net www.google-analytics.com stats.g.doubleclick.net https://thmep.bitbay.net wss://127.0.0.1:*; frame-src 'self' thmep.bitbay.net h.online-metrix.net google.com *.google.com; object-src 'self' https://thmep.bitbay.net *.online-metrix.net *.bitbay.net; worker-src 'self' blob:
cf-ray: 6c488a84294e4a74-FRA
expires: Wed, 29 Dec 2021 01:55:40 GMT

GET
H/1.1 200
OK m8yLQT_7bbzQ8Cfy Show response
thmep.bitbay.net/ Frame 5098 277 KB
49 KB 22ms
21ms Script
text/javascript 91.235.133.182
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://thmep.bitbay.net/m8yLQT_7bbzQ8Cfy?ecacb0200160fca3=sDGusfdy_Y-L1oZHCuNlkbOn7xGAb8IvrXs8mZyoroXPSgajjlqjKVOt5p9Wn2aRKK5y9nafBPLvI68M2F54NbK-17OTAokayqoezu7tL4ZywPKbyWtxOJnwaGsxygu3IVX0DgvPT02arsPGwpHydPlOBscG-PpCqVs0V5-CcKQojFVnrtA3AUmc-x8yT18MABzgPTfGf6AXAf4l&jb=363b26266a736d75354c6b6c77702662716d354e696c77702e687162753f4368726f6567246873623d436a72676d67273038393e

Requested by

Host: thmep.bitbay.net
URL: https://thmep.bitbay.net/uhyxkvwbjrw68s0f.js?v2jjrm0e4l5w2ker=8wmmckk2&mns7vwfg8nmk875n=2bdd0470-ebf7-4922-b433-9bbea6011487

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.182 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

961fc31710917b6a329651fb58a234d17b9a4b86152102149fa56aca86f30449

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.bitbay.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Dec 2021 05:55:41 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
tmx-nonce: 2798482e94dd5fb5
Connection: Keep-Alive, Keep-Alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=2, max=99
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK KwuCZsw1T3qLwIVO
thmep.bitbay.net/ Frame 5098 81 B
475 B 40ms
13ms Image
image/png 91.235.133.182
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thmep.bitbay.net/KwuCZsw1T3qLwIVO?0a58069d75d9df2a=0nAH5_oAPUauGYzVNK43V3pGu55CTCPTVMYj0AbFrGsgTW9JT0uu-XQf4uoIXJbeni-PpmzWk8dyj-r3DTFoq3gfk31-pA2R8NtJtvtwrWGFs9rbFHPqWaTgGv8RG7tHanPZwSlhPt-6UhKVE3pkh-Ir0RyoZ4RqMteM9HQ

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.182 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.bitbay.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Dec 2021 05:55:41 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK -n5HKiJbL2HuYFTl
thmep.bitbay.net/ Frame 5098 81 B
475 B 40ms
13ms Image
image/png 91.235.133.182
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thmep.bitbay.net/-n5HKiJbL2HuYFTl?31b5065dc417ac4b=ZyB_8c0wswKkeYZ6V0BtrOmI5Uy6ebOqL8VKSBJQHEsI7EGkontgs8lN4t9S-ebx89uZcmXfoSZzl7e6FAfTrzL3VVfmmxKUfyHZEVEcomQsPmAwsyOaHoSW2LLjpqPslWHcbdProjxB0-3jBEWikKrVdidryX_X6kJrTPI

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.182 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.bitbay.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Dec 2021 05:55:41 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 desktop.min.css
auth.bitbay.net/ 399 KB
60 KB 145ms
144ms Stylesheet
text/css 104.18.4.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.bitbay.net/desktop.min.css?ver=2.00.89

Requested by

Host: auth.bitbay.net
URL: https://auth.bitbay.net/build.min.js?v=2.00.89

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.4.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

728d737fcaf96bd201e94c140bbd717f449376aa267e6ce7ec4aa0f472c318cf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .bitbay.net bitbay.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' thmep.bitbay.net h.online-metrix.net .google.com google.com gstatic.com .gstatic.com www.google-analytics.com ssl.google-analytics.com; style-src 'self' 'unsafe-inline' gstatic.com https://thmep.bitbay.net; font-src 'self' gstatic.com; connect-src .bitbay.net www.google-analytics.com stats.g.doubleclick.net https://thmep.bitbay.net wss://127.0.0.1:; frame-src 'self' thmep.bitbay.net h.online-metrix.net google.com .google.com; object-src 'self' https://thmep.bitbay.net .online-metrix.net .bitbay.net; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.bitbay.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
last-modified: Mon, 08 Nov 2021 04:04:56 GMT
server: cloudflare
etag: W/"6188a1e8-63c7c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
cache-control: public, max-age=72000
content-security-policy: frame-ancestors 'self' *.bitbay.net bitbay.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' thmep.bitbay.net h.online-metrix.net *.google.com google.com gstatic.com *.gstatic.com www.google-analytics.com ssl.google-analytics.com; style-src 'self' 'unsafe-inline' gstatic.com https://thmep.bitbay.net; font-src 'self' gstatic.com; connect-src *.bitbay.net www.google-analytics.com stats.g.doubleclick.net https://thmep.bitbay.net wss://127.0.0.1:*; frame-src 'self' thmep.bitbay.net h.online-metrix.net google.com *.google.com; object-src 'self' https://thmep.bitbay.net *.online-metrix.net *.bitbay.net; worker-src 'self' blob:
cf-ray: 6c488a85fb5d4a74-FRA
expires: Wed, 29 Dec 2021 01:55:41 GMT

GET
H2 200 en-US.json Show response
auth.bitbay.net/js/app/languages/ 58 KB
15 KB 142ms
142ms XHR
application/json 104.18.4.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.bitbay.net/js/app/languages/en-US.json?v=2.00.89

Requested by

Host: auth.bitbay.net
URL: https://auth.bitbay.net/build.min.js?v=2.00.89

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.4.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d1c473711acee95b8209215583cc8bde5523a848da32f67fd4fab94aa882412

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .bitbay.net bitbay.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' thmep.bitbay.net h.online-metrix.net .google.com google.com gstatic.com .gstatic.com www.google-analytics.com ssl.google-analytics.com; style-src 'self' 'unsafe-inline' gstatic.com https://thmep.bitbay.net; font-src 'self' gstatic.com; connect-src .bitbay.net www.google-analytics.com stats.g.doubleclick.net https://thmep.bitbay.net wss://127.0.0.1:; frame-src 'self' thmep.bitbay.net h.online-metrix.net google.com .google.com; object-src 'self' https://thmep.bitbay.net .online-metrix.net .bitbay.net; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://auth.bitbay.net/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Mon, 08 Nov 2021 04:04:12 GMT
server: cloudflare
etag: W/"6188a1bc-e755"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/json
content-security-policy: frame-ancestors 'self' *.bitbay.net bitbay.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' thmep.bitbay.net h.online-metrix.net *.google.com google.com gstatic.com *.gstatic.com www.google-analytics.com ssl.google-analytics.com; style-src 'self' 'unsafe-inline' gstatic.com https://thmep.bitbay.net; font-src 'self' gstatic.com; connect-src *.bitbay.net www.google-analytics.com stats.g.doubleclick.net https://thmep.bitbay.net wss://127.0.0.1:*; frame-src 'self' thmep.bitbay.net h.online-metrix.net google.com *.google.com; object-src 'self' https://thmep.bitbay.net *.online-metrix.net *.bitbay.net; worker-src 'self' blob:
cf-ray: 6c488a860b754a74-FRA
vary: Accept-Encoding, Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2 200 index.html Show response
auth.bitbay.net/auth/new/next/ Frame F1A5 869 B
693 B 54ms
54ms Document
text/html 104.18.4.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.bitbay.net/auth/new/next/index.html

Requested by

Host: auth.bitbay.net
URL: https://auth.bitbay.net/build.min.js?v=2.00.89

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.4.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac05cf2f322135dae495d23ddb16595e627ec9f3d0caec391b1c2b30e44a5aae

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .bitbay.net bitbay.net; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'none'; connect-src .bitbay.net wss://*.bitbay.net; frame-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://auth.bitbay.net/

Response headers

date: Tue, 28 Dec 2021 05:55:41 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding Accept-Encoding
last-modified: Mon, 05 Apr 2021 12:42:37 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-security-policy: frame-ancestors 'self' *.bitbay.net bitbay.net; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'none'; connect-src *.bitbay.net wss://*.bitbay.net; frame-src 'self'
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6c488a860b804a74-FRA
content-encoding: br

GET
H/1.1 200
OK clear.png Show response
thmep.bitbay.net/fp/ Frame 5098 81 B
531 B 41ms
13ms XHR
image/png 91.235.133.182
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://thmep.bitbay.net/fp/clear.png

Requested by

Host: thmep.bitbay.net
URL: https://thmep.bitbay.net/m8yLQT_7bbzQ8Cfy?ecacb0200160fca3=sDGusfdy_Y-L1oZHCuNlkbOn7xGAb8IvrXs8mZyoroXPSgajjlqjKVOt5p9Wn2aRKK5y9nafBPLvI68M2F54NbK-17OTAokayqoezu7tL4ZywPKbyWtxOJnwaGsxygu3IVX0DgvPT02arsPGwpHydPlOBscG-PpCqVs0V5-CcKQojFVnrtA3AUmc-x8yT18MABzgPTfGf6AXAf4l&jb=363b26266a736d75354c6b6c77702662716d354e696c77702e687162753f4368726f6567246873623d436a72676d67273038393e

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.182 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*, 8wmmckk2/2798482e94dd5fb52bdd0470-ebf7-4922-b433-9bbea6011487
Referer: https://auth.bitbay.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 28 Dec 2021 05:55:41 GMT
Last-Modified: Tue, 28 Dec 2021 05:55:41 GMT
Server: Apache
Etag: 8d76c2701b26467ab78343b767b1958a
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Access-Control-Allow-Origin: https://auth.bitbay.net
Cache-Control: private, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
Expires: Sun, 27 Dec 2026 05:55:41 GMT

GET
H/1.1

204
No Content

0lIIoNRn9oM9lqhN Show response
h.online-metrix.net/ Frame 5098
Redirect Chain

https://h.online-metrix.net/0lIIoNRn9oM9lqhN?e13eb0398b8edfae=4R9mPxMSsbIaBXvT60AZpssR9xYotc-9wP0AJbM-d2_8h03VATZE-Vuq99cj41_oXKRrMpcxI_VCvv5cD1hvi5727wHbS38Wci2J9bhIB6ld4WN4OcMaBJoDPKAH9YIEtGH4EbY...
https://h.online-metrix.net/0lIIoNRn9oM9lqhN?76da74fc491145a7=4R9mPxMSsbIaBXvT60AZpssR9xYotc-9wP0AJbM-d2_8h03VATZE-Vuq99cj41_oXKRrMpcxI_VCvv5cD1hvi5727wHbS38Wci2J9bhIB6ld4WN4OcMaBJoDPKAH9YIEtGH4ESp...

0
387 B

13ms
13ms

Script
text/javascript

91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/0lIIoNRn9oM9lqhN?76da74fc491145a7=4R9mPxMSsbIaBXvT60AZpssR9xYotc-9wP0AJbM-d2_8h03VATZE-Vuq99cj41_oXKRrMpcxI_VCvv5cD1hvi5727wHbS38Wci2J9bhIB6ld4WN4OcMaBJoDPKAH9YIEtGH4ESpBQYzDTE294MZmcM2HZuQ&k=2

Protocol

HTTP/1.1

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.bitbay.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Dec 2021 05:55:41 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Tue, 28 Dec 2021 05:55:41 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
P3P: CP=IVAa PSAa
Location: https://h.online-metrix.net/0lIIoNRn9oM9lqhN?76da74fc491145a7=4R9mPxMSsbIaBXvT60AZpssR9xYotc-9wP0AJbM-d2_8h03VATZE-Vuq99cj41_oXKRrMpcxI_VCvv5cD1hvi5727wHbS38Wci2J9bhIB6ld4WN4OcMaBJoDPKAH9YIEtGH4ESpBQYzDTE294MZmcM2HZuQ&k=2
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
Keep-Alive: timeout=2, max=100
Content-Length: 409

GET
H/1.1 200
OK wnsce-sA7g9Nz-nb Show response
thmep.bitbay.net/ Frame D51A 82 KB
13 KB 16ms
16ms Document
text/html 91.235.133.182
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://thmep.bitbay.net/wnsce-sA7g9Nz-nb?f095bf4d27fccf17=agHfVNt1rE0BfwhIYIbxocjnfYeua5yT3c3zK-fxl820Cr5iQymddcZM9qdzLlhfrsv5uLnulOtrbTltGXgTegXUCd70s3sQhzCcJ2gIg83dDeKY77NggvsrC60B8s2Xez9fDK8dEUndpb1Uv3Na4G_nT0jTLyqAMDoCA7X9-xcRlxQaM4K060rqcjjZAFFUo7Gbbff7VqLZZA6Xy9Y

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.182 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

a2009a2f867f1e6ef52e8a681c8d833f56a4ad95cd4c2bd833e3826585071dd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://auth.bitbay.net/

Response headers

Date: Tue, 28 Dec 2021 05:55:41 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=99
Transfer-Encoding: chunked

GET
H/1.1 204
No Content MBZZGNSLYAkprZeN Show response
thmep.bitbay.net/ Frame 5098 0
387 B 13ms
13ms Script
text/javascript 91.235.133.182
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.182 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.bitbay.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Dec 2021 05:55:41 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK -kXX3iMtvgHn-EE9 Show response
h.online-metrix.net/ Frame FEBB 95 KB
15 KB 42ms
16ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/-kXX3iMtvgHn-EE9?7081e3f3d1859696=7w93cAwtlmXBDbqRyF8041I3ljXarwvovSbZJYbHjxqLL6rEd3VZpf7j7tQyQipWRrcm-k_EVUSs2gUy3rY1oAqw1TkasFKs3hJkMtpTwYcD5zNJFNvS-l4SG4BQiOgzGcWok4Zpt_kcETTFm197Wm_qTFYQGCjbPE2-0FtOEWmGXGD19csluYF_g27Oj4Mr5VJqa22y54N10eiJUqqu

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

888702d0df85a5e99aea0de4359f0591e927238e28397b354314381aa8391e6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://auth.bitbay.net/

Response headers

Date: Tue, 28 Dec 2021 05:55:41 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=100
Transfer-Encoding: chunked

GET
H/1.1 204
No Content MBZZGNSLYAkprZeN Show response
thmep.bitbay.net/ Frame 5098 0
387 B 14ms
13ms Script
text/javascript 91.235.133.182
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.182 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.bitbay.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Dec 2021 05:55:41 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET page_embed_script.js
ghbmnnjooekpmoecnnnilnnbdlolhkhi/ Frame 5098 0
0

GET
H/1.1 200
OK H-ldRmaFhw7lW9HD Show response
thmep.bitbay.net/ Frame 5292 82 KB
12 KB 16ms
16ms Document
text/html 91.235.133.182
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://thmep.bitbay.net/H-ldRmaFhw7lW9HD?84cdeee47170d0c4=Qnxhvzesf0-JKpjjagMWz5L61lOI9DXFUnH6IACuh0EsUC3G0NCPSIK0LqJp2u7_XqaiVpAmUpjaRpch1OlygCyydYxRPU-j4zg8ouqDHnu1U2ej4D7l_JJk6G1L5W1HGGU7CQ5ZA89hUb7N_4FsOE5xpXaqjh6TXYGAFXb6f0u4DPnjYugYPbA2IKgYBRMaaU6W-w8koqmFQZD06Ghs

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.182 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

b47274951b94a18ad44ee13538a0836d8271e9f0b394e00e617f69e8e79328cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://auth.bitbay.net/

Response headers

Date: Tue, 28 Dec 2021 05:55:41 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Connection: Keep-Alive, Keep-Alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Type: text/html;charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=2, max=98
Transfer-Encoding: chunked

GET
H/1.1 204
204 MBZZGNSLYAkprZeN Show response
thmep.bitbay.net/ Frame 5098 0
218 B 15ms
15ms Script
text/javascript 91.235.133.182
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://thmep.bitbay.net/MBZZGNSLYAkprZeN?ec5e81b1cd7b8a52=8USoFRbf11ZDxPZ62OZrwIJ6aHIDFLL6FvFquTm11wmURWqowg00V1Bh2nTKMv8D0x8nDednhxHkLKXqZez0cs_TjFBKjHrnbUbrtoz8oWaCWbW_UZBc4MhIE2geMfFnfhJ8hJhamvlUoHKVYC0t8TDlae8&ja=333b39352626613d3826783f322e66353334383278333038382463663d333630307839303232267378793f3070302466727a3d392e333e32302e333a38322e313632302c313238322e333630302c333238302e3334383024333038322c322e382e6f763d613a383261626b6661353764646666663165633a3639313c35323e60396335692e6f6c3d34247363643d3a36246e683d687476707b253143273a462d30446977746a2c6a61766061792c6e6574253a447067662532466f616e68456b246c72356a767c72732731492d30442532446175746826606b766261792e6c657c25304424786c353124786a3d353a6e3a3a63613660636662653933316037333837636538643160666a326c3624606a3d66603a313366303930386665623c643b353862353966316e36643a676b38693b2462716f3f4e6166777a266a71623d43687a6d6f6725323039342662736d773f446966777a2e68736077354b6a706f6d67266e68633536246c646d3d38247472643f47766b253a445766696e6d75662e6f637468703d3430303b6633613262656332326d366161373e30383a3069663137373c383364643437383831343966346761613234666331346364606c373a31333b333934632e783f726c7565696e5f666463716a5e66616c716529706e7765616e57756b66666f75715765676669615d706c61796d705c64616c736523706475656b6c57616c6d606d5d616170676a63765e66636c736521786e7765696e5f7177696b6b766b6f6d5e6e636e7b6721726e7d6f6b6c5f736a6f636b776974675c66616c736721786c77656b665f7a676364726c637b6d7a5c64616c716521706c7d656b6c5f766c635d7064617b67705666696e716d23706e776f616c5d646574616c76725664636e736521706e756f696c5d717e6757746b6d7565705c6e696e716521726c756769665d686376615e66636c7b6524677a3b3d6a35333836623330313b3a3b643435363333636b3637343138366531326e656134606e393c33356d24676e5d6b35756762676e5765624744273032312e30253030204f72676c4f4c2d30324d512530323a26322732304168726f6d61776f2b576562474e253a30454e5144253a32475b273232332638273030284d70656e474427303245532532324744534e273038455b273038332e32273a38416a726f6f69756d295f67604969745765604b61742730325f656a454e494c474e4757616c7174616c6365645f697070637973253340253a30475a56576264676c6c5d6d6b6c65697a27334227323045585c5d616d6c6f725f60756e6667705d606164645d6e6e6f63762d3b402732304758545f66646d63765f626c656c642d33402730384550565d6e7061655d6c6d7276682531422532304d5a565d7368616467725774677a767d726d5d6e67662531402d3a324758545d746578747d70675d636f6d7070657b736b6d6c57627876612d31422730384d5a565f7467787475726d5d616d6d7072657173616f6c5d706f746b27314a27323247505c5d766578767572655f6e6b6e7665725f616c697b6f76706d78696b27314a273232554d4a494b545f4758545f746d7a767772655f666b6c7c65705d6366697b6d767a6d706b612d3b402732304758545f735a45402733422532324b40525d72637a61646e67645d736a636c6d705d636f6f70696c652d31402732304f45515f6d6c676f676674576b6c6c67785d776166762733422732304f455b5d64606f5f72656c646d725d6f6b786d6972273b40253032474d515d7374636e6461726c5d66677269766176697e657127314a253a324d4d515f7667707c7770655f646c6f61742d31402732304f45515f7c657a76777a6557646e6763745d6e61666763722531422532304747515d7465787477726d5f6a636e6e5f6e6e6d69762531402d3a324d45535d746578747d70675d68616c665d66646f63765d64696667637a273340273a384d47535f7465727465705d63707261795f6d6262656176273b422d30325f4742454e576b6d6e6f725d627566666d705d646c6f617427334a253032554d424f4e5d6b6d6d72706d7b7167645f76657874757a675d637374632531422d323255474a47445d61676f7070677b7b67665f7467787475726d5d67766325334227323857474045445f6b6d6f78706571716d6c5d766578767572655f6d7661332533422530305f4540454e5763676f727a677371676c57766778747772655f733b7661273342253232574d42494b5657574d4045445d636d6f787a67717365665f7465787c7770675f73337461253b422730325f454a454e57616f6f727a6d717165645d746578747d70675d733374635d737a676027314a253a32554d40474e5d6c6d6077675f70656e64657a67705d696e666f27334a253032554d424f4e5d6c6770766a577c677a747570652533422d30325545424b49565f5f4540454e57646d7276605d74677a7c7d7067253340253230574d40454e5f647261755f6a756464677a732d31402d303055474a4f4e5d6c6f71655f636f6676677a742533422732385747404941545755474a454c5d6e677b675d636f6c746578742d314027323057454047445f6f776e7c6957667069753134246f645d6a3d306030353163696034303830313430353d6367613069376d37366e3a37603a3c3e6634353532346526776f6e743f496e74656e253a304b6c6126267f656e7a3f496c766d64273030497069732532384d72676e474c2530304d6e656b6c6d266b61663531&jb=333733266c713f4d677a6b6e6e69253a44372632253032205f6b6c646f7573253230465627303031302e32253b422730325f696634362d31422730387034362925303041707064675567624b697427324e3531352c3b362d3032204948564f442d30412532326c696b652d30324565636b6f2b253a30416a70676d6d27304e3b362c32263c3434342e3b332532305b6364637269253244353b372c3134

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.182 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.bitbay.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 28 Dec 2021 05:55:41 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK pq5bj4WOEZL1ynVa
8wmmckk2wgzoc54bba6iwbtog6ozqnr6q7bzym7r2798482e94dd5fb5am1.e.aa.online-metrix.net/ Frame 5098 81 B
438 B 60ms
14ms Image
image/png 91.235.134.131
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://8wmmckk2wgzoc54bba6iwbtog6ozqnr6q7bzym7r2798482e94dd5fb5am1.e.aa.online-metrix.net/pq5bj4WOEZL1ynVa?e3f2ec8c205e411a=6tw29uhaDGx1rHwwfoX_mayOCRYMsh1CB9r_CHDcr10pOCqblThuUiDGwycu9UkpyhcWDz2G30WAtE0hdR-Bi-8VXShVYw-9hkUaiEsg6uLJCxOfmfu0DNr097vE-Q5mUEyYaPCJLdQph2XWBUnl5kVA2rZ0fE1mI1op

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.131 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.bitbay.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Dec 2021 05:55:41 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 big-logo.svg
auth.bitbay.net/img/ 6 KB
3 KB 21ms
21ms Image
image/svg+xml 104.18.4.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://auth.bitbay.net/img/big-logo.svg

Requested by

Host: auth.bitbay.net
URL: https://auth.bitbay.net/build.min.js?v=2.00.89

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.4.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3520a0803d966b560a6f1b7ec4e37099dc67358c81543f4ef041770de497dca8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .bitbay.net bitbay.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' thmep.bitbay.net h.online-metrix.net .google.com google.com gstatic.com .gstatic.com www.google-analytics.com ssl.google-analytics.com; style-src 'self' 'unsafe-inline' gstatic.com https://thmep.bitbay.net; font-src 'self' gstatic.com; connect-src .bitbay.net www.google-analytics.com stats.g.doubleclick.net https://thmep.bitbay.net wss://127.0.0.1:; frame-src 'self' thmep.bitbay.net h.online-metrix.net google.com .google.com; object-src 'self' https://thmep.bitbay.net .online-metrix.net .bitbay.net; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.bitbay.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
last-modified: Mon, 15 Apr 2019 19:00:49 GMT
server: cloudflare
etag: W/"5cb4d4e1-1940"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=72000
content-security-policy: frame-ancestors 'self' *.bitbay.net bitbay.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' thmep.bitbay.net h.online-metrix.net *.google.com google.com gstatic.com *.gstatic.com www.google-analytics.com ssl.google-analytics.com; style-src 'self' 'unsafe-inline' gstatic.com https://thmep.bitbay.net; font-src 'self' gstatic.com; connect-src *.bitbay.net www.google-analytics.com stats.g.doubleclick.net https://thmep.bitbay.net wss://127.0.0.1:*; frame-src 'self' thmep.bitbay.net h.online-metrix.net google.com *.google.com; object-src 'self' https://thmep.bitbay.net *.online-metrix.net *.bitbay.net; worker-src 'self' blob:
cf-ray: 6c488a87ad414a74-FRA
expires: Wed, 29 Dec 2021 01:55:41 GMT

GET
H2 200 standalone-host.min.js Show response
auth.bitbay.net/auth/new/next/ Frame F1A5 119 KB
36 KB 33ms
33ms Script
application/javascript 104.18.4.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.bitbay.net/auth/new/next/standalone-host.min.js?v=2.00.05

Requested by

Host: auth.bitbay.net
URL: https://auth.bitbay.net/auth/new/next/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.4.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1333aa4a064a364119704044aa496a0598bd965bac929c6c75494f158c093adb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .bitbay.net bitbay.net; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'none'; connect-src .bitbay.net wss://*.bitbay.net; frame-src 'self'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.bitbay.net/auth/new/next/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3669
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
last-modified: Wed, 24 Mar 2021 04:17:54 GMT
server: cloudflare
etag: W/"605abd72-1dc89"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=72000
content-security-policy: frame-ancestors 'self' *.bitbay.net bitbay.net; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; font-src 'none'; connect-src *.bitbay.net wss://*.bitbay.net; frame-src 'self'
cf-ray: 6c488a881dac4a74-FRA
expires: Wed, 29 Dec 2021 01:55:41 GMT

GET
H/1.1 204
No Content nfg8-blr0axw2Ngo Show response
thmep.bitbay.net/ Frame D51A 0
387 B 13ms
13ms Script
text/javascript 91.235.133.182
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://thmep.bitbay.net/nfg8-blr0axw2Ngo?7515a0dcf5397a75=tTUBRrPwjqbsAJUZJwsufCB-Ew08hLmttOFe8ysRbZChTtt5QiWlw4J88BhUoAaZQK5FIQRDIeSADNDMlUhh1SmD-QslZC91_rOrWhbPcN1ezu_lyaXM-ah0Z83fepZsvQQCPvhqeQm7i-HBiJtOZoore34&jf=3134266c73623f6231663a613231346d66616a3637363b303b326038663b303962316e36633632

Requested by

Host: thmep.bitbay.net
URL: https://thmep.bitbay.net/wnsce-sA7g9Nz-nb?f095bf4d27fccf17=agHfVNt1rE0BfwhIYIbxocjnfYeua5yT3c3zK-fxl820Cr5iQymddcZM9qdzLlhfrsv5uLnulOtrbTltGXgTegXUCd70s3sQhzCcJ2gIg83dDeKY77NggvsrC60B8s2Xez9fDK8dEUndpb1Uv3Na4G_nT0jTLyqAMDoCA7X9-xcRlxQaM4K060rqcjjZAFFUo7Gbbff7VqLZZA6Xy9Y

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.182 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://thmep.bitbay.net/wnsce-sA7g9Nz-nb?f095bf4d27fccf17=agHfVNt1rE0BfwhIYIbxocjnfYeua5yT3c3zK-fxl820Cr5iQymddcZM9qdzLlhfrsv5uLnulOtrbTltGXgTegXUCd70s3sQhzCcJ2gIg83dDeKY77NggvsrC60B8s2Xez9fDK8dEUndpb1Uv3Na4G_nT0jTLyqAMDoCA7X9-xcRlxQaM4K060rqcjjZAFFUo7Gbbff7VqLZZA6Xy9Y
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Dec 2021 05:55:41 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=97
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 bg.jpg
auth.bitbay.net/img/ 201 KB
202 KB 150ms
150ms Image
image/jpeg 104.18.4.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://auth.bitbay.net/img/bg.jpg

Requested by

Host: auth.bitbay.net
URL: https://auth.bitbay.net/desktop.min.css?ver=2.00.89

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.4.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

538def15898527062092f1d61fbcbf4ec6ee0caeb034995c353ed45e03b68bf0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .bitbay.net bitbay.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' thmep.bitbay.net h.online-metrix.net .google.com google.com gstatic.com .gstatic.com www.google-analytics.com ssl.google-analytics.com; style-src 'self' 'unsafe-inline' gstatic.com https://thmep.bitbay.net; font-src 'self' gstatic.com; connect-src .bitbay.net www.google-analytics.com stats.g.doubleclick.net https://thmep.bitbay.net wss://127.0.0.1:; frame-src 'self' thmep.bitbay.net h.online-metrix.net google.com .google.com; object-src 'self' https://thmep.bitbay.net .online-metrix.net .bitbay.net; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.bitbay.net/desktop.min.css?ver=2.00.89
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:41 GMT
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
last-modified: Mon, 15 Apr 2019 19:00:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 206017
x-xss-protection: 1; mode=block
cf-bgj: h2pri
server: cloudflare
etag: "5cb4d4e1-324c1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=72000
content-security-policy: frame-ancestors 'self' *.bitbay.net bitbay.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' thmep.bitbay.net h.online-metrix.net *.google.com google.com gstatic.com *.gstatic.com www.google-analytics.com ssl.google-analytics.com; style-src 'self' 'unsafe-inline' gstatic.com https://thmep.bitbay.net; font-src 'self' gstatic.com; connect-src *.bitbay.net www.google-analytics.com stats.g.doubleclick.net https://thmep.bitbay.net wss://127.0.0.1:*; frame-src 'self' thmep.bitbay.net h.online-metrix.net google.com *.google.com; object-src 'self' https://thmep.bitbay.net *.online-metrix.net *.bitbay.net; worker-src 'self' blob:
accept-ranges: bytes
cf-ray: 6c488a883dd04a74-FRA
expires: Wed, 29 Dec 2021 01:55:41 GMT

