zaly.online Open in urlscan Pro
2606:4700:3033::6815:3c43 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://zaly.online/
Submission: On November 28 via api (November 28th 2023, 4:00:33 am UTC) from US — Scanned from US

Summary HTTP 239 Redirects Behaviour Indicators

Summary

This website contacted 36 IPs in 4 countries across 33 domains to perform 239 HTTP transactions. The main IP is 2606:4700:3033::6815:3c43, located in United States and belongs to CLOUDFLARENET, US. The main domain is zaly.online.
TLS certificate: Issued by GTS CA 1P5 on November 14th 2023. Valid for: 3 months.

This is the only time zaly.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	2606:4700:303... 2606:4700:3033::6815:3c43	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:4006:80f::2008	15169 (GOOGLE) (GOOGLE)
2	2a02:6ea0:c45... 2a02:6ea0:c454::1	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2400:52e0:1a0... 2400:52e0:1a00::1069:1	200325 (BUNNYCDN) (BUNNYCDN)
8	212.124.124.115 212.124.124.115	47328 (TRI-AS Di...) (TRI-AS DigitalOne AG)
6	2607:f8b0:400... 2607:f8b0:4008:815::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:36::181	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:400c:c05::9c	15169 (GOOGLE) (GOOGLE)
51	2607:f8b0:400... 2607:f8b0:4008:813::2002	15169 (GOOGLE) (GOOGLE)
4 20	2607:f8b0:400... 2607:f8b0:4006:816::2002	15169 (GOOGLE) (GOOGLE)
2	171.244.164.171 171.244.164.171	7552 (VIETEL-AS...) (VIETEL-AS-AP Viettel Group)
40	2607:f8b0:400... 2607:f8b0:4008:800::2001	15169 (GOOGLE) (GOOGLE)
2 5	2607:f8b0:400... 2607:f8b0:4008:805::2004	15169 (GOOGLE) (GOOGLE)
10	2607:f8b0:400... 2607:f8b0:4008:806::2002	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4008:809::200a	15169 (GOOGLE) (GOOGLE)
7	2607:f8b0:400... 2607:f8b0:4008:815::2003	15169 (GOOGLE) (GOOGLE)
1 2	34.237.166.117 34.237.166.117	14618 (AMAZON-AES) (AMAZON-AES)
7	2607:f8b0:400... 2607:f8b0:4008:801::2006	15169 (GOOGLE) (GOOGLE)
8	142.250.176.194 142.250.176.194	15169 (GOOGLE) (GOOGLE)
7 20	142.250.217.226 142.250.217.226	15169 (GOOGLE) (GOOGLE)
4 8	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 6	68.67.179.155 68.67.179.155	29990 (ASN-APPNEX) (ASN-APPNEX)
3	142.250.81.230 142.250.81.230	15169 (GOOGLE) (GOOGLE)
3	2600:9000:213... 2600:9000:2137:3400:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
7	23.51.58.26 23.51.58.26	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	52.45.157.3 52.45.157.3	14618 (AMAZON-AES) (AMAZON-AES)
2	172.217.3.66 172.217.3.66	15169 (GOOGLE) (GOOGLE)
1 2	23.44.203.13 23.44.203.13	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:21d... 2600:9000:21da:8800:19:fc2c:a140:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4008:804::200a	15169 (GOOGLE) (GOOGLE)
4 4	2606:ae80:145... 2606:ae80:1451:21::440	25751 (VALUECLICK) (VALUECLICK)
1 1	69.90.254.78 69.90.254.78	13768 (COGECO-PEER1) (COGECO-PEER1)
1 1	2600:1f18:4e9... 2600:1f18:4e9:5a07:d3af:beee:a4a3:137e	14618 (AMAZON-AES) (AMAZON-AES)
1 1	51.222.39.186 51.222.39.186	16276 (OVH) (OVH)
2 3	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
1 1	23.55.235.224 23.55.235.224	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2607:f8b0:400... 2607:f8b0:4008:806::2003	15169 (GOOGLE) (GOOGLE)
1	143.47.125.171 143.47.125.171	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
8	2600:1f18:1ac... 2600:1f18:1aca:4280:bd8:1771:243e:3319	14618 (AMAZON-AES) (AMAZON-AES)
2 2	54.165.156.137 54.165.156.137	() ()
1 2	2606:4700::68... 2606:4700::6812:18ad	() ()
2 2	35.211.178.172 35.211.178.172	() ()
2 2	5.161.204.250 5.161.204.250	() ()
239	36

16 2606:4700:3033::6815:3c43 (United States)

ASN13335 (CLOUDFLARENET, US)

zaly.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80f::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6ea0:c454::1 (New York, United States)

ASN60068 (CDN77 ^_^, GB)

plausible.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1a00::1069:1 (Chicago, United States)

ASN200325 (BUNNYCDN, SI)

cdn.unibotscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 212.124.124.115 (Reston, United States)

ASN47328 (TRI-AS DigitalOne AG, CH)

aj1559.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2607:f8b0:4008:815::200e (Bradenton, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:36::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400c:c05::9c (Charleston, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

51 2607:f8b0:4008:813::2002 (Bradenton, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2607:f8b0:4006:816::2002 (United States) 4 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 171.244.164.171 (Hanoi, Viet Nam)

ASN7552 (VIETEL-AS-AP Viettel Group, VN)
PTR: dynamic-ip-adsl.viettel.vn

server.zmedia.vn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 2607:f8b0:4008:800::2001 (Bradenton, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4008:805::2004 (Bradenton, United States) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2607:f8b0:4008:806::2002 (Bradenton, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4008:809::200a (Bradenton, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4008:815::2003 (Bradenton, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.237.166.117 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-166-117.compute-1.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4008:801::2006 (Bradenton, United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.176.194 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 142.250.217.226 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: mia07s62-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.64.151.101 (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 68.67.179.155 (North Bergen, United States) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.81.230 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s74-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2137:3400:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.51.58.26 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-51-58-26.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.45.157.3 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-157-3.compute-1.amazonaws.com

usbank.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.3.66 (United States)

ASN15169 (GOOGLE, US)
PTR: mia07s54-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.44.203.13 (Secaucus, United States) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-44-203-13.deploy.static.akamaitechnologies.com

acxmetrics.usbank.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21da:8800:19:fc2c:a140:93a1 (United States)

ASN16509 (AMAZON-02, US)

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4008:804::200a (Bradenton, United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:ae80:1451:21::440 (United States) 4 redirects

ASN25751 (VALUECLICK, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.90.254.78 (Herndon, United States) 1 redirects

ASN13768 (COGECO-PEER1, CA)

ums.acuityplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:4e9:5a07:d3af:beee:a4a3:137e (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.222.39.186 (Canada) 1 redirects

ASN16276 (OVH, FR)
PTR: ip186.ip-51-222-39.net

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:6b8::90 (Moscow, Russian Federation) 2 redirects

ASN208722 (GLOBAL_DC, FI)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.55.235.224 (Newark, United States) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-55-235-224.deploy.static.akamaitechnologies.com

analytics.pangle-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4008:806::2003 (Bradenton, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.47.125.171 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:1f18:1aca:4280:bd8:1771:243e:3319 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.165.156.137 (None, ) 2 redirects

ASN- ()

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (None, ) 1 redirects

ASN- ()

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.178.172 (None, ) 2 redirects

ASN- ()

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 5.161.204.250 (None, ) 2 redirects

ASN- ()

sync-dmp.mobtrakk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
91	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	987 KB
46	doubleclick.net 11 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 78 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 245 ad.doubleclick.net — Cisco Umbrella Rank: 154 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 439	325 KB
16	zaly.online zaly.online	197 KB
13	adsafeprotected.com 1 redirects pixel.adsafeprotected.com — Cisco Umbrella Rank: 736 static.adsafeprotected.com — Cisco Umbrella Rank: 587 dt.adsafeprotected.com — Cisco Umbrella Rank: 570	104 KB
10	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	541 KB
9	gstatic.com www.gstatic.com fonts.gstatic.com	112 KB
8	moatads.com z.moatads.com — Cisco Umbrella Rank: 647 mb.moatads.com — Cisco Umbrella Rank: 744 px.moatads.com — Cisco Umbrella Rank: 593	116 KB
8	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625	5 KB
8	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
8	aj1559.online aj1559.online — Cisco Umbrella Rank: 60218 Failed	81 KB
7	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	160 KB
6	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 246	5 KB
6	google.com 2 redirects analytics.google.com — Cisco Umbrella Rank: 157 www.google.com — Cisco Umbrella Rank: 2	1 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	42 KB
4	dotomi.com 4 redirects dclk-match.dotomi.com — Cisco Umbrella Rank: 3451	2 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31 ajax.googleapis.com — Cisco Umbrella Rank: 364	33 KB
3	yandex.ru 2 redirects an.yandex.ru — Cisco Umbrella Rank: 5085	954 B
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	232 KB
2	mobtrakk.com 2 redirects sync-dmp.mobtrakk.com	744 B
2	bidswitch.net 2 redirects x.bidswitch.net	2 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com s.tribalfusion.com	1 KB
2	w55c.net 2 redirects pm.w55c.net	2 KB
2	usbank.com 1 redirects acxmetrics.usbank.com — Cisco Umbrella Rank: 12126	1 KB
2	demdex.net 1 redirects usbank.demdex.net — Cisco Umbrella Rank: 18517	1 KB
2	zmedia.vn server.zmedia.vn — Cisco Umbrella Rank: 71361	4 KB
2	plausible.io plausible.io — Cisco Umbrella Rank: 10361	2 KB
1	pangle-ads.com 1 redirects analytics.pangle-ads.com — Cisco Umbrella Rank: 2858	1022 B
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 746	388 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492	713 B
1	acuityplatform.com 1 redirects ums.acuityplatform.com — Cisco Umbrella Rank: 1309	684 B
1	agkn.com d.agkn.com — Cisco Umbrella Rank: 755	614 B
1	unibotscdn.com cdn.unibotscdn.com — Cisco Umbrella Rank: 26964	121 KB
0	extend.tv Failed sync.extend.tv Failed
239	33

	Domain	Requested by
51	pagead2.googlesyndication.com	aj1559.online pagead2.googlesyndication.com tpc.googlesyndication.com zaly.online googleads.g.doubleclick.net ad.doubleclick.net www.gstatic.com server.zmedia.vn www.googletagservices.com
40	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net zaly.online
20	cm.g.doubleclick.net	7 redirects googleads.g.doubleclick.net
20	googleads.g.doubleclick.net	4 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net zaly.online
16	zaly.online	zaly.online
10	www.googletagservices.com	googleads.g.doubleclick.net zaly.online www.googletagservices.com s0.2mdn.net
8	dt.adsafeprotected.com	googleads.g.doubleclick.net
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
8	www.googleadservices.com
8	aj1559.online	zaly.online aj1559.online
7	s0.2mdn.net	googleads.g.doubleclick.net zaly.online s0.2mdn.net
7	www.gstatic.com	googleads.g.doubleclick.net
6	px.moatads.com	googleads.g.doubleclick.net
6	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com server.zmedia.vn
5	www.google.com	2 redirects tpc.googlesyndication.com googleads.g.doubleclick.net
4	dclk-match.dotomi.com	4 redirects
3	an.yandex.ru	2 redirects
3	static.adsafeprotected.com	pixel.adsafeprotected.com googleads.g.doubleclick.net
3	ad.doubleclick.net	googleads.g.doubleclick.net www.googletagservices.com zaly.online
3	fonts.googleapis.com	googleads.g.doubleclick.net
3	www.googletagmanager.com	zaly.online www.googletagmanager.com
2	sync-dmp.mobtrakk.com	2 redirects
2	x.bidswitch.net	2 redirects
2	pm.w55c.net	2 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	acxmetrics.usbank.com	1 redirects googleads.g.doubleclick.net
2	googleads4.g.doubleclick.net	zaly.online
2	usbank.demdex.net	1 redirects googleads.g.doubleclick.net
2	pixel.adsafeprotected.com	1 redirects zaly.online
2	server.zmedia.vn	aj1559.online
2	plausible.io	zaly.online plausible.io
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	mb.moatads.com	z.moatads.com
1	analytics.pangle-ads.com	1 redirects
1	onetag-sys.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	ums.acuityplatform.com	1 redirects
1	ajax.googleapis.com	s0.2mdn.net
1	d.agkn.com	googleads.g.doubleclick.net
1	z.moatads.com	s0.2mdn.net
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	cdn.unibotscdn.com	zaly.online
0	sync.extend.tv Failed	googleads.g.doubleclick.net
239	46

This site contains no links.

Subject Issuer	Validity	Valid
zaly.online GTS CA 1P5	`2023-11-14` - `2024-02-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
plausible.io R3	`2023-10-30` - `2024-01-28`	3 months	crt.sh
cdn.unibotscdn.com R3	`2023-11-27` - `2024-02-25`	3 months	crt.sh
aj1559.online R3	`2023-10-20` - `2024-01-18`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
server.zmedia.vn R3	`2023-09-25` - `2023-12-24`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M01	`2023-03-29` - `2024-04-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2023-10-25` - `2024-10-24`	a year	crt.sh
*.agkn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-09-07` - `2024-09-29`	a year	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2023-06-20` - `2024-07-20`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M02	`2023-05-09` - `2024-06-07`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 31 frames:

Primary Page: https://zaly.online/
Frame ID: 005304F0EB2A7F6555DD3511F463E198
Requests: 50 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: E30A69A61A3C15547967FE4B20B0C0F7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3130448679272231&output=html&adk=1812271804&adf=3025194257&lmt=1701143153&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x1080_r&format=0x0&url=https%3A%2F%2Fzaly.online%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~5&ascmds=1&aslcwct=300&asacwct=50&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701144026530&bpp=5&bdt=1150&idt=333&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5891447285237&frm=20&pv=2&ga_vid=1315140130.1701144026&ga_sid=1701144027&ga_hid=1864439633&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079654%2C44807405%2C44807763%2C44808149%2C44808285%2C44809054&oid=2&pvsid=3510725109261731&tmod=1102444141&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=358
Frame ID: 81967BAE6DEB6EA78316A9C1409A766B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3130448679272231&output=html&h=280&slotname=2381384350&adk=3213702284&adf=2759072096&pi=t.ma~as.2381384350&w=620&fwrn=4&fwrnh=100&lmt=1701143153&rafmt=1&format=620x280&url=https%3A%2F%2Fzaly.online%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701144026556&bpp=3&bdt=1176&idt=342&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5891447285237&frm=20&pv=1&ga_vid=1315140130.1701144026&ga_sid=1701144027&ga_hid=1864439633&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=184&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079654%2C44807405%2C44807763%2C44808149%2C44808285%2C44809054&oid=2&pvsid=3510725109261731&tmod=1102444141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=349
Frame ID: 6D5030A146B7CE043A0F9B6111539F4C
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A806F48D1D50CBA2E9035B8C302B0CE7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4CDAF4F41C7C80851082E547E8463E3D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 547A612BB4B3E8244D05536432D2011D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3130448679272231&output=html&h=280&adk=1980682340&adf=3750240013&pi=t.aa~a.1383163065~rp.4&w=940&fwrn=4&fwrnh=100&lmt=1701143153&rafmt=1&to=qs&pwprc=4365785914&format=940x280&url=https%3A%2F%2Fzaly.online%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701144028574&bpp=1&bdt=3194&idt=1&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51474cc3657465e7%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MbhfGLvMgVxjGDwVhkCy0kJo_etKg&gpic=UID%3D00000da452bb580f%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MaW2imH7PGd5p1aCMH2z2qBmuttGQ&prev_fmts=0x0%2C620x280&nras=2&correlator=5891447285237&frm=20&pv=1&ga_vid=1315140130.1701144026&ga_sid=1701144027&ga_hid=1864439633&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=2649&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079654%2C44807405%2C44807763%2C44808149%2C44808285%2C44809054&oid=2&psts=AOrYGskhb-bZ7MQrozXSy7Ek8nsl5PD-gOgYuW20QgE0XHCEki0MqEZEipt_O9oJN6aeg0_Mbeca7wjj2xirwRKtspJJkg&pvsid=3510725109261731&tmod=1102444141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6
Frame ID: 9B4BDD3A68C4C10ED4BC3C9AD20AC256
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 836FC2AFA214B6D9930E99B85D6D35A2
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 201ED01222081A85A2AC38487967C5DE
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: FE2A98D641E098C30FB250961057C59E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 0CAB047BA7E8E97FD6F3A58144CFCAD0
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIKFJhD-xHYYmOqa3AEwAQ&v=APEucNUguMZZcsMyOq4qx4bBgoKS82I3IAP4rTSZqwvc7gq2iu5yB9eKwWadtNdlZXwkLL4r_VKARgtJJCL_99AUphCDP5F6iw
Frame ID: 4ACCD9B79CB2C0277E3D4F52ABE4E5DD
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 2CE849854069DB6572B880ACEC87781C
Requests: 41 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNWYlwEQ__S4ARjmp-z9ATAB&v=APEucNVZHRaUD1Vp4vrgyynxoOPa_uPuhEs11Xq2IXUGy17980piMRl5bBeEEoEPYPTjzDNDe6F059b4Jya-qZ_BDufDKXCixA
Frame ID: 3BDC18C9F701FFA885137AC44A3B32FA
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js
Frame ID: 5841534465EC43DDCA0707A5193FB223
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 5C13FB816ABECAFE5F5D059CDA825EF8
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js
Frame ID: 380CA47B5D1A3BCA8A2BA47271D7A441
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 37DB37C9B507D2E4C78C7C802D86AE1B
Requests: 3 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js?tag=client_fast_engine_2019
Frame ID: 31FD72BD3BFB67AE80F1521FC45FF729
Requests: 21 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 0EB2513FA3B8EEAF9CD2C130E9F1B886
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js
Frame ID: 40E003EDD9CA93DAD12C3AD05594F072
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js
Frame ID: 90DD0DF9608AEE672413559E817589EB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 6D294F29C6963E9D1C046D3D3DC05781
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 32C41999B124F28B14E97BB0B077A2CF
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/214269559785654871/index.html?ev=01_250
Frame ID: 2682C3DA48545A344DF734CB29D943E5
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3130448679272231&output=html&h=250&slotname=6538754230&adk=3030280808&adf=299928974&pi=t.ma~as.6538754230&w=300&lmt=1701143153&format=300x250&url=https%3A%2F%2Fzaly.online%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701144029756&bpp=2&bdt=4376&idt=2&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51474cc3657465e7%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MbhfGLvMgVxjGDwVhkCy0kJo_etKg&gpic=UID%3D00000da452bb580f%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MaW2imH7PGd5p1aCMH2z2qBmuttGQ&prev_fmts=0x0%2C620x280%2C940x280%2C1600x1200%2C160x600%2C160x600%2C1005x124&nras=6&correlator=5891447285237&frm=20&pv=1&ga_vid=1315140130.1701144026&ga_sid=1701144027&ga_hid=1864439633&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1300&ady=944&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079654%2C44807405%2C44807763%2C44808149%2C44808285%2C44809054&oid=2&psts=AOrYGskhb-bZ7MQrozXSy7Ek8nsl5PD-gOgYuW20QgE0XHCEki0MqEZEipt_O9oJN6aeg0_Mbeca7wjj2xirwRKtspJJkg%2CAOrYGskwXkveVVZvs1-wDcxk_-1mgLpzGlIdMHzkEeNJWvkvVOuaBcYqvphc3ol8_lbZBfxcooWbelubZV0QcG2ioe6blruFfBrJbAzQmbHVN-OA77o&pvsid=3510725109261731&tmod=1102444141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&fsb=1&dtd=8
Frame ID: 45DAF24FBB5C3D258119AFF94A2D9128
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js
Frame ID: D8C2A502C66B884AE129F2AFEE1129B4
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: CF0E25D3ACE24028A1EF15F597B7C193
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 778FFB055873F87B035BD0334032ED62
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js
Frame ID: 3F7C638923A82322D043D990AA27749F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Zaly.Online

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Yandex.Direct (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://an\.yandex\.ru/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

239
Requests

88 %
HTTPS

56 %
IPv6

33
Domains

46
Subdomains

36
IPs

4
Countries

3077 kB
Transfer

8313 kB
Size

31
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 96

https://googleads.g.doubleclick.net/pagead/adview?ai=CrxWD2mVlZenGOazlvPIPgaaNyA3JluyWdI2HrZv_EbCQHxABIKmJ7IoBYMnujovApIwQoAGn7qDSA8gBAqgDAcgDyQSqBLwBT9AJv7-Cywpj5y50COteHvDDbUK6NEHh9MaWXY-eHvePg4lrp5rKdkXy4aXELiGSbk1nKIBRSXjVlIFxUS4tb0yq7dBmGeQsU8BxfIKNJ478wdGcoNJ5l16v3iNRTidqsBfVLVGwqr7NsWusHJjmn66Y27LtjZq7GIW6NN4xHknPZgHHojgp1jVkIcJc2wp5jH_JUVEmE7HYsIvvxDXiIA6RyRaIlhSAUfwW_uU4lzhP7zb97Cm5h7jzqYHABJ2j08SWBIgF7fui0EmSBQQIBBgBkgUECAUYBKAGAoAHwZHfLagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEELHRZNIIHQiAYRABGB8yAooCOgKAQEi9_cE6WP_ov6vn5YIDmgltaHR0cHM6Ly93d3cudmlsbGEuZWR1L2dyb3cteW91ci1wb3RlbnRpYWwvP3V0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09ZGlzcGxheSZ1dG1fY2FtcGFpZ249Z2VuZXJhbC1hdWRpZW5jZYAKAcgLAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAtoMEQoLEOCZn4TN1pyx0QESAgED2BMN0BUBgBcBshccChoIABIUcHViLTMxMzA0NDg2NzkyNzIyMzEYAA&sigh=ZZlGxHTrx4I&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgDICaaN5jCgdMEV9KOYhqw8Et8d697m3AiaZZTS2hpQJ5Ki4Fc86gR3m3njpniUGctz4anQMpqU0Exb86I5Znoe4o6kuhChmEWSkMcVIhgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x226d16466797ae030000000000000000%22,%222%22:%220xee2ea3547fed90660000000000000000%22,%223%22:%220xb108c9535706f17e0000000000000000%22,%224%22:%220xb502f3ecfed60ef0000000000000000%22,%225%22:%220x49aa1e69dc9a8ae10000000000000000%22},%22debug_key%22:%2213463495911180650171%22,%22debug_reporting%22:true,%22destination%22:%22https://villa.edu%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22977811239%22],%224%22:[%2211-28%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2244452866232556289%22}&andc=true

Request Chain 97

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKn4e-PP9VF6OPE75AsLVv8&google_cver=1

Request Chain 98

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWVl3RPlwzLHUoESsLJE9QAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKn4e-PP9VF6OPE75AsLVv8&google_cver=1

Request Chain 99

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEDh60NXdTIJAVvOiO1oUAkU&google_cver=1

Request Chain 100

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTgxNzk3MTUwODgxOTkyMjcxNw%3D%3D

Request Chain 102

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKn4e-PP9VF6OPE75AsLVv8&google_cver=1

Request Chain 103

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWVl3RPlwzLHUoESsLJE9QAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKn4e-PP9VF6OPE75AsLVv8&google_cver=1

Request Chain 104

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEDh60NXdTIJAVvOiO1oUAkU&google_cver=1

Request Chain 105

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTgxNzk3MTUwODgxOTkyMjcxNw%3D%3D

Request Chain 111

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 138

https://googleads.g.doubleclick.net/pagead/adview?ai=CKEVt2mVlZbHyOL-9xtYPxoGZmAXJluyWdK2IrZv_EbCQHxABIKmJ7IoBYMnujovApIwQoAGn7qDSA8gBAqgDAcgDyQSqBMMBT9BiCcnris2HII-0tE9z2AZ1gMbrbua8ckLwfGbasZ8AEE9ymceLEIaKubEVDczuajarZF6SMnMlMZ3tJs1i8FT3mfIVuGe5pFX5A8fPgYQL4f3WT85ryit_dzTq7j84mega0CVqcKy4ePS-ng7m_evlEIzh8mp8kYhsvT6S10SBOr7TRHkWhQDSFdEW9eC6cf6hwNa_HMvgsfSC7RXS5uYrnr8JRP4HXbp7-z-ASFPSp1wDi1LEVXerViKf7zYmVmJGwASdo9PElgSIBe37otBJkgUECAQYAZIFBAgFGASgBgKAB8GR3y2oB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCrszXSCBQIgGEQARgfMgKKAjoCgEBIvf3BOpoJbWh0dHBzOi8vd3d3LnZpbGxhLmVkdS9ncm93LXlvdXItcG90ZW50aWFsLz91dG1fc291cmNlPWdvb2dsZSZ1dG1fbWVkaXVtPWRpc3BsYXkmdXRtX2NhbXBhaWduPWdlbmVyYWwtYXVkaWVuY2WACgHICwGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQLaDBEKCxCw69rOwrnw4OgBEgIBA9gTDdAVAYAXAbIXHAoaCAASFHB1Yi0zMTMwNDQ4Njc5MjcyMjMxGAA&sigh=apCCj7BVT20&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgDICaaNzGapUP_jDz8i-qY4SI_3oXXYpssJEwCQ5UboSK3hXoOLwhNXrAAo6DffKfnUBolvpa1OAVq_E4ETCqH2y0J80taok7A_blnPQxgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x226d16466797ae030000000000000000%22,%222%22:%220xee2ea3547fed90660000000000000000%22,%223%22:%220xb108c9535706f17e0000000000000000%22,%224%22:%220xb502f3ecfed60ef0000000000000000%22,%225%22:%220x49aa1e69dc9a8ae10000000000000000%22},%22debug_key%22:%2212262638905288099247%22,%22debug_reporting%22:true,%22destination%22:%22https://villa.edu%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22977811239%22],%224%22:[%2211-28%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222051644339744000209%22}&andc=true

Request Chain 167

https://usbank.demdex.net/event?d_event=imp&d_src=181138&d_creative=183441212&d_campaign=28975896&d_placement=352599115&d_site=3330315&d_bust=2877588321 HTTP 302
https://usbank.demdex.net/firstevent?d_event=imp&d_src=181138&d_creative=183441212&d_campaign=28975896&d_placement=352599115&d_site=3330315&d_bust=2877588321

Request Chain 171

https://acxmetrics.usbank.com/1/d/c.gif?aqet=imp&adv=6219544&ca=28975896&cr=183441212&pl=352599115&sid=3330315&sg=0&puu=AMsySZa-eDbp4KiQ6o_EaOfXyjDN&geo=ct=US&st=NY&city=13347&dma=16&zp=14202&bw=4&r=2877588321&img=true HTTP 302
https://acxmetrics.usbank.com/d/a.gif?gdpr=T&img=true&tt=c.gif&reload=true&z_evid=F55EABEADA4F7D738E33BB0147BDA64322361DDCF0245B7F4E3FD3EBD6BE9BCF

Request Chain 184

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEIZXvsvm_Bxl_8BaWPLxpq8&google_cver=1&google_push=AXcoOmR-OC8neh9ej8HxtNnGP-_w500sk7u0vzDdWgl3Id88zgCFVBW3OWQOaW3pk-fUoVN8RkRzNvSklWToFmdlyzbzFRdIW2DAmQ HTTP 302
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=5ae7fbf93c4f0fbd&is_secure=true&networkId=14000&version=1&google_gid=CAESEIZXvsvm_Bxl_8BaWPLxpq8&google_cver=1&google_push=AXcoOmR-OC8neh9ej8HxtNnGP-_w500sk7u0vzDdWgl3Id88zgCFVBW3OWQOaW3pk-fUoVN8RkRzNvSklWToFmdlyzbzFRdIW2DAmQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAFl2oUjZ-JuQMSqNRaAAAAAAA&expiration=1701230430&google_cver=1&is_secure=true&google_gid=CAESEIZXvsvm_Bxl_8BaWPLxpq8&google_push=AXcoOmR-OC8neh9ej8HxtNnGP-_w500sk7u0vzDdWgl3Id88zgCFVBW3OWQOaW3pk-fUoVN8RkRzNvSklWToFmdlyzbzFRdIW2DAmQ

Request Chain 185

https://ums.acuityplatform.com/tum?umid=4&uid=CAESEOcpOw--LSXDLdaVVMxq_8Q&google_cver=1&google_push=AXcoOmQNVljckAkRhPnQAkDGFlDeK1ZKPmOV9CPhRUeriOgxVJ5nnC_Djd0IKv70tChoke6duF-sr63dL8lDX59ylch7diOcKmntBAc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=857704199194&us_privacy=1---

Request Chain 187

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJ0YUci0fR7ankA9WFx4jWI&google_cver=1&google_push=AXcoOmREi6rbZ6R_CsrU2t3Nf7eNfCMLMfEZ242HRSNwQE_WK21IaeVchH7SL2PxrQ7jPX-YhFupx4Iexrmm8eaXqz1167vNcUNFgyw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmREi6rbZ6R_CsrU2t3Nf7eNfCMLMfEZ242HRSNwQE_WK21IaeVchH7SL2PxrQ7jPX-YhFupx4Iexrmm8eaXqz1167vNcUNFgyw&google_hm=eS1iQ19oc3lkRTJwSDM5WmlIbHFJakdDT2toQ20uV1lEYn5B

Request Chain 188

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEE89yBAZJcCEz64dX6zmLio&google_cver=1&google_push=AXcoOmS-5dDYem_jKRvhZV0GdPrXcUFnMbDVa-hJBGz_1hTWZ-vlxjXRmh5pA-NUhgFrIjHB1bIpxAXvt__bABaYipVk87bvHL9fu0M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmS-5dDYem_jKRvhZV0GdPrXcUFnMbDVa-hJBGz_1hTWZ-vlxjXRmh5pA-NUhgFrIjHB1bIpxAXvt__bABaYipVk87bvHL9fu0M

Request Chain 189

https://an.yandex.ru/mapuid/google/CAESEA23to7bA-13wb-16u1EZXI?ext-param=AXcoOmRXCX5dN6H7uscPWn8qjjYUywmtOMRwjPuSjtdEhgicBYsmf62iTdwNIMzEQV4XLDWOZpO7IEGPHUO5XRBt3xtZKbTCBOHA49Q&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://an.yandex.ru/mapuid/google/CAESEA23to7bA-13wb-16u1EZXI?redir-setuniq=1&ext-param=AXcoOmRXCX5dN6H7uscPWn8qjjYUywmtOMRwjPuSjtdEhgicBYsmf62iTdwNIMzEQV4XLDWOZpO7IEGPHUO5XRBt3xtZKbTCBOHA49Q&partner-tag=yandex_ag&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEA23to7bA-13wb-16u1EZXI&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
https://an.yandex.ru/resource/spacer.gif

Request Chain 190

https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEBYDJgM-rp449SinTMnNzeQ&google_cver=1&google_push=AXcoOmReVI3hNTjUJXccHJP-HL6RJeqlZaL-tJGU_syysktyiXveuv0DNSqV-QUMGf2Dqg5M9A7cDbl09EapwCOmCfb-KWRpSsTPSZOH HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmReVI3hNTjUJXccHJP-HL6RJeqlZaL-tJGU_syysktyiXveuv0DNSqV-QUMGf2Dqg5M9A7cDbl09EapwCOmCfb-KWRpSsTPSZOH