GET
H2 200 urwdin-medium.woff2
auth.bitbay.net/fonts/urw-din/ 43 KB
43 KB 18ms
18ms Font
application/octet-stream 104.18.4.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.bitbay.net/fonts/urw-din/urwdin-medium.woff2

Requested by

Host: auth.bitbay.net
URL: https://auth.bitbay.net/desktop.min.css?ver=2.00.89

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.4.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c410c25ad09db3154c4147a3d6d073ca4d0ccf6b23b1d15a8a67dc5c1f1e8be0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .bitbay.net bitbay.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' thmep.bitbay.net h.online-metrix.net .google.com google.com gstatic.com .gstatic.com www.google-analytics.com ssl.google-analytics.com; style-src 'self' 'unsafe-inline' gstatic.com https://thmep.bitbay.net; font-src 'self' gstatic.com; connect-src .bitbay.net www.google-analytics.com stats.g.doubleclick.net https://thmep.bitbay.net wss://127.0.0.1:; frame-src 'self' thmep.bitbay.net h.online-metrix.net google.com .google.com; object-src 'self' https://thmep.bitbay.net .online-metrix.net .bitbay.net; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://auth.bitbay.net/desktop.min.css?ver=2.00.89
Origin: https://auth.bitbay.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:41 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 3670
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 44044
x-xss-protection: 1; mode=block
last-modified: Mon, 15 Apr 2019 19:00:48 GMT
server: cloudflare
etag: "5cb4d4e0-ac0c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public, max-age=72000
content-security-policy: frame-ancestors 'self' *.bitbay.net bitbay.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' thmep.bitbay.net h.online-metrix.net *.google.com google.com gstatic.com *.gstatic.com www.google-analytics.com ssl.google-analytics.com; style-src 'self' 'unsafe-inline' gstatic.com https://thmep.bitbay.net; font-src 'self' gstatic.com; connect-src *.bitbay.net www.google-analytics.com stats.g.doubleclick.net https://thmep.bitbay.net wss://127.0.0.1:*; frame-src 'self' thmep.bitbay.net h.online-metrix.net google.com *.google.com; object-src 'self' https://thmep.bitbay.net *.online-metrix.net *.bitbay.net; worker-src 'self' blob:
accept-ranges: bytes
cf-ray: 6c488a883dd44a74-FRA
expires: Wed, 29 Dec 2021 01:55:41 GMT

GET
H2 200 info Show response
auth.bitbay.net/api/2.0/sockjs/ Frame F1A5 77 B
562 B 50ms
50ms XHR
application/json 104.18.4.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.bitbay.net/api/2.0/sockjs/info?t=1640670941521
Requested by: Host: auth.bitbay.net
URL: https://auth.bitbay.net/auth/new/next/standalone-host.min.js?v=2.00.05
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.4.135 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 232d85c549d8d263bdcc9b04594c2250d1f69908836e3fdd7a569598009ad6af

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.bitbay.net/auth/new/next/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:41 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE,PATCH
content-type: application/json;charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 6c488a888e374a74-FRA
access-control-allow-headers: Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,operation-id,captcha,googleauthenticatorchangecode,googleauthenticatorchangetoken,googleauthenticatorchangeconfirmationtoken,twofactorauthtoken,jwt,fid,authid,unlocktoken,dev-maintenance,user-id,email,language,limit,offset,request-source,thmep-s-id

GET
H/1.1 204
204 YQMDze-8ft7Gap6Q
thmep.bitbay.net/ Frame 5098 0
400 B 16ms
16ms Image
image/png 91.235.133.182
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://thmep.bitbay.net/YQMDze-8ft7Gap6Q?3cf254f637e233b8=qkTopCHJ9TirgR4pefxYjpTPF_PiGy3OcPHtOJ9WdobxedVjqAWQIx-qokMf3FPT5LD6XYeU4QKhDd3ssy076S3Ze-_fpboo2m2tJP3k0zTGL301i6NUYsj3wdTTalrQ1Df-XqYiqewwwtrJvO1PQYUmz8nbXI7-CX-c_HENKjWqQTN9_uBH6-IfD5Da_N-rvwbteoG6uKYYR79SqIw&jf=363334267369665f7a6e663f766c72574a655a46507b54424654775175377162267361665d666174653d33363c30343532313439247161665f767b786d3f75656238656364736924716b645f6b657b3d3b30373b3138313b3234383532633a3e3c3a61653366303230313834323a3261383636386b653166323b30393235383134303238383634663063343836663936346162643037303731396635353b313c3b6639613534606b6d6167613564323130376e3064333231613263336e653a67666a356d663a6b33343a6130693b31306435636637633a6666636461626637636a363130333a306a3b3638316332326d6b663639346635646534303064336438656661386a6124716b6c5f7b6b653531303636383a3032303760653162376e31373a6635376237613b333534343a643931603d663333636d3f303162636732666265306164603131343760393d323430663a666935313a323230323a3d343b62303a623763393860363164633564323530313161303a663863363a666432323b393430323532356434316e3534606531353863313d3932673069382e716b6e703d32

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.182 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.bitbay.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Dec 2021 05:55:41 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=96
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 eUEXMDAm3eC10EcR
h.online-metrix.net/ Frame FEBB 0
400 B 16ms
15ms Image
image/png 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.online-metrix.net/eUEXMDAm3eC10EcR?322c74a183938394=DhIy0Xnxx67iIB9XSMOY8Chy58CLuEyf_8-ApUPgDW7gwMcYfh4mYAP_IF34wEkhB3bQTUwmrMuN_sCBdvwi94hNTSEylYAhIZi76F6oizDDqBHlF8rRRoRvDkOTHxe50d8v5sK90o6lwLoYACC-DAEk8zpwVhRgv2hpaZTnUS1F8YFcf_-1vVepNeiwOpXNtdZHS0G1QuRUNf7NRdo&jf=363338267369665f7a6e663f766c72573b773d495064524f4f4e7a5734607664267361665d666174653d33363c30343532313439247161665f767b786d3f75656238656364736924716b645f6b657b3d3b30373b3138313b3234383532633a3e3c3a61653366303230313834323a3261383636386b653166323b30393235383134303238383661346260613132666e3763676637643664376c386160313d39313b616c313937356a3d3630363064613366376e66666639326638633230343160306964393b326c63353b33386a3561336564393965626d3534603833646333346c3867306431373d66363e663037603939363a353133396662613d3a6135653433343b64383224716b6c5f7b6b653531303634383a303330303a666462323031336636656161373538643063603f31693a343c346364613f6e6164623734616463353e3066343832663337383e3160633b39663c673a393a3132303a393232616233616537373d32353032303633323530363b37643a396d663b3c6765353b30393367613160626461383d3433363334393063346a30303a606a6169323a3124736b647a3533

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://h.online-metrix.net/-kXX3iMtvgHn-EE9?7081e3f3d1859696=7w93cAwtlmXBDbqRyF8041I3ljXarwvovSbZJYbHjxqLL6rEd3VZpf7j7tQyQipWRrcm-k_EVUSs2gUy3rY1oAqw1TkasFKs3hJkMtpTwYcD5zNJFNvS-l4SG4BQiOgzGcWok4Zpt_kcETTFm197Wm_qTFYQGCjbPE2-0FtOEWmGXGD19csluYF_g27Oj4Mr5VJqa22y54N10eiJUqqu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Dec 2021 05:55:41 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=98
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 / Show response
auth.bitbay.net/api/2.0/rest/auth/88b3b3e8-3434-4b20-ba0c-95f1f41d8215/ Frame F1A5 1006 B
404 B 203ms
203ms XHR
application/json 104.18.4.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.bitbay.net/api/2.0/rest/auth/88b3b3e8-3434-4b20-ba0c-95f1f41d8215/
Requested by: Host: auth.bitbay.net
URL: https://auth.bitbay.net/auth/new/next/standalone-host.min.js?v=2.00.05
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.4.135 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9088e80b5b5c4f6d7084da9890a9731ae99fad3abf4efb9adba97bff1e49fb1d

Request headers

Accept: application/json, text/plain, */*
operation-id: d3309118-ddee-2fd6-8f04-514f4d71a306
authorization
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Referer: https://auth.bitbay.net/auth/new/next/index.html

Response headers

date: Tue, 28 Dec 2021 05:55:41 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE,PATCH
content-type: application/json
access-control-allow-credentials: true
cf-ray: 6c488a893f284a74-FRA
access-control-allow-headers: Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,operation-id,captcha,googleauthenticatorchangecode,googleauthenticatorchangetoken,googleauthenticatorchangeconfirmationtoken,twofactorauthtoken,jwt,fid,authid,unlocktoken,dev-maintenance,user-id,email,language,limit,offset,request-source,thmep-s-id

GET
H2 200 / Show response
auth.bitbay.net/api/2.0/rest/auth/88b3b3e8-3434-4b20-ba0c-95f1f41d8215/ Frame F1A5 1006 B
407 B 204ms
204ms XHR
application/json 104.18.4.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.bitbay.net/api/2.0/rest/auth/88b3b3e8-3434-4b20-ba0c-95f1f41d8215/
Requested by: Host: auth.bitbay.net
URL: https://auth.bitbay.net/auth/new/next/standalone-host.min.js?v=2.00.05
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.4.135 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9088e80b5b5c4f6d7084da9890a9731ae99fad3abf4efb9adba97bff1e49fb1d

Request headers

Accept: application/json, text/plain, */*
operation-id: 0ae8badd-4a13-427d-4e74-e0510b021e65
authorization
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Referer: https://auth.bitbay.net/auth/new/next/index.html

Response headers

date: Tue, 28 Dec 2021 05:55:41 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE,PATCH
content-type: application/json
access-control-allow-credentials: true
cf-ray: 6c488a894f294a74-FRA
access-control-allow-headers: Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,operation-id,captcha,googleauthenticatorchangecode,googleauthenticatorchangetoken,googleauthenticatorchangeconfirmationtoken,twofactorauthtoken,jwt,fid,authid,unlocktoken,dev-maintenance,user-id,email,language,limit,offset,request-source,thmep-s-id

GET
H2 200 / Show response
auth.bitbay.net/api/2.0/rest/auth/88b3b3e8-3434-4b20-ba0c-95f1f41d8215/ Frame F1A5 1006 B
384 B 68ms
68ms XHR
application/json 104.18.4.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.bitbay.net/api/2.0/rest/auth/88b3b3e8-3434-4b20-ba0c-95f1f41d8215/
Requested by: Host: auth.bitbay.net
URL: https://auth.bitbay.net/auth/new/next/standalone-host.min.js?v=2.00.05
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.4.135 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9088e80b5b5c4f6d7084da9890a9731ae99fad3abf4efb9adba97bff1e49fb1d

Request headers

Accept: application/json, text/plain, */*
operation-id: d0b0e012-3ffb-e8e6-2324-0a375a8684e7
authorization
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Referer: https://auth.bitbay.net/auth/new/next/index.html

Response headers

date: Tue, 28 Dec 2021 05:55:41 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE,PATCH
content-type: application/json
access-control-allow-credentials: true
cf-ray: 6c488a8aa9304a74-FRA
access-control-allow-headers: Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,operation-id,captcha,googleauthenticatorchangecode,googleauthenticatorchangetoken,googleauthenticatorchangeconfirmationtoken,twofactorauthtoken,jwt,fid,authid,unlocktoken,dev-maintenance,user-id,email,language,limit,offset,request-source,thmep-s-id

GET
H2 200 / Show response
auth.bitbay.net/api/2.0/rest/auth/88b3b3e8-3434-4b20-ba0c-95f1f41d8215/ Frame F1A5 1006 B
384 B 190ms
189ms XHR
application/json 104.18.4.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.bitbay.net/api/2.0/rest/auth/88b3b3e8-3434-4b20-ba0c-95f1f41d8215/
Requested by: Host: auth.bitbay.net
URL: https://auth.bitbay.net/auth/new/next/standalone-host.min.js?v=2.00.05
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.4.135 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9088e80b5b5c4f6d7084da9890a9731ae99fad3abf4efb9adba97bff1e49fb1d

Request headers

Accept: application/json, text/plain, */*
operation-id: 2eacd728-651e-19cd-60c1-a708c7de00ac
authorization
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Referer: https://auth.bitbay.net/auth/new/next/index.html

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE,PATCH
content-type: application/json
access-control-allow-credentials: true
cf-ray: 6c488a8aa9334a74-FRA
access-control-allow-headers: Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,operation-id,captcha,googleauthenticatorchangecode,googleauthenticatorchangetoken,googleauthenticatorchangeconfirmationtoken,twofactorauthtoken,jwt,fid,authid,unlocktoken,dev-maintenance,user-id,email,language,limit,offset,request-source,thmep-s-id

GET
H2 200 currencies Show response
auth.bitbay.net/api/2.0/rest/payments/ Frame F1A5 141 KB
11 KB 185ms
185ms XHR
application/json 104.18.4.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.bitbay.net/api/2.0/rest/payments/currencies
Requested by: Host: auth.bitbay.net
URL: https://auth.bitbay.net/auth/new/next/standalone-host.min.js?v=2.00.05
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.4.135 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 494374acf38125324e9267d218b2bcd7effd2b7444befba96f2d68db0b9c5dcd

Request headers

Accept: application/json, text/plain, */*
operation-id: b4758043-ad5c-360e-5c11-a851c7ffe9c5
authorization
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Referer: https://auth.bitbay.net/auth/new/next/index.html

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE,PATCH
content-type: application/json
operation-id: b4758043-ad5c-360e-5c11-a851c7ffe9c5
access-control-allow-credentials: true
cf-ray: 6c488a8aa9344a74-FRA
access-control-allow-headers: Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,operation-id,captcha,googleauthenticatorchangecode,googleauthenticatorchangetoken,googleauthenticatorchangeconfirmationtoken,twofactorauthtoken,jwt,fid,authid,unlocktoken,dev-maintenance,user-id,email,language,limit,offset,request-source,thmep-s-id

GET
H/1.1 204
No Content MBZZGNSLYAkprZeN Show response
thmep.bitbay.net/ Frame 5098 0
387 B 13ms
13ms Script
text/javascript 91.235.133.182
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.182 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.bitbay.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Dec 2021 05:55:41 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=95
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 currencies Show response
auth.bitbay.net/api/2.0/rest/payments/ Frame F1A5 141 KB
11 KB 78ms
78ms XHR
application/json 104.18.4.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.bitbay.net/api/2.0/rest/payments/currencies
Requested by: Host: auth.bitbay.net
URL: https://auth.bitbay.net/auth/new/next/standalone-host.min.js?v=2.00.05
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.4.135 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3473392ba7517ae5183cb0e54309ca1e38b940942a5dc76668ba4ed627b949f

Request headers

Accept: application/json, text/plain, */*
operation-id: 4ebb9885-3a32-6e5a-439a-64945ce561aa
authorization
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Referer: https://auth.bitbay.net/auth/new/next/index.html

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE,PATCH
content-type: application/json
operation-id: 4ebb9885-3a32-6e5a-439a-64945ce561aa
access-control-allow-credentials: true
cf-ray: 6c488a8bfa884a74-FRA
access-control-allow-headers: Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,operation-id,captcha,googleauthenticatorchangecode,googleauthenticatorchangetoken,googleauthenticatorchangeconfirmationtoken,twofactorauthtoken,jwt,fid,authid,unlocktoken,dev-maintenance,user-id,email,language,limit,offset,request-source,thmep-s-id

GET
H2 200 big-logo.svg
auth.bitbay.net/img/ 6 KB
3 KB 16ms
16ms Image
image/svg+xml 104.18.4.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://auth.bitbay.net/img/big-logo.svg

Requested by

Host: auth.bitbay.net
URL: https://auth.bitbay.net/build.min.js?v=2.00.89

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.4.135 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3520a0803d966b560a6f1b7ec4e37099dc67358c81543f4ef041770de497dca8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' .bitbay.net bitbay.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' thmep.bitbay.net h.online-metrix.net .google.com google.com gstatic.com .gstatic.com www.google-analytics.com ssl.google-analytics.com; style-src 'self' 'unsafe-inline' gstatic.com https://thmep.bitbay.net; font-src 'self' gstatic.com; connect-src .bitbay.net www.google-analytics.com stats.g.doubleclick.net https://thmep.bitbay.net wss://127.0.0.1:; frame-src 'self' thmep.bitbay.net h.online-metrix.net google.com .google.com; object-src 'self' https://thmep.bitbay.net .online-metrix.net .bitbay.net; worker-src 'self' blob:
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://auth.bitbay.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2
strict-transport-security: max-age=31536000; includeSubDomains
x-xss-protection: 1; mode=block
last-modified: Mon, 15 Apr 2019 19:00:49 GMT
server: cloudflare
etag: W/"5cb4d4e1-1940"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=72000
content-security-policy: frame-ancestors 'self' *.bitbay.net bitbay.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' thmep.bitbay.net h.online-metrix.net *.google.com google.com gstatic.com *.gstatic.com www.google-analytics.com ssl.google-analytics.com; style-src 'self' 'unsafe-inline' gstatic.com https://thmep.bitbay.net; font-src 'self' gstatic.com; connect-src *.bitbay.net www.google-analytics.com stats.g.doubleclick.net https://thmep.bitbay.net wss://127.0.0.1:*; frame-src 'self' thmep.bitbay.net h.online-metrix.net google.com *.google.com; object-src 'self' https://thmep.bitbay.net *.online-metrix.net *.bitbay.net; worker-src 'self' blob:
cf-ray: 6c488a8c8b0c4a74-FRA
expires: Wed, 29 Dec 2021 01:55:42 GMT

POST
H2 200 mafhGi Show response
auth.bitbay.net/api/2.0/rest/affiliate/stats/visit/ Frame F1A5 66 B
180 B 104ms
104ms XHR
application/json 104.18.4.135
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.bitbay.net/api/2.0/rest/affiliate/stats/visit/mafhGi
Requested by: Host: auth.bitbay.net
URL: https://auth.bitbay.net/auth/new/next/standalone-host.min.js?v=2.00.05
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.4.135 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9fcaea48ee4eeb976c780f0c7f4a10499faa09382fe5f362c95eb8b5c6abcc5f

Request headers

Accept: application/json, text/plain, */*
Referer: https://auth.bitbay.net/auth/new/next/index.html
operation-id: c674b1a8-e56b-6fa7-5619-21940a41cee2
authorization
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE,PATCH
content-type: application/json
access-control-allow-origin: https://auth.bitbay.net
operation-id: c674b1a8-e56b-6fa7-5619-21940a41cee2
access-control-allow-credentials: true
cf-ray: 6c488a8d2bb84a74-FRA
access-control-allow-headers: Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,operation-id,captcha,googleauthenticatorchangecode,googleauthenticatorchangetoken,googleauthenticatorchangeconfirmationtoken,twofactorauthtoken,jwt,fid,authid,unlocktoken,dev-maintenance,user-id,email,language,limit,offset,request-source,thmep-s-id

POST
H/1.1 204
No Content 5VFJjU6PJV2n0YPp
thmep.bitbay.net/ Frame 5292 0
406 B 14ms
13ms Ping
text/javascript 91.235.133.182
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://thmep.bitbay.net/5VFJjU6PJV2n0YPp?02f8fa83d89f211a=B6cZLaZy-jz_ArQhOtJGb6tGUGxtpwpa7ZgyfDByA5S0PLTvMoD3jwLcs7UoYpJcQAbePy3P_1n6jgLTmfWVVbwGAylkBQhwFeE7uIhHtnoDDyLvdG3J7ig6uXxEuYIv40CRziiNjKPYraAIV0ecl8YKqEs

Requested by

Host: thmep.bitbay.net
URL: https://thmep.bitbay.net/H-ldRmaFhw7lW9HD?84cdeee47170d0c4=Qnxhvzesf0-JKpjjagMWz5L61lOI9DXFUnH6IACuh0EsUC3G0NCPSIK0LqJp2u7_XqaiVpAmUpjaRpch1OlygCyydYxRPU-j4zg8ouqDHnu1U2ej4D7l_JJk6G1L5W1HGGU7CQ5ZA89hUb7N_4FsOE5xpXaqjh6TXYGAFXb6f0u4DPnjYugYPbA2IKgYBRMaaU6W-w8koqmFQZD06Ghs

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.133.182 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://thmep.bitbay.net/H-ldRmaFhw7lW9HD?84cdeee47170d0c4=Qnxhvzesf0-JKpjjagMWz5L61lOI9DXFUnH6IACuh0EsUC3G0NCPSIK0LqJp2u7_XqaiVpAmUpjaRpch1OlygCyydYxRPU-j4zg8ouqDHnu1U2ej4D7l_JJk6G1L5W1HGGU7CQ5ZA89hUb7N_4FsOE5xpXaqjh6TXYGAFXb6f0u4DPnjYugYPbA2IKgYBRMaaU6W-w8koqmFQZD06Ghs
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 28 Dec 2021 05:55:42 GMT
X-Content-Type-Options: nosniff
Server: Apache
Strict-Transport-Security: max-age=31536000
Content-Type: text/javascript
Access-Control-Allow-Origin: https://thmep.bitbay.net
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

Primary Request home Show response
zondaglobal.com/en/
Redirect Chain

https://bitbay.net/
https://zondaglobal.com/en
https://zondaglobal.com/en/home

204 KB
35 KB

22ms
22ms

Document
text/html

104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zondaglobal.com/en/home

Requested by

Host: auth.bitbay.net
URL: https://auth.bitbay.net/build.min.js?v=2.00.89

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8113c6c147563e17a804b20f8d5efa07b01ff3b45d0cbeb672a7ec378f6d2edb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' .adform.net .bitbay.net .youtube.com www.google-analytics.com www.googletagmanager.com .google.com google.com ssl.google-analytics.com .gstatic.com .livechatinc.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com tagmanager.google.com; font-src 'self' fonts.gstatic.com; connect-src 'self' wss://api.bitbay.net .bitbay.net www.google-analytics.com .livechatinc.com wss://api.zonda.exchange api.zonda.exchange; frame-src .adform.net .fls.doubleclick.net 'self' .zondaglobal.com .google.com .youtube.com .livechatinc.com;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://auth.bitbay.net/

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-type: text/html;charset=UTF-8
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1
content-security-policy: frame-ancestors 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.adform.net *.bitbay.net *.youtube.com www.google-analytics.com www.googletagmanager.com *.google.com google.com ssl.google-analytics.com *.gstatic.com *.livechatinc.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com tagmanager.google.com; font-src 'self' fonts.gstatic.com; connect-src 'self' wss://api.bitbay.net *.bitbay.net www.google-analytics.com *.livechatinc.com wss://api.zonda.exchange api.zonda.exchange; frame-src *.adform.net *.fls.doubleclick.net 'self' *.zondaglobal.com *.google.com *.youtube.com *.livechatinc.com;
access-control-allow-origin: https://zondaglobal.com
strict-transport-security: max-age=31536000; includeSubDomains
expires: Tue, 28 Dec 2021 06:25:42 GMT
cache-control: public, max-age=1800
pragma: no-cache
cf-cache-status: HIT
age: 1525
last-modified: Tue, 28 Dec 2021 05:30:17 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 6c488a8e7ba6d6c1-FRA
content-encoding: br

Redirect headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-type: text/html;charset=ISO-8859-1
location: https://zondaglobal.com/en/home
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1
expires: Tue, 28 Dec 2021 06:25:42 GMT
cache-control: public, max-age=1800
pragma: no-cache
cf-cache-status: HIT
age: 1525
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
server: cloudflare
cf-ray: 6c488a8e5b88d6c1-FRA

GET
H2 200 swiped-event.js Show response
zondaglobal.com/o/bb-theme/js/ 2 KB
1005 B 24ms
23ms Script
text/javascript 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zondaglobal.com/o/bb-theme/js/swiped-event.js?t=1640266950593

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/en/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0578c5b1e7a7a9fd55f9dd6ecef3f0d3a4e85621a7c34db244241c474597d63c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1038
cf-polished: origSize=3402
x-xss-protection: 1
last-modified: Thu, 23 Dec 2021 13:02:30 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"b2167082"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
expires: Fri, 26 Dec 2031 05:55:42 GMT
cache-control: public, max-age=315360000
cachetest: 1
cf-ray: 6c488a8ecbd9d6c1-FRA
cf-bgj: minify

GET
H2 200 combo.css.js Show response
zondaglobal.com/combo/ 227 KB
70 KB 30ms
29ms Script
text/javascript 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zondaglobal.com/combo/combo.css.js?browserId=other&minifierType=js&languageId=en_US&b=7402&t=1640266938895&/o/frontend-js-jquery-web/jquery/jquery.min.js&/o/zonda-frontend-js-jquery-web/jquery/init.js&/o/zonda-frontend-js-jquery-web/jquery/ajax.js&/o/frontend-js-jquery-web/jquery/bootstrap.bundle.min.js&/o/zonda-frontend-js-jquery-web/jquery/collapsible_search.js&/o/zonda-frontend-js-jquery-web/jquery/fm.js&/o/frontend-js-jquery-web/jquery/form.js&/o/frontend-js-jquery-web/jquery/popper.min.js&/o/zonda-frontend-js-jquery-web/jquery/side_navigation.js

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/en/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bfc1054b2a69014b52dbbefda94f9cbe34f95191d6b04819e3072e5acce070d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1614
cf-polished: origSize=268127
x-xss-protection: 1
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"32d7b168"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=315360000
cachetest: 1
cf-ray: 6c488a8ecbdbd6c1-FRA
expires: Fri, 26 Dec 2031 05:55:42 GMT

GET
H2 200 clay.css
zondaglobal.com/o/bb-theme/css/ 494 KB
69 KB 41ms
40ms Stylesheet
text/css 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zondaglobal.com/o/bb-theme/css/clay.css?browserId=other&themeId=bbtheme_WAR_bbtheme&minifierType=css&languageId=en_US&b=7402&t=1640266942000

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/en/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

889d54e6d4b40c7ff7d50cf9e0db62f92afb9914439d310087141362d8382451

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1614
cf-polished: origSize=630517
x-xss-protection: 1
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"1f669abb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: public, max-age=315360000
cachetest: 1
cf-ray: 6c488a8ecbdcd6c1-FRA
expires: Fri, 26 Dec 2031 05:55:42 GMT

GET
H2 200 main.css
zondaglobal.com/o/frontend-css-web/ 103 KB
19 KB 45ms
45ms Stylesheet
text/css 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zondaglobal.com/o/frontend-css-web/main.css?browserId=other&themeId=bbtheme_WAR_bbtheme&minifierType=css&languageId=en_US&b=7402&t=1627477414371

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/en/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

435867edd1e291db229e174b728791c00a7dc9b6ea55be0e8cc520f07f477f07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=126465
x-xss-protection: 1
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"3f88b8fd"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: public, max-age=315360000
cachetest: 1
cf-ray: 6c488a8ecbded6c1-FRA
expires: Fri, 26 Dec 2031 05:55:42 GMT

GET
H2 200 combo.css.js
zondaglobal.com/combo/ 22 KB
4 KB 66ms
66ms Stylesheet
text/css 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zondaglobal.com/combo/combo.css.js?browserId=other&minifierType=&themeId=bbtheme_WAR_bbtheme&languageId=en_US&b=7402&com_liferay_asset_publisher_web_portlet_AssetPublisherPortlet_INSTANCE_bb_footer_asset_publisher:%2Fcss%2Fmain.css&com_liferay_journal_content_web_portlet_JournalContentPortlet_INSTANCE_bb_btn_footer:%2Fcss%2Fmain.css&com_liferay_portal_search_web_search_bar_portlet_SearchBarPortlet_INSTANCE_templateSearch:%2Fcss%2Fmain.css&com_liferay_product_navigation_product_menu_web_portlet_ProductMenuPortlet:%2Fcss%2Fmain.css&com_liferay_product_navigation_user_personal_bar_web_portlet_ProductNavigationUserPersonalBarPortlet:%2Fcss%2Fmain.css&com_liferay_site_navigation_menu_web_portlet_SiteNavigationMenuPortlet:%2Fcss%2Fmain.css&zonda_search_web_webPortlet_INSTANCE_hambutdersidebarsearch:%2Fcss%2Fmain.css&t=1640266942000

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/en/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e176ef90451b49354814f8ea600b41a324303da2e32a39cb5391d7319aa9e56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=26542
x-xss-protection: 1
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"f2c0bdaf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: public, max-age=315360000
cachetest: 1
cf-ray: 6c488a8ecbdfd6c1-FRA
expires: Fri, 26 Dec 2031 05:55:42 GMT

GET
H2 200 loader.js Show response
zondaglobal.com/o/frontend-js-loader-modules-extender/ 24 KB
7 KB 25ms
25ms Script
text/javascript 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zondaglobal.com/o/frontend-js-loader-modules-extender/loader.js

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/en/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77d651d1e097b56cc3783f480a5b061daacebfc43ffbaa745cd8b5e4734656ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1573
cf-polished: origSize=24409
x-xss-protection: 1
last-modified: Fri, 23 Jul 2021 01:26:48 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"12d05373"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
expires: Fri, 26 Dec 2031 05:55:42 GMT
cache-control: public, max-age=315360000
cachetest: 1
cf-ray: 6c488a8ecbe0d6c1-FRA
cf-bgj: minify

GET
H2 200 combo.css.js Show response
zondaglobal.com/combo/ 326 KB
88 KB 48ms
48ms Script
text/javascript 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zondaglobal.com/combo/combo.css.js?browserId=other&minifierType=js&languageId=en_US&b=7402&t=1640266934698&/o/frontend-js-aui-web/aui/aui/aui.js&/o/frontend-js-aui-web/liferay/modules.js&/o/frontend-js-aui-web/liferay/aui_sandbox.js&/o/frontend-js-aui-web/aui/attribute-base/attribute-base.js&/o/frontend-js-aui-web/aui/attribute-complex/attribute-complex.js&/o/frontend-js-aui-web/aui/attribute-core/attribute-core.js&/o/frontend-js-aui-web/aui/attribute-observable/attribute-observable.js&/o/frontend-js-aui-web/aui/attribute-extras/attribute-extras.js&/o/frontend-js-aui-web/aui/event-custom-base/event-custom-base.js&/o/frontend-js-aui-web/aui/event-custom-complex/event-custom-complex.js&/o/frontend-js-aui-web/aui/oop/oop.js&/o/frontend-js-aui-web/aui/aui-base-lang/aui-base-lang.js&/o/frontend-js-aui-web/liferay/dependency.js&/o/frontend-js-aui-web/liferay/util.js&/o/frontend-js-web/liferay/dom_task_runner.js&/o/frontend-js-web/liferay/events.js&/o/frontend-js-web/liferay/lazy_load.js&/o/frontend-js-web/liferay/liferay.js&/o/frontend-js-web/liferay/global.bundle.js&/o/frontend-js-web/liferay/portlet.js&/o/frontend-js-web/liferay/workflow.js&/o/frontend-js-module-launcher/webpack_federation.js

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/en/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc893f248122605770334307591cd6493d4968312b4b99286715c7b3c36c29d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1614
cf-polished: origSize=742635
x-xss-protection: 1
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"f6a63231"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=315360000
cachetest: 1
cf-ray: 6c488a8ecbe3d6c1-FRA
expires: Fri, 26 Dec 2031 05:55:42 GMT

GET
H2 200 main.css
zondaglobal.com/o/bb-theme/css/ 244 KB
39 KB 36ms
36ms Stylesheet
text/css 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zondaglobal.com/o/bb-theme/css/main.css?browserId=other&themeId=bbtheme_WAR_bbtheme&minifierType=css&languageId=en_US&b=7402&t=1640266942000

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/en/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94d53a15f9b275b24a2ba271b07c60c3eed0109bf102297f15cebb726c6fc1e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1614
cf-polished: origSize=308338
x-xss-protection: 1
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"c9a82e82"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: public, max-age=315360000
cachetest: 1
cf-ray: 6c488a8ecbe4d6c1-FRA
expires: Fri, 26 Dec 2031 05:55:42 GMT

GET
H2 200 main.css
zondaglobal.com/o/commerce-frontend-js/styles/ 23 KB
5 KB 22ms
22ms Stylesheet
text/css 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zondaglobal.com/o/commerce-frontend-js/styles/main.css

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/en/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42b20e6857b927ccb1868f265bc23da0741445f005ff7f4f4d482810fadbec6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1573
cf-polished: origSize=27521
x-xss-protection: 1
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"87c98b7b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: public, max-age=315360000
cachetest: 1
cf-ray: 6c488a8ecbe5d6c1-FRA
expires: Fri, 26 Dec 2031 05:55:42 GMT

GET
H2 200 storageInitialization.js Show response
zondaglobal.com/o/bb-theme/js/ 8 KB
2 KB 31ms
26ms Script
text/javascript 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zondaglobal.com/o/bb-theme/js/storageInitialization.js?t=1640266950593

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/en/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd464518156340a3f5f1a325455c6a0f8d0dc722bacf693cea28aeeb009a40fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1037
cf-polished: origSize=9786
x-xss-protection: 1
last-modified: Thu, 23 Dec 2021 13:02:30 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"c360b545"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
expires: Fri, 26 Dec 2031 05:55:42 GMT
cache-control: public, max-age=315360000
cachetest: 1
cf-ray: 6c488a8f8c6ad6c1-FRA
cf-bgj: minify

GET
H2 200 bitbay_zonda_modal.js Show response
zondaglobal.com/o/bb-theme/js/ 665 B
357 B 23ms
22ms Script
text/javascript 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zondaglobal.com/o/bb-theme/js/bitbay_zonda_modal.js?t=1640266950593

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/en/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2bcfecf4e322b3f99622c3676eec7b957936d5b43a7ae834383a00e22f734c15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1038
cf-polished: origSize=926
x-xss-protection: 1
last-modified: Thu, 23 Dec 2021 13:02:30 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"cc1143de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
expires: Fri, 26 Dec 2031 05:55:42 GMT
cache-control: public, max-age=315360000
cachetest: 1
cf-ray: 6c488a8ecbe6d6c1-FRA
cf-bgj: minify

GET
H2 200 cookie_manager.js Show response
zondaglobal.com/o/bb-theme/js/ 4 KB
1 KB 38ms
37ms Script
text/javascript 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zondaglobal.com/o/bb-theme/js/cookie_manager.js?t=1640266950593

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/en/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1628c2a4f54fdfc9607157064a6e3f565865937a833431a5e6870605d3adbd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1038
cf-polished: origSize=5695
x-xss-protection: 1
last-modified: Thu, 23 Dec 2021 13:02:30 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"d906dd45"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
expires: Fri, 26 Dec 2031 05:55:42 GMT
cache-control: public, max-age=315360000
cachetest: 1
cf-ray: 6c488a8ecbead6c1-FRA
cf-bgj: minify

GET
H2 200 change_category_init.js Show response
zondaglobal.com/o/bb-theme/js/ 825 B
424 B 35ms
34ms Script
text/javascript 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zondaglobal.com/o/bb-theme/js/change_category_init.js?t=1640266950593

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/en/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af2c7b168dd6a82db74a55be622ce834aaf20d7123aeab2b31c0abb7f0a86d8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1038
cf-polished: origSize=1358
x-xss-protection: 1
last-modified: Thu, 23 Dec 2021 13:02:30 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"4807d40a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
expires: Fri, 26 Dec 2031 05:55:42 GMT
cache-control: public, max-age=315360000
cachetest: 1
cf-ray: 6c488a8ecbebd6c1-FRA
cf-bgj: minify

GET
H2 200 hamburger_menu.js Show response
zondaglobal.com/o/bb-theme/js/ 719 B
366 B 28ms
23ms Script
text/javascript 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zondaglobal.com/o/bb-theme/js/hamburger_menu.js?t=1640266950593

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/en/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

46f6de5b231bd9fca34494992624c7b361198891ec857b21cae6897ef8afc3ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1037
cf-polished: origSize=823
x-xss-protection: 1
last-modified: Thu, 23 Dec 2021 13:02:30 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"61a955ca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
expires: Fri, 26 Dec 2031 05:55:42 GMT
cache-control: public, max-age=315360000
cachetest: 1
cf-ray: 6c488a8f8c6bd6c1-FRA
cf-bgj: minify

GET
H2 200 zonda.svg
zondaglobal.com/o/bb-theme/images/ 3 KB
1 KB 42ms
38ms Image
image/svg+xml 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zondaglobal.com/o/bb-theme/images/zonda.svg

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/en/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

893ea01fba0f87af5cf8331633c2a285f1488e892f7c22ee1f2ab138d5825eaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1558
x-xss-protection: 1
last-modified: Thu, 23 Dec 2021 13:02:30 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"3127-1640264550000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=315360000
cachetest: 1
cf-ray: 6c488a8f8c6cd6c1-FRA
expires: Fri, 26 Dec 2031 05:55:42 GMT

GET
H2 200 CaretDownWhite.svg
zondaglobal.com/o/bb-theme/images/icons/ 214 B
238 B 33ms
28ms Image
image/svg+xml 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zondaglobal.com/o/bb-theme/images/icons/CaretDownWhite.svg

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/en/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1798895e2a9d54bc996f9c93892684120ccb172b7a299aeb21d4070b972d8398

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1558
x-xss-protection: 1
last-modified: Thu, 23 Dec 2021 13:02:30 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"214-1640264550000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=315360000
cachetest: 1
cf-ray: 6c488a8f8c6dd6c1-FRA
expires: Fri, 26 Dec 2031 05:55:42 GMT

GET
H2 200 GlobeHemisphereWest.svg
zondaglobal.com/o/bb-theme/images/icons/ 2 KB
909 B 24ms
20ms Image
image/svg+xml 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zondaglobal.com/o/bb-theme/images/icons/GlobeHemisphereWest.svg

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/en/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c1ffb869f22c8ecdc41df5ab845764608315e1e5ee488a1a5f835ee878ef79f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1558
x-xss-protection: 1
last-modified: Thu, 23 Dec 2021 13:02:30 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"1806-1640264550000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=315360000
cachetest: 1
cf-ray: 6c488a8f8c6ed6c1-FRA
expires: Fri, 26 Dec 2031 05:55:42 GMT

GET
H2 200 zonda_black.svg
zondaglobal.com/o/bb-theme/images/ 3 KB
1 KB 28ms
24ms Image
image/svg+xml 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zondaglobal.com/o/bb-theme/images/zonda_black.svg

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/en/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ee3e1412fc103279f1a00452cec83432a6af4123057bffedb33694afa70b7ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1563
x-xss-protection: 1
last-modified: Thu, 23 Dec 2021 13:02:30 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"3127-1640264550000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=315360000
cachetest: 1
cf-ray: 6c488a8f8c70d6c1-FRA
expires: Fri, 26 Dec 2031 05:55:42 GMT

GET
H2 200 SpeakerMute.svg
zondaglobal.com/o/bb-theme/images/icons/ 586 B
387 B 40ms
36ms Image
image/svg+xml 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zondaglobal.com/o/bb-theme/images/icons/SpeakerMute.svg

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/en/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d7c93318151f920ae2532b7a6209806b00849609740bfce4503124b15b9e55a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-xss-protection: 1
last-modified: Thu, 23 Dec 2021 13:02:30 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"586-1640264550000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=315360000
cachetest: 1
cf-ray: 6c488a8f8c71d6c1-FRA
expires: Fri, 26 Dec 2031 05:55:42 GMT

GET
H2 200 SpeakerHigh.svg
zondaglobal.com/o/bb-theme/images/icons/ 1 KB
532 B 41ms
37ms Image
image/svg+xml 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zondaglobal.com/o/bb-theme/images/icons/SpeakerHigh.svg

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/en/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c8d9943c7ce3741dc7a6b25613813f184e41e32366ce8d4275995b2cf75ca95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-xss-protection: 1
last-modified: Thu, 23 Dec 2021 13:02:30 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"1064-1640264550000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=315360000
cachetest: 1
cf-ray: 6c488a8f8c72d6c1-FRA
expires: Fri, 26 Dec 2031 05:55:42 GMT

GET
H2 200 ArrowRightWhite.svg
zondaglobal.com/o/bb-theme/images/icons/ 318 B
248 B 47ms
43ms Image
image/svg+xml 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zondaglobal.com/o/bb-theme/images/icons/ArrowRightWhite.svg

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/en/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

981e31483504d8276c1d73623ffbb598ff2f8133cf9a3f9ae974b99cf0338c34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-xss-protection: 1
last-modified: Thu, 23 Dec 2021 13:02:30 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"318-1640264550000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=315360000
cachetest: 1
cf-ray: 6c488a8f8c73d6c1-FRA
expires: Fri, 26 Dec 2031 05:55:42 GMT

GET
H2 200 carousel_coins.js Show response
zondaglobal.com/o/bb-theme/js/ 3 KB
1008 B 21ms
21ms Script
text/javascript 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zondaglobal.com/o/bb-theme/js/carousel_coins.js?t=1640266950593

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/en/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

688ab60844a5fa6e24987e63286e3b8b7e6abce9dee183944c6e85ad7055fe72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1037
cf-polished: origSize=3966
x-xss-protection: 1
last-modified: Thu, 23 Dec 2021 13:02:30 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"7c840bb5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
expires: Fri, 26 Dec 2031 05:55:42 GMT
cache-control: public, max-age=315360000
cachetest: 1
cf-ray: 6c488a8f3c36d6c1-FRA
cf-bgj: minify

GET
H2 200 footer_navigation.js Show response
zondaglobal.com/o/bb-theme/js/ 583 B
322 B 20ms
20ms Script
text/javascript 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zondaglobal.com/o/bb-theme/js/footer_navigation.js?t=1640266950593

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/en/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4af2ef426869117722de1b0ed53da0f4c960c4279c3a1d71ed2f7c1d99e8546

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1037
cf-polished: origSize=686
x-xss-protection: 1
last-modified: Thu, 23 Dec 2021 13:02:30 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"dd40ba03"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
expires: Fri, 26 Dec 2031 05:55:42 GMT
cache-control: public, max-age=315360000
cachetest: 1
cf-ray: 6c488a8f3c38d6c1-FRA
cf-bgj: minify

GET
H2 200 fb.svg
zondaglobal.com/o/bb-theme/images/social/ 354 B
324 B 31ms
27ms Image
image/svg+xml 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zondaglobal.com/o/bb-theme/images/social/fb.svg

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/en/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c793197b725c7a1a4259b517e7bc12f26e31f3d0ce59dd07b2e01a618b919ecf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1558
x-xss-protection: 1
last-modified: Thu, 23 Dec 2021 13:02:30 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"354-1640264550000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=315360000
cachetest: 1
cf-ray: 6c488a8f8c75d6c1-FRA
expires: Fri, 26 Dec 2031 05:55:42 GMT

GET
H2 200 twitter.svg
zondaglobal.com/o/bb-theme/images/social/ 619 B
510 B 28ms
25ms Image
image/svg+xml 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zondaglobal.com/o/bb-theme/images/social/twitter.svg

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/en/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ecc0aa44394c05e16eb4a20d6d7833f9f73bf791117263ef63a3d753e913b8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1558
x-xss-protection: 1
last-modified: Thu, 23 Dec 2021 13:02:30 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"619-1640264550000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=315360000
cachetest: 1
cf-ray: 6c488a8f8c76d6c1-FRA
expires: Fri, 26 Dec 2031 05:55:42 GMT

GET
H2 200 insta.svg
zondaglobal.com/o/bb-theme/images/social/ 1 KB
640 B 29ms
26ms Image
image/svg+xml 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zondaglobal.com/o/bb-theme/images/social/insta.svg

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/en/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b9b95a8f180d68e201f11507c8a55009cf4f36413c62cf573385b57272c8a78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1558
x-xss-protection: 1
last-modified: Thu, 23 Dec 2021 13:02:30 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"1183-1640264550000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=315360000
cachetest: 1
cf-ray: 6c488a8f8c77d6c1-FRA
expires: Fri, 26 Dec 2031 05:55:42 GMT

GET
H2 200 in.svg
zondaglobal.com/o/bb-theme/images/social/ 975 B
566 B 29ms
27ms Image
image/svg+xml 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zondaglobal.com/o/bb-theme/images/social/in.svg

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/en/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d555b614123be8e646d5b3634a8c9cfbb4084cf239332376f486fa6f3488121

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1558
x-xss-protection: 1
last-modified: Thu, 23 Dec 2021 13:02:30 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"975-1640264550000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=315360000
cachetest: 1
cf-ray: 6c488a8f8c78d6c1-FRA
expires: Fri, 26 Dec 2031 05:55:42 GMT

GET
H2 200 main.css
zondaglobal.com/o/portal-search-web/css/ 2 KB
721 B 38ms
33ms Stylesheet
text/css 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zondaglobal.com/o/portal-search-web/css/main.css?browserId=other&themeId=bbtheme_WAR_bbtheme&minifierType=css&languageId=en_US&b=7402&t=1627331518000

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/en/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6be684f42defb3faa33b5b2414c75c69d2f678f282398328a4fc09580f04369f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=2859
x-xss-protection: 1
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"19326e60"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: public, max-age=315360000
cachetest: 1
cf-ray: 6c488a8f8c64d6c1-FRA
expires: Fri, 26 Dec 2031 05:55:42 GMT

GET
H2 200 main.css
zondaglobal.com/o/com.liferay.product.navigation.user.personal.bar.web/css/ 431 B
285 B 42ms
37ms Stylesheet
text/css 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zondaglobal.com/o/com.liferay.product.navigation.user.personal.bar.web/css/main.css?browserId=other&themeId=bbtheme_WAR_bbtheme&minifierType=css&languageId=en_US&b=7402&t=1627013464000

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/en/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

273b706529e1a1e7d6a4259e560d59698608bee774bd008687321ea9d3b68855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=492
x-xss-protection: 1
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"421d98e8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: public, max-age=315360000
cachetest: 1
cf-ray: 6c488a8f8c65d6c1-FRA
expires: Fri, 26 Dec 2031 05:55:42 GMT

GET
H2 200 main.css
zondaglobal.com/o/product-navigation-product-menu-web/css/ 13 KB
2 KB 35ms
30ms Stylesheet
text/css 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zondaglobal.com/o/product-navigation-product-menu-web/css/main.css?browserId=other&themeId=bbtheme_WAR_bbtheme&minifierType=css&languageId=en_US&b=7402&t=1627331626000

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/en/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e0d57b3914d314a1861cc645cfae03a68c24c358509378fe59bf1958b0ce473

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=14770
x-xss-protection: 1
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"b64d802f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: public, max-age=315360000
cachetest: 1
cf-ray: 6c488a8f8c67d6c1-FRA
expires: Fri, 26 Dec 2031 05:55:42 GMT

GET
H2 200 main.css
zondaglobal.com/o/asset-publisher-web/css/ 4 KB
882 B 36ms
31ms Stylesheet
text/css 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zondaglobal.com/o/asset-publisher-web/css/main.css?browserId=other&themeId=bbtheme_WAR_bbtheme&minifierType=css&languageId=en_US&b=7402&t=1627330806000

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/en/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44b7f1ad16f106d1bc0b5c6b3b39f0c977365e007ed9190ca42f58ef07df9ec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=4231
x-xss-protection: 1
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"a91e9ae3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: public, max-age=315360000
cachetest: 1
cf-ray: 6c488a8f8c68d6c1-FRA
expires: Fri, 26 Dec 2031 05:55:42 GMT

GET
H2 200 main.js Show response
zondaglobal.com/o/bb-theme/js/ 623 B
371 B 33ms
28ms Script
text/javascript 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zondaglobal.com/o/bb-theme/js/main.js?browserId=other&minifierType=js&languageId=en_US&b=7402&t=1640266942000

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/en/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

32e0f8aeabd31326a01e7f31302a0b4520ce6b2e3459830ca99887c5b065c93e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1613
cf-polished: origSize=895
x-xss-protection: 1
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"3f22ee67"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=315360000
cachetest: 1
cf-ray: 6c488a8f8c69d6c1-FRA
expires: Fri, 26 Dec 2031 05:55:42 GMT

GET
H2 200 js_resolve_modules Show response
zondaglobal.com/o/ 1 KB
378 B 32ms
31ms Fetch
application/json 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zondaglobal.com/o/js_resolve_modules?modules=%40liferay%2Ffrontend-js-state-web%401.0.5%2FState

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/o/frontend-js-loader-modules-extender/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d80d5f47f2148b83cdb614c936e0f57dc617aeb529b6d0bcb41c7825dd60625c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
server: cloudflare
etag: W/"afc347c5-22f2-41d2-87f7-7e008d17723c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8
cache-control: public, max-age=1800
cf-ray: 6c488a8f7c5dd6c1-FRA
vary: Accept-Encoding
x-xss-protection: 1
expires: Tue, 28 Dec 2021 06:25:42 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 155 KB
57 KB 56ms
20ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-59N6WTZ

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/en/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

37c23692911627de98052251a08cb3867f9c3cb20f63c299ee6e616d9e18fb1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58138
x-xss-protection: 0
last-modified: Tue, 28 Dec 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 28 Dec 2021 05:55:42 GMT

GET
H2 200 combo.css.js
zondaglobal.com/combo/ 1 KB
436 B 25ms
25ms Stylesheet
text/css 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zondaglobal.com/combo/combo.css.js?browserId=other&minifierType=&languageId=en_US&b=7402&t=1640266934698&/o/frontend-js-aui-web/aui/widget-base/assets/skins/sam/widget-base.css&/o/frontend-js-aui-web/aui/autocomplete-list/assets/skins/sam/autocomplete-list.css

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/combo/combo.css.js?browserId=other&minifierType=js&languageId=en_US&b=7402&t=1640266934698&/o/frontend-js-aui-web/aui/aui/aui.js&/o/frontend-js-aui-web/liferay/modules.js&/o/frontend-js-aui-web/liferay/aui_sandbox.js&/o/frontend-js-aui-web/aui/attribute-base/attribute-base.js&/o/frontend-js-aui-web/aui/attribute-complex/attribute-complex.js&/o/frontend-js-aui-web/aui/attribute-core/attribute-core.js&/o/frontend-js-aui-web/aui/attribute-observable/attribute-observable.js&/o/frontend-js-aui-web/aui/attribute-extras/attribute-extras.js&/o/frontend-js-aui-web/aui/event-custom-base/event-custom-base.js&/o/frontend-js-aui-web/aui/event-custom-complex/event-custom-complex.js&/o/frontend-js-aui-web/aui/oop/oop.js&/o/frontend-js-aui-web/aui/aui-base-lang/aui-base-lang.js&/o/frontend-js-aui-web/liferay/dependency.js&/o/frontend-js-aui-web/liferay/util.js&/o/frontend-js-web/liferay/dom_task_runner.js&/o/frontend-js-web/liferay/events.js&/o/frontend-js-web/liferay/lazy_load.js&/o/frontend-js-web/liferay/liferay.js&/o/frontend-js-web/liferay/global.bundle.js&/o/frontend-js-web/liferay/portlet.js&/o/frontend-js-web/liferay/workflow.js&/o/frontend-js-module-launcher/webpack_federation.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

849d47138548650338c43a8be62d6dcfe4fe5c0224ba857e4b637b5678231e86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1613
cf-polished: origSize=1041
x-xss-protection: 1
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"d483da97"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: public, max-age=315360000
cachetest: 1
cf-ray: 6c488a8fac80d6c1-FRA
expires: Fri, 26 Dec 2031 05:55:42 GMT

GET
H2 200 icons.svg
zondaglobal.com/o/bb-theme/images/clay/ 279 KB
76 KB 30ms
30ms Other
image/svg+xml 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zondaglobal.com/o/bb-theme/images/clay/icons.svg

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/en/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

038c73770fb9c6471c2c1dd6732b6b5dade7c0e91439870ada736f346ae99367

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1621
x-xss-protection: 1
last-modified: Mon, 19 Apr 2021 23:41:32 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"286150-1618875692000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=315360000
cachetest: 1
cf-ray: 6c488a8fac81d6c1-FRA
expires: Fri, 26 Dec 2031 05:55:42 GMT

GET
H2 200 RoobertPRO-Regular.woff2
zondaglobal.com/o/bb-theme/fonts/ 43 KB
44 KB 23ms
23ms Font
font/woff2 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zondaglobal.com/o/bb-theme/fonts/RoobertPRO-Regular.woff2

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/o/bb-theme/css/main.css?browserId=other&themeId=bbtheme_WAR_bbtheme&minifierType=css&languageId=en_US&b=7402&t=1640266942000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fed20e1dc92efff38bb90f1eddaa6fe94e1709dd9d001b47c8d3745124542eb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://zondaglobal.com/o/bb-theme/css/main.css?browserId=other&themeId=bbtheme_WAR_bbtheme&minifierType=css&languageId=en_US&b=7402&t=1640266942000
Origin: https://zondaglobal.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1621
content-length: 44500
x-xss-protection: 1
last-modified: Thu, 23 Dec 2021 13:02:30 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"44500-1640264550000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=315360000
cachetest: 1
accept-ranges: bytes
cf-ray: 6c488a8fac85d6c1-FRA
expires: Fri, 26 Dec 2031 05:55:42 GMT

GET
H2 206 211103_ZONDA_EN_33sec.mp4
zondaglobal.com/documents/20124/2226434/ 49 MB
0 37ms
33ms Media
video/mp4 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zondaglobal.com/documents/20124/2226434/211103_ZONDA_EN_33sec.mp4

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/en/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://zondaglobal.com/en/home
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4390406
Content-Range: bytes 0-106146310/106146311
content-disposition: attachment; filename="211103_ZONDA_EN_33sec.mp4"
Content-Length: 106146311
x-xss-protection: 1
last-modified: Wed, 03 Nov 2021 15:41:06 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: video/mp4
cache-control: public, max-age=315360000
cf-ray: 6c488a8fbc90d6c1-FRA
expires: Fri, 26 Dec 2031 05:55:42 GMT

GET
H2 200 ArrowRight.svg
zondaglobal.com/o/bb-theme/images/icons/ 322 B
334 B 51ms
51ms Image
image/svg+xml 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zondaglobal.com/o/bb-theme/images/icons/ArrowRight.svg

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/o/bb-theme/css/main.css?browserId=other&themeId=bbtheme_WAR_bbtheme&minifierType=css&languageId=en_US&b=7402&t=1640266942000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26d3d3f00fc7598c073216a79a7ba823d7810f1adf88f8b22b742e6baebf70e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/o/bb-theme/css/main.css?browserId=other&themeId=bbtheme_WAR_bbtheme&minifierType=css&languageId=en_US&b=7402&t=1640266942000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 680
x-xss-protection: 1
last-modified: Thu, 23 Dec 2021 13:02:30 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"322-1640264550000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=315360000
cachetest: 1
cf-ray: 6c488a8fcc91d6c1-FRA
expires: Fri, 26 Dec 2031 05:55:42 GMT

GET
H2 200 RoobertPRO-SemiBold.woff2
zondaglobal.com/o/bb-theme/fonts/ 44 KB
44 KB 25ms
25ms Font
font/woff2 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zondaglobal.com/o/bb-theme/fonts/RoobertPRO-SemiBold.woff2

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/o/bb-theme/css/main.css?browserId=other&themeId=bbtheme_WAR_bbtheme&minifierType=css&languageId=en_US&b=7402&t=1640266942000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e1af3c8c0303ad35b009f33467ed2be33af1b36365860a1a3e921eabbbb75ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://zondaglobal.com/o/bb-theme/css/main.css?browserId=other&themeId=bbtheme_WAR_bbtheme&minifierType=css&languageId=en_US&b=7402&t=1640266942000
Origin: https://zondaglobal.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1621
content-length: 45140
x-xss-protection: 1
last-modified: Thu, 23 Dec 2021 13:02:30 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"45140-1640264550000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=315360000
cachetest: 1
accept-ranges: bytes
cf-ray: 6c488a8fcc93d6c1-FRA
expires: Fri, 26 Dec 2031 05:55:42 GMT

GET
H2 200 icons-07.svg
zondaglobal.com/documents/20124/974585/icons-07.svg/3124c5bb-ac29-5ff7-ff53-306d6d3b7393/ 2 KB
1 KB 86ms
84ms Image
image/svg+xml 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zondaglobal.com/documents/20124/974585/icons-07.svg/3124c5bb-ac29-5ff7-ff53-306d6d3b7393/icons-07.svg?t=1631532927011&download=true

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/en/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c1c860924fafb9eebfc8701ba0d5a916256bdadde41e6460f637431a529400b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4391410
content-disposition: attachment; filename="icons-07.svg"
x-xss-protection: 1
last-modified: Mon, 13 Sep 2021 11:35:27 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=315360000
cachetest: 1
cf-ray: 6c488a8fecb0d6c1-FRA
expires: Wed, 05 Nov 2031 10:05:32 GMT, Fri, 26 Dec 2031 05:55:42 GMT

GET
H2 200 36761ac8-be52-7ad6-c8e1-329215ec4034
zondaglobal.com/documents/20124/974585/icons-12.svg/ 5 KB
3 KB 98ms
97ms Image
image/svg+xml 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zondaglobal.com/documents/20124/974585/icons-12.svg/36761ac8-be52-7ad6-c8e1-329215ec4034?t=1631532927551&download=true

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/en/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a31784adba1ce41cf393075d18257778963b1a23686ab0df042a192e6818ff1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Mon, 13 Sep 2021 11:35:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=315360000, public
content-disposition: attachment; filename="icons-12.svg"
cf-ray: 6c488a8fecb1d6c1-FRA
x-xss-protection: 1
expires: Fri, 26 Dec 2031 05:55:42 +0000

GET
H2 200 bff0c6bf-d52e-5a42-2e67-5e4da8605630
zondaglobal.com/documents/20124/974585/icons-15.svg/ 2 KB
2 KB 96ms
95ms Image
image/svg+xml 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zondaglobal.com/documents/20124/974585/icons-15.svg/bff0c6bf-d52e-5a42-2e67-5e4da8605630?t=1631532927820&download=true

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/en/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18bfc08e011cd5e22efaa33383035017ba45cae222b1b22975c93c2b0dcaeaf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Mon, 13 Sep 2021 11:35:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=315360000, public
content-disposition: attachment; filename="icons-15.svg"
cf-ray: 6c488a8fecb3d6c1-FRA
x-xss-protection: 1
expires: Fri, 26 Dec 2031 05:55:42 +0000

GET
H2 200 Zonda_Homepage_Business_SHAPES.webp
zondaglobal.com/documents/20124/974585/Zonda_Homepage_Business_SHAPES.webp/5739484c-5099-538d-e4dd-976e68c0b91d/ 295 KB
295 KB 88ms
87ms Image
image/webp 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zondaglobal.com/documents/20124/974585/Zonda_Homepage_Business_SHAPES.webp/5739484c-5099-538d-e4dd-976e68c0b91d/Zonda_Homepage_Business_SHAPES.webp?t=1635940023404&download=true

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/en/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f77119e2e81db0163256e3cc102c9e0c2971c30f969b424df1d07f5140d73010

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4390691
content-disposition: attachment; filename="Zonda_Homepage_Business_SHAPES.webp"
content-length: 301820
x-xss-protection: 1
last-modified: Wed, 03 Nov 2021 11:47:03 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 6c488a8fecb4d6c1-FRA
expires: Fri, 26 Dec 2031 05:55:42 GMT

GET
H2 200 Zonda_Homepage_Individual.webp
zondaglobal.com/documents/20124/974585/Zonda_Homepage_Individual.webp/ecf27f4e-bd1d-5823-c544-d0655399a929/ 70 KB
70 KB 85ms
84ms Image
image/webp 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zondaglobal.com/documents/20124/974585/Zonda_Homepage_Individual.webp/ecf27f4e-bd1d-5823-c544-d0655399a929/Zonda_Homepage_Individual.webp?t=1635940050135&download=true

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/en/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