Request Chain 198

https://googleads.g.doubleclick.net/pagead/adview?ai=C3JMl3GVlZdPwJdb8vPIP0dGtwALo_a_kc7D60oDkD2QQASCpieyKAWDJ7o6LwKSMEKABltufxwPIAQmpAgDspEECYbI-qAMByAPLBKoEvwFP0J66BPy0k_mVqfRfPFYhR0anISbQkrDLoQbHhd5EKkaGP5kYseSeLV9Is-l-YS2ILd06uRqaIfYB_C9fshykfDBy2iCkjHlIyc2ns696RjFGNHNVP3cS14RiN36VhDkHXeYPdHWtTMu82a5vBHgc3FtP4908OB5qQOAEhFNwp8PvhxE7j_Bwhw5aUQ0MxnNKPaammSxpK3H6aV4v7uQ5qfS8wp3GedD9dZPnkPBw1ZX3VBJd43LKvBrnrqjxQsAEx7OYnIIEiAWdqtWSQZIFBAgEGAGSBQQIBRgEoAYugAfSpOA4qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQ6IQ-0ggUCIBhEAEYHzICigI6AoBASL39wTqaCSxodHRwczovL3d3dy5jdXBhcGl6YXJyYXMuY29tL3VzYS9yZWFkeXNsYXRlL4AKAcgLAaIMECoOCgzktLEC7rWxArW4sQLaDBAKChDAoZi6z5O21XESAgEDuBPkA9gTDIgUBdAVAZgWAYAXAbIXHAoaCAASFHB1Yi0zMTMwNDQ4Njc5MjcyMjMxGAA&sigh=krkso9tXCxM&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSOwDICaaN_sGwhgwIt3K0iRS2Ih4hkchmOsxZil9tC8ZOnkgKVtC6xdtlW8Lxr_bOakO8h7Q4NkFrZMsUGAE&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x7d213793d514629c0000000000000000%22,%222%22:%220x7910bfc654cbf3c20000000000000000%22,%223%22:%220xa29d88bba27ebbff0000000000000000%22,%224%22:%220xa7bbec44de3efea00000000000000000%22,%225%22:%220x79ec60475c3bc15e0000000000000000%22},%22debug_key%22:%224185405535379266994%22,%22debug_reporting%22:true,%22destination%22:%22https://cupapizarras.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22954723734%22],%224%22:[%2211-28%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211728279715667595681%22}&andc=true

Request Chain 200

https://pixel.adsafeprotected.com/rfw/st/1841082/76634004/skeleton.js?bundleId=&ias_dspID=3&ias_campId=27647240&ias_pubId=pub-3130448679272231&ias_chanId=1&ias_placementId=19311913561&bidurl=https://zaly.online/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0j219qjRqnpuv44KFe8zdGL&adsafe_url=https%3A%2F%2Fzaly.online&adsafe_type=g&adsafe_url=https%3A%2F%2Fzaly.online%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231109%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1&adsafe_type=d&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231109%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271803%26client%3Dca-pub-3130448679272231%26fa%3D3%26ifi%3D5%26uci%3Da!5%26btvi%3D2&adsafe_type=be&adsafe_jsinfo=,id:14e4b36e-f3a4-104d-4aa0-1866a36b0755,c:vbXsXS,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-experiment-primary-5cb87bd5d6-2d69h,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:692,mot:0,app:0,maw:0,fm:tWSeZ0V+11%7C12%7C131%7C132%7C14%7C151%7C152%7C1611%7C171*.1841082-76634004%7C1711%7C1712%7C17131%7C1714%7C1811%7C1812%7C191%7C192%7C1a,idMap:171*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,tt:rjss,et:716,oid:ab17671f-8da2-11ee-9af4-6a2f95e9e08d,v:19.8.461,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js?bundleId=&ias_xappb=

Request Chain 229

https://googleads.g.doubleclick.net/pagead/adview?ai=Ckyz03WVlZcaNMda8xtYPxrW3mAXJluyWdLmpwdXlEWQQASCpieyKAWDJ7o6LwKSMEKABp-6g0gPIAQKoAwHIA8kEqgS_AU_Q47InpeWVlHTemd5QFj36b5Wo28zhjx1V1v56qKtR5qaG2jQKkNiphex3Ayc2pF0cEuueotBEgb4VTSc0xXX5LpgP0jCUoe2TMTpZRlcGEpl62dBPBgUlmBxCdZy_vh3HeDfZy-RytosIvMI3AtfowyINJkV22yCrZxFpacjMxg8nwjY3GqVwnwkXXs5Q376GxxLec5M-czZZDlcL_mQubAlKY65N6si6-0LOQouj5xnWi_1krxdowHuvvLFMwATFo9PElgSIBe37otBJkgUECAQYAZIFBAgFGASgBgKAB8GR3y2oB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDmvibSCBQIgGEQARgfMgKKAjoCgEBIvf3BOpoJcGh0dHBzOi8vd3d3LnZpbGxhLmVkdS9ncm93LXlvdXItcG90ZW50aWFsLz91dG1fc291cmNlPWdvb2dsZSZ1dG1fbWVkaXVtPWRpc3BsYXkmdXRtX2NhbXBhaWduPWdlbmVyYWwtcmVtYXJrZXRpbmeACgHICwGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQLaDBEKCxCAtKKirvvUjtUBEgIBA9gTDdAVAYAXAbIXHAoaCAASFHB1Yi0zMTMwNDQ4Njc5MjcyMjMxGAA&sigh=OnKarwvBsks&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSOwDICaaNFI68SIfABHtLH84t-WsPnDZlBdIrr5Ozru5Z4ok2EbuuHCdWgeFL1hwdLAYudfLW-Q1o1kHvGAE&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x226d16466797ae030000000000000000%22,%222%22:%220xee2ea3547fed90660000000000000000%22,%223%22:%220xb108c9535706f17e0000000000000000%22,%224%22:%220xc18682bca3a379ee0000000000000000%22,%225%22:%220x49aa1e69dc9a8ae10000000000000000%22},%22debug_key%22:%225223034509681765110%22,%22debug_reporting%22:true,%22destination%22:%22https://villa.edu%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22977811239%22],%224%22:[%2211-28%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227592563383330705489%22}&andc=true

Request Chain 230

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEIZXvsvm_Bxl_8BaWPLxpq8&google_cver=1&google_push=AXcoOmSMdRlU7R2D_xjJcAvf0QqZGjhhy5kJhWSND3y-6fdZjEMcuqWytsF-Y1SCCKJbYeI9lZhnVwconzKedRym1irhu8Z7Vz-9fTufrKhsLV20wsRdfD28AA5JhkLuisq96lnXGfAK3Lo020vcQeXqOT6IExI HTTP 302
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=109fd08f95210fbd&is_secure=true&networkId=14000&version=1&google_gid=CAESEIZXvsvm_Bxl_8BaWPLxpq8&google_cver=1&google_push=AXcoOmSMdRlU7R2D_xjJcAvf0QqZGjhhy5kJhWSND3y-6fdZjEMcuqWytsF-Y1SCCKJbYeI9lZhnVwconzKedRym1irhu8Z7Vz-9fTufrKhsLV20wsRdfD28AA5JhkLuisq96lnXGfAK3Lo020vcQeXqOT6IExI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAGBp1DtQ1YngNvt4IrAAAAAAA&expiration=1701230431&google_cver=1&is_secure=true&google_gid=CAESEIZXvsvm_Bxl_8BaWPLxpq8&google_push=AXcoOmSMdRlU7R2D_xjJcAvf0QqZGjhhy5kJhWSND3y-6fdZjEMcuqWytsF-Y1SCCKJbYeI9lZhnVwconzKedRym1irhu8Z7Vz-9fTufrKhsLV20wsRdfD28AA5JhkLuisq96lnXGfAK3Lo020vcQeXqOT6IExI

Request Chain 231

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJvj_l545kXR5aCvtfgEbYY&google_cver=1&google_push=AXcoOmR1ydp3Q4Xh0IQzTlFeZzjEWsUcdlEaVnQWwlDXIRWI7rQ6MjdVpBK6-lL44T-j795mPI_A3FGOHmTlxCCtgsUB7SDxWiujPhuraBNglA0FFGIzp7imGODh9IfZr2YQS1zoVG8CDL1tFl4K5zKQE4mH0Ac HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJvj_l545kXR5aCvtfgEbYY&google_cver=1&google_push=AXcoOmR1ydp3Q4Xh0IQzTlFeZzjEWsUcdlEaVnQWwlDXIRWI7rQ6MjdVpBK6-lL44T-j795mPI_A3FGOHmTlxCCtgsUB7SDxWiujPhuraBNglA0FFGIzp7imGODh9IfZr2YQS1zoVG8CDL1tFl4K5zKQE4mH0Ac HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=M3pzS05LRncxUjdQZ1g1&google_gid=CAESEJvj_l545kXR5aCvtfgEbYY&google_cver=1&google_push=AXcoOmR1ydp3Q4Xh0IQzTlFeZzjEWsUcdlEaVnQWwlDXIRWI7rQ6MjdVpBK6-lL44T-j795mPI_A3FGOHmTlxCCtgsUB7SDxWiujPhuraBNglA0FFGIzp7imGODh9IfZr2YQS1zoVG8CDL1tFl4K5zKQE4mH0Ac

Request Chain 232

https://a.tribalfusion.com/i.match?p=b6&u=CAESEKAu7RTJUQZmWrlfQ1q0WA8&google_cver=1&google_push=AXcoOmT-V70gshPKpEy-gAAE3bn16kYnu63kLFpkn4Bft4swVDJV8EIcvrGCExXToWB-3HV93PSnie6lKb6T4dZj7M1Fb1ENsTId-f1ubK2UzlzL_XRckG-556DJoUaTKMP43vX2ECqSt4vBTkdsbYCg93Qw0A&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmT-V70gshPKpEy-gAAE3bn16kYnu63kLFpkn4Bft4swVDJV8EIcvrGCExXToWB-3HV93PSnie6lKb6T4dZj7M1Fb1ENsTId-f1ubK2UzlzL_XRckG-556DJoUaTKMP43vX2ECqSt4vBTkdsbYCg93Qw0A%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKAu7RTJUQZmWrlfQ1q0WA8&google_cver=1&google_push=AXcoOmT-V70gshPKpEy-gAAE3bn16kYnu63kLFpkn4Bft4swVDJV8EIcvrGCExXToWB-3HV93PSnie6lKb6T4dZj7M1Fb1ENsTId-f1ubK2UzlzL_XRckG-556DJoUaTKMP43vX2ECqSt4vBTkdsbYCg93Qw0A&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmT-V70gshPKpEy-gAAE3bn16kYnu63kLFpkn4Bft4swVDJV8EIcvrGCExXToWB-3HV93PSnie6lKb6T4dZj7M1Fb1ENsTId-f1ubK2UzlzL_XRckG-556DJoUaTKMP43vX2ECqSt4vBTkdsbYCg93Qw0A%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 233

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEAnM8wbwOEyDSR-z46BCCw0&google_cver=1&google_push=AXcoOmRHfCldT_jsgBs0afimf2FKogJJJv2Vw28L09WzXmTO3wewKFKTLenYT9QiNB9zV6jCVsJ3Y3vTOI3OffHkfDZNtEkNvXJ0MuFz2-wJaXTAihkuie2_cvveBK__T6SL2MtPcb3a-fdCz8HY_X-G6y63ekg HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEAnM8wbwOEyDSR-z46BCCw0&google_cver=1&google_push=AXcoOmRHfCldT_jsgBs0afimf2FKogJJJv2Vw28L09WzXmTO3wewKFKTLenYT9QiNB9zV6jCVsJ3Y3vTOI3OffHkfDZNtEkNvXJ0MuFz2-wJaXTAihkuie2_cvveBK__T6SL2MtPcb3a-fdCz8HY_X-G6y63ekg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmRHfCldT_jsgBs0afimf2FKogJJJv2Vw28L09WzXmTO3wewKFKTLenYT9QiNB9zV6jCVsJ3Y3vTOI3OffHkfDZNtEkNvXJ0MuFz2-wJaXTAihkuie2_cvveBK__T6SL2MtPcb3a-fdCz8HY_X-G6y63ekg&google_hm=eEtB35ukS8Ojh6Ofutbo2g==

Request Chain 234

https://sync-dmp.mobtrakk.com/match/google?google_gid=CAESEFHF-P23euaIPn6n0o2eDOo&google_cver=1&google_push=AXcoOmThJ1MJsBsB-fFLnosqY5iTiXhwmCsjjeUyUHpGHbVmgOWot2PJmzUX2KZqOEghYE66gEnjtVhWtuV1tqbiHHRjzFvqkaaO0s6j4SuKz5fin3OwChC8DHvZRjC4G58yxI0LFHfu9UuaE5ylzp14OXkUcvDq HTTP 302
https://sync-dmp.mobtrakk.com/match/google?google_gid=CAESEFHF-P23euaIPn6n0o2eDOo&google_cver=1&google_push=AXcoOmThJ1MJsBsB-fFLnosqY5iTiXhwmCsjjeUyUHpGHbVmgOWot2PJmzUX2KZqOEghYE66gEnjtVhWtuV1tqbiHHRjzFvqkaaO0s6j4SuKz5fin3OwChC8DHvZRjC4G58yxI0LFHfu9UuaE5ylzp14OXkUcvDq&chk=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=992917243&google_hm=MWUxNWMyNTNjYmM2MzUyOA&google_push=AXcoOmThJ1MJsBsB-fFLnosqY5iTiXhwmCsjjeUyUHpGHbVmgOWot2PJmzUX2KZqOEghYE66gEnjtVhWtuV1tqbiHHRjzFvqkaaO0s6j4SuKz5fin3OwChC8DHvZRjC4G58yxI0LFHfu9UuaE5ylzp14OXkUcvDq

239 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
zaly.online/ 139 KB
42 KB 1106ms
1017ms Document
text/html 2606:4700:3033::6815:3c43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zaly.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:3c43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac979153353d406bad08c264561bd8a33c4e7b5444dbf23826b4f7f674ff932d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=2728, public
cf-cache-status: DYNAMIC
cf-ray: 82cfb427ad8c0cba-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 28 Nov 2023 04:00:25 GMT
last-modified: Tue, 28 Nov 2023 03:45:53 GMT
link: <https://zaly.online/wp-json/>; rel="https://api.w.org/"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vD78ss3s8aFxKDEQSL2UwfHBMmr3EWP0KYSEM%2BuSLMptcc%2BB1MhQ%2FuDiQiaklzdcuknSqp8GyOqVs0EHNJ%2Bv%2BxG5vW7AyqB8R5hF4L2G1mTuXdssknp%2BJNCM%2BUjZBXF5P1aUjwno0E9gEg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 style.min.css
zaly.online/wp-includes/css/dist/block-library/ 107 KB
15 KB 40ms
38ms Stylesheet
text/css 2606:4700:3033::6815:3c43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zaly.online/wp-includes/css/dist/block-library/style.min.css?ver=bb270fba1988038f5680f75b7475565e
Requested by: Host: zaly.online
URL: https://zaly.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3c43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zaly.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:00:25 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 Nov 2023 03:52:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1531159
etag: W/"654b0603-1add3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AYDy3JDONY%2Fv1mzOFf28rWaaZRzh9xhtlx0Tj8XP4adNPheDTyFHODM7Mq9LVpJoYHeOXFUqFofzGjP5lIRoNRxgXqOcj5REMVuTt%2FbqfFW0YL0jDABYMrhXreNYY4OsoxlWvMss8b657w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 82cfb42ebae30cba-EWR
alt-svc: h3=":443"; ma=86400
expires: Sat, 09 Dec 2023 03:52:47 GMT

GET
H2 200 style.css
zaly.online/wp-content/themes/enjoymini-pro/ 47 KB
10 KB 38ms
37ms Stylesheet
text/css 2606:4700:3033::6815:3c43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zaly.online/wp-content/themes/enjoymini-pro/style.css?ver=20221104
Requested by: Host: zaly.online
URL: https://zaly.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3c43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e47fae1dd3f30cd0e70b4783ebfc6bdc0769c2fe2798843b8dd2c5be0d014093

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zaly.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:00:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1623663
cf-polished: origSize=65307
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 24 Jul 2023 15:52:25 GMT
server: cloudflare
etag: W/"64be9e39-ff1b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O7ibnzFdbXGXQJiPjOlJWKQHkGGW%2BAQF63FJv19WqEBb6SevSOLf3O4zHbImwSvtUkDZJ7OpXRO3T4cfMP1wGDGnTglS%2FA%2FhM%2FpISY5QKvo29VUQJzl8r2i7RxOiq2bC2RtdmVF0PaXQjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 82cfb42ebae60cba-EWR
expires: Fri, 17 Nov 2023 07:48:24 GMT