064cf733ed723dc07f2f1e6352fc4e3cd94e6ccbb703e0858ae876dd61cf503f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4391343
content-disposition: attachment; filename="Zonda_Homepage_Individual.webp"
content-length: 71202
x-xss-protection: 1
last-modified: Wed, 03 Nov 2021 11:47:30 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 6c488a8fecb5d6c1-FRA
expires: Fri, 26 Dec 2031 05:55:42 GMT

GET
H2 200 combo.css.js Show response
zondaglobal.com/combo/ 51 KB
18 KB 73ms
72ms Script
text/javascript 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zondaglobal.com/combo/combo.css.js?browserId=other&minifierType=&languageId=en_US&b=7402&t=1640266934698&/o/frontend-js-aui-web/aui/array-extras/array-extras-min.js&/o/frontend-js-aui-web/aui/classnamemanager/classnamemanager-min.js&/o/frontend-js-aui-web/aui/escape/escape-min.js&/o/frontend-js-aui-web/aui/text-data-wordbreak/text-data-wordbreak-min.js&/o/frontend-js-aui-web/aui/text-wordbreak/text-wordbreak-min.js&/o/frontend-js-aui-web/aui/highlight-base/highlight-base-min.js&/o/frontend-js-aui-web/aui/autocomplete-highlighters/autocomplete-highlighters-min.js&/o/frontend-js-aui-web/aui/event-base/event-base-min.js&/o/frontend-js-aui-web/aui/dom-core/dom-core-min.js&/o/frontend-js-aui-web/aui/dom-base/dom-base-min.js&/o/frontend-js-aui-web/aui/selector-native/selector-native-min.js&/o/frontend-js-aui-web/aui/selector/selector-min.js&/o/frontend-js-aui-web/aui/node-core/node-core-min.js&/o/frontend-js-aui-web/aui/dom-style/dom-style-min.js&/o/frontend-js-aui-web/aui/node-base/node-base-min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0181270371f693cff19be64542f10284d839c3620b35c21a39bd58c1769efd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1613
cf-polished: origSize=52323
x-xss-protection: 1
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"b8bb97c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=315360000
cachetest: 1
cf-ray: 6c488a901cd7d6c1-FRA
expires: Fri, 26 Dec 2031 05:55:42 GMT

GET
H2 200 combo.css.js Show response
zondaglobal.com/combo/ 26 KB
9 KB 72ms
71ms Script
text/javascript 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zondaglobal.com/combo/combo.css.js?browserId=other&minifierType=&languageId=en_US&b=7402&t=1640266934698&/o/frontend-js-aui-web/aui/event-delegate/event-delegate-min.js&/o/frontend-js-aui-web/aui/node-event-delegate/node-event-delegate-min.js&/o/frontend-js-aui-web/aui/pluginhost-base/pluginhost-base-min.js&/o/frontend-js-aui-web/aui/pluginhost-config/pluginhost-config-min.js&/o/frontend-js-aui-web/aui/node-pluginhost/node-pluginhost-min.js&/o/frontend-js-aui-web/aui/dom-screen/dom-screen-min.js&/o/frontend-js-aui-web/aui/node-screen/node-screen-min.js&/o/frontend-js-aui-web/aui/node-style/node-style-min.js&/o/frontend-js-aui-web/aui/intl/intl-min.js&/o/frontend-js-aui-web/aui/autocomplete-list/lang/autocomplete-list_en.js&/o/frontend-js-aui-web/aui/base-core/base-core-min.js&/o/frontend-js-aui-web/aui/base-observable/base-observable-min.js&/o/frontend-js-aui-web/aui/base-base/base-base-min.js&/o/frontend-js-aui-web/aui/base-build/base-build-min.js&/o/frontend-js-aui-web/aui/event-synthetic/event-synthetic-min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

542c88650971dd1f66e7cab581a8721f0992ebee60b00d2f7b436a55af8d68d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1613
cf-polished: origSize=26437
x-xss-protection: 1
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"b75e7337"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=315360000
cachetest: 1
cf-ray: 6c488a901cdbd6c1-FRA
expires: Fri, 26 Dec 2031 05:55:42 GMT

GET
H2 200 combo.css.js Show response
zondaglobal.com/combo/ 34 KB
12 KB 72ms
71ms Script
text/javascript 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zondaglobal.com/combo/combo.css.js?browserId=other&minifierType=&languageId=en_US&b=7402&t=1640266934698&/o/frontend-js-aui-web/aui/event-focus/event-focus-min.js&/o/frontend-js-aui-web/aui/event-valuechange/event-valuechange-min.js&/o/frontend-js-aui-web/aui/autocomplete-base/autocomplete-base-min.js&/o/frontend-js-aui-web/aui/event-resize/event-resize-min.js&/o/frontend-js-aui-web/aui/selector-css2/selector-css2-min.js&/o/frontend-js-aui-web/aui/selector-css3/selector-css3-min.js&/o/frontend-js-aui-web/aui/shim-plugin/shim-plugin-min.js&/o/frontend-js-aui-web/aui/base-pluginhost/base-pluginhost-min.js&/o/frontend-js-aui-web/aui/widget-base/widget-base-min.js&/o/frontend-js-aui-web/aui/widget-htmlparser/widget-htmlparser-min.js&/o/frontend-js-aui-web/aui/widget-skin/widget-skin-min.js&/o/frontend-js-aui-web/aui/widget-uievents/widget-uievents-min.js&/o/frontend-js-aui-web/aui/widget-position/widget-position-min.js&/o/frontend-js-aui-web/aui/widget-position-align/widget-position-align-min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08a5b4640ae47597411474baea7eceacd3f8836f2a62f4b67415d6d00b007cb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1613
cf-polished: origSize=34561
x-xss-protection: 1
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"95c7899c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=315360000
cachetest: 1
cf-ray: 6c488a901cdcd6c1-FRA
expires: Fri, 26 Dec 2031 05:55:42 GMT

GET
H2 200 combo.css.js Show response
zondaglobal.com/combo/ 29 KB
11 KB 71ms
70ms Script
text/javascript 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zondaglobal.com/combo/combo.css.js?browserId=other&minifierType=&languageId=en_US&b=7402&t=1640266934698&/o/frontend-js-aui-web/aui/autocomplete-list/autocomplete-list-min.js&/o/frontend-js-aui-web/aui/yui-throttle/yui-throttle-min.js&/o/frontend-js-aui-web/aui/aui-classnamemanager/aui-classnamemanager-min.js&/o/frontend-js-aui-web/aui/aui-debounce/aui-debounce-min.js&/o/frontend-js-aui-web/aui/aui-node-base/aui-node-base-min.js&/o/frontend-js-aui-web/aui/querystring-stringify-simple/querystring-stringify-simple-min.js&/o/frontend-js-aui-web/aui/io-base/io-base-min.js&/o/frontend-js-aui-web/aui/json-parse/json-parse-min.js&/o/frontend-js-aui-web/aui/json-stringify/json-stringify-min.js&/o/frontend-js-aui-web/aui/plugin/plugin-min.js&/o/frontend-js-aui-web/aui/querystring-stringify/querystring-stringify-min.js&/o/frontend-js-aui-web/aui/aui-widget-cssclass/aui-widget-cssclass-min.js&/o/frontend-js-aui-web/aui/aui-widget-toggle/aui-widget-toggle-min.js&/o/frontend-js-aui-web/aui/aui-component/aui-component-min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a393e91d4372b7e4db96d31f867a3ecdd9f82a42ca3969dd46f2d28fbd5aa2cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1613
cf-polished: origSize=29624
x-xss-protection: 1
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"55ef5802"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=315360000
cachetest: 1
cf-ray: 6c488a901cddd6c1-FRA
expires: Fri, 26 Dec 2031 05:55:42 GMT

GET
H2 200 combo.css.js Show response
zondaglobal.com/combo/ 19 KB
7 KB 84ms
83ms Script
text/javascript 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zondaglobal.com/combo/combo.css.js?browserId=other&minifierType=&languageId=en_US&b=7402&t=1640266934698&/o/frontend-js-aui-web/aui/aui-io-request/aui-io-request-min.js&/o/frontend-js-aui-web/aui/event-mousewheel/event-mousewheel-min.js&/o/frontend-js-aui-web/aui/event-mouseenter/event-mouseenter-min.js&/o/frontend-js-aui-web/aui/event-key/event-key-min.js&/o/frontend-js-aui-web/aui/event-hover/event-hover-min.js&/o/frontend-js-aui-web/aui/event-outside/event-outside-min.js&/o/frontend-js-aui-web/aui/event-touch/event-touch-min.js&/o/frontend-js-aui-web/aui/event-move/event-move-min.js&/o/frontend-js-aui-web/aui/event-flick/event-flick-min.js&/o/frontend-js-aui-web/aui/event-tap/event-tap-min.js&/o/frontend-js-aui-web/aui/autocomplete-filters/autocomplete-filters-min.js&/o/frontend-js-aui-web/aui/autocomplete-list-keys/autocomplete-list-keys-min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3999582fb177425b731c07e225b747c4caa2dffc4b4a955909c8a7c917c03b4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=19603
x-xss-protection: 1
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"ff1dcc63"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=315360000
cachetest: 1
cf-ray: 6c488a901cded6c1-FRA
expires: Fri, 26 Dec 2031 05:55:42 GMT

GET
H2 200 RoobertPRO-Light.woff2
zondaglobal.com/o/bb-theme/fonts/ 41 KB
41 KB 68ms
68ms Font
font/woff2 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zondaglobal.com/o/bb-theme/fonts/RoobertPRO-Light.woff2

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/o/bb-theme/css/main.css?browserId=other&themeId=bbtheme_WAR_bbtheme&minifierType=css&languageId=en_US&b=7402&t=1640266942000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1e91e2509442f202aed6069ff83f8a517a59f89988b6530eff4ce7c05cccee2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Referer: https://zondaglobal.com/o/bb-theme/css/main.css?browserId=other&themeId=bbtheme_WAR_bbtheme&minifierType=css&languageId=en_US&b=7402&t=1640266942000
Origin: https://zondaglobal.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1562
content-length: 41984
x-xss-protection: 1
last-modified: Thu, 23 Dec 2021 13:02:30 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"41984-1640264550000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
cache-control: public, max-age=315360000
cachetest: 1
accept-ranges: bytes
cf-ray: 6c488a903cfbd6c1-FRA
expires: Fri, 26 Dec 2031 05:55:42 GMT

GET
H2 200 Zonda_iPhone.webp
zondaglobal.com/documents/20124/2170440/Zonda_iPhone.webp/a83225ad-d045-8509-6122-66ebfe1449fd/ 80 KB
80 KB 63ms
62ms Image
image/webp 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zondaglobal.com/documents/20124/2170440/Zonda_iPhone.webp/a83225ad-d045-8509-6122-66ebfe1449fd/Zonda_iPhone.webp?t=1634646996655&download=true

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/en/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4fe606ebab4f03ee6627173de7801f8e3ef11c1d6bce3d1b8c6827ce0e4f77b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4391342
content-disposition: attachment; filename="Zonda_iPhone.webp"
content-length: 81522
x-xss-protection: 1
last-modified: Tue, 19 Oct 2021 12:36:36 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 6c488a903cfcd6c1-FRA
expires: Fri, 26 Dec 2031 05:55:42 GMT

GET
H2 200 18bb30ed-8ea5-d8d4-1a20-3a9fee293f4c
zondaglobal.com/documents/20124/974585/Badge+iOS.svg/ 18 KB
7 KB 73ms
73ms Image
image/svg+xml 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zondaglobal.com/documents/20124/974585/Badge+iOS.svg/18bb30ed-8ea5-d8d4-1a20-3a9fee293f4c?t=1631532925106&download=true

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/en/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee1853b52df46148fffb5587553c8b2d373b857f6aba39ff01acf545acdd9140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Mon, 13 Sep 2021 11:35:25 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=315360000, public
content-disposition: attachment; filename="Badge iOS.svg"
cf-ray: 6c488a903cfdd6c1-FRA
x-xss-protection: 1
expires: Fri, 26 Dec 2031 05:55:42 +0000

GET
H2 200 0ae09436-4fc4-2080-876a-2d3ff67d41c4
zondaglobal.com/documents/20124/974585/Badge+Android.svg/ 21 KB
7 KB 71ms
71ms Image
image/svg+xml 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zondaglobal.com/documents/20124/974585/Badge+Android.svg/0ae09436-4fc4-2080-876a-2d3ff67d41c4?t=1631532924533&download=true

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/en/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fefd17a9062726a9c02460ed30686daf1aec3f454bbc26097cbcf60ab1692b1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Mon, 13 Sep 2021 11:35:24 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=315360000, public
content-disposition: attachment; filename="Badge Android.svg"
cf-ray: 6c488a903cfed6c1-FRA
x-xss-protection: 1
expires: Fri, 26 Dec 2031 05:55:42 +0000

GET
H2 200 7881fdb2-b75e-d9b0-58ed-878728f4c1f2
zondaglobal.com/documents/20124/2360329/dostepnosc+webp+en.webp/ 36 KB
37 KB 71ms
71ms Image
image/webp 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zondaglobal.com/documents/20124/2360329/dostepnosc+webp+en.webp/7881fdb2-b75e-d9b0-58ed-878728f4c1f2?t=1640250902644

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/en/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55686b9ff53fb46c9d6774894b64d28377d4d4b8d8a1b5f09ca7ce323fe65e6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Thu, 23 Dec 2021 09:15:02 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: image/webp
cache-control: max-age=315360000, public
content-disposition: attachment; filename="dostepnosc webp en.webp"
cf-ray: 6c488a903cffd6c1-FRA
content-length: 37136
x-xss-protection: 1
expires: Fri, 26 Dec 2031 05:55:42 +0000

GET
H2 200 combo.css.js Show response
zondaglobal.com/combo/ 4 KB
1 KB 61ms
60ms Script
text/javascript 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zondaglobal.com/combo/combo.css.js?browserId=other&minifierType=&languageId=en_US&b=7402&t=1640266934698&/o/js/resolved-module/@liferay/frontend-js-state-web@1.0.5/SubscriberMap.js&/o/js/resolved-module/@liferay/frontend-js-state-web@1.0.5/deepFreeze.js&/o/js/resolved-module/@liferay/frontend-js-state-web@1.0.5/State.js

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/o/frontend-js-loader-modules-extender/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a21e7bf2c1a605147d69f01ec8e639c8932a860bcb27db2f681d7b11f1464c1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1613
cf-polished: origSize=4516
x-xss-protection: 1
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"3415c52f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=315360000
cachetest: 1
cf-ray: 6c488a903d00d6c1-FRA
expires: Fri, 26 Dec 2031 05:55:42 GMT

GET
H2 200 currencies Show response
zondaglobal.com/o/configuration/ 12 KB
4 KB 69ms
69ms Fetch
application/json 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zondaglobal.com/o/configuration/currencies

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/o/bb-theme/js/storageInitialization.js?t=1640266950593

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6635f653d962cb416c47f50acd3f12d6634e6f7cc04a2e6172e6fc23462b133d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Tue, 28 Dec 2021 05:15:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/json
cache-control: public, max-age=1800
cf-ray: 6c488a903d02d6c1-FRA
vary: Accept-Encoding
x-xss-protection: 1
expires: Tue, 28 Dec 2021 06:25:42 GMT

GET
H2 200 currency Show response
zondaglobal.com/o/configuration/language/ 114 B
175 B 66ms
65ms Fetch
application/json 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zondaglobal.com/o/configuration/language/currency

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/o/bb-theme/js/storageInitialization.js?t=1640266950593

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fea555e8b0d35bb8642ec537e493dcf88340df37446a5b6a4624b262d7bfcbf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
last-modified: Tue, 28 Dec 2021 05:15:26 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/json
cache-control: public, max-age=1800
cf-ray: 6c488a903d03d6c1-FRA
vary: Accept-Encoding
x-xss-protection: 1
expires: Tue, 28 Dec 2021 06:25:42 GMT

GET
H2 200 promoted Show response
zondaglobal.com/o/configuration/currencies/ 37 B
179 B 60ms
59ms Fetch
application/json 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zondaglobal.com/o/configuration/currencies/promoted

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/o/bb-theme/js/storageInitialization.js?t=1640266950593

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

412d4a4ef61edeb1f8a919e757335fb9a99fe77a7e246977ea34464b9e3e9f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1402
content-length: 37
x-xss-protection: 1
last-modified: Tue, 28 Dec 2021 05:32:20 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
cache-control: public, max-age=1800
accept-ranges: bytes
cf-ray: 6c488a903d04d6c1-FRA
expires: Tue, 28 Dec 2021 06:25:42 GMT

GET
H2 200 ticker Show response
api.zonda.exchange/rest/trading/ 52 KB
8 KB 135ms
77ms Fetch
application/json 104.18.25.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.zonda.exchange/rest/trading/ticker
Requested by: Host: zondaglobal.com
URL: https://zondaglobal.com/o/bb-theme/js/storageInitialization.js?t=1640266950593
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fcc440df8665b6a80addaf89c865a2a7de439db15b9d4d517c3b4b61814dbf22

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
via: 1.1 varnish (Varnish/5.2), 1.1 varnish (Varnish/5.2)
cf-cache-status: DYNAMIC
age: 0
cf-ray: 6c488a908e196977-FRA
x-cache: hit
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE,PATCH
x-varnish: 1055273868 1064736981, 1053089654 1060970377
access-control-allow-origin: https://zondaglobal.com
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,operation-id,captcha,googleauthenticatorchangecode,googleauthenticatorchangetoken,googleauthenticatorchangeconfirmationtoken,twofactorauthtoken,jwt,fid,authid,unlocktoken,dev-maintenance,user-id,email,language,limit,offset,request-source,thmep-s-id

GET
H2 200 stats Show response
api.zonda.exchange/rest/trading/ 17 KB
6 KB 120ms
63ms Fetch
application/json 104.18.25.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.zonda.exchange/rest/trading/stats
Requested by: Host: zondaglobal.com
URL: https://zondaglobal.com/o/bb-theme/js/storageInitialization.js?t=1640266950593
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28663a027d16f6d78f1d6ddf57b533a4874c23c1d3ccea385272ad39c99e5708

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
via: 1.1 varnish (Varnish/5.2), 1.1 varnish (Varnish/5.2)
cf-cache-status: DYNAMIC
age: 0
cf-ray: 6c488a908e1b6977-FRA
x-cache: hit
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE,PATCH
x-varnish: 1047806177, 608548431 613553702
access-control-allow-origin: https://zondaglobal.com
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,operation-id,captcha,googleauthenticatorchangecode,googleauthenticatorchangetoken,googleauthenticatorchangeconfirmationtoken,twofactorauthtoken,jwt,fid,authid,unlocktoken,dev-maintenance,user-id,email,language,limit,offset,request-source,thmep-s-id

GET
H2 200 status Show response
api.zonda.exchange/rest/router2/ 16 B
75 B 125ms
68ms Fetch
application/json 104.18.25.204
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.zonda.exchange/rest/router2/status
Requested by: Host: zondaglobal.com
URL: https://zondaglobal.com/o/bb-theme/js/storageInitialization.js?t=1640266950593
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.204 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af637968f5cae9b4fb3842fb632f6ffe38e938fd25ad15120fe62d4fa30aebdb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-allow-methods: GET,POST,OPTIONS,PUT,DELETE,PATCH
content-type: application/json
access-control-allow-origin: https://zondaglobal.com
access-control-allow-credentials: true
cf-ray: 6c488a908e1c6977-FRA
access-control-allow-headers: Authorization,Accept,Origin,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,operation-id,captcha,googleauthenticatorchangecode,googleauthenticatorchangetoken,googleauthenticatorchangeconfirmationtoken,twofactorauthtoken,jwt,fid,authid,unlocktoken,dev-maintenance,user-id,email,language,limit,offset,request-source,thmep-s-id
content-length: 16

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 53ms
19ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-59N6WTZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3276
date: Tue, 28 Dec 2021 05:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 28 Dec 2021 07:01:06 GMT

GET
H2

200

activityi;dc_pre=CICC-sXnhfUCFUsO0wods9IKHA;src=11067916;type=bite00;cat=lp_zo0;ord=7094546056878;gtm=2wgc10;auiddc=1286076809.1640670943;ps=1;~oref=https%3A%2F%2Fzondaglobal.com%2Fen%2Fhome Show response
11067916.fls.doubleclick.net/ Frame A082
Redirect Chain

https://11067916.fls.doubleclick.net/activityi;src=11067916;type=bite00;cat=lp_zo0;ord=7094546056878;gtm=2wgc10;auiddc=1286076809.1640670943;ps=1;~oref=https%3A%2F%2Fzondaglobal.com%2Fen%2Fhome?
https://11067916.fls.doubleclick.net/activityi;dc_pre=CICC-sXnhfUCFUsO0wods9IKHA;src=11067916;type=bite00;cat=lp_zo0;ord=7094546056878;gtm=2wgc10;auiddc=1286076809.1640670943;ps=1;~oref=https%3A%2F...

1 KB
1 KB

21ms
21ms

Document
text/html

172.217.18.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://11067916.fls.doubleclick.net/activityi;dc_pre=CICC-sXnhfUCFUsO0wods9IKHA;src=11067916;type=bite00;cat=lp_zo0;ord=7094546056878;gtm=2wgc10;auiddc=1286076809.1640670943;ps=1;~oref=https%3A%2F%2Fzondaglobal.com%2Fen%2Fhome?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-59N6WTZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s05-in-f102.1e100.net

Software

cafe /

Resource Hash

ea8722b798ebcffb7c2153bd508a31d7636551afadddbd33a2db2d6243f6cea8

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 28 Dec 2021 05:55:42 GMT
expires: Tue, 28 Dec 2021 05:55:42 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 729
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 28 Dec 2021 05:55:42 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://11067916.fls.doubleclick.net/activityi;dc_pre=CICC-sXnhfUCFUsO0wods9IKHA;src=11067916;type=bite00;cat=lp_zo0;ord=7094546056878;gtm=2wgc10;auiddc=1286076809.1640670943;ps=1;~oref=https%3A%2F%2Fzondaglobal.com%2Fen%2Fhome?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/
Redirect Chain

https://track.adform.net/serving/scripts/trackpoint/async/
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

79 KB
28 KB

193ms
33ms

Script
application/x-javascript

37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: zondaglobal.com
URL: https://zondaglobal.com/en/home
Protocol: H2
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 0b6ee815005e308fb4ed57e68792ac193f50b8228669a96e74fd143ceb09660e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 09:57:01 GMT
server: nginx
etag: W/"613888ed-13bd1"
x-cache-status: HIT
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
content-type: application/x-javascript

Redirect headers

location: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date: Tue, 28 Dec 2021 05:55:42 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/html

GET
H2 200 activityi;register_conversion=1;src=11067916;type=bite00;cat=lp_zo0;ord=7094546056878;gtm=2wgc10;auiddc=1286076809.1640670943;ps=1;~oref=https%3A%2F%2Fzondaglobal.com%2Fen%2Fhome
11067916.fls.doubleclick.net/ 0
0 90ms
15ms Image
text/html 172.217.18.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://11067916.fls.doubleclick.net/activityi;register_conversion=1;src=11067916;type=bite00;cat=lp_zo0;ord=7094546056878;gtm=2wgc10;auiddc=1286076809.1640670943;ps=1;~oref=https%3A%2F%2Fzondaglobal.com%2Fen%2Fhome?
Requested by: Host: zondaglobal.com
URL: https://zondaglobal.com/en/home
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.18.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: zrh04s05-in-f102.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2 200 js_resolve_modules Show response
zondaglobal.com/o/ 397 B
207 B 53ms
48ms Fetch
application/json 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zondaglobal.com/o/js_resolve_modules?modules=carousel-initializer%401.0.2

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/o/frontend-js-loader-modules-extender/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89a1d582187ba54f05cb0aa8ed5449f9f82693f68af91213f1d3d454974f05da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
server: cloudflare
etag: W/"f45610ec-0b47-4cf8-84dc-22a7fdeb2554"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8
cache-control: public, max-age=1800
cf-ray: 6c488a909d53d6c1-FRA
vary: Accept-Encoding
x-xss-protection: 1
expires: Tue, 28 Dec 2021 06:25:42 GMT

GET
H2 200 js_resolve_modules Show response
zondaglobal.com/o/ 397 B
300 B 52ms
46ms Fetch
application/json 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zondaglobal.com/o/js_resolve_modules?modules=carousel-initializer%401.0.2

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/o/frontend-js-loader-modules-extender/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89a1d582187ba54f05cb0aa8ed5449f9f82693f68af91213f1d3d454974f05da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
server: cloudflare
etag: W/"f45610ec-0b47-4cf8-84dc-22a7fdeb2554"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8
cache-control: public, max-age=1800
cf-ray: 6c488a909d56d6c1-FRA
vary: Accept-Encoding
x-xss-protection: 1
expires: Tue, 28 Dec 2021 06:25:42 GMT

GET
H2 200 js_resolve_modules Show response
zondaglobal.com/o/ 20 KB
2 KB 56ms
50ms Fetch
application/json 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zondaglobal.com/o/js_resolve_modules?modules=frontend-js-web%2Fliferay%2Fdelegate%2Fdelegate.es%2Cfrontend-js-web%2Fliferay%2Ftoast%2Fcommands%2FOpenToast.es

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/o/frontend-js-loader-modules-extender/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fbc9717bda28a4fbdf32f4d2f21c6ab7aebc4da3926005e0b1dd65c483c05939

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
server: cloudflare
etag: W/"f45610ec-0b47-4cf8-84dc-22a7fdeb2554"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8
cache-control: public, max-age=1800
cf-ray: 6c488a909d5cd6c1-FRA
vary: Accept-Encoding
x-xss-protection: 1
expires: Tue, 28 Dec 2021 06:25:42 GMT

GET
H2 200 js_resolve_modules Show response
zondaglobal.com/o/ 78 KB
7 KB 53ms
49ms Fetch
application/json 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zondaglobal.com/o/js_resolve_modules?modules=remote-app-support-web%402.0.3%2Findex

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/o/frontend-js-loader-modules-extender/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

40ee5bfc1c0bae68c1be2fdd171d2f7c2560957d1c0f562aa78d631e0e1e72c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
server: cloudflare
etag: W/"f45610ec-0b47-4cf8-84dc-22a7fdeb2554"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8
cache-control: public, max-age=1800
cf-ray: 6c488a909d5ed6c1-FRA
vary: Accept-Encoding
x-xss-protection: 1
expires: Tue, 28 Dec 2021 06:25:42 GMT

GET
H2 200 js_resolve_modules Show response
zondaglobal.com/o/ 78 KB
7 KB 51ms
48ms Fetch
application/json 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zondaglobal.com/o/js_resolve_modules?modules=frontend-js-alert-support-web%402.0.3%2Findex

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/o/frontend-js-loader-modules-extender/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8967d2ee7184bdd19ccf15590af635cd6ac1f8ebfdcf047b74e5bf45c382ec63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
server: cloudflare
etag: W/"f45610ec-0b47-4cf8-84dc-22a7fdeb2554"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8
cache-control: public, max-age=1800
cf-ray: 6c488a909d60d6c1-FRA
vary: Accept-Encoding
x-xss-protection: 1
expires: Tue, 28 Dec 2021 06:25:42 GMT

GET
H2 200 js_resolve_modules Show response
zondaglobal.com/o/ 25 KB
2 KB 62ms
59ms Fetch
application/json 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zondaglobal.com/o/js_resolve_modules?modules=frontend-js-tooltip-support-web%404.0.6%2Findex

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/o/frontend-js-loader-modules-extender/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65cd5474836015c29a472b0d183f967095b6e9e0df41ae229e59b97382ebdc2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
server: cloudflare
etag: W/"f45610ec-0b47-4cf8-84dc-22a7fdeb2554"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8
cache-control: public, max-age=1800
cf-ray: 6c488a909d61d6c1-FRA
vary: Accept-Encoding
x-xss-protection: 1
expires: Tue, 28 Dec 2021 06:25:42 GMT

GET
H2 200 js_resolve_modules Show response
zondaglobal.com/o/ 79 KB
7 KB 50ms
47ms Fetch
application/json 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zondaglobal.com/o/js_resolve_modules?modules=frontend-js-dropdown-support-web%402.0.3%2Findex

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/o/frontend-js-loader-modules-extender/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54fa53f16edf3be75aa9f24219447255a67d928d6fa16e9ae2353e06d2d1f956

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
server: cloudflare
etag: W/"f45610ec-0b47-4cf8-84dc-22a7fdeb2554"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8
cache-control: public, max-age=1800
cf-ray: 6c488a909d62d6c1-FRA
vary: Accept-Encoding
x-xss-protection: 1
expires: Tue, 28 Dec 2021 06:25:42 GMT

GET
H2 200 js_resolve_modules Show response
zondaglobal.com/o/ 78 KB
7 KB 51ms
48ms Fetch
application/json 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zondaglobal.com/o/js_resolve_modules?modules=frontend-js-collapse-support-web%402.0.3%2Findex

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/o/frontend-js-loader-modules-extender/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0697b8ab081118b72804fe4ea3f787df160586b1579920bee9b1344611b988dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
server: cloudflare
etag: W/"f45610ec-0b47-4cf8-84dc-22a7fdeb2554"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8
cache-control: public, max-age=1800
cf-ray: 6c488a909d63d6c1-FRA
vary: Accept-Encoding
x-xss-protection: 1
expires: Tue, 28 Dec 2021 06:25:42 GMT

GET
H2 200 js_resolve_modules Show response
zondaglobal.com/o/ 78 KB
7 KB 52ms
50ms Fetch
application/json 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zondaglobal.com/o/js_resolve_modules?modules=frontend-js-tabs-support-web%402.0.4%2Findex

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/o/frontend-js-loader-modules-extender/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f92fac5680b5b3e1556da5af56cf8df5672b42404d786131743235b879bbdac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: EXPIRED
server: cloudflare
etag: W/"f45610ec-0b47-4cf8-84dc-22a7fdeb2554"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8
cache-control: public, max-age=1800
cf-ray: 6c488a909d64d6c1-FRA
vary: Accept-Encoding
x-xss-protection: 1
expires: Tue, 28 Dec 2021 06:25:42 GMT

GET
H2 200 tracking.js Show response
cdn.livechatinc.com/ 77 KB
23 KB 96ms
18ms Script
application/javascript 2.16.186.211
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/tracking.js
Requested by: Host: zondaglobal.com
URL: https://zondaglobal.com/en/home
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-211.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: b14adadd97d94aa65355a6400c3b9c608bc2430087587d45af15de8dfa21bc47

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: gz.65dWx.eUyoeEQiyyeO7i.IC7ymHeN
content-encoding: br
last-modified: Wed, 22 Dec 2021 09:05:39 GMT
server: AmazonS3
x-amz-cf-pop: KIX56-C2
etag: W/"4c2378f3295ef05819348611928d5cc6"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=28800
date: Tue, 28 Dec 2021 05:55:42 GMT
content-length: 23539
x-amz-cf-id: 2RqjXM1K7vJpj3Pju53ZSHsxQiYToXSvGGw2QirhfNjlFqczxSZ8Nw==
expires: Tue, 28 Dec 2021 13:55:42 GMT

GET
H2 200 MagnifyingGlass.svg
zondaglobal.com/o/bb-theme/images/icons/systems_devices/ 441 B
335 B 18ms
18ms Image
image/svg+xml 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zondaglobal.com/o/bb-theme/images/icons/systems_devices/MagnifyingGlass.svg

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/o/bb-theme/css/main.css?browserId=other&themeId=bbtheme_WAR_bbtheme&minifierType=css&languageId=en_US&b=7402&t=1640266942000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9a96c5d5100e711c91f69b5274a902ab65754f18407a26f89b1fbf75ee751b09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/o/bb-theme/css/main.css?browserId=other&themeId=bbtheme_WAR_bbtheme&minifierType=css&languageId=en_US&b=7402&t=1640266942000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1547
x-xss-protection: 1
last-modified: Thu, 23 Dec 2021 13:02:30 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"441-1640264550000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=315360000
cachetest: 1
cf-ray: 6c488a90fda6d6c1-FRA
expires: Fri, 26 Dec 2031 05:55:42 GMT

GET
H2 200 combo.css.js Show response
zondaglobal.com/combo/ 2 KB
930 B 21ms
21ms Script
text/javascript 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zondaglobal.com/combo/combo.css.js?browserId=other&minifierType=&languageId=en_US&b=7402&t=1640266934698&/o/frontend-js-aui-web/aui/aui-timer/aui-timer-min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed9ff1969808360d46add96943546fbbdfc9d0164a31ec1a67bb55ed3ba74422

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1613
cf-polished: origSize=2054
x-xss-protection: 1
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"758fa775"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=315360000
cachetest: 1
cf-ray: 6c488a90fda9d6c1-FRA
expires: Fri, 26 Dec 2031 05:55:42 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
206 B 15ms
14ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=908411249&t=pageview&_s=1&dl=https%3A%2F%2Fzondaglobal.com%2Fen%2Fhome&dr=https%3A%2F%2Fauth.bitbay.net%2F&ul=en-us&de=UTF-8&dt=Zonda%3A%20Buy%20%26%20Sell%20Bitcoin%20and%20Altcoins%20on%20trusted%20Crypto%20Exchange%20-%20Zonda&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAAC~&jid=724847863&gjid=1584702854&cid=1711601758.1640670943&tid=UA-57643029-8&_gid=1757827604.1640670943&_r=1&gtm=2wgc1059N6WTZ&z=114731519

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://zondaglobal.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 05:55:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://zondaglobal.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 combo.css.js Show response
zondaglobal.com/combo/ 2 KB
742 B 24ms
24ms Script
text/javascript 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zondaglobal.com/combo/combo.css.js?browserId=other&minifierType=&languageId=en_US&b=7402&t=1640266934698&/o/js/resolved-module/carousel-initializer@1.0.2/index.js

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/o/frontend-js-loader-modules-extender/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1b7f9e6a780f7577c5207307554c1fc3809b8324ef4a06ea973dee4c2ef15be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1613
cf-polished: origSize=2912
x-xss-protection: 1
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"c3acc693"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=315360000
cachetest: 1
cf-ray: 6c488a911dc6d6c1-FRA
expires: Fri, 26 Dec 2031 05:55:42 GMT

GET
H2 200 combo.css.js Show response
zondaglobal.com/combo/ 43 KB
13 KB 540ms
537ms Script
text/javascript 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zondaglobal.com/combo/combo.css.js?browserId=other&minifierType=&languageId=en_US&b=7402&t=1640266934698&/o/js/resolved-module/frontend-js-dropdown-support-web$dom-align@1.10.4/dist-node/index.js&/o/js/resolved-module/frontend-js-web@5.0.8/liferay/aop/AOP.es.js&/o/js/resolved-module/frontend-js-web@5.0.8/liferay/autosize/autosize.es.js&/o/js/resolved-module/frontend-js-web@5.0.8/liferay/debounce/debounce.es.js&/o/js/resolved-module/frontend-js-web@5.0.8/liferay/delegate/delegate.es.js&/o/js/resolved-module/frontend-js-web@5.0.8/liferay/util/is_object.js&/o/js/resolved-module/frontend-js-web@5.0.8/liferay/util/form/object_to_form_data.es.js&/o/js/resolved-module/frontend-js-web@5.0.8/liferay/util/form/get_form_element.es.js&/o/js/resolved-module/frontend-js-web@5.0.8/liferay/util/form/set_form_values.es.js&/o/js/resolved-module/frontend-js-web@5.0.8/liferay/util/form/post_form.es.js&/o/js/resolved-module/frontend-js-web@5.0.8/liferay/breakpoints.js&/o/js/resolved-module/frontend-js-metal-web$metal@2.16.8/lib/coreNamed.js&/o/js/resolved-module/frontend-js-metal-web$metal@2.16.8/lib/core.js&/o/js/resolved-module/frontend-js-metal-web$metal@2.16.8/lib/array/array.js&/o/js/resolved-module/frontend-js-metal-web$metal@2.16.8/lib/async/async.js&/o/js/resolved-module/frontend-js-metal-web$metal@2.16.8/lib/disposable/Disposable.js&/o/js/resolved-module/frontend-js-metal-web$metal@2.16.8/lib/object/object.js&/o/js/resolved-module/frontend-js-metal-web$metal@2.16.8/lib/string/string.js&/o/js/resolved-module/frontend-js-metal-web$metal@2.16.8/lib/metal.js&/o/js/resolved-module/frontend-js-metal-web$metal-state@2.16.8/lib/validators.js&/o/js/resolved-module/frontend-js-metal-web$metal-state@2.16.8/lib/Config.js&/o/js/resolved-module/frontend-js-metal-web$metal-events@2.16.8/lib/EventHandle.js&/o/js/resolved-module/frontend-js-metal-web$metal-events@2.16.8/lib/EventEmitter.js&/o/js/resolved-module/frontend-js-metal-web$metal-events@2.16.8/lib/EventEmitterProxy.js

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/o/frontend-js-loader-modules-extender/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4446743f5fa3a720f527cf75ef45e593aa0eb3815bdb39f1460481a008edd764

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=45315
x-xss-protection: 1
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"9de297c4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
cache-control: public, max-age=315360000
cachetest: 1
cf-ray: 6c488a912dd5d6c1-FRA
expires: Fri, 26 Dec 2031 05:55:43 GMT

GET
H2 200 combo.css.js Show response
zondaglobal.com/combo/ 48 KB
11 KB 518ms
515ms Script
text/javascript 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zondaglobal.com/combo/combo.css.js?browserId=other&minifierType=&languageId=en_US&b=7402&t=1640266934698&/o/js/resolved-module/frontend-js-metal-web$metal-events@2.16.8/lib/EventHandler.js&/o/js/resolved-module/frontend-js-metal-web$metal-events@2.16.8/lib/events.js&/o/js/resolved-module/frontend-js-metal-web$metal-state@2.16.8/lib/State.js&/o/js/resolved-module/frontend-js-metal-web$metal-state@2.16.8/lib/all/state.js&/o/js/resolved-module/frontend-js-web@5.0.8/liferay/CompatibilityEventProxy.es.js&/o/js/resolved-module/frontend-js-metal-web$metal-component@2.16.8/lib/events/events.js&/o/js/resolved-module/frontend-js-metal-web$metal-component@2.16.8/lib/sync/sync.js&/o/js/resolved-module/frontend-js-metal-web$metal-dom@2.16.8/lib/domData.js&/o/js/resolved-module/frontend-js-metal-web$metal-dom@2.16.8/lib/DomDelegatedEventHandle.js&/o/js/resolved-module/frontend-js-metal-web$metal-dom@2.16.8/lib/DomEventHandle.js&/o/js/resolved-module/frontend-js-metal-web$metal-dom@2.16.8/lib/domNamed.js&/o/js/resolved-module/frontend-js-metal-web$metal-dom@2.16.8/lib/dom.js&/o/js/resolved-module/frontend-js-metal-web$metal-dom@2.16.8/lib/DomEventEmitterProxy.js&/o/js/resolved-module/frontend-js-metal-web$metal-dom@2.16.8/lib/features.js&/o/js/resolved-module/frontend-js-metal-web$metal-dom@2.16.8/lib/globalEval.js&/o/js/resolved-module/frontend-js-metal-web$metal-dom@2.16.8/lib/globalEvalStyles.js&/o/js/resolved-module/frontend-js-metal-web$metal-dom@2.16.8/lib/events.js&/o/js/resolved-module/frontend-js-metal-web$metal-dom@2.16.8/lib/all/dom.js&/o/js/resolved-module/frontend-js-metal-web$metal-component@2.16.8/lib/ComponentDataManager.js&/o/js/resolved-module/frontend-js-metal-web$metal-component@2.16.8/lib/ComponentRenderer.js&/o/js/resolved-module/frontend-js-metal-web$metal-component@2.16.8/lib/Component.js&/o/js/resolved-module/frontend-js-metal-web$metal-component@2.16.8/lib/ComponentRegistry.js&/o/js/resolved-module/frontend-js-metal-web$metal-component@2.16.8/lib/all/component.js

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/o/frontend-js-loader-modules-extender/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8dc1d9272fe8d16576920b5a1169473cdebca4a420ec90505fb0e4f59271dd5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=50086
x-xss-protection: 1
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"69e17e8f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
cache-control: public, max-age=315360000
cachetest: 1
cf-ray: 6c488a912dd7d6c1-FRA
expires: Fri, 26 Dec 2031 05:55:43 GMT

GET
H2 200 combo.css.js Show response
zondaglobal.com/combo/ 149 KB
46 KB 553ms
550ms Script
text/javascript 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zondaglobal.com/combo/combo.css.js?browserId=other&minifierType=&languageId=en_US&b=7402&t=1640266934698&/o/js/resolved-module/frontend-js-web@5.0.8/liferay/PortletBase.es.js&/o/js/resolved-module/frontend-js-web@5.0.8/liferay/DefaultEventHandler.es.js&/o/js/resolved-module/frontend-js-web@5.0.8/liferay/events/Disposable.js&/o/js/resolved-module/frontend-js-web@5.0.8/liferay/events/EventHandle.js&/o/js/resolved-module/frontend-js-web@5.0.8/liferay/events/EventEmitter.js&/o/js/resolved-module/frontend-js-web@5.0.8/liferay/events/EventHandler.js&/o/js/resolved-module/frontend-js-web@5.0.8/liferay/util/toggle_disabled.js&/o/js/resolved-module/frontend-js-web@5.0.8/liferay/ItemSelectorDialog.es.js&/o/js/resolved-module/liferay!frontend-js-react-web$classnames@2.3.1/index.js&/o/js/resolved-module/liferay!frontend-js-react-web$object-assign@4.1.1/index.js&/o/js/resolved-module/liferay!frontend-js-react-web$react@16.12.0/cjs/react.production.min.js&/o/js/resolved-module/liferay!frontend-js-react-web$react@16.12.0/index.js&/o/js/resolved-module/@frontend-taglib-clay$clayui/button@3.6.0/lib/Group.js&/o/js/resolved-module/@frontend-taglib-clay$clayui/button@3.6.0/lib/Button.js&/o/js/resolved-module/frontend-taglib-clay$warning@4.0.3/warning.js&/o/js/resolved-module/@frontend-taglib-clay$clayui/icon@3.1.0/lib/index.js&/o/js/resolved-module/@frontend-taglib-clay$clayui/button@3.6.0/lib/ButtonWithIcon.js&/o/js/resolved-module/@frontend-taglib-clay$clayui/button@3.6.0/lib/index.js&/o/js/resolved-module/@frontend-taglib-clay$clayui/loading-indicator@3.2.0/lib/index.js&/o/js/resolved-module/liferay!frontend-js-react-web$scheduler@0.18.0/cjs/scheduler.production.min.js&/o/js/resolved-module/liferay!frontend-js-react-web$scheduler@0.18.0/index.js&/o/js/resolved-module/liferay!frontend-js-react-web$react-dom@16.12.0/cjs/react-dom.production.min.js&/o/js/resolved-module/liferay!frontend-js-react-web$react-dom@16.12.0/index.js

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/o/frontend-js-loader-modules-extender/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54f9990fe66f4ecd06aaebfebc196a86d87c62e69fcd124b3eec4ff272752197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=202487
x-xss-protection: 1
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"396beab7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
cache-control: public, max-age=315360000
cachetest: 1
cf-ray: 6c488a913dd8d6c1-FRA
expires: Fri, 26 Dec 2031 05:55:43 GMT

GET
H2 200 combo.css.js Show response
zondaglobal.com/combo/ 32 KB
7 KB 385ms
383ms Script
text/javascript 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zondaglobal.com/combo/combo.css.js?browserId=other&minifierType=&languageId=en_US&b=7402&t=1640266934698&/o/js/resolved-module/@frontend-taglib-clay$clayui/shared@3.29.0/lib/Portal.js&/o/js/resolved-module/@frontend-taglib-clay$clayui/shared@3.29.0/lib/delegate.js&/o/js/resolved-module/@frontend-taglib-clay$clayui/shared@3.29.0/lib/Keys.js&/o/js/resolved-module/@frontend-taglib-clay$clayui/shared@3.29.0/lib/useFocusManagement.js&/o/js/resolved-module/@frontend-taglib-clay$clayui/shared@3.29.0/lib/FocusScope.js&/o/js/resolved-module/@frontend-taglib-clay$clayui/shared@3.29.0/lib/getEllipsisItems.js&/o/js/resolved-module/@frontend-taglib-clay$clayui/link@3.2.0/lib/Context.js&/o/js/resolved-module/@frontend-taglib-clay$clayui/link@3.2.0/lib/index.js&/o/js/resolved-module/@frontend-taglib-clay$clayui/shared@3.29.0/lib/LinkOrButton.js&/o/js/resolved-module/@frontend-taglib-clay$clayui/shared@3.29.0/lib/sub.js&/o/js/resolved-module/@frontend-taglib-clay$clayui/shared@3.29.0/lib/observeRect.js&/o/js/resolved-module/@frontend-taglib-clay$clayui/shared@3.29.0/lib/useDebounce.js&/o/js/resolved-module/@frontend-taglib-clay$clayui/shared@3.29.0/lib/setElementFullHeight.js&/o/js/resolved-module/@frontend-taglib-clay$clayui/shared@3.29.0/lib/useInternalState.js&/o/js/resolved-module/@frontend-taglib-clay$clayui/shared@3.29.0/lib/useMousePosition.js&/o/js/resolved-module/@frontend-taglib-clay$clayui/shared@3.29.0/lib/MouseSafeArea.js&/o/js/resolved-module/@frontend-taglib-clay$clayui/shared@3.29.0/lib/index.js&/o/js/resolved-module/@frontend-taglib-clay$clayui/modal@3.29.0/lib/Body.js&/o/js/resolved-module/@frontend-taglib-clay$clayui/modal@3.29.0/lib/Context.js&/o/js/resolved-module/@frontend-taglib-clay$clayui/modal@3.29.0/lib/Footer.js&/o/js/resolved-module/@frontend-taglib-clay$clayui/modal@3.29.0/lib/Header.js&/o/js/resolved-module/@frontend-taglib-clay$clayui/modal@3.29.0/lib/Hook.js&/o/js/resolved-module/@frontend-taglib-clay$clayui/modal@3.29.0/lib/types.js

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/o/frontend-js-loader-modules-extender/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ff0079e3ff3b68d6229f4932a30eb933ea4b95a864e13b125478d5b58eadf79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=33236
x-xss-protection: 1
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"b45fbfc3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
cache-control: public, max-age=315360000
cachetest: 1
cf-ray: 6c488a913dd9d6c1-FRA
expires: Fri, 26 Dec 2031 05:55:43 GMT

GET
H2 200 combo.css.js Show response
zondaglobal.com/combo/ 33 KB
8 KB 530ms
528ms Script
text/javascript 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zondaglobal.com/combo/combo.css.js?browserId=other&minifierType=&languageId=en_US&b=7402&t=1640266934698&/o/js/resolved-module/@frontend-taglib-clay$clayui/modal@3.29.0/lib/Modal.js&/o/js/resolved-module/@frontend-taglib-clay$clayui/modal@3.29.0/lib/useModal.js&/o/js/resolved-module/@frontend-taglib-clay$clayui/modal@3.29.0/lib/Provider.js&/o/js/resolved-module/@frontend-taglib-clay$clayui/modal@3.29.0/lib/index.js&/o/js/resolved-module/frontend-js-node-shims$process@0.11.10/browser.js&/o/js/resolved-module/frontend-js-node-shims$process@0.11.10/index.js&/o/js/resolved-module/@liferay/frontend-js-react-web@5.0.7/js/render.js&/o/js/resolved-module/@liferay/frontend-js-react-web@5.0.7/js/ReactPortal.js&/o/js/resolved-module/@liferay/frontend-js-react-web@5.0.7/js/hooks/useEventListener.js&/o/js/resolved-module/@liferay/frontend-js-react-web@5.0.7/js/hooks/useIsMounted.js&/o/js/resolved-module/@liferay/frontend-js-react-web@5.0.7/js/hooks/useInterval.js&/o/js/resolved-module/@liferay/frontend-js-state-web@1.0.5/index.js&/o/js/resolved-module/@liferay/frontend-js-react-web@5.0.7/js/hooks/useLiferayState.js&/o/js/resolved-module/@liferay/frontend-js-react-web@5.0.7/js/hooks/usePrevious.js&/o/js/resolved-module/@liferay/frontend-js-react-web@5.0.7/js/hooks/useStateSafe.js&/o/js/resolved-module/@liferay/frontend-js-react-web@5.0.7/js/hooks/useThunk.js&/o/js/resolved-module/@liferay/frontend-js-react-web@5.0.7/js/hooks/useTimeout.js&/o/js/resolved-module/@liferay/frontend-js-react-web@5.0.7/js/index.js&/o/js/resolved-module/liferay!frontend-js-react-web$prop-types@15.7.2/lib/ReactPropTypesSecret.js&/o/js/resolved-module/liferay!frontend-js-react-web$prop-types@15.7.2/factoryWithThrowingShims.js&/o/js/resolved-module/liferay!frontend-js-react-web$prop-types@15.7.2/index.js&/o/js/resolved-module/frontend-js-web@5.0.8/liferay/modal/Modal.scss.js&/o/js/resolved-module/frontend-js-web@5.0.8/liferay/util/navigate.es.js&/o/js/resolved-module/frontend-js-web@5.0.8/liferay/modal/Modal.js

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/o/frontend-js-loader-modules-extender/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d882dc402676ce6198c7a1ff4ac856b6c99e4c5fe15812004cd77015e6d7bc0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=34511
x-xss-protection: 1
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"544eda0f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
cache-control: public, max-age=315360000
cachetest: 1
cf-ray: 6c488a913ddad6c1-FRA
expires: Fri, 26 Dec 2031 05:55:43 GMT

GET
H2 200 combo.css.js Show response
zondaglobal.com/combo/ 53 KB
10 KB 532ms
530ms Script
text/javascript 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zondaglobal.com/combo/combo.css.js?browserId=other&minifierType=&languageId=en_US&b=7402&t=1640266934698&/o/js/resolved-module/@frontend-taglib-clay$clayui/layout@3.31.0/lib/Col.js&/o/js/resolved-module/@frontend-taglib-clay$clayui/layout@3.31.0/lib/Container.js&/o/js/resolved-module/@frontend-taglib-clay$clayui/layout@3.31.0/lib/ContainerFluid.js&/o/js/resolved-module/@frontend-taglib-clay$clayui/layout@3.31.0/lib/Content.js&/o/js/resolved-module/@frontend-taglib-clay$clayui/layout@3.31.0/lib/Row.js&/o/js/resolved-module/@frontend-taglib-clay$clayui/layout@3.31.0/lib/Sheet.js&/o/js/resolved-module/@frontend-taglib-clay$clayui/layout@3.31.0/lib/index.js&/o/js/resolved-module/@frontend-taglib-clay$clayui/alert@3.31.0/lib/Footer.js&/o/js/resolved-module/@frontend-taglib-clay$clayui/alert@3.31.0/lib/ToastContainer.js&/o/js/resolved-module/@frontend-taglib-clay$clayui/alert@3.31.0/lib/index.js&/o/js/resolved-module/@frontend-taglib-clay$clayui/form@3.29.0/lib/Checkbox.js&/o/js/resolved-module/@frontend-taglib-clay$clayui/form@3.29.0/lib/SelectBox.js&/o/js/resolved-module/@frontend-taglib-clay$clayui/form@3.29.0/lib/DualListBox.js&/o/js/resolved-module/@frontend-taglib-clay$clayui/form@3.29.0/lib/Form.js&/o/js/resolved-module/@frontend-taglib-clay$clayui/form@3.29.0/lib/Input.js&/o/js/resolved-module/@frontend-taglib-clay$clayui/form@3.29.0/lib/Radio.js&/o/js/resolved-module/@frontend-taglib-clay$clayui/form@3.29.0/lib/RadioGroup.js&/o/js/resolved-module/@frontend-taglib-clay$clayui/form@3.29.0/lib/Select.js&/o/js/resolved-module/@frontend-taglib-clay$clayui/form@3.29.0/lib/SelectWithOption.js&/o/js/resolved-module/@frontend-taglib-clay$clayui/form@3.29.0/lib/Toggle.js&/o/js/resolved-module/@frontend-taglib-clay$clayui/form@3.29.0/lib/index.js&/o/js/resolved-module/frontend-js-web@5.0.8/liferay/util/fetch.es.js&/o/js/resolved-module/frontend-js-web@5.0.8/liferay/modal/components/SimpleInputModal.es.js

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/o/frontend-js-loader-modules-extender/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efe2e1d9742c32c88cb3a40045e992cd48be9a6ddf775db428044e4fd455cf83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=55128
x-xss-protection: 1
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"745620f7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=315360000
cachetest: 1
cf-ray: 6c488a913ddbd6c1-FRA
expires: Fri, 26 Dec 2031 05:55:43 GMT

GET
H2 200 combo.css.js Show response
zondaglobal.com/combo/ 29 KB
7 KB 402ms
400ms Script
text/javascript 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zondaglobal.com/combo/combo.css.js?browserId=other&minifierType=&languageId=en_US&b=7402&t=1640266934698&/o/js/resolved-module/frontend-js-web@5.0.8/liferay/modal/commands/OpenSimpleInputModal.es.js&/o/js/resolved-module/frontend-js-web@5.0.8/liferay/util/get_portlet_namespace.es.js&/o/js/resolved-module/frontend-js-web@5.0.8/liferay/util/portlet_url/create_portlet_url.es.js&/o/js/resolved-module/frontend-js-web@5.0.8/liferay/util/portlet_url/create_action_url.es.js&/o/js/resolved-module/frontend-js-web@5.0.8/liferay/util/portlet_url/create_render_url.es.js&/o/js/resolved-module/frontend-js-web@5.0.8/liferay/util/portlet_url/create_resource_url.es.js&/o/js/resolved-module/frontend-js-web@5.0.8/liferay/align.js&/o/js/resolved-module/frontend-js-web@5.0.8/liferay/util/session.es.js&/o/js/resolved-module/frontend-js-web@5.0.8/liferay/util/build_fragment.js&/o/js/resolved-module/frontend-js-web@5.0.8/liferay/toast/commands/OpenToast.es.js&/o/js/resolved-module/frontend-js-web@5.0.8/liferay/throttle.es.js&/o/js/resolved-module/frontend-js-web@5.0.8/liferay/util/add_params.js&/o/js/resolved-module/frontend-js-web@5.0.8/liferay/util/get_dom.js&/o/js/resolved-module/frontend-js-web@5.0.8/liferay/util/get_element.js&/o/js/resolved-module/frontend-js-web@5.0.8/liferay/util/in_browser_view.js&/o/js/resolved-module/frontend-js-web@5.0.8/liferay/util/focus_form_field.js&/o/js/resolved-module/frontend-js-web@5.0.8/liferay/util/get_portlet_id.js&/o/js/resolved-module/frontend-js-web@5.0.8/liferay/util/is_phone.js&/o/js/resolved-module/frontend-js-web@5.0.8/liferay/util/is_tablet.js&/o/js/resolved-module/frontend-js-web@5.0.8/liferay/util/normalize_friendly_url.js&/o/js/resolved-module/frontend-js-web@5.0.8/liferay/util/run_scripts_in_element.es.js&/o/js/resolved-module/frontend-js-web@5.0.8/index.es.js&/o/js/resolved-module/frontend-js-dropdown-support-web@2.0.3/DropdownProvider.js&/o/js/resolved-module/frontend-js-dropdown-support-web@2.0.3/index.js

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/o/frontend-js-loader-modules-extender/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96a83fafa4c1169ef6e46eca48f6d3134bac2aa5130c38b088441a27c8d94d01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=30351
x-xss-protection: 1
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"386f8312"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
cache-control: public, max-age=315360000
cachetest: 1
cf-ray: 6c488a913ddcd6c1-FRA
expires: Fri, 26 Dec 2031 05:55:43 GMT

GET
H2 200 combo.css.js Show response
zondaglobal.com/combo/ 437 B
374 B 26ms
25ms Script
text/javascript 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zondaglobal.com/combo/combo.css.js?browserId=other&minifierType=&languageId=en_US&b=7402&t=1640266934698&/o/js/resolved-module/frontend-js-alert-support-web@2.0.3/index.js

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/o/frontend-js-loader-modules-extender/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17bdf02c485ab5922152dc4b128a3a81132c4cd95b1fb76511742314ddacd07b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1612
cf-polished: origSize=472
x-xss-protection: 1
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"c1aa284"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=315360000
cachetest: 1
cf-ray: 6c488a913dddd6c1-FRA
expires: Fri, 26 Dec 2031 05:55:42 GMT

GET
H2 200 combo.css.js Show response
zondaglobal.com/combo/ 4 KB
1 KB 28ms
27ms Script
text/javascript 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zondaglobal.com/combo/combo.css.js?browserId=other&minifierType=&languageId=en_US&b=7402&t=1640266934698&/o/js/resolved-module/frontend-js-collapse-support-web@2.0.3/CollapseProvider.js&/o/js/resolved-module/frontend-js-collapse-support-web@2.0.3/index.js

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/o/frontend-js-loader-modules-extender/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c6818c584158155e6299b16d98be1da40a15301e45f091d1e9142f51138a542

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1612
cf-polished: origSize=3927
x-xss-protection: 1
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"22814561"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=315360000
cachetest: 1
cf-ray: 6c488a913dded6c1-FRA
expires: Fri, 26 Dec 2031 05:55:42 GMT

GET
H2 200 combo.css.js Show response
zondaglobal.com/combo/ 4 KB
2 KB 41ms
41ms Script
text/javascript 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zondaglobal.com/combo/combo.css.js?browserId=other&minifierType=&languageId=en_US&b=7402&t=1640266934698&/o/js/resolved-module/remote-app-support-web@2.0.3/index.js

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/o/frontend-js-loader-modules-extender/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

041509fc96ca7d2006abd62ad868d4bab103dd7b3e237160d02227470cc1819e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=4501
x-xss-protection: 1
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"3067edaa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=315360000
cachetest: 1
cf-ray: 6c488a913de0d6c1-FRA
expires: Fri, 26 Dec 2031 05:55:42 GMT

GET
H2 200 combo.css.js Show response
zondaglobal.com/combo/ 386 B
251 B 39ms
39ms Script
text/javascript 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zondaglobal.com/combo/combo.css.js?browserId=other&minifierType=&languageId=en_US&b=7402&t=1640266934698&/o/js/resolved-module/frontend-js-web@5.0.8/bridge/frontend-js-web/liferay/delegate/delegate.es.js&/o/js/resolved-module/frontend-js-web@5.0.8/bridge/frontend-js-web/liferay/toast/commands/OpenToast.es.js

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/o/frontend-js-loader-modules-extender/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b14cc3d1295373649800f81fa8e2cc979f78a2f917a7433ed83cb4e42e4dd577

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
cf-polished: origSize=469
x-xss-protection: 1
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"3d41ce24"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=315360000
cachetest: 1
cf-ray: 6c488a913de1d6c1-FRA
expires: Fri, 26 Dec 2031 05:55:42 GMT

GET
H2 200 combo.css.js Show response
zondaglobal.com/combo/ 3 KB
1 KB 26ms
25ms Script
text/javascript 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zondaglobal.com/combo/combo.css.js?browserId=other&minifierType=&languageId=en_US&b=7402&t=1640266934698&/o/js/resolved-module/frontend-js-tabs-support-web@2.0.4/TabsProvider.js&/o/js/resolved-module/frontend-js-tabs-support-web@2.0.4/index.js

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/o/frontend-js-loader-modules-extender/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53299ce2578c6ba8f3cd2c835a21333f5a420784b92e7cd3f4dd0163fc1aa206