GET
H2 200 responsive.css
zaly.online/wp-content/themes/enjoymini-pro/ 6 KB
2 KB 37ms
37ms Stylesheet
text/css 2606:4700:3033::6815:3c43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zaly.online/wp-content/themes/enjoymini-pro/responsive.css?ver=20221104
Requested by: Host: zaly.online
URL: https://zaly.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3c43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b267a683e31c4faf2cdee41bd70aa93fb8bd87b37358b243f3abae5c56ce5a3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zaly.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:00:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1454291
cf-polished: origSize=8442
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 24 Jul 2023 15:52:25 GMT
server: cloudflare
etag: W/"64be9e39-20fa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BZ6ESgb%2BTQq0Znrt%2FzsiiZ%2FPT7gJErEMiYivTFDOAwJoNpjhJcOqUUalDADwhmXNddBK2n5MEtNdPEQrf%2FFBsWK4%2B0%2FtYwxdlFG1oZYe%2FPg5Qn4Ohr6CxgKduuOjG%2FHcsagGqLvUpPtttA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 82cfb42ebae80cba-EWR
expires: Thu, 07 Dec 2023 21:17:22 GMT

GET
H2 200 genericons.css
zaly.online/wp-content/themes/enjoymini-pro/genericons/ 36 B
482 B 36ms
36ms Stylesheet
text/css 2606:4700:3033::6815:3c43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zaly.online/wp-content/themes/enjoymini-pro/genericons/genericons.css?ver=bb270fba1988038f5680f75b7475565e
Requested by: Host: zaly.online
URL: https://zaly.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3c43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ffd83d094e6b3078255ba6f5df8fa60f2716b5cf558916a9ff30dca79631159

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zaly.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:00:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1521549
cf-polished: origSize=154
alt-svc: h3=":443"; ma=86400
content-length: 36
cf-bgj: minify
last-modified: Mon, 24 Jul 2023 15:52:25 GMT
server: cloudflare
etag: "64be9e39-9a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9phblm%2FyWXf6g1rmeUIizg6qwDdwU4CYSUj9WJvm66VGgACsxHdJWFrSnkTXkJVsw3yI50TebcVrEZlwf9Wn6RQkDyMbJ%2FYLteUEDQ3U6Bq%2F%2BiuSQBZbTAtste1jVoRspIa9Ibm%2Fxw8a4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 82cfb42ebae90cba-EWR
expires: Sat, 09 Dec 2023 03:52:46 GMT

GET
H2 200 genericons.css
zaly.online/wp-content/themes/enjoymini-pro/genericons/genericons/ 26 KB
16 KB 37ms
36ms Stylesheet
text/css 2606:4700:3033::6815:3c43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zaly.online/wp-content/themes/enjoymini-pro/genericons/genericons/genericons.css
Requested by: Host: zaly.online
URL: https://zaly.online/wp-content/themes/enjoymini-pro/genericons/genericons.css?ver=bb270fba1988038f5680f75b7475565e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3c43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 44e77b4ab0368538b8c5a3fbcb36c31bc07d2798a8bc2fceeea6feaf8cbec859

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zaly.online/wp-content/themes/enjoymini-pro/genericons/genericons.css?ver=bb270fba1988038f5680f75b7475565e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:00:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1537521
cf-polished: origSize=28266
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 24 Jul 2023 15:52:25 GMT
server: cloudflare
etag: W/"64be9e39-6e6a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5upum0ALeXEiYKAngABvovvUzf%2FGxaJfboiNrmk3Rgxb6tQ9AotJEMVbaZQO7VsyZFFgQ5ir%2ByVSxLwdKQPdY%2B%2Fd%2FSzBWAB0qShksnjILnNQbQICWbOK4aCUAXGItetdfUeX1mhThPo8KQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 82cfb42efb1f0cba-EWR
expires: Fri, 17 Nov 2023 07:48:27 GMT

GET
H3 200 normal.woff2
zaly.online/cf-fonts/s/inter/5.0.13/latin/400/ 16 KB
17 KB 81ms
81ms Font
application/octet-stream 2606:4700:3033::6815:3c43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zaly.online/cf-fonts/s/inter/5.0.13/latin/400/normal.woff2
Requested by: Host: zaly.online
URL: https://zaly.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3c43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0364d368abf457d4e70dbc7a7a360f3486eaea2837b194915b23d4398bee91ac

Request headers

Referer: https://zaly.online/
Origin: https://zaly.online
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:00:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sDDjF615GOyZ2I%2Bjk9YoCQrSZnhb5yP8dUEz6hei9k5K74QAO3x1%2By0q4XRLebSqLCXKoScvDm%2FIAemKcSv081AyKZjzG8PpdFxxSUrHL1RnAH572COzUPLRiw%2BbG2E%2F7WsU9uMoXMG75w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 82cfb42f4d8d78d9-EWR
alt-svc: h3=":443"; ma=86400
content-length: 16708

GET
H3 200 normal.woff2
zaly.online/cf-fonts/s/inter/5.0.13/latin/700/ 17 KB
18 KB 82ms
81ms Font
application/octet-stream 2606:4700:3033::6815:3c43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zaly.online/cf-fonts/s/inter/5.0.13/latin/700/normal.woff2
Requested by: Host: zaly.online
URL: https://zaly.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3c43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ced2d8e02e2fbf08d2edec9b5f13648ed8348588a05f7181632f3c1dd6e1f5c3

Request headers

Referer: https://zaly.online/
Origin: https://zaly.online
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:00:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7abRifGOYhvKqij6lVl6Hr1D4bjy1jcu%2B16glC10OD%2FR9gcOV%2BB6e6gIixTfuhpGbF%2Bnix0sjmo2KGQ5AvThXSXzwH1yuN8E%2FC5yJKDTmdeeXnzHcpTCCS5YmJIkjdPNAT14FgUeWEMYHg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 82cfb42f4d8f78d9-EWR
alt-svc: h3=":443"; ma=86400
content-length: 17784

GET
DATA 200
OK truncated
/ 14 KB
14 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6

Request headers

Referer
Origin: https://zaly.online
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H3 200 normal.woff2
zaly.online/cf-fonts/s/pt-serif/5.0.16/latin/700/ 29 KB
29 KB 52ms
52ms Font
application/octet-stream 2606:4700:3033::6815:3c43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zaly.online/cf-fonts/s/pt-serif/5.0.16/latin/700/normal.woff2
Requested by: Host: zaly.online
URL: https://zaly.online/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3c43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f9694a5641741d04e1c98eb1011059826aa5feb34e47d2b2f95bdb47cb0c2f5

Request headers

Referer: https://zaly.online/
Origin: https://zaly.online
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:00:25 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=67f05tsSqrfVaaLWEdouQNd8%2BNoiRCEeExuSBdNMYJZf5cJiFKIAp5DmHEeNBv1j1nPiv8ypgPPtje%2F5sfR2M4sV%2BRfvKMwBFpaV3dzVI%2FOKoM5lcO9GJVScm0RTrlnIOr2zpfb%2FmEoYrw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 82cfb42f4d9178d9-EWR
alt-svc: h3=":443"; ma=86400
content-length: 29492

GET
H3 200 rocket-loader.min.js Show response
zaly.online/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 61ms
59ms Script
application/javascript 2606:4700:3033::6815:3c43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://zaly.online/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: zaly.online
URL: https://zaly.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3033::6815:3c43 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zaly.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:00:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 16 Nov 2023 21:55:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65568fe4-302c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZjcxMV%2FveoCSYf9LDnNPDoIjv%2BTlyy6Mt49rIkxzcasWJhJ%2B4TedfrasrYOZ128ZJ%2Bkekx%2FJ1K1FT2v5UUMk8Wj5c3Qybdv5lqH70whvmV0rKZW5eEy3VHNQnoYhV%2Fkte7FNIi0YGWMFxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 82cfb42f9dd778d9-EWR
expires: Thu, 30 Nov 2023 04:00:25 GMT

GET
H3 200 jquery.custom.js Show response
zaly.online/wp-content/themes/enjoymini-pro/assets/js/ 856 B
878 B 36ms
36ms Script
application/javascript 2606:4700:3033::6815:3c43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zaly.online/wp-content/themes/enjoymini-pro/assets/js/jquery.custom.js?ver=20221104
Requested by: Host: zaly.online
URL: https://zaly.online/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3c43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ab604b93177ff826952980a53cf8ddcaf06aa7df8fa00e79916786a26af5f1c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zaly.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:00:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2323975
cf-polished: origSize=2291
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 24 Jul 2023 15:52:25 GMT
server: cloudflare
etag: W/"64be9e39-8f3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iCo230%2FdaUL9SJD54c%2FRyo7jEirsDnMHnvn5U94Y2PuB5UTvwuRFUP0eHPIW%2Bp7vkhkeXpy6XJUPhWq7zh8od67hwxEmAB%2BIU8%2FMGZ1iQ5sITlkSFul7v%2BMzeVsn5Ol213XXjhYwq0J9%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 82cfb4301e2f78d9-EWR
expires: Thu, 30 Nov 2023 03:10:28 GMT

GET
H3 200 index.js Show response
zaly.online/wp-content/themes/enjoymini-pro/assets/js/ 14 KB
5 KB 38ms
35ms Script
application/javascript 2606:4700:3033::6815:3c43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zaly.online/wp-content/themes/enjoymini-pro/assets/js/index.js?ver=20221104
Requested by: Host: zaly.online
URL: https://zaly.online/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3c43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 124c62cfd395550a54fc8c6a8091a4cdb544c03232556dc9c4636eafa4a4ac1a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zaly.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:00:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1361245
cf-polished: origSize=30630
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 24 Jul 2023 15:52:25 GMT
server: cloudflare
etag: W/"64be9e39-77a6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SR59novI454mkNCRU0jgC4jLPqDbgXRZumZAVhJPWtZI1W5hV%2BPofWcIHnXyorKrNVq2SvHrweJJMetfnsK0w3d6of%2FlAy1JDQRq2%2B1tpBrePXFOQOFWlT8M5vaIhxq3V9oJlAcwQ4xPKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 82cfb4301e3178d9-EWR
expires: Tue, 12 Dec 2023 02:49:46 GMT

GET
H3 200 theia-sticky-sidebar.js Show response
zaly.online/wp-content/themes/enjoymini-pro/assets/js/ 7 KB
3 KB 37ms
35ms Script
application/javascript 2606:4700:3033::6815:3c43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zaly.online/wp-content/themes/enjoymini-pro/assets/js/theia-sticky-sidebar.js?ver=bb270fba1988038f5680f75b7475565e
Requested by: Host: zaly.online
URL: https://zaly.online/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3c43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c3f4135ae3d85f96b87f9ecaab5099b1e9249a778b10114f3e53307e25b7a54

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zaly.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:00:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 686356
cf-polished: origSize=16324
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 24 Jul 2023 15:52:25 GMT
server: cloudflare
etag: W/"64be9e39-3fc4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eQfIPGTLeSSeXsksl4hd8GK88sPFuH%2BQa60ulD0MhrTSxI9FwRdOEguCAUTJHpJJUpea4Vd0wRGCiqyBqXrxL%2F0FqIaqwSwyzWjMWJUkypMDDlNF6VkG%2BhbpRv90m1yrlORILEOGHB8QIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 82cfb4301e3278d9-EWR
expires: Mon, 11 Dec 2023 21:03:37 GMT

GET
H3 200 html5.js Show response
zaly.online/wp-content/themes/enjoymini-pro/assets/js/ 4 KB
2 KB 40ms
38ms Script
application/javascript 2606:4700:3033::6815:3c43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zaly.online/wp-content/themes/enjoymini-pro/assets/js/html5.js?ver=bb270fba1988038f5680f75b7475565e
Requested by: Host: zaly.online
URL: https://zaly.online/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3c43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1db9c8447699b34c4433d48a6b3a1fc1df74f4258935953c377bda8267144918

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zaly.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:00:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1278979
cf-polished: origSize=10330
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 24 Jul 2023 15:52:25 GMT
server: cloudflare
etag: W/"64be9e39-285a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eT86WUUjKPp%2BmiR8%2Fp40pZ%2F8Z%2By%2B1x33J%2BTCxEhFme1GKrKSVf%2FgOzMS4afuSTzZAiDMDNcXfltu3cgS1j4VgFq%2FoKWuulft37fH%2BwNND%2FdK9phOWjKYEdls94tpNKn0zssPq%2Fz8Q2P7Ug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 82cfb4301e3378d9-EWR
expires: Sat, 09 Dec 2023 03:52:48 GMT

GET
H3 200 superfish.js Show response
zaly.online/wp-content/themes/enjoymini-pro/assets/js/ 5 KB
2 KB 39ms
37ms Script
application/javascript 2606:4700:3033::6815:3c43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zaly.online/wp-content/themes/enjoymini-pro/assets/js/superfish.js?ver=bb270fba1988038f5680f75b7475565e
Requested by: Host: zaly.online
URL: https://zaly.online/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3c43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9ecc05c7a6ae6794d682b669ae960b83822e8b57e1a5e675ca8022f366ea0f0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zaly.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:00:25 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1458888
cf-polished: origSize=7548
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Mon, 24 Jul 2023 15:52:25 GMT
server: cloudflare
etag: W/"64be9e39-1d7c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=imuCElrj2S3Bj1%2FpfxqUM0LCzuex2UjblcEiXZXsGqZwES%2FeOKETMcRMkDT6n9%2FFuoGSpgY3tMXkOQR%2BkJRPft6%2FCwU9ffsrXXTSeFBdptKkTlcTVkbDE1L8Mps8ql%2BTtJfmlQq2SsrTkg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 82cfb4301e3478d9-EWR
expires: Sat, 09 Dec 2023 03:52:47 GMT

GET ba298f04.js
aj1559.online/ 0
0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 186 KB
67 KB 235ms
54ms Script
application/javascript 2607:f8b0:4006:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-189072159-22

Requested by

Host: zaly.online
URL: https://zaly.online/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

31b3b1992c9f0e0bd97370df1a975fce340e5cc99a75db06f0fc45efda7d43b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zaly.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:00:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68696
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 28 Nov 2023 04:00:25 GMT

GET
H2 200 script.js Show response
plausible.io/js/ 1 KB
1 KB 214ms
28ms Script
application/javascript 2a02:6ea0:c454::1
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://plausible.io/js/script.js

Requested by

Host: zaly.online
URL: https://zaly.online/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

BunnyCDN-NY1-885 /

Resource Hash

021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zaly.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:00:25 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 885
cdn-cachedat: 11/27/2023 20:56:33
cdn-pullzone: 682664
cross-origin-resource-policy: cross-origin
application: 10.0.0.3
alt-svc: h3=":443"; ma=2592000
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 200
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 153cb5b1-399a-48ef-b5bf-098c03770254
cache-control: public, must-revalidate, max-age=86400
permissions-policy: interest-cohort=()
cdn-requestid: 8dbe14f2a968446aeb88658c2121a1e1
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 player.js Show response
cdn.unibotscdn.com/ubplayer/mvp/ 327 KB
121 KB 215ms
30ms Script
application/javascript 2400:52e0:1a00::1069:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/ubplayer/mvp/player.js
Requested by: Host: zaly.online
URL: https://zaly.online/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::1069:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-1069 /
Resource Hash: 438eac9d3f8eabcd1fc9585819263fc5b6e393e9772ca54266c435b5ed287306

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zaly.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:00:25 GMT
content-encoding: br
cdn-edgestorageid: 1029
cdn-storageserver: DE-664
cdn-cachedat: 10/31/2023 18:59:00
cdn-pullzone: 873945
last-modified: Wed, 18 Oct 2023 10:47:55 GMT
server: BunnyCDN-IL1-1069
cdn-fileserver: 565
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"652fb7db-51d4f"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control: public, max-age=3600
cdn-requestid: 554198bfb91390bd9970713f966e193c
cdn-requestcountrycode: US
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 247 KB
85 KB 268ms
87ms Script
application/javascript 2607:f8b0:4006:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PX3PZ6Q9RG

Requested by

Host: zaly.online
URL: https://zaly.online/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

562cf20209bc574fcf9d8997d26f52cfd961eb7b5edcbdabdd6fc8a19ece753e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zaly.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:00:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87114
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 28 Nov 2023 04:00:25 GMT