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1612
cf-polished: origSize=2923
x-xss-protection: 1
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"ecd375cb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=315360000
cachetest: 1
cf-ray: 6c488a913de2d6c1-FRA
expires: Fri, 26 Dec 2031 05:55:42 GMT

GET
H2 200 combo.css.js Show response
zondaglobal.com/combo/ 23 KB
8 KB 25ms
25ms Script
text/javascript 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/o/frontend-js-loader-modules-extender/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb44eade649e7a55dc5d83a19f3b0a3731db1c3b4d9cad2aa46a9e5de9b6315e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1612
cf-polished: origSize=24081
x-xss-protection: 1
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"8e905062"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=315360000
cachetest: 1
cf-ray: 6c488a913de3d6c1-FRA
expires: Fri, 26 Dec 2031 05:55:42 GMT

GET
H2 200 combo.css.js Show response
zondaglobal.com/combo/ 6 KB
3 KB 20ms
20ms Script
text/javascript 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zondaglobal.com/combo/combo.css.js?browserId=other&minifierType=&languageId=en_US&b=7402&t=1640266934698&/o/frontend-js-aui-web/liferay/menu.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90fa50e87929f6d5499ec38fcbc1ab56105797221ef532c2eb271630e6f0e165

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1612
cf-polished: origSize=5957
x-xss-protection: 1
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"921a0a43"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=315360000
cachetest: 1
cf-ray: 6c488a914dead6c1-FRA
expires: Fri, 26 Dec 2031 05:55:42 GMT

GET
H2 200 get_dynamic_configuration Show response
api.livechatinc.com/v3.3/customer/action/ 271 B
479 B 529ms
512ms Script
application/javascript 2.16.186.211
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=11644358&url=https%3A%2F%2Fzondaglobal.com%2Fen%2Fhome&channel_type=code&jsonp=__t2t88xa04mf

Requested by

Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-211.deploy.static.akamaitechnologies.com

Software

Resource Hash

90129f240a801ae74fcebeb726c3f5c8f9cac4cc863b76f7d79f0a5db48d7431

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://zondaglobal.com/;
X-Frame-Options	allow-from https://zondaglobal.com/

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: frame-ancestors https://zondaglobal.com/;
vary: Accept-Encoding
x-frame-options: allow-from https://zondaglobal.com/
date: Tue, 28 Dec 2021 05:55:43 GMT
content-length: 271
legacy: 2023-06-30
content-type: application/javascript; charset=UTF-8

GET
H2 200 dc_pre=CICC-sXnhfUCFUsO0wods9IKHA;src=11067916;type=bite00;cat=lp_zo0;ord=7094546056878;gtm=2wgc10;auiddc=*;ps=1;~oref=https%3A%2F%2Fzondaglobal.com%2Fen%2Fhome
adservice.google.com/ddm/fls/z/ Frame A082 42 B
494 B 128ms
58ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CICC-sXnhfUCFUsO0wods9IKHA;src=11067916;type=bite00;cat=lp_zo0;ord=7094546056878;gtm=2wgc10;auiddc=*;ps=1;~oref=https%3A%2F%2Fzondaglobal.com%2Fen%2Fhome

Requested by

Host: 11067916.fls.doubleclick.net
URL: https://11067916.fls.doubleclick.net/activityi;dc_pre=CICC-sXnhfUCFUsO0wods9IKHA;src=11067916;type=bite00;cat=lp_zo0;ord=7094546056878;gtm=2wgc10;auiddc=1286076809.1640670943;ps=1;~oref=https%3A%2F%2Fzondaglobal.com%2Fen%2Fhome?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://11067916.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 05:55:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame A082 98 KB
26 KB 74ms
18ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://11067916.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: 6VgIEA22IWp9tP6S8jypG/VTg2rBtcCU+zUld+isklzRF8mVJAUuaSmNNVp4/qYHwEW9P7bNO3UhJrbKgpjsUQ==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Tue, 28 Dec 2021 05:55:43 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 combo.css.js Show response
zondaglobal.com/combo/ 250 B
264 B 74ms
72ms Script
text/javascript 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zondaglobal.com/combo/combo.css.js?browserId=other&minifierType=&languageId=en_US&b=7402&t=1640266934698&/o/frontend-js-aui-web/aui/array-invoke/array-invoke-min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ac196699455c98dd7d739918316b3ecedaaddbee7cf3ae8729d61be256b2a29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1612
cf-polished: origSize=252
x-xss-protection: 1
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"bb35286c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=315360000
cachetest: 1
cf-ray: 6c488a917e0dd6c1-FRA
expires: Fri, 26 Dec 2031 05:55:42 GMT

GET
H2 200 TrendFall.svg
zondaglobal.com/o/bb-theme/images/icons/ 286 B
342 B 62ms
62ms Image
image/svg+xml 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zondaglobal.com/o/bb-theme/images/icons/TrendFall.svg

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/en/home

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ff1f52949f55990f416e3ce6072ff0902b444d27109de18c3f59a3e8551049a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-xss-protection: 1
last-modified: Thu, 23 Dec 2021 13:02:30 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"286-1640264550000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=315360000
cachetest: 1
cf-ray: 6c488a91be5ed6c1-FRA
expires: Fri, 26 Dec 2031 05:55:43 GMT

GET
H3 200 216594243652801 Show response
connect.facebook.net/signals/config/ Frame A082 305 KB
87 KB 231ms
205ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/216594243652801?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

800d8bdf5287f74e0b52c2bb9f05deb2cac5207974ae04c6066be58683813f5a

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://11067916.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: 2ZgUUZzJ8acpRRJfHSu1Cs662yPhSgPKzDVbYbN8L9C6RAFx2dnoLUHevyTczq0eUk8X0c2XVQuGBo7J6LmQXw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 28 Dec 2021 05:55:43 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

/ Show response
track.adform.net/Serving/TrackPoint/
Redirect Chain

https://track.adform.net/Serving/TrackPoint/?pm=2454768&ADFPageName=Landing%20Page%20Zonda&ADFdivider=%7C&ord=815762198927&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fauth.bitbay.net%2F...
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2454768&ADFPageName=Landing%20Page%20Zonda&ADFdivider=%7C&ord=815762198927&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fauth.bitbay.n...

842 B
1 KB

37ms
37ms

Script
text/javascript

37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2454768&ADFPageName=Landing%20Page%20Zonda&ADFdivider=%7C&ord=815762198927&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fauth.bitbay.net%2F&ADFtpmode=2&loc=https%3A%2F%2Fzondaglobal.com%2Fen%2Fhome

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/en/home

Protocol

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

0e7b214ecb69cd14a1a6b28647a3e42fc2dd1131833127a2ab80f4742a2d9845

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 05:55:43 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 684
expires: -1

Redirect headers

pragma: no-cache
date: Tue, 28 Dec 2021 05:55:43 GMT
server: nginx
location: https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2454768&ADFPageName=Landing%20Page%20Zonda&ADFdivider=%7C&ord=815762198927&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fauth.bitbay.net%2F&ADFtpmode=2&loc=https%3A%2F%2Fzondaglobal.com%2Fen%2Fhome
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

GET
H2 200 pixels Show response
c1.adform.net/imatch/ Frame 19BD 5 KB
2 KB 33ms
32ms Document
text/html 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/imatch/pixels?uid=527415736575725998&agencyId=8066&advertiserId=2104127&src=tp&rnd=22938

Requested by

Host: track.adform.net
URL: https://track.adform.net/Serving/TrackPoint/?pm=2454768&ADFPageName=Landing%20Page%20Zonda&ADFdivider=%7C&ord=815762198927&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=https%3A%2F%2Fauth.bitbay.net%2F&ADFtpmode=2&loc=https%3A%2F%2Fzondaglobal.com%2Fen%2Fhome

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

36ca8ca0dbd9383be7f7fd6dd6e681b7d7277a30a80da56d204a1ca5898c42c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/

Response headers

server: nginx
date: Tue, 28 Dec 2021 05:55:43 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip

GET
H2 200 /
server.seadform.net/serving/cookie/sync/ 35 B
343 B 110ms
27ms Image
image/gif 37.157.4.25
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://server.seadform.net/serving/cookie/sync/?uid=527415736575725998&stamp=VT5oMHZqvKYDvP-67D9Y4w2

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/en/home

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.25 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 28 Dec 2021 05:55:43 GMT
cache-control: private
server: nginx
content-type: image/gif
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"

GET
H2 200 plf
c1.adform.net/imatch/ Frame 19BD 0
261 B 38ms
37ms Image
text/plain 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plff

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=527415736575725998&agencyId=8066&advertiserId=2104127&src=tp&rnd=22938

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=527415736575725998&agencyId=8066&advertiserId=2104127&src=tp&rnd=22938
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:43 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 19BD
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=42&external_user_id=527415736575725998&Expiration=1641880543
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=527415736575725998&Expiration=1641880543

43 B
423 B

47ms
47ms

Image
image/gif

99.81.7.40
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=527415736575725998&Expiration=1641880543
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=527415736575725998&agencyId=8066&advertiserId=2104127&src=tp&rnd=22938
Protocol: H2
Server: 99.81.7.40 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-81-7-40.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 28 Dec 2021 05:55:43 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=42&external_user_id=527415736575725998&Expiration=1641880543
date: Tue, 28 Dec 2021 05:55:43 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 19BD 0
522 B 121ms
43ms Image
text/plain 104.111.218.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.yieldlab.net/m?dt_id=4879&ext_id=527415736575725998

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=527415736575725998&agencyId=8066&advertiserId=2104127&src=tp&rnd=22938

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.111.218.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-218-85.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Dec 2021 05:55:43 GMT
x-content-type-options: nosniff
x-frame-options: DENY
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-application-context: application
Expires: Mon, 27 Dec 2021 05:55:43 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 19BD 0
214 B 105ms
25ms Image
text/plain 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=5253&puid=527415736575725998
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=527415736575725998&agencyId=8066&advertiserId=2104127&src=tp&rnd=22938
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 19BD
Redirect Chain

https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=527415736575725998&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__
https://ih.adscale.de/adscale-ih/tpui?tpid=42&tpuid=527415736575725998&cburl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d9%26uid%3D__ADSCALE_USER_ID__&nut&uu=d6ecd754300d408eb1...
https://c1.adform.net/serving/cookie/match?party=9&uid=7e1010a15b64bc558b77f1894300ce0484d5017ed51c7b44ff2bcea66e1e2ba2

35 B
467 B

32ms
32ms

Image
image/gif

37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=9&uid=7e1010a15b64bc558b77f1894300ce0484d5017ed51c7b44ff2bcea66e1e2ba2

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=527415736575725998&agencyId=8066&advertiserId=2104127&src=tp&rnd=22938

Protocol

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 05:55:43 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=9&uid=7e1010a15b64bc558b77f1894300ce0484d5017ed51c7b44ff2bcea66e1e2ba2
date: Tue, 28 Dec 2021 05:55:43 GMT
content-length: 0
p3p: CP=NOI PSA OUR

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame 19BD 43 B
163 B 131ms
35ms Image
image/gif 185.86.137.133
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=22&partneruserid=527415736575725998&redirurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d10%26cid%3DSMART_USER_ID
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=527415736575725998&agencyId=8066&advertiserId=2104127&src=tp&rnd=22938
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.133 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:42 GMT
transfer-encoding: chunked
content-type: image/gif

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55944/ Frame 19BD
Redirect Chain

https://pixel.advertising.com/ups/55944/sync?uid=527415736575725998&_origin=1
https://pixel.advertising.com/ups/55944/sync?uid=527415736575725998&_origin=1&verify=true
https://ups.analytics.yahoo.com/ups/55944/sync?uid=527415736575725998&_origin=1&apid=UPcb4062d1-67a2-11ec-81d7-06453e459354
https://ups.analytics.yahoo.com/ups/55944/sync?uid=527415736575725998&_origin=1&apid=UPcb4062d1-67a2-11ec-81d7-06453e459354&verify=true

0
333 B

16ms
16ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55944/sync?uid=527415736575725998&_origin=1&apid=UPcb4062d1-67a2-11ec-81d7-06453e459354&verify=true

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=527415736575725998&agencyId=8066&advertiserId=2104127&src=tp&rnd=22938

Protocol

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:43 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55944/sync?uid=527415736575725998&_origin=1&apid=UPcb4062d1-67a2-11ec-81d7-06453e459354&verify=true
date: Tue, 28 Dec 2021 05:55:43 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 200
OK user-registering
ads.stickyadstv.com/ Frame 19BD 43 B
712 B 190ms
45ms Image
image/gif 2.18.234.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=527415736575725998
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=527415736575725998&agencyId=8066&advertiserId=2104127&src=tp&rnd=22938
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Dec 2021 05:55:43 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1640670943602020-584
Expires: Tue, 28 Dec 2021 05:55:43 GMT

GET
H2

200

setuid
mp.4dex.io/ Frame 19BD
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=70&user_id=527415736575725998
https://x.bidswitch.net/ul_cb/sync?dsp_id=70&user_id=527415736575725998
https://mp.4dex.io/setuid?bidder=bidswitch&uid=62957df1-7df5-4942-82cb-8a3044671c5a&gdpr=&gdpr_consent=&us_privacy=

0
472 B

136ms
57ms

Image
text/plain

2606:4700::6812:272
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mp.4dex.io/setuid?bidder=bidswitch&uid=62957df1-7df5-4942-82cb-8a3044671c5a&gdpr=&gdpr_consent=&us_privacy=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=527415736575725998&agencyId=8066&advertiserId=2104127&src=tp&rnd=22938
Protocol: H2
Server: 2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 05:55:43 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
cf-ray: 6c488a9528455a1f-MXP
content-length: 0
expires: 0

Redirect headers

Location: //mp.4dex.io/setuid?bidder=bidswitch&uid=62957df1-7df5-4942-82cb-8a3044671c5a&gdpr=&gdpr_consent=&us_privacy=
Date: Tue, 28 Dec 2021 05:55:43 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 19BD
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=527415736575725998&expiration=1641880543
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=527415736575725998&expiration=1641880543&C=1

43 B
1005 B

42ms
41ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=527415736575725998&expiration=1641880543&C=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=527415736575725998&agencyId=8066&advertiserId=2104127&src=tp&rnd=22938
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Dec 2021 05:55:43 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 28 Dec 2021 05:55:43 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 28 Dec 2021 05:55:43 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=111&external_user_id=527415736575725998&expiration=1641880543&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Tue, 28 Dec 2021 05:55:43 GMT

GET
H/1.1

200
OK

info
uipglob.semasio.net/dbm/1/ Frame 19BD
Redirect Chain

https://uipglob.semasio.net/adform/1/info?sType=sync&sExtCookieId=527415736575725998&sInitiator=external
https://uipglob.semasio.net/adform/1/info2?sType=sync&sExtCookieId=527415736575725998&sInitiator=external
https://pixel.mathtag.com/sync/img?mt_exid=10041&gdpr=&gdpr_consent=&redir=https%3A%2F%2Fuipglob.semasio.net%2Fmediamath%2F1%2Finfo%3FsType%3Dsync%26sExtCookieId%3D[MM_UUID]%26sInitiator%3Dinternal
https://uipglob.semasio.net/mediamath/1/info?sType=sync&sExtCookieId=5f0561ca-a6df-4400-b6cd-c3ac67183131&sInitiator=internal&gdpr=&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=semasio&ttd_tpi=1&gdpr=&gdpr_consent=
https://uipglob.semasio.net/tradedesk/1/info?sType=sync&gdpr=1&gdpr_consent=&sInitiator=internal&sExtCookieId=7a61c5b7-b5db-4aaa-8980-d8653c8d3f50
https://cm.g.doubleclick.net/pixel?google_nid=semasio_ddp&google_cm&google_hm=RDhEMjBBMEM2RjNFMDI5RQ&gdpr=1&gdpr_consent=
https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEBuoHLbGkFYmpVX-2VPGk6g&sInitiator=internal&google_cver=1&gdpr=1&gdpr_consent=&google_cver=1

42 B
604 B

395ms
394ms

Image
image/gif

77.243.60.138
NETIC-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEBuoHLbGkFYmpVX-2VPGk6g&sInitiator=internal&google_cver=1&gdpr=1&gdpr_consent=&google_cver=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=527415736575725998&agencyId=8066&advertiserId=2104127&src=tp&rnd=22938
Protocol: HTTP/1.1
Server: 77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 05:55:43 GMT
frontend-id: 13
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin: *
uip-response-status: Ok
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 42
routing-server-id: -1
expires: Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Dec 2021 05:55:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://uipglob.semasio.net/dbm/1/info?sType=sync&sExtCookieId=CAESEBuoHLbGkFYmpVX-2VPGk6g&sInitiator=internal&google_cver=1&gdpr=1&gdpr_consent=&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 380
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK match
ps.eyeota.net/ Frame 19BD 0
344 B 109ms
21ms Image
text/plain 52.57.150.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=527415736575725998&bid=9gdtmu1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=527415736575725998&agencyId=8066&advertiserId=2104127&src=tp&rnd=22938
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.57.150.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-150-20.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 28 Dec 2021 05:55:43 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

200

pixel.gif
load77.exelator.com/ Frame 19BD
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=527415736575725998
https://loadm.exelator.com/load/?p=204&g=710&j=0&buid=527415736575725998&xl8blockcheck=1
https://load77.exelator.com/pixel.gif

43 B
336 B

84ms
13ms

Image
image/gif

2a02:6ea0:c700::2
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=527415736575725998&agencyId=8066&advertiserId=2104127&src=tp&rnd=22938
Protocol: H2
Server: 2a02:6ea0:c700::2 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-77-nzt: AcO1ry+XJyb/J+IMAA==
x-accel-expires: @1640863416
date: Tue, 28 Dec 2021 05:55:43 GMT
etag: "59f0c3fc-2b"
last-modified: Wed, 25 Oct 2017 17:03:56 GMT
server: CDN77-Turbo
x-77-nzt-ray: O7MqVWtaNDc=
x-77-cache: HIT
content-type: image/gif
access-control-allow-origin: *
x-cache: HIT
x-age: 844327
accept-ranges: bytes
x-77-pop: frankfurtDE
content-length: 43

Redirect headers

date: Tue, 28 Dec 2021 05:55:43 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://load77.exelator.com/pixel.gif
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H2 400 398366.gif
idsync.rlcdn.com/ Frame 19BD 0
0 86ms
25ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/398366.gif?partner_uid=527415736575725998
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=527415736575725998&agencyId=8066&advertiserId=2104127&src=tp&rnd=22938
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2

200

tpid=527415736575725998
sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/ Frame 19BD
Redirect Chain

https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=527415736575725998
https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=527415736575725998

49 B
736 B

40ms
40ms

Image
image/gif

52.17.84.146
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=527415736575725998
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=527415736575725998&agencyId=8066&advertiserId=2104127&src=tp&rnd=22938
Protocol: H2
Server: 52.17.84.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-84-146.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 05:55:43 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.3.143
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 28 Dec 2021 05:55:43 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://sync.crwdcntrl.net/map/ct=y/c=6466/tp=ADFM/tpid=527415736575725998
cache-control: no-cache
x-server: 10.45.8.116
content-length: 0
expires: 0

GET
H/1.1 200
OK 29729
tags.bluekai.com/site/ Frame 19BD 62 B
304 B 230ms
154ms Image
image/gif 104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/29729?id=527415736575725998
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=527415736575725998&agencyId=8066&advertiserId=2104127&src=tp&rnd=22938
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-191.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 28 Dec 2021 05:55:43 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
Content-Type: image/gif

GET
H2 200 sd
eu-u.openx.net/w/1.0/ Frame 19BD 43 B
274 B 77ms
25ms Image
image/gif 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=527415736575725998
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=527415736575725998&agencyId=8066&advertiserId=2104127&src=tp&rnd=22938
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 05:55:43 GMT
via: 1.1 google
server: OXGW/17.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

pixel.gif
s3-eu-west-1.amazonaws.com/adality-cdn-content/ Frame 19BD
Redirect Chain

https://api.adrtx.net/thirdparty/click?p=adfo
https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif

35 B
390 B

158ms
44ms

Image
image/gif

52.218.61.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=527415736575725998&agencyId=8066&advertiserId=2104127&src=tp&rnd=22938
Protocol: HTTP/1.1
Server: 52.218.61.75 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-eu-west-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 28 Dec 2021 05:55:44 GMT
Last-Modified: Thu, 29 Oct 2015 16:41:57 GMT
Server: AmazonS3
x-amz-request-id: NRF3D75KJHEHZXRA
ETag: "c2196de8ba412c60c22ab491af7b1409"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 35
x-amz-id-2: 3Hm9lTauHH8VDHnyq6j0K70PXQhk+W9M27+iDreHwrwIFNwScXuL6bYW8qndt+LPOLJ+w4fYQuo=

Redirect headers

X-Error-Reason: Missing UserId
Date: Tue, 28 Dec 2021 05:55:43 GMT
Server: akka-http/10.2.6
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: https://s3-eu-west-1.amazonaws.com/adality-cdn-content/pixel.gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 137

GET
H/1.1 200
OK /
pixel.onaudience.com/ Frame 19BD 35 B
248 B 78ms
16ms Image
image/gif 51.210.112.236
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.onaudience.com/?mapped=527415736575725998&partner=68
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=527415736575725998&agencyId=8066&advertiserId=2104127&src=tp&rnd=22938
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 51.210.112.236 , France, ASN16276 (OVH, FR),
Reverse DNS: pikafka-1.cloudy.ovh
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-length: 35
content-type: image/gif

GET
H/1.1

200
OK

/
cm.adsafety.net/ Frame 19BD
Redirect Chain

https://cm.adsafety.net/?_cmsrc=adformx&idt=100&did=527415736575725998
https://tags.adsafety.net/v1/cm?cm_uid=CM12021122805937f64825319e8d3aef&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dct%26_chainsrc%3Dcommon%26idt%3D%5B%25IDT%25%5D%26did%3D%5B%25DID%25%5D
https://cm.adsafety.net/?_cmsrc=ct&_chainsrc=common&idt=100&did=7d01cd39ad40bc95b469c524b7dbf962
https://ads.smartstream.tv/cm/?cmsrc=cm&cm_uid=CM12021122805937f64825319e8d3aef&redirect=https%3A%2F%2Fcm.adsafety.net%2F%3F_cmsrc%3Dstv%26_chainsrc%3Dcommon&gdpr_consent=
https://cm.adsafety.net/?_cmsrc=stv&_chainsrc=common&idt=100&did=7d01cd39ad40bc95b469c524b7dbf962&idt_did_status=added&gdpr_consent=&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=dataxtrade_dmp&google_cm&google_hm=Q00xMjAyMTEyMjgwNTkzN2Y2NDgyNTMxOWU4ZDNhZWY
https://cm.adsafety.net/?_cmsrc=dbmx&midt=100&mdid=CAESEBVIMRJO9y_fcywFn1XAdmk&google_cver=1
https://c1.adform.net/serving/cookie/match?party=28&cid=CM12021122805937f64825319e8d3aef
https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=527415736575725998

43 B
2 KB

19ms
19ms

Image
image/gif

80.82.217.103
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=527415736575725998
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=527415736575725998&agencyId=8066&advertiserId=2104127&src=tp&rnd=22938
Protocol: HTTP/1.1
Server: 80.82.217.103 Krefeld, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software: nginx /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Dec 2021 05:55:43 GMT
Last-Modified: Tue, 28 Dec 2021 05:55:43 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate, no-cache, no-store, post-check=0, pre-check=0, private
Connection: keep-alive
Expires: Mon, 28 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Dec 2021 05:55:43 GMT
server: nginx
location: https://cm.adsafety.net/?_cmsrc=adform&idt=100&did=527415736575725998
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 19BD 0
339 B 119ms
30ms Image
text/plain 52.212.131.178
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=adform&partner_uid=527415736575725998
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=527415736575725998&agencyId=8066&advertiserId=2104127&src=tp&rnd=22938
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.131.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-131-178.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:43 GMT
cache-control: private, no-cache, no-store
x-request-time: D=54 t=1640670943
x-served-by: beacon-n011-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

/
c1.adform.net/serving/cookie/match/ Frame 19BD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_cm&google_ula=1641347&party=1&google_hm=NTI3NDE1NzM2NTc1NzI1OTk4
https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOZ-tEIaAjaZm_fXIcrtG94&google_cver=1&google_ula=1641347,0

35 B
467 B

20ms
19ms

Image
image/gif

37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOZ-tEIaAjaZm_fXIcrtG94&google_cver=1&google_ula=1641347,0

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=527415736575725998&agencyId=8066&advertiserId=2104127&src=tp&rnd=22938

Protocol

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 05:55:43 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Tue, 28 Dec 2021 05:55:43 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOZ-tEIaAjaZm_fXIcrtG94&google_cver=1&google_ula=1641347,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 334
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 plf
c1.adform.net/imatch/ Frame 19BD 0
261 B 19ms
19ms Image
text/plain 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfm

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=527415736575725998&agencyId=8066&advertiserId=2104127&src=tp&rnd=22938

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=527415736575725998&agencyId=8066&advertiserId=2104127&src=tp&rnd=22938
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:43 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H/1.1

200
OK

setuid
secure.adnxs.com/ Frame 19BD
Redirect Chain

https://secure.adnxs.com/getuid?https://c1.adform.net/serving/cookie/match?party=3&id=$UID&redirect=1
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fc1.adform.net%2Fserving%2Fcookie%2Fmatch%3Fparty%3D3%26id%3D%24UID%26redirect%3D1
https://c1.adform.net/serving/cookie/match?party=3&id=3175450700954040848&redirect=1
https://secure.adnxs.com/setuid?entity=91&code=527415736575725998

43 B
996 B

17ms
17ms

Image
image/gif

185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/setuid?entity=91&code=527415736575725998

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=527415736575725998&agencyId=8066&advertiserId=2104127&src=tp&rnd=22938

Protocol

HTTP/1.1

Server

185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Dec 2021 05:55:43 GMT
X-Proxy-Origin: 185.232.23.179; 185.232.23.179; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 4e4550e7-8541-41b7-9204-149166d261a0
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Dec 2021 05:55:43 GMT
server: nginx
location: https://secure.adnxs.com/setuid?entity=91&code=527415736575725998
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 19BD 42 B
544 B 53ms
13ms Image
image/gif 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=527415736575725998
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=527415736575725998&agencyId=8066&advertiserId=2104127&src=tp&rnd=22938
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:43 GMT
cache-control: no-store, no-cache, private
x-lat: amspug008:0:543
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 200
OK cs
pdw-adf.userreport.com/ Frame 19BD 43 B
444 B 46ms
8ms Image
image/gif 143.204.98.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pdw-adf.userreport.com/cs
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=527415736575725998&agencyId=8066&advertiserId=2104127&src=tp&rnd=22938
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-67.fra50.r.cloudfront.net
Software: nginx/1.18.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Mon, 27 Dec 2021 09:05:06 GMT
Via: 1.1 e64eb476d8f76c461d21278e018e194f.cloudfront.net (CloudFront)
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx/1.18.0
Age: 75037
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Content-Length: 43
X-Amz-Cf-Id: LdrBuGNyf51wSzcJfL_8abbzFHje-1bHQJW1EmzBA6XFgQXhsff-uA==

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame 19BD
Redirect Chain

https://a.audrte.com/a?adform_uid=527415736575725998
https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_cm&red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
https://a.audrte.com/g?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiZXllb3RhIn1dfQ%3D%3D&gdpr=0&gdpr_consent=&google_gid=CAESEDe42BkfKHn6NnTRlurbJz0&google_cver=1
https://ps.eyeota.net/match?bid=kh51m51&uid=4hdMPDO8yheTeigNAjuh1PGPw&gdpr=0&gdpr_consent=

0
344 B

7ms
7ms

Image
text/plain

52.57.150.20
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?bid=kh51m51&uid=4hdMPDO8yheTeigNAjuh1PGPw&gdpr=0&gdpr_consent=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=527415736575725998&agencyId=8066&advertiserId=2104127&src=tp&rnd=22938
Protocol: HTTP/1.1
Server: 52.57.150.20 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-150-20.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 28 Dec 2021 05:55:44 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Date: Tue, 28 Dec 2021 05:55:44 GMT
Server: nginx/1.18.0
Access-Control-Allow-Origin: *
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, OPTIONS
Location: https://ps.eyeota.net/match?bid=kh51m51&uid=4hdMPDO8yheTeigNAjuh1PGPw&gdpr=0&gdpr_consent=
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 19BD
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1586&dpuuid=527415736575725998&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirect%3D1
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1586&dpuuid=527415736575725998&redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1007%26cid%3D%24%7BDD_UUID%7D%26noredirec...
https://c1.adform.net/serving/cookie/match?party=1007&cid=39998085032659055671417648284766197305&noredirect=1

35 B
467 B

19ms
19ms

Image
image/gif

37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1007&cid=39998085032659055671417648284766197305&noredirect=1

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=527415736575725998&agencyId=8066&advertiserId=2104127&src=tp&rnd=22938

Protocol

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 05:55:43 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

DCS: dcs-prod-irl1-2-v026-0425072ca.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: Q9e/B1haRKw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://c1.adform.net/serving/cookie/match?party=1007&cid=39998085032659055671417648284766197305&noredirect=1
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 19BD
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9212269628&_puid=527415736575725998
https://dmp.adform.net/serving/cookie/match/?party=1014&cid=165001004014000048515

35 B
467 B

20ms
20ms

Image
image/gif

37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1014&cid=165001004014000048515

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=527415736575725998&agencyId=8066&advertiserId=2104127&src=tp&rnd=22938

Protocol

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 05:55:43 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Tue, 28 Dec 2021 05:55:43 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://dmp.adform.net/serving/cookie/match/?party=1014&cid=165001004014000048515
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 19BD
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1049%26cid%3D%25%25COOKIE%25%25
https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7046628043692963993

35 B
467 B

19ms
19ms

Image
image/gif

37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7046628043692963993

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=527415736575725998&agencyId=8066&advertiserId=2104127&src=tp&rnd=22938