GET
H3 200 jquery.min.js Show response
zaly.online/wp-includes/js/jquery/ 86 KB
31 KB 39ms
39ms Script
application/javascript 2606:4700:3033::6815:3c43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zaly.online/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by: Host: zaly.online
URL: https://zaly.online/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:3c43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zaly.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:00:25 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 08 Nov 2023 03:52:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1267920
etag: W/"654b0603-15601"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dy%2FXKUpGId08IRpMFlMWRpSTE%2FCCPdJTirZ%2BjKGJSCAJY9xzHqknA%2BgH0inNCbeZM0Z7Zr%2Bx4LSX04Ay6qQ7cPESDg3XfUv000eJYlGkOP2Fveki0Lh%2FoSU05pSjRQgHuKXD7PExOAt42w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 82cfb4301e3578d9-EWR
alt-svc: h3=":443"; ma=86400
expires: Fri, 08 Dec 2023 03:55:55 GMT

POST
H2 202 event Show response
plausible.io/api/ 2 B
500 B 483ms
124ms XHR
text/plain 2a02:6ea0:c454::1
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://plausible.io/api/event
Requested by: Host: plausible.io
URL: https://plausible.io/js/script.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: BunnyCDN-NY1-885 /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://zaly.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 28 Nov 2023 04:00:26 GMT
cdn-edgestorageid: 885
cdn-cachedat: 11/28/2023 04:00:26
cdn-pullzone: 682664
application: 10.0.1.5
alt-svc: h3=":443"; ma=2592000
content-length: 2
x-request-id: F5utepT7eyWIheWPGnQC
server: BunnyCDN-NY1-885
cdn-proxyver: 1.04
cdn-requestpullcode: 202
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cdn-uid: 153cb5b1-399a-48ef-b5bf-098c03770254
cache-control: must-revalidate, max-age=0, private
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
cdn-requestid: 0eba33fac9ed677d87dc3855c462ad43
cdn-requestcountrycode: US
cdn-requestpullsuccess: True

GET
H/1.1 200 ba298f04.js Show response
aj1559.online/ 36 KB
36 KB 142ms
67ms Script
text/javascript 212.124.124.115
TRI-AS DigitalOne AG

General

Check archive.org

Show headers Download Go to

Full URL: https://aj1559.online/ba298f04.js
Requested by: Host: zaly.online
URL: https://zaly.online/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.115 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software: /
Resource Hash: 4e1fa87002cee040f474ff1646ed1cd7d79f689b957f0850b877a7679685e824

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zaly.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:00:25 GMT
accept-ranges: bytes
etag: "0bb94583ac821252a92ddc8d95c26c2ec"
content-length: 37156
content-type: text/javascript

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 223 KB
79 KB 52ms
50ms Script
application/javascript 2607:f8b0:4006:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DBFL1E2103&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-189072159-22

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

115e7ac5cc32bc21997e9159bf8758fede10efa2bc3839ca36160b8f83d65bf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zaly.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:00:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80971
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 28 Nov 2023 04:00:25 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 321ms
52ms Script
text/javascript 2607:f8b0:4008:815::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-189072159-22

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4008:815::200e Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zaly.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 28 Nov 2023 03:16:40 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2626
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 28 Nov 2023 05:16:40 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
251 B 273ms
37ms Ping
text/plain 2001:4860:4802:36::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-PX3PZ6Q9RG&gtm=45je3b81v894073191&_p=1701144025791&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=1315140130.1701144026&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701144025&sct=1&seg=0&dl=https%3A%2F%2Fzaly.online%2F&dt=Zaly.Online&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1830
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PX3PZ6Q9RG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zaly.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://zaly.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
251 B 278ms
42ms Ping
text/plain 2607:f8b0:400c:c05::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-PX3PZ6Q9RG&cid=1315140130.1701144026&gtm=45je3b81v894073191&aip=1&dma=0&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PX3PZ6Q9RG
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400c:c05::9c Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zaly.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://zaly.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200 znCxPqt8Utl6-8QLk1uye854rm7HAEWKuHRpqqNANqnWPLH3s726ybhPLtK1myH-AIHv7QPum8pYDssHZHTqZja53fn7KfVw0syyV8Ggi_CAfO4wVuhBSZDDmv8QyZwUcPX8zL-lfB6Yzl6ROsljp-N2tWOE--MHyacIK78EQZ7vFOv2OnEuf_eNnoNzrFun5Xjnh... Show response
aj1559.online/ 1 KB
2 KB 36ms
36ms XHR
application/json 212.124.124.115
TRI-AS DigitalOne AG

General

Check archive.org

Show headers Download Go to

Full URL: https://aj1559.online/znCxPqt8Utl6-8QLk1uye854rm7HAEWKuHRpqqNANqnWPLH3s726ybhPLtK1myH-AIHv7QPum8pYDssHZHTqZja53fn7KfVw0syyV8Ggi_CAfO4wVuhBSZDDmv8QyZwUcPX8zL-lfB6Yzl6ROsljp-N2tWOE--MHyacIK78EQZ7vFOv2OnEuf_eNnoNzrFun5Xjnhu42u26bQ4z3sucYFukaHLUFPlAw6a-7OrAp-W8mSBeskoV4U6TevlVsIfL0N6tjx37RB_vrew5Tjr_CROp7CdPBu1Ct4WAZwRCdv6Oc2Ow7JTHBPyHifK-iKpbel6kBmkdU_ZZjAPW2G7Y0LmQUrt0-1YsaSMzqhQbcI3SjeYqDmdVRyGTU_FYcvUiMdG46vbM4dWI4eh_NjLuvLKFcP2N567tMLhqdux7zz2hnYEwCMF7JB6xoYIUQda6E?
Requested by: Host: aj1559.online
URL: https://aj1559.online/ba298f04.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.115 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software: /
Resource Hash: eb38f233bc7939270157bebe271e65ad164732ab9e285c4569358a48605955dc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zaly.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:25 GMT
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
p3p: CP="CAO PSA OUR"
access-control-allow-origin: https://zaly.online
content-type: application/json;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: *
content-length: 1254
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200 zoJ0QOOpdCMEQ_Lzqj9Bjjj9j4sbAupddBZuBJ5840EqSXaIXMXshKl6kHG3sL_LkVrExGaisu9e32yORS3VnxBjvDiA_J_Tv2Z_ew3H462tN2h2wyUvyNsDcM8mgLc2HgE5SJHmUgpQ5sl2peUxlZt7dniYJ7R0TazsgUIIO3N7y2vcV7rADjdzc9j65TzRUCsQ-... Show response
aj1559.online/ 2 KB
2 KB 80ms
43ms XHR
application/json 212.124.124.115
TRI-AS DigitalOne AG

General

Check archive.org

Show headers Download Go to

Full URL: https://aj1559.online/zoJ0QOOpdCMEQ_Lzqj9Bjjj9j4sbAupddBZuBJ5840EqSXaIXMXshKl6kHG3sL_LkVrExGaisu9e32yORS3VnxBjvDiA_J_Tv2Z_ew3H462tN2h2wyUvyNsDcM8mgLc2HgE5SJHmUgpQ5sl2peUxlZt7dniYJ7R0TazsgUIIO3N7y2vcV7rADjdzc9j65TzRUCsQ-2Dd_xd_y3XCyuk22uKWggSNDVV44TjuLxDE87ze1ic1ue-vGxqRa98Cy556TVH4DLvMigx2ublCToteisSKf07bF8qUNI0Gqx8GIN6HAHmnrPS0CuO2sNNZI0Wz8eJX5MIHekelokIy6_cDNGBh8QYhftsIhnpMiOiI8Er92mI8LxPUHP4YqTgkr-u1xtFgsB7cxZPCXEkNh9JFvg3-hsiw2W-rldK8HY7HE-wNn7oIuAv_kwL0VHy5GSjem?
Requested by: Host: aj1559.online
URL: https://aj1559.online/ba298f04.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.115 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software: /
Resource Hash: 6afd72df7a313f4c7f2526f95b4d10012d1029d80c2f7397512e94539d1f9334

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zaly.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:25 GMT
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
p3p: CP="CAO PSA OUR"
access-control-allow-origin: https://zaly.online
content-type: application/json;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: *
content-length: 1915
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 154 KB
52 KB 204ms
82ms Script
text/javascript 2607:f8b0:4008:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3130448679272231

Requested by

Host: aj1559.online
URL: https://aj1559.online/ba298f04.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7bb9105c52eb1bb223e5b1aac3162ea5b4144d4b9475ff8d0e8bdc0ec4accf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zaly.online/
Origin: https://zaly.online
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:00:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52927
x-xss-protection: 0
server: cafe
etag: 9015268964616542690
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 28 Nov 2023 04:00:26 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
168 B 66ms
65ms Ping
text/plain 2607:f8b0:4008:815::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-DBFL1E2103&gtm=45je3b81v9132955952&_p=1701144025791&gcd=11l1l1l1l1&dma=0&cid=1315140130.1701144026&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1701144026&sct=1&seg=0&dl=https%3A%2F%2Fzaly.online%2F&dt=Zaly.Online&en=page_view&_fv=1&_ss=1&tfd=2110
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DBFL1E2103&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4008:815::200e Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zaly.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://zaly.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
91 B 66ms
65ms XHR
text/plain 2607:f8b0:4008:815::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1864439633&t=pageview&_s=1&dl=https%3A%2F%2Fzaly.online%2F&ul=en-us&de=UTF-8&dt=Zaly.Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=917550918&gjid=1983055198&cid=1315140130.1701144026&tid=UA-189072159-22&_gid=1991288284.1701144026&_r=1&gtm=457e3b81&gcd=11l1l1l1l1&dma=0&jsscut=1&z=507631502

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4008:815::200e Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://zaly.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://zaly.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/ 396 KB
134 KB 202ms
95ms Script
text/javascript 2607:f8b0:4008:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_fy2021.js?bust=31079654

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3130448679272231

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3e101d58c2711a8fd5c6f47f40e6b2ff8e3ec41c8f0495b0f0b56b2ea44e760

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zaly.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:00:26 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137152
x-xss-protection: 0
server: cafe
etag: 15046603757517125610
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Nov 2023 04:00:26 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame E30A 9 KB
4 KB 87ms
24ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3130448679272231

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zaly.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 5785
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Nov 2023 02:24:01 GMT
etag: 16674218716276178799
expires: Tue, 12 Dec 2023 02:24:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200 ba298f04.js Show response
aj1559.online/ 36 KB
36 KB 68ms
68ms Script
text/javascript 212.124.124.115
TRI-AS DigitalOne AG

General

Check archive.org

Show headers Download Go to

Full URL: https://aj1559.online/ba298f04.js
Requested by: Host: aj1559.online
URL: https://aj1559.online/ba298f04.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.115 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software: /
Resource Hash: 4e1fa87002cee040f474ff1646ed1cd7d79f689b957f0850b877a7679685e824

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zaly.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:00:26 GMT
accept-ranges: bytes
etag: "0bb94583ac821252a92ddc8d95c26c2ec"
content-length: 37156
content-type: text/javascript

POST
H/1.1 200 z9e8uuKix2Y40bGSySO_0LqOtWyJqSRPwa3PntEZ7vWjieWbk8XdV0NrlG8f0Zf12Wgj2LeL-lOY5Nl_CP6saKmi3tzEmYFPWFPGKA04hrl4pmiZ2pqk0G_LgdqdgwlD3cXtkkt0XE6OdBIy7hgS8bx3c7T6EtVeG6PMZ-bfWLcLBoTeFnG8YwB6nLAJxdT_nV05N... Show response
aj1559.online/ 2 KB
2 KB 113ms
112ms XHR
application/json 212.124.124.115
TRI-AS DigitalOne AG

General

Check archive.org

Show headers Download Go to

Full URL: https://aj1559.online/z9e8uuKix2Y40bGSySO_0LqOtWyJqSRPwa3PntEZ7vWjieWbk8XdV0NrlG8f0Zf12Wgj2LeL-lOY5Nl_CP6saKmi3tzEmYFPWFPGKA04hrl4pmiZ2pqk0G_LgdqdgwlD3cXtkkt0XE6OdBIy7hgS8bx3c7T6EtVeG6PMZ-bfWLcLBoTeFnG8YwB6nLAJxdT_nV05N2LID1j-QAadMOPpkOB7ydIFTvc5ESiAS7gq2gksjKeILQW6eAOi1L_Ov6jO1WpXyUMu8wKfVbA_-54QFaaEHT9yb0bw3FiCKg4FoOe-D_VDUM4QkL8sfsjzhr7HotuUfHDBkqBbLMPwiZx2aQCpYaeA6x0_E_VMOcqeNxm2yV_Nh8CIYjP5uGbsiocXfPI6WHvvojwKRwpQa6wDbFJZlN3sv_4K2Eq7Tkbb7qqHVWr6Q3tRjMutOSHNEGTah?
Requested by: Host: aj1559.online
URL: https://aj1559.online/ba298f04.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.115 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software: /
Resource Hash: 8b61c2b918d0adfa52912529724558567924bbb3e960ff21181ffaccae99aa87

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zaly.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:26 GMT
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
p3p: CP="CAO PSA OUR"
access-control-allow-origin: https://zaly.online
content-type: application/json;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
permissions-policy: *
content-length: 1931
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 balloon-pc.min.js Show response
server.zmedia.vn/static/template/passback/ 12 KB
4 KB 3016ms
272ms Script
application/javascript 171.244.164.171
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://server.zmedia.vn/static/template/passback/balloon-pc.min.js
Requested by: Host: aj1559.online
URL: https://aj1559.online/ba298f04.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 171.244.164.171 Hanoi, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS: dynamic-ip-adsl.viettel.vn
Software: Byte-nginx /
Resource Hash: 9f3a91ccfb5f72ee6d100fb62b9cbf5b2541dcc60db55bf05ebf80ffb1e6e1d3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zaly.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires: Tue, 28 Nov 2023 04:15:29 GMT
date: Tue, 28 Nov 2023 04:00:29 GMT
content-encoding: gzip
last-modified: Mon, 14 Aug 2023 08:01:53 GMT
server: Byte-nginx
ef-country-code: US
etag: W/"64d9df71-2fd6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900
ef-cache-status: HIT

GET
H/1.1 200 zbW67D8YTjrRxJrRdy2xjcdt3DdqM8e-aOKXXpAmpNziJFSDDZ25U_hkLmXhAs7Up1BJYE9KXK4bjKQmcU-aR-fX4ekgho1p4ZPda3u_jSOE9mL7BKUj6o58WJ8QiwmjIgTwP7YUT_OG-xUfenYMwcFie9_sFhKdWXwvBUlbXdRQj0_TLfFKGtHxTvLZySIGlwh0j...
aj1559.online/ 49 B
512 B 34ms
34ms Image
image/gif 212.124.124.115
TRI-AS DigitalOne AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aj1559.online/zbW67D8YTjrRxJrRdy2xjcdt3DdqM8e-aOKXXpAmpNziJFSDDZ25U_hkLmXhAs7Up1BJYE9KXK4bjKQmcU-aR-fX4ekgho1p4ZPda3u_jSOE9mL7BKUj6o58WJ8QiwmjIgTwP7YUT_OG-xUfenYMwcFie9_sFhKdWXwvBUlbXdRQj0_TLfFKGtHxTvLZySIGlwh0j7MR28rIRZiefKyvInKq7luEtn1TO2reoAR2IKuMHb5PLnn6qV7qEhpn_T5O-Xfizz8hVsPXSv6yOm4-hjuJV5hr2G5fKPVGcGsgyNunMolIRc-8wG0-ejcQ3ebyNqMgg0_9XZNIs1eK13IRYUp9TGWxKU-YhJ_IB-KXcYpt4fufH9jXAxEtRayveqPdx63aA46X1hMiTdY_7e5c?DC=DO
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.115 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zaly.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:26 GMT
last-modified: Mon, 06 Nov 2023 14:46:40 GMT
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
etag: W/"49-1699282000000"
p3p: CP="CAO PSA OUR"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
permissions-policy: *
accept-ranges: bytes
content-length: 49
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 404 select%20site-passback-ptopc.min.js
server.zmedia.vn/static/template-v2/passback_ptopc/ 0
0 2904ms
273ms Script
text/html 171.244.164.171
VIETEL-AS-AP Viet...

General

Check archive.org

Show headers Download Go to

Full URL: https://server.zmedia.vn/static/template-v2/passback_ptopc/select%20site-passback-ptopc.min.js
Requested by: Host: aj1559.online
URL: https://aj1559.online/ba298f04.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 171.244.164.171 Hanoi, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS: dynamic-ip-adsl.viettel.vn
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zaly.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H/1.1 200 zqqjGN_Y3Jq3asQ55xyu0wMg7FS44Mmk8wCVsHTvS5HYm7bvrvmuOd0HRTKsrQ7aN7XHNXpx7LH0oWYi1xCWQafyCm6Wd-Pvx8Ajp3cV4mSU91_3UqpFzMJgRiFlbrCtYcx50s5tklED_wkoUXA2Y4OK8-V2VYBybvC1LoIYJJ38wvPw6yhV4MPx_ddebvZ7dz4-2...
aj1559.online/ 43 B
641 B 39ms
39ms Image
image/gif 212.124.124.115
TRI-AS DigitalOne AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aj1559.online/zqqjGN_Y3Jq3asQ55xyu0wMg7FS44Mmk8wCVsHTvS5HYm7bvrvmuOd0HRTKsrQ7aN7XHNXpx7LH0oWYi1xCWQafyCm6Wd-Pvx8Ajp3cV4mSU91_3UqpFzMJgRiFlbrCtYcx50s5tklED_wkoUXA2Y4OK8-V2VYBybvC1LoIYJJ38wvPw6yhV4MPx_ddebvZ7dz4-2K_syuTTeHaLLmw7Dvo1rU1hYP18PK-pWrmxvL2tKUNWWN-JX3DGaice5p5uIixkL9M8ExbfoUBglGW0GNSrPTR_zP1uxxxyQJUY5s4fJZJYgXi69vL_Dlho0jznM_6W-BL708jj2mONZXoaD8fyPP5sywiDrwGsgOWW4sKkjbqZXFPkUnxNtQLhO6lX7hzErjNH5TAsZqD9rbbmB_r0ZE4vf0fHqvqCFoD2PMA?DC=DO
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.115 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zaly.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:26 GMT
last-modified: Mon, 06 Nov 2023 14:46:26 GMT
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
etag: W/"43-1699281986000"
p3p: CP="CAO PSA OUR"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
permissions-policy: *
accept-ranges: bytes
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8196 512 KB
129 KB 1596ms
1594ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3130448679272231&output=html&adk=1812271804&adf=3025194257&lmt=1701143153&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x1080_r&format=0x0&url=https%3A%2F%2Fzaly.online%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~5&ascmds=1&aslcwct=300&asacwct=50&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701144026530&bpp=5&bdt=1150&idt=333&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5891447285237&frm=20&pv=2&ga_vid=1315140130.1701144026&ga_sid=1701144027&ga_hid=1864439633&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079654%2C44807405%2C44807763%2C44808149%2C44808285%2C44809054&oid=2&pvsid=3510725109261731&tmod=1102444141&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=358

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_fy2021.js?bust=31079654

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf9705cee9e8605ddf1754df3f792a5de8f5da41f7d704a0e29d013e5f3302e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zaly.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 131495
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Nov 2023 04:00:28 GMT
expires: Tue, 28 Nov 2023 04:00:28 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 67ms
67ms Image
image/gif 2607:f8b0:4008:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&ign=false&pw=1600&ph=1200&x=0&y=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zaly.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 78ms
77ms XHR
application/json 2607:f8b0:4008:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_fy2021.js?bust=31079654

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a70e6e451f64209e84626740cf9374e76dd5963e1130c454e9e3356954853bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zaly.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:00:26 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12366
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6D50 102 KB
38 KB 1390ms
1389ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3130448679272231&output=html&h=280&slotname=2381384350&adk=3213702284&adf=2759072096&pi=t.ma~as.2381384350&w=620&fwrn=4&fwrnh=100&lmt=1701143153&rafmt=1&format=620x280&url=https%3A%2F%2Fzaly.online%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701144026556&bpp=3&bdt=1176&idt=342&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5891447285237&frm=20&pv=1&ga_vid=1315140130.1701144026&ga_sid=1701144027&ga_hid=1864439633&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=184&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079654%2C44807405%2C44807763%2C44808149%2C44808285%2C44809054&oid=2&pvsid=3510725109261731&tmod=1102444141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=349

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_fy2021.js?bust=31079654

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a52e42906b88f45aa3d22f22cc7a0072454af23e67af7580c8dbca7838f32b9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zaly.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 38696
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Nov 2023 04:00:28 GMT
expires: Tue, 28 Nov 2023 04:00:28 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 192ms
73ms Script
text/javascript 2607:f8b0:4008:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_fy2021.js?bust=31079654

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zaly.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:00:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 28 Nov 2023 04:00:27 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A806 13 KB
5 KB 230ms
54ms Document
text/html 2607:f8b0:4008:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zaly.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 597427
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 06:03:20 GMT
expires: Wed, 20 Nov 2024 06:03:20 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4CDA 829 B
1 KB 245ms
69ms Document
text/html 2607:f8b0:4008:805::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4008:805::2004 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5aa849bc469c6d7b20bddd54a6ab9c01686f0916ce64d8074e646adbdd19e737

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pntDDUa0-RWSNedg0wobBw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://zaly.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-pntDDUa0-RWSNedg0wobBw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 28 Nov 2023 04:00:27 GMT
expires: Tue, 28 Nov 2023 04:00:27 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame A806 39 KB
15 KB 54ms
53ms Script
text/javascript 2607:f8b0:4008:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 21:52:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22076
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 26 Nov 2024 21:52:31 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4CDA 0
0 70ms
69ms Image
text/html 2607:f8b0:4008:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=3510725109261731&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A806 0
10 B 52ms
52ms Image
text/plain 2607:f8b0:4008:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?9iKLDg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:00:27 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 71ms
70ms Image
text/html 2607:f8b0:4008:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=3510725109261731&bg=!l5SllNvNAAZxrfrxUa07ADQBe5WfOLtu1K5_5gQvlKFAPBbPTnKOwXmnaocBNuFNJMHIu_rk4Tn9DHBxjE3nkw3zBbzDAgAAALNSAAAAA2gBBwoAHyctP_CZ5S5OkKr5ojpH4w6Ir8ob-6x6SDZ7iJYISYaZArP9CHYUX2XLUMMTG1oTRCHr2iC9odldewVqeSSNWhL9OUiDG_qVVnh3gq-qYECTvFRBAI7sUOZFwXvIKxqc_KmAMw8uchjXFT34wLcixwxqbkMzH7BAzQcbEAOG4pG4BK-Nb95ZLnhVcGnInvlQpKK7XWTdKuNFigUnEwCwOUrkCnt8Y5v9q5D9uFh6ekfgQKQSGgxXCJriQiejZ7ixRw25g0iMti8jRRgJwzfOSz33V2cL_RB5VN0YjKXl_h2I6kHqquKC_U9BK2ojpyA91uk8xeVn8LX7n5_OVk7nl3G3EFkOPwN7YNN8jc1i9ZMWDcaCdZiRaD-ifx4G862uUy0gV9Mfr9UMOh95anqQf7z9MyfSMlFKc1p23a7QkaT9WgyhqZYQjUYPe1NU5KdkNrWpqe-v2IqqXPvlvDQD4w7W16cjya3-AjGfT2Tew09BVF4Yfo2yfQkmc1wCAODSZAyRv5KeoOeF_vLvtFH8hexfq2mIo9pdb1-Il1IhaQ5uRzBVPrBU7R11wkc0qKqCrODwizgo_Wmgy33kkHE9YCFhHMIOdTgPTZb5Yya8Quv3IfbrMCwS40CFAHdKBa3afeFK0iU1Rm3hn6x5PlPk4RXwfFuwnSH2q_o_c6GiGoowD5-i5ez1s7Ggi0uMR1zG1SpxaMbGiX6q4_ECNXiQQt2zSoJ5tEobanJEfsWHxFIMX0BiZNiqp4Q_8PCJl7CgftNXqZ631po1YdYPpGx-u14eclr_p4FD5mcICzqEsnn-EfHHR3wAo-uU0WIc5aHnTjAGu2fmYDPMsDVKGBhKSkg3z90p8RyVhp4frmpREWH_HQ67Lgpoo5IDZvB2cdOaKkikNtYXR0hIPOCajiHGW0ZarzxwC0S2hHd_BUKkbgzW5zyv2UttNFzD75Ckf9rFtvhpAsRs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zaly.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 9226134756512160806
tpc.googlesyndication.com/simgad/ Frame 6D50 38 KB
38 KB 67ms
66ms Image
image/png 2607:f8b0:4008:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9226134756512160806?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkIAMjGcxbVOqqf9rciHBFFP37Zag

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3130448679272231&output=html&h=280&slotname=2381384350&adk=3213702284&adf=2759072096&pi=t.ma~as.2381384350&w=620&fwrn=4&fwrnh=100&lmt=1701143153&rafmt=1&format=620x280&url=https%3A%2F%2Fzaly.online%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701144026556&bpp=3&bdt=1176&idt=342&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5891447285237&frm=20&pv=1&ga_vid=1315140130.1701144026&ga_sid=1701144027&ga_hid=1864439633&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=184&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079654%2C44807405%2C44807763%2C44808149%2C44808285%2C44809054&oid=2&pvsid=3510725109261731&tmod=1102444141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=349

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bea053080bba70f6033acc67da70d1caf12a87f99750a472b00b2d53138cf2c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 21:47:27 GMT
x-content-type-options: nosniff
age: 22381
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39111
x-xss-protection: 0
last-modified: Mon, 20 Nov 2023 21:46:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 26 Nov 2024 21:47:27 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 6D50 23 KB
9 KB 54ms
53ms Script
text/javascript 2607:f8b0:4008:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 02:24:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5748
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 02:24:40 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 547A 143 B
166 B 26ms
24ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3130448679272231&output=html&h=280&slotname=2381384350&adk=3213702284&adf=2759072096&pi=t.ma~as.2381384350&w=620&fwrn=4&fwrnh=100&lmt=1701143153&rafmt=1&format=620x280&url=https%3A%2F%2Fzaly.online%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701144026556&bpp=3&bdt=1176&idt=342&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5891447285237&frm=20&pv=1&ga_vid=1315140130.1701144026&ga_sid=1701144027&ga_hid=1864439633&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=184&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079654%2C44807405%2C44807763%2C44808149%2C44808285%2C44809054&oid=2&pvsid=3510725109261731&tmod=1102444141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=349
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 1614
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Nov 2023 03:33:34 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 6D50 3 KB
1 KB 64ms
63ms Script
text/javascript 2607:f8b0:4008:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 04:22:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85056
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 04:22:52 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 6D50 20 KB
8 KB 53ms
53ms Script
text/javascript 2607:f8b0:4008:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 02:21:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5953
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 02:21:15 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6D50 202 KB
64 KB 230ms
89ms Script
text/javascript 2607:f8b0:4008:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4008:806::2002 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:00:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Nov 2023 04:00:28 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 6D50 36 KB
14 KB 83ms
82ms Script
text/javascript 2607:f8b0:4008:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3e5c486ca9cab98b690f2f3fcc83c73141a667293c8a8236bb1e376313f0e36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 21:47:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22407
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14803
x-xss-protection: 0
server: cafe
etag: 12205605038930952422
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 21:47:01 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 547A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

41ms
40ms

Document
text/html

2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Nov 2023 04:00:28 GMT
expires: Tue, 28 Nov 2023 04:00:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Nov 2023 04:00:28 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6D50 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8e6754a3cc44196dd0d960f5499ab1b02ddd0143dbedd9d7823defe3fdab7aea

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/ 160 KB
55 KB 80ms
79ms Script
text/javascript 2607:f8b0:4008:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/reactive_library_fy2021.js?bust=31079654

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_fy2021.js?bust=31079654

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f3df960ae417c51a3ae981e07fe06448835f98f7a58f53209f0d39042d3b2da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zaly.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:00:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55783
x-xss-protection: 0
server: cafe
etag: 4078516496459740267
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Nov 2023 04:00:28 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9B4B 122 KB
41 KB 1054ms
1053ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3130448679272231&output=html&h=280&adk=1980682340&adf=3750240013&pi=t.aa~a.1383163065~rp.4&w=940&fwrn=4&fwrnh=100&lmt=1701143153&rafmt=1&to=qs&pwprc=4365785914&format=940x280&url=https%3A%2F%2Fzaly.online%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701144028574&bpp=1&bdt=3194&idt=1&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51474cc3657465e7%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MbhfGLvMgVxjGDwVhkCy0kJo_etKg&gpic=UID%3D00000da452bb580f%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MaW2imH7PGd5p1aCMH2z2qBmuttGQ&prev_fmts=0x0%2C620x280&nras=2&correlator=5891447285237&frm=20&pv=1&ga_vid=1315140130.1701144026&ga_sid=1701144027&ga_hid=1864439633&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=2649&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079654%2C44807405%2C44807763%2C44808149%2C44808285%2C44809054&oid=2&psts=AOrYGskhb-bZ7MQrozXSy7Ek8nsl5PD-gOgYuW20QgE0XHCEki0MqEZEipt_O9oJN6aeg0_Mbeca7wjj2xirwRKtspJJkg&pvsid=3510725109261731&tmod=1102444141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_fy2021.js?bust=31079654

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da9ab666e107cd56f25b3c8a97e089ef49cc8d7436ef18889751e9b856601a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zaly.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 42067
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Nov 2023 04:00:29 GMT
expires: Tue, 28 Nov 2023 04:00:29 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame 836F 9 KB
4 KB 25ms
24ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_fy2021.js?bust=31079654

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zaly.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 57436
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 12:03:12 GMT
etag: 16674218716276178799
expires: Mon, 11 Dec 2023 12:03:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame 201E 9 KB
4 KB 25ms
25ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_fy2021.js?bust=31079654

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zaly.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 57436
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 12:03:12 GMT
etag: 16674218716276178799
expires: Mon, 11 Dec 2023 12:03:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame FE2A 9 KB
4 KB 27ms
24ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_fy2021.js?bust=31079654

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zaly.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 57436
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 12:03:12 GMT
etag: 16674218716276178799
expires: Mon, 11 Dec 2023 12:03:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame 0CAB 9 KB
4 KB 27ms
26ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_fy2021.js?bust=31079654

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zaly.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 57436
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 12:03:12 GMT
etag: 16674218716276178799
expires: Mon, 11 Dec 2023 12:03:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 836F 4 KB
1 KB 234ms
97ms Stylesheet
text/css 2607:f8b0:4008:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4008:809::200a Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 28 Nov 2023 04:00:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 02:12:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Nov 2023 04:00:28 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 836F 205 B
294 B 189ms
55ms Image
image/png 2607:f8b0:4008:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4008:815::2003 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 02:10:15 GMT
x-content-type-options: nosniff
age: 6613
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 27 Nov 2024 02:10:15 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 836F 604 B
1 KB 187ms
53ms Image
image/png 2607:f8b0:4008:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4008:815::2003 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 21:31:33 GMT
x-content-type-options: nosniff
age: 455335
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 21 Nov 2024 21:31:33 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 836F 15 KB
7 KB 54ms
53ms Script
text/javascript 2607:f8b0:4008:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2881d8eadc298102d2462e8d32e40792adce37b6cd89d99045f574eb3ecbb748

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 03:30:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1826
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6702
x-xss-protection: 0
server: cafe
etag: 11213825687312121238
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 03:30:02 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 836F 21 KB
9 KB 55ms
54ms Script
text/javascript 2607:f8b0:4008:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 21:29:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23438
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8781
x-xss-protection: 0
server: cafe
etag: 9666818975682992898
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 21:29:50 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4ACC 624 B
246 B 58ms
54ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIKFJhD-xHYYmOqa3AEwAQ&v=APEucNUguMZZcsMyOq4qx4bBgoKS82I3IAP4rTSZqwvc7gq2iu5yB9eKwWadtNdlZXwkLL4r_VKARgtJJCL_99AUphCDP5F6iw

Requested by

Host: zaly.online
URL: https://zaly.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Nov 2023 04:00:28 GMT
expires: Tue, 28 Nov 2023 04:00:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 2CE8 89 KB
31 KB 85ms
82ms Script
text/javascript 2607:f8b0:4008:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: zaly.online
URL: https://zaly.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:00:28 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 28 Nov 2023 04:00:28 GMT