Protocol

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 05:55:43 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Location: https://dmp.adform.net/serving/cookie/match/?party=1049&cid=7046628043692963993
Date: Tue, 28 Dec 2021 05:55:43 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H/1.1 200
OK 33302
tags.bluekai.com/site/ Frame 19BD 62 B
725 B 181ms
155ms Image
image/gif 104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/33302?id=527415736575725998
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=527415736575725998&agencyId=8066&advertiserId=2104127&src=tp&rnd=22938
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-191.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 28 Dec 2021 05:55:43 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
BK-Server: 6c09
Content-Type: image/gif

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 19BD
Redirect Chain

https://pixel.mathtag.com/sync/img?redir=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1066%26cid%3D%5BMM_UUID%5D
https://c1.adform.net/serving/cookie/match?party=1066&cid=5f0561ca-a6df-4400-b6cd-c3ac67183131

35 B
476 B

19ms
19ms

Image
image/gif

37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1066&cid=5f0561ca-a6df-4400-b6cd-c3ac67183131

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=527415736575725998&agencyId=8066&advertiserId=2104127&src=tp&rnd=22938

Protocol

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 05:55:43 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Date: Tue, 28 Dec 2021 05:55:43 GMT
Server: MT3 4133 baa842e master zrh-pixel-x15 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://c1.adform.net/serving/cookie/match?party=1066&cid=5f0561ca-a6df-4400-b6cd-c3ac67183131
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 0
Expires: Tue, 28 Dec 2021 05:55:42 GMT

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 19BD
Redirect Chain

https://pm.w55c.net/ping_match.gif?st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&st=adform&rurl=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1084%26cid%3D_wfivefivec_
https://c1.adform.net/serving/cookie/match?party=1084&cid=lY1pZAuL1N25sz5

35 B
467 B

19ms
19ms

Image
image/gif

37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=1084&cid=lY1pZAuL1N25sz5

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=527415736575725998&agencyId=8066&advertiserId=2104127&src=tp&rnd=22938

Protocol

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 05:55:43 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

Pragma: no-cache
Date: Tue, 28 Dec 2021 05:55:42 GMT
Server: PingMatch/v2.0.30-693-g87a8e09#rel-ec2-master i-007d40ea11cf721ba@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://c1.adform.net/serving/cookie/match?party=1084&cid=lY1pZAuL1N25sz5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 19BD
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=71ei9rr&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=71ei9rr&ttd_tpi=1
https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=7a61c5b7-b5db-4aaa-8980-d8653c8d3f50

35 B
467 B

19ms
19ms

Image
image/gif

37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=7a61c5b7-b5db-4aaa-8980-d8653c8d3f50

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=527415736575725998&agencyId=8066&advertiserId=2104127&src=tp&rnd=22938

Protocol

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 05:55:43 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Tue, 28 Dec 2021 05:55:43 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dmp.adform.net/serving/cookie/match/?party=1144&tdid=7a61c5b7-b5db-4aaa-8980-d8653c8d3f50
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 225

GET image.sbmx
global.ib-ibi.com/ Frame 19BD 0
0

GET
H/1.1 200 0.gif
id5-sync.com/s/10/ Frame 19BD 43 B
1009 B 41ms
9ms Image
image/gif 51.89.21.21
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/10/0.gif?puid=527415736575725998

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=527415736575725998&agencyId=8066&advertiserId=2104127&src=tp&rnd=22938

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.21.21 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

p13.id5-sync.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 28 Dec 2021 05:55:43 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

GET
H2

200

/
dmp.adform.net/serving/cookie/match/ Frame 19BD
Redirect Chain

https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D
https://redirect.frontend.weborama.fr/redirect/standard?url=https%3A%2F%2Fdmp.adform.net%2Fserving%2Fcookie%2Fmatch%2F%3Fparty%3D1145%26cid%3D%7BWEBO_CID%7D&bounce=1&random=1950477057
https://dmp.adform.net/serving/cookie/match/?party=1145&cid=YkTSw8m/F3OGV3PLusOPcu

35 B
467 B

20ms
18ms

Image
image/gif

37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dmp.adform.net/serving/cookie/match/?party=1145&cid=YkTSw8m/F3OGV3PLusOPcu

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=527415736575725998&agencyId=8066&advertiserId=2104127&src=tp&rnd=22938

Protocol

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 05:55:43 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

pragma: no-cache
date: Tue, 28 Dec 2021 05:55:43 GMT
via: 1.1 google
last-modified: Tue, 28 Dec 2021 05:55:43 GMT
server: nginx/1.12.0
location: https://dmp.adform.net/serving/cookie/match/?party=1145&cid=YkTSw8m/F3OGV3PLusOPcu
p3p: CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Tue, 03 Jul 2001 06:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 19BD 23 B
172 B 194ms
117ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=119&uid=527415736575725998
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=527415736575725998&agencyId=8066&advertiserId=2104127&src=tp&rnd=22938
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 05:55:43 GMT
cache-control: max-age=0, no-cache, no-store
expires: Tue, 28 Dec 2021 05:55:43 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

GET
H2

200

pixel.gif
sync.1dmp.io/ Frame 19BD
Redirect Chain

https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=527415736575725998
https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=527415736575725998&cs=1

35 B
376 B

11ms
11ms

Image
image/gif

88.99.213.228
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1dmp.io/pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=527415736575725998&cs=1
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=527415736575725998&agencyId=8066&advertiserId=2104127&src=tp&rnd=22938
Protocol: H2
Server: 88.99.213.228 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88-99-213-228.clients.your-server.de
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:43 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-type: image/gif
content-length: 35
expires: 0

Redirect headers

location: /pixel.gif?cid=672a497c-d086-4380-a381-292df6008b87&brid=db693857-60a6-4685-a042-c2286c2ca02d&pid=w&uid=527415736575725998&cs=1
date: Tue, 28 Dec 2021 05:55:43 GMT
cache-control: private, no-cache, no-store, no-cache=Set-Cookie, proxy-revalidate
server: nginx
content-length: 0
expires: 0

GET
H2 204 /
s.ad.smaato.net/c/ Frame 19BD 0
240 B 41ms
8ms Image
text/plain 2600:9000:2156:3000:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001213&dspCookie=527415736575725998
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=527415736575725998&agencyId=8066&advertiserId=2104127&src=tp&rnd=22938
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:3000:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:43 GMT
via: 1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
server: CloudFront
cache-control: no-cache, must-revalidate
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: r5DdGS1TzgB-x0o5VjKH2GMH_zXpujDm6OtG0RuHfoQmo3aGXbM1-w==
x-cache: FunctionGeneratedResponse from cloudfront

GET
H2

200

match
c1.adform.net/serving/cookie/ Frame 19BD
Redirect Chain

https://pixel.tapad.com/idsync/ex/receive?partner_id=2032&partner_device_id=527415736575725998&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7BTA_DEV...
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2032&partner_device_id=527415736575725998&partner_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d2007%26cid%3D%24%7B...
https://c1.adform.net/serving/cookie/match?party=2007&cid=eb8d7c85-014e-4825-897e-4c1979e72814

35 B
476 B

19ms
19ms

Image
image/gif

37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/serving/cookie/match?party=2007&cid=eb8d7c85-014e-4825-897e-4c1979e72814

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=527415736575725998&agencyId=8066&advertiserId=2104127&src=tp&rnd=22938

Protocol

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 05:55:43 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

Redirect headers

location: https://c1.adform.net/serving/cookie/match?party=2007&cid=eb8d7c85-014e-4825-897e-4c1979e72814
date: Tue, 28 Dec 2021 05:55:43 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2 200 527415736575725998
match.contentexchange.me/adform/ Frame 19BD 0
49 B 104ms
35ms Image
text/plain 46.19.11.36
SIEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.contentexchange.me/adform/527415736575725998?redirect_url=https%3a%2f%2fc1.adform.net%2fserving%2fcookie%2fmatch%3fparty%3d1219
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=527415736575725998&agencyId=8066&advertiserId=2104127&src=tp&rnd=22938
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 46.19.11.36 Ljubljana, Slovenia, ASN51790 (SIEL, SI),
Reverse DNS: ilog.vsn.si
Software: nginx/1.16.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:43 GMT
content-length: 0
server: nginx/1.16.1

GET
H2

200

xuid
eb2.3lift.com/ Frame 19BD
Redirect Chain

https://eb2.3lift.com/xuid?mid=7354&xuid=527415736575725998&dongle=AD20
https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=527415736575725998&dongle=AD20&gdpr=1&cmp_cs=&us_privacy=

37 B
353 B

8ms
8ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=7354&xuid=527415736575725998&dongle=AD20&gdpr=1&cmp_cs=&us_privacy=
Requested by: Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=527415736575725998&agencyId=8066&advertiserId=2104127&src=tp&rnd=22938
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:43 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=7354&xuid=527415736575725998&dongle=AD20&gdpr=1&cmp_cs=&us_privacy=
date: Tue, 28 Dec 2021 05:55:43 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 plf
c1.adform.net/imatch/ Frame 19BD 0
261 B 19ms
18ms Image
text/plain 37.157.4.23
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c1.adform.net/imatch/plf?name=plfl

Requested by

Host: c1.adform.net
URL: https://c1.adform.net/imatch/pixels?uid=527415736575725998&agencyId=8066&advertiserId=2104127&src=tp&rnd=22938

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://c1.adform.net/imatch/pixels?uid=527415736575725998&agencyId=8066&advertiserId=2104127&src=tp&rnd=22938
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:43 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With

GET
H2 200 /
www.facebook.com/tr/ Frame A082 44 B
406 B 69ms
20ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=216594243652801&ev=PageView&dl=https%3A%2F%2F11067916.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCICC-sXnhfUCFUsO0wods9IKHA%3Bsrc%3D11067916%3Btype%3Dbite00%3Bcat%3Dlp_zo0%3Bord%3D7094546056878%3Bgtm%3D2wgc10%3Bauiddc%3D1286076809.1640670943%3Bps%3D1%3B~oref%3Dhttps%253A%252F%252Fzondaglobal.com%252Fen%252Fhome%3F&rl=https%3A%2F%2Fzondaglobal.com%2F&if=true&ts=1640670943373&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&it=1640670943053&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://11067916.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:43 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Tue, 28 Dec 2021 05:55:43 GMT

GET
H2 200 get_configuration Show response
api.livechatinc.com/v3.3/customer/action/ 8 KB
3 KB 189ms
189ms Script
application/javascript 2.16.186.211
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=11644358&version=919.2.2.2874.102.122.36.5.4.63.3.23&group_id=1&jsonp=__lc_static_config
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-211.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 04e97b839e0b5ab143313e5e65375b9aa52c65ff6c1342505b7ff45ed2ed8e3a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:43 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
cache-control: public, max-age=600
content-length: 2733
expires: Tue, 28 Dec 2021 06:05:43 GMT

GET
H2 200 Modal.css
zondaglobal.com/o/frontend-js-web/liferay/modal/ 1009 B
391 B 53ms
52ms Stylesheet
text/css 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zondaglobal.com/o/frontend-js-web/liferay/modal/Modal.css

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/combo/combo.css.js?browserId=other&minifierType=&languageId=en_US&b=7402&t=1640266934698&/o/js/resolved-module/@frontend-taglib-clay$clayui/modal@3.29.0/lib/Modal.js&/o/js/resolved-module/@frontend-taglib-clay$clayui/modal@3.29.0/lib/useModal.js&/o/js/resolved-module/@frontend-taglib-clay$clayui/modal@3.29.0/lib/Provider.js&/o/js/resolved-module/@frontend-taglib-clay$clayui/modal@3.29.0/lib/index.js&/o/js/resolved-module/frontend-js-node-shims$process@0.11.10/browser.js&/o/js/resolved-module/frontend-js-node-shims$process@0.11.10/index.js&/o/js/resolved-module/@liferay/frontend-js-react-web@5.0.7/js/render.js&/o/js/resolved-module/@liferay/frontend-js-react-web@5.0.7/js/ReactPortal.js&/o/js/resolved-module/@liferay/frontend-js-react-web@5.0.7/js/hooks/useEventListener.js&/o/js/resolved-module/@liferay/frontend-js-react-web@5.0.7/js/hooks/useIsMounted.js&/o/js/resolved-module/@liferay/frontend-js-react-web@5.0.7/js/hooks/useInterval.js&/o/js/resolved-module/@liferay/frontend-js-state-web@1.0.5/index.js&/o/js/resolved-module/@liferay/frontend-js-react-web@5.0.7/js/hooks/useLiferayState.js&/o/js/resolved-module/@liferay/frontend-js-react-web@5.0.7/js/hooks/usePrevious.js&/o/js/resolved-module/@liferay/frontend-js-react-web@5.0.7/js/hooks/useStateSafe.js&/o/js/resolved-module/@liferay/frontend-js-react-web@5.0.7/js/hooks/useThunk.js&/o/js/resolved-module/@liferay/frontend-js-react-web@5.0.7/js/hooks/useTimeout.js&/o/js/resolved-module/@liferay/frontend-js-react-web@5.0.7/js/index.js&/o/js/resolved-module/liferay!frontend-js-react-web$prop-types@15.7.2/lib/ReactPropTypesSecret.js&/o/js/resolved-module/liferay!frontend-js-react-web$prop-types@15.7.2/factoryWithThrowingShims.js&/o/js/resolved-module/liferay!frontend-js-react-web$prop-types@15.7.2/index.js&/o/js/resolved-module/frontend-js-web@5.0.8/liferay/modal/Modal.scss.js&/o/js/resolved-module/frontend-js-web@5.0.8/liferay/util/navigate.es.js&/o/js/resolved-module/frontend-js-web@5.0.8/liferay/modal/Modal.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6488db1488eb6e72e065e36a1af611d3513d911a69143f585662aef64f637779

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1551
cf-polished: origSize=1174
x-xss-protection: 1
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"a568b20"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
cache-control: public, max-age=315360000
cachetest: 1
cf-ray: 6c488a94b8d8d6c1-FRA
expires: Fri, 26 Dec 2031 05:55:43 GMT

GET
H2 200 combo.css.js Show response
zondaglobal.com/combo/ 10 KB
4 KB 49ms
49ms Script
text/javascript 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zondaglobal.com/combo/combo.css.js?browserId=other&minifierType=&languageId=en_US&b=7402&t=1640266934698&/o/frontend-js-aui-web/aui/cookie/cookie-min.js&/o/frontend-js-aui-web/liferay/session.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f5078ce30c4d2876e8f79a060cae5dff98461205517faf05c2f2e9131a6fd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/en/home
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1611
cf-polished: origSize=10434
x-xss-protection: 1
cf-bgj: minify
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"528cc502"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=315360000
cachetest: 1
cf-ray: 6c488a94b8e5d6c1-FRA
expires: Fri, 26 Dec 2031 05:55:43 GMT

GET
H2 200 open_chat Show response
secure.livechatinc.com/customer/action/ Frame E20A 4 KB
2 KB 171ms
163ms Document
text/html 2.16.186.211
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=11644358&group=1&embedded=1&widget_version=3&unique_groups=0
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-211.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 88f7f14f49b051237668f393c35ce8dd8ac82724ba3ec368ed93fe376956f711

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
vary: Accept-Encoding
content-length: 1987
expires: Tue, 28 Dec 2021 05:55:43 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 28 Dec 2021 05:55:43 GMT

GET
H2 200 get_localization Show response
api.livechatinc.com/v3.3/customer/action/ 11 KB
4 KB 488ms
487ms Script
application/javascript 2.16.186.211
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://api.livechatinc.com/v3.3/customer/action/get_localization?license_id=11644358&version=ae864b109b85f5ea248e52050fc10cfd_998509aefe557ca10f030cf6c0654460&language=en&group_id=1&jsonp=__lc_localization
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-211.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c5b7b8929eb0aaa8a646a84edd4f491cd282c76362b138f80a4382cf5739383b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:44 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
cache-control: public, max-age=600
content-length: 3780
expires: Tue, 28 Dec 2021 06:05:44 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E20A 5 KB
1 KB 44ms
17ms Stylesheet
text/css 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin-ext&display=swap

Requested by

Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=11644358&group=1&embedded=1&widget_version=3&unique_groups=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bbe8bd333c75c3e97aac49b24c1aa31372d35a7a05e91dc623875773d89db069

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.livechatinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 28 Dec 2021 04:31:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 28 Dec 2021 05:55:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Dec 2021 05:55:43 GMT

GET
H2 200 0.6277fa2f.chunk.js Show response
cdn.livechatinc.com/widget/static/js/ Frame E20A 208 KB
65 KB 20ms
19ms Script
application/javascript 2.16.186.211
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/static/js/0.6277fa2f.chunk.js
Requested by: Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=11644358&group=1&embedded=1&widget_version=3&unique_groups=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-211.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 844e98d5b0f809123ee66643269a08ba5cdd1c5d0763d5ec1f1c22316324fbe1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.livechatinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: f4lZ1mWUbrTjNBZOr9uugttlvgc0f4Iq
content-encoding: br
last-modified: Wed, 22 Dec 2021 09:05:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: W/"1306cff2a5f94ea7e5b07521340cbee6"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
date: Tue, 28 Dec 2021 05:55:43 GMT
content-length: 65918
x-amz-cf-id: die5V3DgZSBEp8P9ngC8he_HQlnKGFncfK0SR_r5b8bWczUUDPDsIQ==
expires: Wed, 28 Dec 2022 05:55:43 GMT

GET
H2 200 2.48fa8972.chunk.js Show response
cdn.livechatinc.com/widget/static/js/ Frame E20A 217 KB
62 KB 33ms
33ms Script
application/javascript 2.16.186.211
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/static/js/2.48fa8972.chunk.js
Requested by: Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=11644358&group=1&embedded=1&widget_version=3&unique_groups=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-211.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 53514e9357a8c815a249a7fba55ac8e7c49ae95378697efe10c3e9b56e867133

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.livechatinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: eDl2iNU0tuAUHZqf_2Ka.R9mOs5YM50i
content-encoding: br
last-modified: Wed, 22 Dec 2021 09:05:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: W/"05a58454557e8ba30e83b443a98942a4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
date: Tue, 28 Dec 2021 05:55:43 GMT
content-length: 62977
x-amz-cf-id: oLHNccA4P4FXygS0OrdcslxoWuTiwJ1S95pkLdpTLXe3YGW-2SSGUg==
expires: Wed, 28 Dec 2022 05:55:43 GMT

GET
H2 200 iframe.5ef470ed.chunk.js Show response
cdn.livechatinc.com/widget/static/js/ Frame E20A 401 KB
108 KB 37ms
36ms Script
application/javascript 2.16.186.211
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/static/js/iframe.5ef470ed.chunk.js
Requested by: Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=11644358&group=1&embedded=1&widget_version=3&unique_groups=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-211.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: fa5e550ff5dc4fe425290f42c9d35da7b5b5e620d6d5bfcc38fe25d266dc0c16

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://secure.livechatinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: jPs74NV.xLKc33UUku4e8OauebuR8tKN
content-encoding: br
last-modified: Wed, 22 Dec 2021 09:05:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: W/"02639e2488d6118e093ba75316b4e7bd"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
date: Tue, 28 Dec 2021 05:55:43 GMT
content-length: 109807
x-amz-cf-id: GqmF9tpM5tK4kKh46WMyUGrc0T88vKvdggrjrcLAxqvNTPOrPw49Uw==
expires: Wed, 28 Dec 2022 05:55:43 GMT

GET
H2 200 o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v21/ Frame E20A 16 KB
16 KB 30ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v21/o-0IIpQlx3QUlC5A4PNr5TRA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://secure.livechatinc.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 21 Dec 2021 16:59:56 GMT
x-content-type-options: nosniff
age: 564947
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16056
x-xss-protection: 0
last-modified: Tue, 14 Sep 2021 16:44:52 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 21 Dec 2022 16:59:56 GMT

GET
H2 200 o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v21/ Frame E20A 16 KB
16 KB 33ms
11ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v21/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin-ext&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://secure.livechatinc.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 17:55:18 GMT
x-content-type-options: nosniff
age: 475225
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16180
x-xss-protection: 0
last-modified: Tue, 14 Sep 2021 16:43:44 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 22 Dec 2022 17:55:18 GMT

POST
H2 200 token Show response
accounts.livechatinc.com/customer/ Frame E20A 138 B
1 KB 146ms
138ms XHR
application/json 2.16.186.211
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.livechatinc.com/customer/token
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/widget/static/js/0.6277fa2f.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.211 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-211.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 57249c9fecce40dea78ae325f087feb42e2ea6c141bc536bbe21448901ddd42f

Request headers

Referer: https://secure.livechatinc.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 28 Dec 2021 05:55:44 GMT
content-type: application/json
access-control-allow-origin: https://secure.livechatinc.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 138
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 livechat_icon.png
zondaglobal.com/o/bb-theme/images/ 7 KB
7 KB 26ms
25ms Image
image/png 104.18.31.178
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zondaglobal.com/o/bb-theme/images/livechat_icon.png

Requested by

Host: zondaglobal.com
URL: https://zondaglobal.com/o/bb-theme/css/main.css?browserId=other&themeId=bbtheme_WAR_bbtheme&minifierType=css&languageId=en_US&b=7402&t=1640266942000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.31.178 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54f161d029751d7dc7c5f9f634e6cbbd3e52c1bfe707dcf977a709cdce4bd9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://zondaglobal.com/o/bb-theme/css/main.css?browserId=other&themeId=bbtheme_WAR_bbtheme&minifierType=css&languageId=en_US&b=7402&t=1640266942000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:44 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1558
content-length: 6913
x-xss-protection: 1
last-modified: Sat, 06 Nov 2021 20:14:06 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "58f3fd4b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=315360000
cachetest: 1
accept-ranges: bytes
cf-ray: 6c488a9c2f57d6c1-FRA
expires: Fri, 26 Dec 2031 05:55:44 GMT

GET
H3 200 /
www.facebook.com/tr/ Frame A082 44 B
90 B 17ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=216594243652801&ev=Microdata&dl=https%3A%2F%2F11067916.fls.doubleclick.net%2Factivityi%3Bdc_pre%3DCICC-sXnhfUCFUsO0wods9IKHA%3Bsrc%3D11067916%3Btype%3Dbite00%3Bcat%3Dlp_zo0%3Bord%3D7094546056878%3Bgtm%3D2wgc10%3Bauiddc%3D1286076809.1640670943%3Bps%3D1%3B~oref%3Dhttps%253A%252F%252Fzondaglobal.com%252Fen%252Fhome%3F&rl=https%3A%2F%2Fzondaglobal.com%2F&if=true&ts=1640670944877&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&it=1640670943053&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://11067916.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 05:55:44 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Tue, 28 Dec 2021 05:55:44 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ghbmnnjooekpmoecnnnilnnbdlolhkhi
URL: chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js

Domain: global.ib-ibi.com
URL: https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=527415736575725998

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

114 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.accounts.livechatinc.com/v2/customer/token	1970-01-20 17:15:42	Name: __lc_cid Value: 0f774341-ce75-40c1-784f-1b869e4ab0e5
.accounts.livechatinc.com/v2/customer/token	1970-01-20 17:15:42	Name: __lc_cst Value: e39931ea290511b0b7d99cfc554c623d4f84c1e54c4784b136bc4a250349b2c16ab9dc9d3ff431018e87f85b802079024512d55f5717fa4a97eb2702d858
.accounts.livechatinc.com/customer/token	1970-01-20 17:15:42	Name: __lc_cid Value: 0f774341-ce75-40c1-784f-1b869e4ab0e5
.accounts.livechatinc.com/customer/token	1970-01-20 17:15:42	Name: __lc_cst Value: e39931ea290511b0b7d99cfc554c623d4f84c1e54c4784b136bc4a250349b2c16ab9dc9d3ff431018e87f85b802079024512d55f5717fa4a97eb2702d858
metflix.pl/	1969-12-31 23:59:59	Name: PHPSESSID Value: 3a47a9ab054acf4756e3753d4086f7e5
metflix.pl/	1970-01-23 15:20:30	Name: locale Value: pl_PL
t2712.am-track.pl/	1969-12-31 23:59:59	Name: PHPSESSID Value: caffa171cf9186cf7da3fdaaf6485a94
t2712.am-track.pl/	1970-01-23 15:20:30	Name: locale Value: pl_PL
thmep.bitbay.net/	1970-01-21 18:56:30	Name: thx_guid Value: 9abfe4b045814c15ad89d95f0508682e
h.online-metrix.net/	1970-01-21 18:56:30	Name: thx_global_guid Value: 58f5f32f11a04725ad5289a4e39a23d7
auth.bitbay.net/	1970-01-20 08:30:06	Name: lang Value: en-US
auth.bitbay.net/	1970-01-20 01:54:06	Name: referrer_code Value: mafhGi
auth.bitbay.net/	1970-01-20 01:54:06	Name: referrer_banner_name Value: null
auth.bitbay.net/	1970-01-20 01:54:06	Name: referrer_banner_lang_code Value: undefined
.zondaglobal.com/	1970-01-20 01:54:06	Name: _gcl_au Value: 1.1.1286076809.1640670943
zondaglobal.com/	1970-01-19 23:54:35	Name: AWSALBAPP-1 Value: _remove_
zondaglobal.com/	1970-01-19 23:54:35	Name: AWSALBAPP-2 Value: _remove_
zondaglobal.com/	1970-01-19 23:54:35	Name: AWSALBAPP-3 Value: _remove_
zondaglobal.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: 2C59E666424E130668FA5A960E872F75
zondaglobal.com/	1970-01-19 23:54:35	Name: AWSALBAPP-0 Value: AAAAAAAAAAAyiesJ6cRPIxBxHyMyqGWLfcEBNPjgEGc75NXIgLXZiPHET246gAAn8TEXYAQKB8/1X/ShXWeeaFTDAZkSdctZTJVFCPYcD3tq2LkCcUvS212C6q8cMaOnNJHo1aH1g7HQEig=
zondaglobal.com/	1970-01-20 11:44:30	Name: zonda_accept_cookies Value: false
zondaglobal.com/	1970-01-20 11:44:30	Name: zonda_marketing_cookies Value: false
.zondaglobal.com/	1970-01-20 17:15:42	Name: _ga Value: GA1.2.1711601758.1640670943
.zondaglobal.com/	1970-01-19 23:45:57	Name: _gid Value: GA1.2.1757827604.1640670943
.zondaglobal.com/	1970-01-19 23:44:31	Name: _gat_UA-57643029-8 Value: 1
.doubleclick.net/	1970-01-20 09:06:06	Name: IDE Value: AHWqTUknCzb9GC-Kc8pOYeVSLXtZa7c70EkFsLybX_BcPcQgxwQNNjvqHamOM1j6tBc
.adform.net/	1970-01-20 00:29:09	Name: C Value: 1
.adform.net/	1970-01-20 01:10:54	Name: uid Value: 527415736575725998
.adform.net/	1970-01-19 23:45:57	Name: CM Value: 1\|1
.adform.net/	1970-01-20 00:04:40	Name: CM14 Value: 1640757343_1640670943_1_Hu7u4e4e4e7u7u4REREeERERERHhEA
.seadform.net/	1970-01-20 01:10:54	Name: uid Value: 527415736575725998
.adscale.de/	1970-01-20 08:26:46	Name: uu Value: d6ecd754300d408eb102f45136b15b3f
.adscale.de/	1970-01-20 08:26:46	Name: cct Value: 1640670943390
.advertising.com/	1970-01-20 08:31:33	Name: APID Value: UPcb4062d1-67a2-11ec-81d7-06453e459354
.ih.adscale.de/	1970-01-20 08:26:46	Name: tu Value: 4#2577706682#42~527415736575725998~455741~0~0
.bidswitch.net/	1970-01-20 08:30:06	Name: tuuid Value: 62957df1-7df5-4942-82cb-8a3044671c5a
.bidswitch.net/	1970-01-20 08:30:06	Name: c Value: 1640670943
.bidswitch.net/	1970-01-20 08:30:06	Name: tuuid_lu Value: 1640670943
.facebook.com/	1970-01-20 01:54:06	Name: fr Value: 0a5Eg0W8gE2SAKVps..Bhyqbf...1.0.Bhyqbf.
.yieldlab.net/	1970-01-20 08:30:06	Name: id Value: ddfa4df3-8057-4d48-bc70-2e9663aabe08
.casalemedia.com/	1970-01-20 08:30:06	Name: CMID Value: Ycqm304I7Qn80G.qFf079QAA
.casalemedia.com/	1970-01-20 01:54:06	Name: CMPS Value: 5206
.360yield.com/	1970-01-20 01:54:06	Name: tuuid Value: e4a884bf-6674-488e-a27c-4973bc243945
.360yield.com/	1970-01-20 01:54:06	Name: tuuid_lu Value: 1640670943
.casalemedia.com/	1970-01-20 01:54:06	Name: CMPRO Value: 1218
.casalemedia.com/	1970-01-19 23:45:57	Name: CMST Value: Ycqm32HKpt8A
.casalemedia.com/	1970-01-20 08:30:06	Name: CMRUM3 Value: 6f61caa6df2760527415736575725998
ads.stickyadstv.com/	1970-01-20 01:10:54	Name: uid-bp-617 Value: 527415736575725998
ads.stickyadstv.com/	1970-01-20 00:27:42	Name: UID Value: ce2b4453438a4f766a4a9aa436e44e7c
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: sessionId Value: c96b838b6b1f78c526439f5673f419
.360yield.com/	1970-01-20 01:54:06	Name: um Value: !42,JvaU433Vjxcd5Q7nsQS8AZkg659PVIrJ6eJA6ycbHHA=,1641880543
.360yield.com/	1970-01-20 01:54:06	Name: umeh Value: !42,0,1702878943,-1
.eyeota.net/	1970-01-19 23:44:31	Name: SERVERID Value: 16923~DM
.semasio.net/	1970-01-20 08:30:06	Name: SEUNCY Value: D8D20A0C6F3E029E
zondaglobal.com/	1969-12-31 23:59:59	Name: LFR_SESSION_STATE_20105 Value: 1640670943540
.exelator.com/	1970-01-20 02:37:18	Name: EE Value: "7813ec6ab6936a7c178a2f61b05b34f2"
.yahoo.com/	1970-01-20 08:30:28	Name: A3 Value: d=AQABBN-mymECECWbbQmc1tczZnzyyffAlbUFEgEBAQH4y2HUYQAAAAAA_eMAAA&S=AQAAAuSe2MyFL3pmIqQrhP0fKoY
.exelator.com/	1970-01-20 02:37:18	Name: ud Value: "eJxrXxzq6XKLQcHcwtA4NdksMcnM0tgs0TzZ0Nwi0SjNzDDJwDTJ2CTNaHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq0yNJsSX5RZvoiF9fFRSlpDItKik8F7%252Ft%252FDgBuwyrF"
.analytics.yahoo.com/	1970-01-20 08:31:33	Name: IDSYNC Value: 1760~22c5
.yahoo.com/	1970-01-20 00:34:33	Name: APID Value: UPcb4062d1-67a2-11ec-81d7-06453e459354
.yahoo.com/	1970-01-19 23:45:57	Name: APIDTS Value: 1640670943
.4dex.io/	1970-01-20 01:10:54	Name: uids Value: eyJ1aWRzIjp7ImJpZHN3aXRjaCI6eyJ1aWQiOiI2Mjk1N2RmMS03ZGY1LTQ5NDItODJjYi04YTMwNDQ2NzFjNWEiLCJleHBpcmVzIjoiMjAyMi0wMi0yNlQwNTo1NTo0My41NzE5NzIzOTVaIn19LCJiZGF5IjoiMjAyMS0xMi0yOFQwNTo1NTo0My41NzE5Mjk5ODdaIn0=
cm.adsafety.net/	1970-01-20 08:30:06	Name: UID Value: CM12021122805937f64825319e8d3aef
.adsafety.net/	1970-01-20 08:30:06	Name: cm_uid Value: CM12021122805937f64825319e8d3aef
.onaudience.com/	1970-01-20 08:30:06	Name: cookie Value: 3999c8bd9115674b
.crwdcntrl.net/	1970-01-20 06:13:16	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 06:13:16	Name: _cc_id Value: 37d026a6643e6d09ce06e6b1a013f123
.crwdcntrl.net/	1970-01-20 06:13:18	Name: _cc_cc Value: "ACZ4XmNQMDZPMTAySzQzMzFONUsxsExONTBLNUsyTDQwNE4zNDJmAILEU8vug2goAABRQAsg"
.crwdcntrl.net/	1970-01-20 06:13:18	Name: _cc_aud Value: "ABR4XmNgYGBIPLXsPpCCAgAg%2FwKx"
.mathtag.com/	1970-01-20 09:10:26	Name: uuid Value: 5f0561ca-a6df-4400-b6cd-c3ac67183131
tags.adsafety.net/	1970-01-20 08:30:06	Name: UID Value: 7d01cd39ad40bc95b469c524b7dbf962
tags.adsafety.net/	1970-01-20 08:30:06	Name: DID Value: 7d01cd39ad40bc95b469c524b7dbf962
tags.adsafety.net/	1970-01-20 08:30:06	Name: IDT Value: 100
tags.adsafety.net/	1970-01-20 08:30:06	Name: cookie_ver Value: 2
tags.adsafety.net/	1970-01-20 00:27:42	Name: block_reset Value: 1
.adsafety.net/	1970-01-20 08:30:06	Name: ct_uid Value: 7d01cd39ad40bc95b469c524b7dbf962
.adsafety.net/	1970-01-20 08:30:06	Name: ct_did Value: 7d01cd39ad40bc95b469c524b7dbf962
.adsafety.net/	1970-01-20 08:30:06	Name: ct_idt Value: 100
.adnxs.com/	1970-01-20 01:54:06	Name: uuid2 Value: 3175450700954040848
.pubmatic.com/	1970-01-20 00:27:42	Name: KRTBCOOKIE_391 Value: 22924-527415736575725998&KRTB&23263-527415736575725998
.pubmatic.com/	1970-01-20 00:27:42	Name: PugT Value: 1640670943
.pubmatic.com/	1970-01-20 01:54:06	Name: PUBMDCID Value: 3
cm.adsafety.net/	1970-01-20 08:30:06	Name: permanent Value: 1
.krxd.net/	1970-01-20 04:03:42	Name: _kuid_ Value: OkTIZsqJ
.agkn.com/	1970-01-20 08:30:06	Name: ab Value: 0001%3AGLa%2BYkR6ZJqTQZbojMCMdyI68rmw3Nzc
.adfarm1.adition.com/	1970-01-20 01:54:06	Name: UserID1 Value: 7046628043692963993
.adnxs.com/	1970-01-20 01:54:06	Name: anj Value: dTM7k!M4/YErk#WF']wIg2GU)uA52h!]tbPl1MO?+q([.UbW52aZ`$_a_vV'a_-0'[QUKJd$>YCvYi(4!_6-zQEVk`!(QK(c(W08
ads.smartstream.tv/	1970-01-20 08:30:06	Name: DID Value: 7d01cd39ad40bc95b469c524b7dbf962
ads.smartstream.tv/	1970-01-20 08:30:06	Name: idt Value: 100
ads.smartstream.tv/	1970-01-20 08:30:06	Name: permanent Value: 1
ads.smartstream.tv/	1970-01-20 00:27:42	Name: cm_uid Value: CM12021122805937f64825319e8d3aef
.w55c.net/	1970-01-20 09:14:45	Name: wfivefivec Value: lY1pZAuL1N25sz5
.w55c.net/	1970-01-20 00:27:42	Name: matchadform Value: 5
.adsrvr.org/	1970-01-20 08:30:06	Name: TDID Value: 7a61c5b7-b5db-4aaa-8980-d8653c8d3f50
.demdex.net/	1970-01-20 04:03:42	Name: demdex Value: 39998085032659055671417648284766197305
.id5-sync.com/	1970-01-19 23:44:31	Name: cf Value:
.id5-sync.com/	1970-01-19 23:44:31	Name: cip Value:
.id5-sync.com/	1970-01-19 23:44:31	Name: cnac Value:
.id5-sync.com/	1970-01-19 23:44:31	Name: car Value:
.id5-sync.com/	1970-01-19 23:44:31	Name: gdpr Value:
.id5-sync.com/	1970-01-19 23:44:31	Name: callback Value:
.adsrvr.org/	1970-01-20 08:30:06	Name: TDCPM Value: CAESFgoHc2VtYXNpbxILCJK_5_-W9KQ6EAUYBSABKAIyCwiE3resrfSkOhAFOAE.
.dpm.demdex.net/	1970-01-20 04:03:42	Name: dpm Value: 39998085032659055671417648284766197305
.weborama.fr/	1970-01-20 09:16:11	Name: AFFICHE_W Value: KSaHhbrQEDAp41
cm.adsafety.net/	1970-01-20 08:30:06	Name: cache0 Value: KzFHSk9wMUZsMkpMMjlsMzBXenlaK0hBb1RkOVZucjhnQ1E3dExxRE54aUVENGNKZ1FhdDBkelBFTG5zbkxxVnFicnlWeEgrcUVoOG9YdTlOQ042RExUbHhEbTJWdUF6aldKKzRvMVlnS2o5RHVhcTNQZDJGNUkyTXRKMXJUc0JLK1lUYWtLcnBZdHRxM01IcnluTEFWSDMvd2pGdGVqWEFBZ1A0a2lQbkx5VUZzZVI0dHcxRlBqV2VVNkRJby9DNHdpaFJoTU1WSHA3bTk1OVc5eVdBbDMrMEdIUlMyNHN6UE05ekwvSXhiWE5FNHQ4dVZrRlpCWmJZcEdTYk5lUjVSUGlPVktlVTRmYUFybGFndk9xUEpxNnk3TVdOZFVWR0JSRVhXRlRuZmtsbDFxc3pxa1Y2b2UzMzVtYVNWUEJaQ0RnelZhN3RBaWlvYnQyQjN4SGI5RjZBaW1tSnlZcFZaMUxzb1l0N05TRzJzYk41RTFFdzRqZHkxMFVXcWVya2VVMldpMDRrU3NweEVEWklwcXR1OVgvcjRnQ1Qydk5pclRqMWtnVEtyZUxFNVFoS25JZVBtSlRvSTN3R0dPcXc2RVl1dnVleWZWYU56cXFLVnNMK3JYS3kzWkoxYnBhdmhlRmloaTkvNnk1TFZOZ3hoM3ArSHk4UDR4NmN2U0w5SWs1NlBVUHFpMFdyV3lzYytkT2plNGFmd2pCdUh5eGxnTHBjSlBJT2NTVlozRGpuUmxNTkk3ZVRTdEhYdVdvTnVLQnhWaWJFK0pxWkZoWVd6ZmJoRGNOd3hMbUw1czY2N2g1YjRBenJDTnkyL0FtdVc2Q3Nibm45QkNySHljKy9MVzNNczBGTU5iQnpPYXFQempZZFJlaCtlTGlOejJ2bzM4dm1jQVZEZW8vZEllM0hGeXNCbGZBd3h4YUVQdVNVNS8xWmpRT1VCR05VNVBxNDVsWlI5N1lpWFNYMUhWYVUxdURReHFnNDBOMFRIczRKVXRhaFpoWEdGVXVWTVA3NFk1YUpPdkF3M1J5OEo1ZjNQSmpjQnNNMmZZaDJ2R2ZQWTU4aFhOZUhReU9LSEwwODF3TDV3YTIxM3hhNFpKTGRHV3F1Y1JPcnlicVFJb0JaQk5BQVE9PQ%3D%3D
.bluekai.com/	1970-01-20 04:03:42	Name: bkdc Value: phx
.bluekai.com/	1970-01-20 04:03:42	Name: bkpa Value: KJpEnXTLu5DlBMRt1nnwEnWNBE/l1ExNBpRpBEzNBpvN+nx99JVUYOA=
.bluekai.com/	1970-01-20 04:03:42	Name: bku Value: aG/99BIZ0Zs1g+Q3
.tapad.com/	1970-01-20 01:10:54	Name: TapAd_TS Value: 1640670943887
.tapad.com/	1970-01-20 01:10:54	Name: TapAd_DID Value: eb8d7c85-014e-4825-897e-4c1979e72814
.1dmp.io/	1970-01-20 08:30:06	Name: uid Value: cb8b2720-67a2-11ec-ae6b-901b0ea4a41b
.tapad.com/	1970-01-20 01:10:54	Name: TapAd_3WAY_SYNCS Value:
.3lift.com/	1970-01-20 01:54:06	Name: tluid Value: 14208823910303840735
.audrte.com/	1969-12-31 23:59:59	Name: arcki2 Value: 4hdMPDO8yheTeigNAjuh1PGPw!20210804!1640670944125

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://auth.bitbay.net/ref/mafhGi(Line 35) Message: The key "target-densitydpi" is not supported.
security	error	URL: https://thmep.bitbay.net/m8yLQT_7bbzQ8Cfy?ecacb0200160fca3=sDGusfdy_Y-L1oZHCuNlkbOn7xGAb8IvrXs8mZyoroXPSgajjlqjKVOt5p9Wn2aRKK5y9nafBPLvI68M2F54NbK-17OTAokayqoezu7tL4ZywPKbyWtxOJnwaGsxygu3IVX0DgvPT02arsPGwpHydPlOBscG-PpCqVs0V5-CcKQojFVnrtA3AUmc-x8yT18MABzgPTfGf6AXAf4l&jb=363b26266a736d75354c6b6c77702662716d354e696c77702e687162753f4368726f6567246873623d436a72676d67273038393e(Line 526) Message: Refused to connect to 'chrome-extension://ghbmnnjooekpmoecnnnilnnbdlolhkhi/page_embed_script.js' because it violates the following Content Security Policy directive: "connect-src .bitbay.net www.google-analytics.com stats.g.doubleclick.net https://thmep.bitbay.net wss://127.0.0.1:".
network	error	URL: https://idsync.rlcdn.com/398366.gif?partner_uid=527415736575725998 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://global.ib-ibi.com/image.sbmx?go=302927&pid=567&xid=527415736575725998 Message: Failed to load resource: net::ERR_EMPTY_RESPONSE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

11067916.fls.doubleclick.net
8wmmckk2wgzoc54bba6iwbtog6ozqnr6q7bzym7r2798482e94dd5fb5am1.e.aa.online-metrix.net
a.audrte.com
aa.agkn.com
accounts.livechatinc.com
ad.360yield.com
ad.yieldlab.net
ads.smartstream.tv
ads.stickyadstv.com
adservice.google.com
api.adrtx.net
api.livechatinc.com
api.zonda.exchange
auth.bitbay.net
beacon.krxd.net
bitbay.net
c1.adform.net
cdn.livechatinc.com
cm.adsafety.net
cm.g.doubleclick.net
connect.facebook.net
dmp.adform.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
eu-u.openx.net
fonts.googleapis.com
fonts.gstatic.com
ghbmnnjooekpmoecnnnilnnbdlolhkhi
global.ib-ibi.com
h.online-metrix.net
id5-sync.com
idsync.rlcdn.com
ih.adscale.de
load77.exelator.com
loadm.exelator.com
match.adsrvr.org
match.contentexchange.me
metflix.pl
mp.4dex.io
pdw-adf.userreport.com
pixel.advertising.com
pixel.mathtag.com
pixel.onaudience.com
pixel.tapad.com
pm.w55c.net
ps.eyeota.net
redirect.frontend.weborama.fr
rtb-csync.smartadserver.com
s.ad.smaato.net
s2.adform.net
s3-eu-west-1.amazonaws.com
secure.adnxs.com
secure.livechatinc.com
server.seadform.net
simage2.pubmatic.com
sync.1dmp.io
sync.crwdcntrl.net
sync.teads.tv
t2712.am-track.pl
tags.adsafety.net
tags.bluekai.com
thmep.bitbay.net
token.rubiconproject.com
track.adform.net
uipglob.semasio.net
ups.analytics.yahoo.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
x.bidswitch.net
zondaglobal.com
ghbmnnjooekpmoecnnnilnnbdlolhkhi
global.ib-ibi.com
104.111.215.191
104.111.218.85
104.111.242.245
104.18.25.204
104.18.31.178
104.18.4.135
13.248.245.213
139.162.141.41
142.250.181.226
143.204.98.67
172.217.18.102
18.192.154.98
18.194.0.84
18.194.149.16
18.198.69.109
185.253.212.10
185.253.212.22
185.33.221.50
185.64.189.110
185.86.137.133
2.16.186.211
2.18.233.201
2.18.234.21
2.18.234.233
2600:9000:2156:3000:1b:5138:8a40:93a1
2606:4700::6812:272
2a00:1450:4001:802::200a
2a00:1450:4001:802::200e
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2008
2a00:1450:4001:82a::2004
2a00:1450:4001:830::2003
2a02:6ea0:c700::2
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.126.56.137
3.33.220.150
34.253.7.226
34.98.64.218
35.157.138.20
35.190.16.14
35.227.248.159
35.244.174.68
37.157.4.23
37.157.4.25
37.157.5.73
46.19.11.36
51.210.112.236
51.89.21.21
52.17.84.146
52.212.131.178
52.218.61.75
52.57.150.20
52.59.43.26
54.236.81.149
54.77.170.127
69.173.144.139
77.243.60.138
80.82.217.103
80.82.217.90
85.114.159.118
88.99.213.228
91.235.132.130
91.235.133.182
91.235.134.131
99.81.7.40
038c73770fb9c6471c2c1dd6732b6b5dade7c0e91439870ada736f346ae99367
041509fc96ca7d2006abd62ad868d4bab103dd7b3e237160d02227470cc1819e
04e97b839e0b5ab143313e5e65375b9aa52c65ff6c1342505b7ff45ed2ed8e3a
0578c5b1e7a7a9fd55f9dd6ecef3f0d3a4e85621a7c34db244241c474597d63c
064cf733ed723dc07f2f1e6352fc4e3cd94e6ccbb703e0858ae876dd61cf503f
0697b8ab081118b72804fe4ea3f787df160586b1579920bee9b1344611b988dc
08a5b4640ae47597411474baea7eceacd3f8836f2a62f4b67415d6d00b007cb5
0a31784adba1ce41cf393075d18257778963b1a23686ab0df042a192e6818ff1
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b6ee815005e308fb4ed57e68792ac193f50b8228669a96e74fd143ceb09660e
0b9b95a8f180d68e201f11507c8a55009cf4f36413c62cf573385b57272c8a78
0e0d57b3914d314a1861cc645cfae03a68c24c358509378fe59bf1958b0ce473
0e176ef90451b49354814f8ea600b41a324303da2e32a39cb5391d7319aa9e56
0e7b214ecb69cd14a1a6b28647a3e42fc2dd1131833127a2ab80f4742a2d9845
0f92fac5680b5b3e1556da5af56cf8df5672b42404d786131743235b879bbdac
0ff0079e3ff3b68d6229f4932a30eb933ea4b95a864e13b125478d5b58eadf79
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1333aa4a064a364119704044aa496a0598bd965bac929c6c75494f158c093adb
1798895e2a9d54bc996f9c93892684120ccb172b7a299aeb21d4070b972d8398
17bdf02c485ab5922152dc4b128a3a81132c4cd95b1fb76511742314ddacd07b
18bfc08e011cd5e22efaa33383035017ba45cae222b1b22975c93c2b0dcaeaf7
1d1c473711acee95b8209215583cc8bde5523a848da32f67fd4fab94aa882412
1d7c93318151f920ae2532b7a6209806b00849609740bfce4503124b15b9e55a
1e1af3c8c0303ad35b009f33467ed2be33af1b36365860a1a3e921eabbbb75ba
232d85c549d8d263bdcc9b04594c2250d1f69908836e3fdd7a569598009ad6af
26d3d3f00fc7598c073216a79a7ba823d7810f1adf88f8b22b742e6baebf70e7
273b706529e1a1e7d6a4259e560d59698608bee774bd008687321ea9d3b68855
28663a027d16f6d78f1d6ddf57b533a4874c23c1d3ccea385272ad39c99e5708
295409307a58f3d19608932eac3c022cff1cacc8671dd26b5614a28f7e25e0b0
2bcfecf4e322b3f99622c3676eec7b957936d5b43a7ae834383a00e22f734c15
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32e0f8aeabd31326a01e7f31302a0b4520ce6b2e3459830ca99887c5b065c93e
3520a0803d966b560a6f1b7ec4e37099dc67358c81543f4ef041770de497dca8
36ca8ca0dbd9383be7f7fd6dd6e681b7d7277a30a80da56d204a1ca5898c42c7
37c23692911627de98052251a08cb3867f9c3cb20f63c299ee6e616d9e18fb1f
3999582fb177425b731c07e225b747c4caa2dffc4b4a955909c8a7c917c03b4c
3d12aea2aadb062872367688861deec642a3d95ef5a6ed614a564bb2dc3348c7
3e2d88733ca6bfa244902adc890a363abc4d1c6a516956958a7a3ee5b138aab3
40ee5bfc1c0bae68c1be2fdd171d2f7c2560957d1c0f562aa78d631e0e1e72c0
412d4a4ef61edeb1f8a919e757335fb9a99fe77a7e246977ea34464b9e3e9f38
42b20e6857b927ccb1868f265bc23da0741445f005ff7f4f4d482810fadbec6c
435867edd1e291db229e174b728791c00a7dc9b6ea55be0e8cc520f07f477f07
4446743f5fa3a720f527cf75ef45e593aa0eb3815bdb39f1460481a008edd764
44b7f1ad16f106d1bc0b5c6b3b39f0c977365e007ed9190ca42f58ef07df9ec1
46f6de5b231bd9fca34494992624c7b361198891ec857b21cae6897ef8afc3ec
494374acf38125324e9267d218b2bcd7effd2b7444befba96f2d68db0b9c5dcd
4a9f53c02752e79270686f1b2a3616b86d3af1ea2a288f2977e34b1141d552ec
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d555b614123be8e646d5b3634a8c9cfbb4084cf239332376f486fa6f3488121
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
53299ce2578c6ba8f3cd2c835a21333f5a420784b92e7cd3f4dd0163fc1aa206
53514e9357a8c815a249a7fba55ac8e7c49ae95378697efe10c3e9b56e867133
538def15898527062092f1d61fbcbf4ec6ee0caeb034995c353ed45e03b68bf0
542c88650971dd1f66e7cab581a8721f0992ebee60b00d2f7b436a55af8d68d2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54f161d029751d7dc7c5f9f634e6cbbd3e52c1bfe707dcf977a709cdce4bd9d6
54f9990fe66f4ecd06aaebfebc196a86d87c62e69fcd124b3eec4ff272752197
54fa53f16edf3be75aa9f24219447255a67d928d6fa16e9ae2353e06d2d1f956
55686b9ff53fb46c9d6774894b64d28377d4d4b8d8a1b5f09ca7ce323fe65e6b
57249c9fecce40dea78ae325f087feb42e2ea6c141bc536bbe21448901ddd42f
5c6818c584158155e6299b16d98be1da40a15301e45f091d1e9142f51138a542
6488db1488eb6e72e065e36a1af611d3513d911a69143f585662aef64f637779
65cd5474836015c29a472b0d183f967095b6e9e0df41ae229e59b97382ebdc2a
6635f653d962cb416c47f50acd3f12d6634e6f7cc04a2e6172e6fc23462b133d
688ab60844a5fa6e24987e63286e3b8b7e6abce9dee183944c6e85ad7055fe72
6ac196699455c98dd7d739918316b3ecedaaddbee7cf3ae8729d61be256b2a29
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6be684f42defb3faa33b5b2414c75c69d2f678f282398328a4fc09580f04369f
6ee3e1412fc103279f1a00452cec83432a6af4123057bffedb33694afa70b7ed
728d737fcaf96bd201e94c140bbd717f449376aa267e6ce7ec4aa0f472c318cf
77d651d1e097b56cc3783f480a5b061daacebfc43ffbaa745cd8b5e4734656ad
784333ceb0d567efddfed77938f34477d51f01a4514bf917d0860f1303904af3
7c1c860924fafb9eebfc8701ba0d5a916256bdadde41e6460f637431a529400b
800d8bdf5287f74e0b52c2bb9f05deb2cac5207974ae04c6066be58683813f5a
8113c6c147563e17a804b20f8d5efa07b01ff3b45d0cbeb672a7ec378f6d2edb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
844e98d5b0f809123ee66643269a08ba5cdd1c5d0763d5ec1f1c22316324fbe1
849d47138548650338c43a8be62d6dcfe4fe5c0224ba857e4b637b5678231e86
888702d0df85a5e99aea0de4359f0591e927238e28397b354314381aa8391e6e
889d54e6d4b40c7ff7d50cf9e0db62f92afb9914439d310087141362d8382451
88f7f14f49b051237668f393c35ce8dd8ac82724ba3ec368ed93fe376956f711
893ea01fba0f87af5cf8331633c2a285f1488e892f7c22ee1f2ab138d5825eaf
8967d2ee7184bdd19ccf15590af635cd6ac1f8ebfdcf047b74e5bf45c382ec63
89a1d582187ba54f05cb0aa8ed5449f9f82693f68af91213f1d3d454974f05da
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8beec539128cea621e511cd54f21a0d17ff891a16a0ebd7a98a3e4fbc00bd0e5
8c1ffb869f22c8ecdc41df5ab845764608315e1e5ee488a1a5f835ee878ef79f
8dc1d9272fe8d16576920b5a1169473cdebca4a420ec90505fb0e4f59271dd5a
8e78771e37f99dcef4e0061170c541a77be6f9553abb55d9e02e50375c6cff7d
8ff1f52949f55990f416e3ce6072ff0902b444d27109de18c3f59a3e8551049a
90129f240a801ae74fcebeb726c3f5c8f9cac4cc863b76f7d79f0a5db48d7431
9088e80b5b5c4f6d7084da9890a9731ae99fad3abf4efb9adba97bff1e49fb1d
90fa50e87929f6d5499ec38fcbc1ab56105797221ef532c2eb271630e6f0e165
94d53a15f9b275b24a2ba271b07c60c3eed0109bf102297f15cebb726c6fc1e8
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
961fc31710917b6a329651fb58a234d17b9a4b86152102149fa56aca86f30449
96a83fafa4c1169ef6e46eca48f6d3134bac2aa5130c38b088441a27c8d94d01
981e31483504d8276c1d73623ffbb598ff2f8133cf9a3f9ae974b99cf0338c34
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a96c5d5100e711c91f69b5274a902ab65754f18407a26f89b1fbf75ee751b09
9c8d9943c7ce3741dc7a6b25613813f184e41e32366ce8d4275995b2cf75ca95
9ecc0aa44394c05e16eb4a20d6d7833f9f73bf791117263ef63a3d753e913b8c
9fcaea48ee4eeb976c780f0c7f4a10499faa09382fe5f362c95eb8b5c6abcc5f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2009a2f867f1e6ef52e8a681c8d833f56a4ad95cd4c2bd833e3826585071dd8
a21e7bf2c1a605147d69f01ec8e639c8932a860bcb27db2f681d7b11f1464c1d
a2b0223558ad5f0df8e19c7ec88efceb3204d4e9d1b5dc978405ffd842c69c10
a393e91d4372b7e4db96d31f867a3ecdd9f82a42ca3969dd46f2d28fbd5aa2cf
ac05cf2f322135dae495d23ddb16595e627ec9f3d0caec391b1c2b30e44a5aae
af2c7b168dd6a82db74a55be622ce834aaf20d7123aeab2b31c0abb7f0a86d8b
af637968f5cae9b4fb3842fb632f6ffe38e938fd25ad15120fe62d4fa30aebdb
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b14adadd97d94aa65355a6400c3b9c608bc2430087587d45af15de8dfa21bc47
b14cc3d1295373649800f81fa8e2cc979f78a2f917a7433ed83cb4e42e4dd577
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b47274951b94a18ad44ee13538a0836d8271e9f0b394e00e617f69e8e79328cd
b4fe606ebab4f03ee6627173de7801f8e3ef11c1d6bce3d1b8c6827ce0e4f77b
b72c61c281561433b7272f7ee86b617fd92dc9aa6206ca95e54cc0d60cb07115
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb44eade649e7a55dc5d83a19f3b0a3731db1c3b4d9cad2aa46a9e5de9b6315e
bbe8bd333c75c3e97aac49b24c1aa31372d35a7a05e91dc623875773d89db069
bd464518156340a3f5f1a325455c6a0f8d0dc722bacf693cea28aeeb009a40fb
bfc1054b2a69014b52dbbefda94f9cbe34f95191d6b04819e3072e5acce070d1
c0181270371f693cff19be64542f10284d839c3620b35c21a39bd58c1769efd9
c1628c2a4f54fdfc9607157064a6e3f565865937a833431a5e6870605d3adbd6
c1e91e2509442f202aed6069ff83f8a517a59f89988b6530eff4ce7c05cccee2
c3473392ba7517ae5183cb0e54309ca1e38b940942a5dc76668ba4ed627b949f
c410c25ad09db3154c4147a3d6d073ca4d0ccf6b23b1d15a8a67dc5c1f1e8be0
c4af2ef426869117722de1b0ed53da0f4c960c4279c3a1d71ed2f7c1d99e8546
c5b7b8929eb0aaa8a646a84edd4f491cd282c76362b138f80a4382cf5739383b
c793197b725c7a1a4259b517e7bc12f26e31f3d0ce59dd07b2e01a618b919ecf
cc893f248122605770334307591cd6493d4968312b4b99286715c7b3c36c29d8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d80d5f47f2148b83cdb614c936e0f57dc617aeb529b6d0bcb41c7825dd60625c
d882dc402676ce6198c7a1ff4ac856b6c99e4c5fe15812004cd77015e6d7bc0b
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea8722b798ebcffb7c2153bd508a31d7636551afadddbd33a2db2d6243f6cea8
ed9ff1969808360d46add96943546fbbdfc9d0164a31ec1a67bb55ed3ba74422
ee1853b52df46148fffb5587553c8b2d373b857f6aba39ff01acf545acdd9140
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efe2e1d9742c32c88cb3a40045e992cd48be9a6ddf775db428044e4fd455cf83
f1b7f9e6a780f7577c5207307554c1fc3809b8324ef4a06ea973dee4c2ef15be
f77119e2e81db0163256e3cc102c9e0c2971c30f969b424df1d07f5140d73010
f7f5078ce30c4d2876e8f79a060cae5dff98461205517faf05c2f2e9131a6fd9
fa5e550ff5dc4fe425290f42c9d35da7b5b5e620d6d5bfcc38fe25d266dc0c16
fbc9717bda28a4fbdf32f4d2f21c6ab7aebc4da3926005e0b1dd65c483c05939
fcc440df8665b6a80addaf89c865a2a7de439db15b9d4d517c3b4b61814dbf22
fea555e8b0d35bb8642ec537e493dcf88340df37446a5b6a4624b262d7bfcbf3
fed20e1dc92efff38bb90f1eddaa6fe94e1709dd9d001b47c8d3745124542eb6
fefd17a9062726a9c02460ed30686daf1aec3f454bbc26097cbcf60ab1692b1a

zondaglobal.com Open in urlscan Pro 104.18.31.178 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

206 Requests

86 %HTTPS

18 %IPv6

61 Domains

75 Subdomains

50 IPs

10 Countries

2941 kBTransfer

59885 kBSize

114 Cookies

9 Outgoing links

Page URL History

Redirected requests

206 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

zondaglobal.com Open in urlscan Pro
104.18.31.178 Public Scan

Screenshot
Live screenshot

Full Image

206
Requests

86 %
HTTPS

18 %
IPv6

61
Domains

75
Subdomains

50
IPs

10
Countries

2941 kB
Transfer

59885 kB
Size

114
Cookies

206 HTTP transactions
0 data transactions