GET
H2 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 2CE8 18 KB
8 KB 62ms
59ms Script
text/javascript 2607:f8b0:4008:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: zaly.online
URL: https://zaly.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4008:806::2002 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 03:46:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 846
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7823
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 23:04:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 28 Nov 2023 04:46:22 GMT

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/rjss/st/1841082/76634004/ Frame 2CE8 46 KB
12 KB 205ms
84ms Script
application/javascript 34.237.166.117
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/rjss/st/1841082/76634004/skeleton.js?bundleId=&ias_dspID=3&ias_campId=27647240&ias_pubId=pub-3130448679272231&ias_chanId=1&ias_placementId=19311913561&bidurl=https://zaly.online/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0j219qjRqnpuv44KFe8zdGL
Requested by: Host: zaly.online
URL: https://zaly.online/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.166.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-166-117.compute-1.amazonaws.com
Software: /
Resource Hash: 53e453cfe0cf6561aa801cea98523338152bc6fa64ac53a695a4548016a1f824

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:28 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 2CE8 3 KB
1 KB 53ms
52ms Script
text/javascript 2607:f8b0:4008:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: zaly.online
URL: https://zaly.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 04:22:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85056
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 04:22:52 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 2CE8 20 KB
8 KB 54ms
53ms Script
text/javascript 2607:f8b0:4008:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: zaly.online
URL: https://zaly.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 02:21:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5953
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 02:21:15 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2CE8 202 KB
64 KB 114ms
112ms Script
text/javascript 2607:f8b0:4008:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: zaly.online
URL: https://zaly.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4008:806::2002 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:00:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Nov 2023 04:00:28 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2CE8 42 B
63 B 69ms
68ms Image
image/gif 2607:f8b0:4008:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BG8_E9SvEgYgnpFpr0mQcy5PuZ0i4keC7TIGElZ0AHfAHmDyfUrwJsyJNLlL8DZb9zF72590qYnhq6R_NUmqWEBqV7hoOt5drsTT8cKJxou4tIUQc

Requested by

Host: zaly.online
URL: https://zaly.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2CE8 0
20 B 69ms
68ms Image
image/gif 2607:f8b0:4008:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=1087672831500911996&x=1&ct=77

Requested by

Host: zaly.online
URL: https://zaly.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 3BDC 624 B
246 B 54ms
54ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNWYlwEQ__S4ARjmp-z9ATAB&v=APEucNVZHRaUD1Vp4vrgyynxoOPa_uPuhEs11Xq2IXUGy17980piMRl5bBeEEoEPYPTjzDNDe6F059b4Jya-qZ_BDufDKXCixA

Requested by

Host: zaly.online
URL: https://zaly.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Nov 2023 04:00:28 GMT
expires: Tue, 28 Nov 2023 04:00:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 5841 23 KB
9 KB 68ms
67ms Script
text/javascript 2607:f8b0:4008:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: zaly.online
URL: https://zaly.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 03:22:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2267
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 03:22:41 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 5841 7 KB
3 KB 73ms
71ms Script
text/javascript 2607:f8b0:4008:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: zaly.online
URL: https://zaly.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 21:31:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23348
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 21:31:20 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 5841 41 KB
14 KB 66ms
65ms Script
text/javascript 2607:f8b0:4008:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: zaly.online
URL: https://zaly.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 05:43:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 598630
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Nov 2024 05:43:18 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 5841 3 KB
1 KB 70ms
69ms Script
text/javascript 2607:f8b0:4008:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: zaly.online
URL: https://zaly.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 04:22:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85056
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 04:22:52 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 5841 20 KB
8 KB 67ms
66ms Script
text/javascript 2607:f8b0:4008:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: zaly.online
URL: https://zaly.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 02:21:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5953
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 02:21:15 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5841 202 KB
64 KB 114ms
112ms Script
text/javascript 2607:f8b0:4008:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: zaly.online
URL: https://zaly.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4008:806::2002 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:00:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Nov 2023 04:00:28 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5841 42 B
63 B 72ms
72ms Image
image/gif 2607:f8b0:4008:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CsUmQlMaZeKnzHbL0HIqJftmsiAKY-3T0uS_hqNBmmXy4mfGKVM4OhwYnn0h7wFQP4pFipkT8ZCaf3lzUSetSLcUiIbcMYS7RVcKcsbHbH9H7_q5s

Requested by

Host: zaly.online
URL: https://zaly.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1959733243977868808
s0.2mdn.net/simgad/ Frame 5841 82 KB
82 KB 185ms
54ms Image
image/gif 2607:f8b0:4008:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/1959733243977868808

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4008:801::2006 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fbee0019a70035aab059c0f41765ddadacd3b39cd66de6d3c5e86ac45783e2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 04:57:46 GMT
x-content-type-options: nosniff
age: 342163
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83937
x-xss-protection: 0
last-modified: Fri, 10 Nov 2023 14:32:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 23 Nov 2024 04:57:46 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 0CAB 23 KB
9 KB 58ms
56ms Script
text/javascript 2607:f8b0:4008:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 02:24:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5748
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 02:24:40 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5C13 143 B
166 B 45ms
43ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 1614
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Nov 2023 03:33:34 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 0CAB 3 KB
1 KB 61ms
60ms Script
text/javascript 2607:f8b0:4008:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 04:22:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85056
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 04:22:52 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 0CAB 20 KB
8 KB 57ms
55ms Script
text/javascript 2607:f8b0:4008:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 02:21:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5953
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 02:21:15 GMT

GET
H3 200 10865577078111609898
tpc.googlesyndication.com/simgad/ Frame 0CAB 28 KB
28 KB 66ms
64ms Image
image/png 2607:f8b0:4008:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10865577078111609898?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnK_BFO59tvAAiSEGofeNErY-AiAA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef166db27f017c2cd97526363d1fba36f9cc2f649760a5bab0d88a9ccbcc4606

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 00:12:31 GMT
x-content-type-options: nosniff
age: 13677
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28917
x-xss-protection: 0
last-modified: Mon, 20 Nov 2023 21:46:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 27 Nov 2024 00:12:31 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0CAB 202 KB
64 KB 135ms
133ms Script
text/javascript 2607:f8b0:4008:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4008:806::2002 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:00:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Nov 2023 04:00:28 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 0CAB 36 KB
14 KB 59ms
58ms Script
text/javascript 2607:f8b0:4008:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3e5c486ca9cab98b690f2f3fcc83c73141a667293c8a8236bb1e376313f0e36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 21:47:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22407
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14803
x-xss-protection: 0
server: cafe
etag: 12205605038930952422
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 21:47:01 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 6D50
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CrxWD2mVlZenGOazlvPIPgaaNyA3JluyWdI2HrZv_EbCQHxABIKmJ7IoBYMnujovApIwQoAGn7qDSA8gBAqgDAcgDyQSqBLwBT9AJv7-Cywpj5y50COteHvDDbUK6NEHh9MaWXY-eHvePg4l...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x226d16466797ae030000000000000000%22,%222%22:%220xee2ea3547fed90660000000000000000%22,%223%22:%220xb108c9...

0
0

106ms
54ms

Fetch
text/css

142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x226d16466797ae030000000000000000%22,%222%22:%220xee2ea3547fed90660000000000000000%22,%223%22:%220xb108c9535706f17e0000000000000000%22,%224%22:%220xb502f3ecfed60ef0000000000000000%22,%225%22:%220x49aa1e69dc9a8ae10000000000000000%22},%22debug_key%22:%2213463495911180650171%22,%22debug_reporting%22:true,%22destination%22:%22https://villa.edu%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22977811239%22],%224%22:[%2211-28%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2244452866232556289%22}&andc=true

Protocol

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:00:29 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x226d16466797ae030000000000000000","2":"0xee2ea3547fed90660000000000000000","3":"0xb108c9535706f17e0000000000000000","4":"0xb502f3ecfed60ef0000000000000000","5":"0x49aa1e69dc9a8ae10000000000000000"},"debug_key":"13463495911180650171","debug_reporting":true,"destination":"https://villa.edu","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["977811239"],"4":["11-28"],"6":["true"]},"priority":"500","source_event_id":"44452866232556289"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 28 Nov 2023 04:00:29 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 28 Nov 2023 04:00:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x226d16466797ae030000000000000000","2":"0xee2ea3547fed90660000000000000000","3":"0xb108c9535706f17e0000000000000000","4":"0xb502f3ecfed60ef0000000000000000","5":"0x49aa1e69dc9a8ae10000000000000000"},"debug_key":"13463495911180650171","debug_reporting":true,"destination":"https://villa.edu","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["977811239"],"4":["11-28"],"6":["true"]},"priority":"500","source_event_id":"44452866232556289"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 4ACC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKn4e-PP9VF6OPE75AsLVv8&google_cver=1

43 B
743 B

66ms
66ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKn4e-PP9VF6OPE75AsLVv8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIKFJhD-xHYYmOqa3AEwAQ&v=APEucNUguMZZcsMyOq4qx4bBgoKS82I3IAP4rTSZqwvc7gq2iu5yB9eKwWadtNdlZXwkLL4r_VKARgtJJCL_99AUphCDP5F6iw
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:29 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KRmVZxEawVj6K8ixlZhrqvs6W6dXi2%2BTilp9GU5WENTqBwPv9BgvdH1AlU%2BpwVGHtClWJnVC%2BCZQM%2FNgPcEXcMEmZNLjkAhXyvBDuD6FA3SGdYvzxIUWZOvZl%2FF7IMt9zZHmVk%2FnIJ%2FC%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82cfb4463e703a05-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKn4e-PP9VF6OPE75AsLVv8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 4ACC
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWVl3RPlwzLHUoESsLJE9QAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKn4e-PP9VF6OPE75AsLVv8&google_cver=1

43 B
738 B

58ms
56ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKn4e-PP9VF6OPE75AsLVv8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIKFJhD-xHYYmOqa3AEwAQ&v=APEucNUguMZZcsMyOq4qx4bBgoKS82I3IAP4rTSZqwvc7gq2iu5yB9eKwWadtNdlZXwkLL4r_VKARgtJJCL_99AUphCDP5F6iw
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:29 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ItCS8P6Ypeoocs%2BX6NtGJgwxo0o5Z6zOC1x%2FOhXN3ThKXGjnbB%2FZqGakRdP7JT2aHlkGWBW4uw%2FS2vGbaGyaP2p%2FA%2FC2ZFO0V9vQhBobgIGEVKDHp2y%2B3hV9qnXwcAgQuTJaQXVO6OzmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82cfb446af1b3a05-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKn4e-PP9VF6OPE75AsLVv8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 4ACC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEDh60NXdTIJAVvOiO1oUAkU&google_cver=1

43 B
842 B

37ms
37ms

Image
image/gif

68.67.179.155
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEDh60NXdTIJAVvOiO1oUAkU&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIKFJhD-xHYYmOqa3AEwAQ&v=APEucNUguMZZcsMyOq4qx4bBgoKS82I3IAP4rTSZqwvc7gq2iu5yB9eKwWadtNdlZXwkLL4r_VKARgtJJCL_99AUphCDP5F6iw

Protocol

Server

68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:29 GMT
an-x-request-uuid: e5d5f10c-58d7-4a5e-a7a5-4c9904256249
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 96.9.249.37; 96.9.249.37; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEDh60NXdTIJAVvOiO1oUAkU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 4ACC
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTgxNzk3MTUwODgxOTkyMjcxNw%3D%3D

170 B
243 B

68ms
67ms

Image
image/png

142.250.217.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTgxNzk3MTUwODgxOTkyMjcxNw%3D%3D

Requested by

Protocol

Server

142.250.217.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mia07s62-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:29 GMT
an-x-request-uuid: ab99c5c5-bbcd-4c99-887d-641cb8940c50
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTgxNzk3MTUwODgxOTkyMjcxNw%3D%3D
x-proxy-origin: 96.9.249.37; 96.9.249.37; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js Show response
pagead2.googlesyndication.com/bg/ Frame 380C 38 KB
15 KB 65ms
52ms Script
text/javascript 2607:f8b0:4008:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf3ae3cb276e14b8260f0a5581a6da12c86d3963549a2747e0099a0d85361412

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 06:56:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 248662
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14894
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 24 Nov 2024 06:56:06 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 3BDC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKn4e-PP9VF6OPE75AsLVv8&google_cver=1

43 B
765 B

65ms
65ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKn4e-PP9VF6OPE75AsLVv8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNWYlwEQ__S4ARjmp-z9ATAB&v=APEucNVZHRaUD1Vp4vrgyynxoOPa_uPuhEs11Xq2IXUGy17980piMRl5bBeEEoEPYPTjzDNDe6F059b4Jya-qZ_BDufDKXCixA
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:29 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SbbQFkUr9ea9caBi15601YVcv4rRlDIlhoQutLo8hASqPtfK0K%2FH4fFOC1k44fgPKfqLRROVkz5pgI5AbTe2VJtvbbcUN3YxQv2Y8Yw7wGDoqHT5fj1QSxWdNpJobHn%2BD2nB1vWqD4Cw4A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82cfb4463e733a05-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKn4e-PP9VF6OPE75AsLVv8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 3BDC
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWVl3RPlwzLHUoESsLJE9QAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKn4e-PP9VF6OPE75AsLVv8&google_cver=1

43 B
741 B

86ms
84ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKn4e-PP9VF6OPE75AsLVv8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNWYlwEQ__S4ARjmp-z9ATAB&v=APEucNVZHRaUD1Vp4vrgyynxoOPa_uPuhEs11Xq2IXUGy17980piMRl5bBeEEoEPYPTjzDNDe6F059b4Jya-qZ_BDufDKXCixA
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:29 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ljG%2B9RhDS69v6xr0r660OK%2FMRQCcfuj6UBi2XX2nOHfjLCrbl9dFgmhvcxFu5eocI%2FIIeHwED%2FIY4Df%2Bx%2BGRbp2WWCys6RQ1Stf79RI%2B2znuuIfV8Hld7W%2Bfp%2BJ1FszVP91VZsZC%2BcN0Yw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82cfb446af1c3a05-YYZ
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKn4e-PP9VF6OPE75AsLVv8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 3BDC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEDh60NXdTIJAVvOiO1oUAkU&google_cver=1

43 B
842 B

33ms
32ms

Image
image/gif

68.67.179.155
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEDh60NXdTIJAVvOiO1oUAkU&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNWYlwEQ__S4ARjmp-z9ATAB&v=APEucNVZHRaUD1Vp4vrgyynxoOPa_uPuhEs11Xq2IXUGy17980piMRl5bBeEEoEPYPTjzDNDe6F059b4Jya-qZ_BDufDKXCixA

Protocol

Server

68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:29 GMT
an-x-request-uuid: 067ef829-2d52-4f1e-a43d-73729b720293
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 96.9.249.37; 96.9.249.37; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEDh60NXdTIJAVvOiO1oUAkU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 3BDC
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTgxNzk3MTUwODgxOTkyMjcxNw%3D%3D

170 B
232 B

68ms
68ms

Image
image/png

142.250.217.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTgxNzk3MTUwODgxOTkyMjcxNw%3D%3D

Requested by

Protocol

Server

142.250.217.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mia07s62-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:29 GMT
an-x-request-uuid: d3bc03c2-e733-4fda-902f-7d33ed4c1dcd
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTgxNzk3MTUwODgxOTkyMjcxNw%3D%3D
x-proxy-origin: 96.9.249.37; 96.9.249.37; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2CE8 0
20 B 75ms
67ms Ping
image/gif 2607:f8b0:4008:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=30851966076&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2CE8 0
20 B 71ms
67ms Ping
image/gif 2607:f8b0:4008:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=30851966076&version=m202309260101&ct=77&x=1&cor=1087672831500912000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2CE8 34 KB
19 KB 78ms
77ms Script
text/javascript 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DUMj--qmvqlBNzhd-f7Vxdqb62rPRDzbug9SqNC5DwkRH1iWSI_WQO5CIuFyuxZw3rz1dRF7KvbCzjRj8j06Ub3-3ErutyMwJHA4Boms2LOgQh0co7BgNu32zqraOG0ETCJlbvifgzD4YUwX2UKMp1f7xr-gA_xP4F-LwUjMDHNhtUvGk&cry=1&dbm_d=AKAmf-CdgNTF3L9nwkcgrelhVBvJ4hNCEPmztfliGDbJtfbCfomKmhmIIFDSIA3t7e2HkjbMJr72sVedYqp6NG3nMBG5OB5TLK2_2kGrcAzfFQ9lz_9nzoHnGxY9B3mEpUXe6gHU_D1E99jpSp8J_iXSKCfBbLnRefrDohk-_LxYDdNq38Hp-iviLRUTY_TYpYvB0joZloxfo3h6C4HAW4WKMhwXKJ8IJd3EpRToTLAf7OMzQPXW79SQbf4WtQAZzAJptB5tw7yjfWCPx_-nKjTQEtkzPa-7KoKBjMpjjZOVRyqffWzRDZ-fXOFIPKIjMsaIQwO2ZIHyI0aOxAPMLHFsNfye5ZurDul65Vh0ONiJafV4flAuxKa0ftg4NWk0fcqPR4s6gkWzvjx-s3QxkjobFi-W3FvX_ql2ya2fJAwzYkNAwghzAM3rtLwhdtGSK84iQuv6BSuGSD0rp-mo1IVNKPsDBlt8fWIQAVL2FlJEViL5QyIUDe7ApV0I1imd_3G9ktJtYdZrcxmVhaI05ln9EsKlnCs8jqzjcQmkZ08xM55qeu3cwUGyM_JXaNXjaEQmeAIQukVNydxcEucKIVD_9aXpIru7EiLqTzqB_6Lu1rOLS5A-nUX1YI5Aiz4CLwym7CfaQ7JtM91LLG9q0BZ79Oc3fUNlvRNw0Z84LeLqNs63lMYtgtTURVMd9sXLIiYpVr7vfIexf2whsamGwSvV8BwNzBnmaSySrAgmvX14hhrlFqCkhHn9gXWHD09Qes8vxMGlb-zv9SMgffJX3Ao-1jueYowYbI-jS4nN0wyRZ2-rRFZsD4_a3IcAS9MBfkRV1GPm2B-bRKiOZxrWgb1llbekCELLtJxiQwnKKoLp6VNaSqjpPbrXNSuLVkTqTIno9zC-W_QqNaDCjBJR55sv0S_EpDJHy72QknSfoi07Pv3vpIYg4GNtlMoo3FF1eEy7cesqRKNB6lL90pSUEQGeerv9g9pQc0CXbsDoI0I-EieDjC7buNDimVwPhJRHZ1UIYtLHt5Q4kvlT0qdvebA2F-u5LF_2EMp3Mb9WR3sY-1LeQRo0u-orSFvtl3fyr6WjYHBc3Zdh_HMLVqqXhVD8OwYiVf2QxJunsPPGdK4oTyKVXX-wyNpmYqmAmdbvXgdrFHKkr62lWo6CnBM_9QaJ1t8oF04fAO1OIPK80wHo6YkahuywZxB2DhRHmUHFl1z6jgVdX2-di3uLBAeIU-yrlpkpWOP-pqfQ4cI4Ks0RTY_JUgGohgCT97F51VqATc_h9vyk2Nhu5n8VUQmVZ2ZRyZLj5KrsXkUG_nBRzBQ4SNnoSzv_pEbf4jQ2YbDbQVEEYJHP7l0aYGTxJsEGN6-fcvFBe95NR1yzdUs3GFwShtc3st6A_1nmXw_xb2deIN890jXNEt3Pawsy5COkehE0G3YtsZwjH5EgH1D8p5TR--KKnH1ItAYpulVVa9oda-BqnnY4NG43-H61Vw6gsLsZWabcieQ9RfFHIyGjW_HnJMohgWiOh1-zncwz4aWTxVNcFw5hLari1iI29JP979VO9UXYHaWARljYNlMiXKN5SBztV7OCUnMxZD6JLc-YOR7_jUwl7DcqRGNgWHUU-sUhpgpd8CUmjHlacEWqbwTfVC-ZN-witxIyD4tXT3vbqUQNW8TEMu0elerkfKpnPPagJhNl6CWzSJLV0N1YQ-Fc9aYDBXpcBIAUxgXJFBzGOpanLysPwiZKzyCDXAkaTaARyQiz2U2xesVHtN4enfmUVt7Jiwf2B_pSB2OqNpwqbuLcvB77uvtrgc063boH8LjDuCp1ptZT8LlB___Wg2rV2I3x2qJtssUWIOCk0UIsS3QUR0Yp_9YzRhi5mMZ7OeZ22gql7JNpPtF4R40NWutRBErZ5rmTE3du5henras8RrEihlicoVItglt_2YnPy8WxAShWNwho1lVxH3A_CZmfXQCQBYDOnC-997nXoCarjlSMCVcsmG56vJbB5fM6eWIIresgEiQiA5sDAOp7OwXavQjscl7TRJr0JTvk-jTaGLQWH4Wxv1csock2w82HfQQVr-bvo54GB522Ubi3vtpjB6VjSnCjzLjDGvUYa21SBMmfC8PZgBQylmotc3XptYVuPXyqdXXOAqMFEPJFPmD31z-Dr-w-PJRGFJs_j3-atjN3_zhjJLDH9PJMo9zdIeBr0q1_SXCbhx7BT7nm96BtwVssOku_GeVdS2UyOCe_NIRIwpwcvK5WF93uT7BFjJCpH2pQyhMFKBTMKb7pB8ymCEZbz7kdsGKQmNDsWczvZys8M-VrLTsyCNMe9lZFQrpke4oK2yl4zngUCAXJTdVTAvEwYMsnId5FcGmIjQuloheknmrtKokgGrE_wJeb70NAmQM31umlOgT_4swLIMH1Ad_8WpVSauNxl8RvdWokyDQH8TJ7bamok-pX54aYO0GNwMiIWIysWG5ketVLavZxz2rr6aot_KXOlyu_IM3jtc7pSms0vy3OAPyZx9n2b1qP6DAuYFdSoiC-f_RXMoyQPsrPcNgZZ88ampXYkZ9esuoKhJ5vknQVM9Md8EZ34WR8GQfkViEZ6VYL0h3B02a0pbGQW9mSZ27iw3P71RUa-c67b7RP5PMxR57ecTHSDwTa0HO-E0idSNcxv6V3e3MrKMCrtxlGApwi2_4W_sLkCdHFnaWOELm6wR2Gn41dHBZpnxCJEbs8a5BhUsbhXWhZPBoh8lPYkNIPbJtA85roRF_kJGKCTKPSDiJiAUkA_gsV8GrsgaPtjaSOTzAKFxBtAyYpmWL_aBgCAsa6zVvBGuSVLNsNpK7dyKPnruVRezpln6B_Xfy3sXoaV0S_2EjF04uayXD7lYuJlcT-CG3QTrivleyQfQmzPosITifSSUy4AnC8miYWHc5eNuyuq063tdSCn-K1CpN-YRN8I8ykwm9Iv6cyWTO16e1p0Lm5Ov_alVOpVFO70gxP3K2_F42aRnbzQMmaiiFElMDZNG13rrPbyzp_OPYVk7ljDoocvz7Nw4sBEqPcov3wVbFMYoeBhOGuqsmKyed3AgWV9jjQH4Slkw3vs0gP8IO4LbYapFPU_pKMzRZwqY-LlR9cy84CSWBD-GYDm0SB8KChOPxGQhPzpZAezle5KLJlfyH-6-J6IUS4BsQiOx1N7pTooOBFU7WkxxybUdpxPP34sWXWFhBm36WZDC5DFlz2fS7ezFdCOFbjv4kJKO7MzY3t0HzLvbpmdEmpHw3pwgzSBKglXsZyEN2Pv6ktrb7_tqpgOk14zyJ-aoBA3RaV6GK1NHGqEdh9lRD4Kc3rISXADITUtdJnOEo87OMryES6I14s_yIz8SUE8Mgfts98Vjqp3vUM82pLDOn5hDOKw7z1MT94-uS2wB22-smvJ3rgdToHogLUzHMJCEbccrbDlg-5qVSsTmejYU3-T8suwbRmW32e7Z1ZiEABwFtrrOCZbP2TIqyfDty7WXvoIkIvFjNHOdn-comcvrvRNy5ENMUYqlZ6ZFoJBKh6uy7D_QwaE_klZnb-Wsf3I5tZXkBEUMCZuMo2UmzyrKF1HluE1izDMhFJxKGBYjp0n2aDgdTT_c9vaeVg9ZBGCRjixg&cid=CAQSTgDICaaNzGapUP_jDz8i-qY4SI_3oXXYpssJEwCQ5UboSK3hXoOLwhNXrAAo6DffKfnUBolvpa1OAVq_E4ETCqH2y0J80taok7A_blnPQxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fzaly.online%2F&ds=l&xdt=1&iif=1&cor=1087672831500912000&adk=521587874&idt=95&cac=0&dtd=15

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68306ebb67e2ed518aed44cad59d49b381ad16d42cc9555e73cd27fdac6e1a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19834
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 139ms
51ms Preflight
text/html 142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 28 Nov 2023 04:00:29 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 37DB 38 KB
13 KB 57ms
57ms Document
text/html 2607:f8b0:4008:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 18119
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 22:58:30 GMT
expires: Tue, 26 Nov 2024 22:58:30 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 5C13
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

44ms
43ms

Document
text/html

2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Nov 2023 04:00:29 GMT
expires: Tue, 28 Nov 2023 04:00:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Nov 2023 04:00:29 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 0CAB 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 912a9416c7ad44940eff4598d9e8331d082945a877e71068f739d28d8f3658bc

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 2CE8 31 KB
12 KB 55ms
54ms Script
text/javascript 2607:f8b0:4008:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DUMj--qmvqlBNzhd-f7Vxdqb62rPRDzbug9SqNC5DwkRH1iWSI_WQO5CIuFyuxZw3rz1dRF7KvbCzjRj8j06Ub3-3ErutyMwJHA4Boms2LOgQh0co7BgNu32zqraOG0ETCJlbvifgzD4YUwX2UKMp1f7xr-gA_xP4F-LwUjMDHNhtUvGk&cry=1&dbm_d=AKAmf-CdgNTF3L9nwkcgrelhVBvJ4hNCEPmztfliGDbJtfbCfomKmhmIIFDSIA3t7e2HkjbMJr72sVedYqp6NG3nMBG5OB5TLK2_2kGrcAzfFQ9lz_9nzoHnGxY9B3mEpUXe6gHU_D1E99jpSp8J_iXSKCfBbLnRefrDohk-_LxYDdNq38Hp-iviLRUTY_TYpYvB0joZloxfo3h6C4HAW4WKMhwXKJ8IJd3EpRToTLAf7OMzQPXW79SQbf4WtQAZzAJptB5tw7yjfWCPx_-nKjTQEtkzPa-7KoKBjMpjjZOVRyqffWzRDZ-fXOFIPKIjMsaIQwO2ZIHyI0aOxAPMLHFsNfye5ZurDul65Vh0ONiJafV4flAuxKa0ftg4NWk0fcqPR4s6gkWzvjx-s3QxkjobFi-W3FvX_ql2ya2fJAwzYkNAwghzAM3rtLwhdtGSK84iQuv6BSuGSD0rp-mo1IVNKPsDBlt8fWIQAVL2FlJEViL5QyIUDe7ApV0I1imd_3G9ktJtYdZrcxmVhaI05ln9EsKlnCs8jqzjcQmkZ08xM55qeu3cwUGyM_JXaNXjaEQmeAIQukVNydxcEucKIVD_9aXpIru7EiLqTzqB_6Lu1rOLS5A-nUX1YI5Aiz4CLwym7CfaQ7JtM91LLG9q0BZ79Oc3fUNlvRNw0Z84LeLqNs63lMYtgtTURVMd9sXLIiYpVr7vfIexf2whsamGwSvV8BwNzBnmaSySrAgmvX14hhrlFqCkhHn9gXWHD09Qes8vxMGlb-zv9SMgffJX3Ao-1jueYowYbI-jS4nN0wyRZ2-rRFZsD4_a3IcAS9MBfkRV1GPm2B-bRKiOZxrWgb1llbekCELLtJxiQwnKKoLp6VNaSqjpPbrXNSuLVkTqTIno9zC-W_QqNaDCjBJR55sv0S_EpDJHy72QknSfoi07Pv3vpIYg4GNtlMoo3FF1eEy7cesqRKNB6lL90pSUEQGeerv9g9pQc0CXbsDoI0I-EieDjC7buNDimVwPhJRHZ1UIYtLHt5Q4kvlT0qdvebA2F-u5LF_2EMp3Mb9WR3sY-1LeQRo0u-orSFvtl3fyr6WjYHBc3Zdh_HMLVqqXhVD8OwYiVf2QxJunsPPGdK4oTyKVXX-wyNpmYqmAmdbvXgdrFHKkr62lWo6CnBM_9QaJ1t8oF04fAO1OIPK80wHo6YkahuywZxB2DhRHmUHFl1z6jgVdX2-di3uLBAeIU-yrlpkpWOP-pqfQ4cI4Ks0RTY_JUgGohgCT97F51VqATc_h9vyk2Nhu5n8VUQmVZ2ZRyZLj5KrsXkUG_nBRzBQ4SNnoSzv_pEbf4jQ2YbDbQVEEYJHP7l0aYGTxJsEGN6-fcvFBe95NR1yzdUs3GFwShtc3st6A_1nmXw_xb2deIN890jXNEt3Pawsy5COkehE0G3YtsZwjH5EgH1D8p5TR--KKnH1ItAYpulVVa9oda-BqnnY4NG43-H61Vw6gsLsZWabcieQ9RfFHIyGjW_HnJMohgWiOh1-zncwz4aWTxVNcFw5hLari1iI29JP979VO9UXYHaWARljYNlMiXKN5SBztV7OCUnMxZD6JLc-YOR7_jUwl7DcqRGNgWHUU-sUhpgpd8CUmjHlacEWqbwTfVC-ZN-witxIyD4tXT3vbqUQNW8TEMu0elerkfKpnPPagJhNl6CWzSJLV0N1YQ-Fc9aYDBXpcBIAUxgXJFBzGOpanLysPwiZKzyCDXAkaTaARyQiz2U2xesVHtN4enfmUVt7Jiwf2B_pSB2OqNpwqbuLcvB77uvtrgc063boH8LjDuCp1ptZT8LlB___Wg2rV2I3x2qJtssUWIOCk0UIsS3QUR0Yp_9YzRhi5mMZ7OeZ22gql7JNpPtF4R40NWutRBErZ5rmTE3du5henras8RrEihlicoVItglt_2YnPy8WxAShWNwho1lVxH3A_CZmfXQCQBYDOnC-997nXoCarjlSMCVcsmG56vJbB5fM6eWIIresgEiQiA5sDAOp7OwXavQjscl7TRJr0JTvk-jTaGLQWH4Wxv1csock2w82HfQQVr-bvo54GB522Ubi3vtpjB6VjSnCjzLjDGvUYa21SBMmfC8PZgBQylmotc3XptYVuPXyqdXXOAqMFEPJFPmD31z-Dr-w-PJRGFJs_j3-atjN3_zhjJLDH9PJMo9zdIeBr0q1_SXCbhx7BT7nm96BtwVssOku_GeVdS2UyOCe_NIRIwpwcvK5WF93uT7BFjJCpH2pQyhMFKBTMKb7pB8ymCEZbz7kdsGKQmNDsWczvZys8M-VrLTsyCNMe9lZFQrpke4oK2yl4zngUCAXJTdVTAvEwYMsnId5FcGmIjQuloheknmrtKokgGrE_wJeb70NAmQM31umlOgT_4swLIMH1Ad_8WpVSauNxl8RvdWokyDQH8TJ7bamok-pX54aYO0GNwMiIWIysWG5ketVLavZxz2rr6aot_KXOlyu_IM3jtc7pSms0vy3OAPyZx9n2b1qP6DAuYFdSoiC-f_RXMoyQPsrPcNgZZ88ampXYkZ9esuoKhJ5vknQVM9Md8EZ34WR8GQfkViEZ6VYL0h3B02a0pbGQW9mSZ27iw3P71RUa-c67b7RP5PMxR57ecTHSDwTa0HO-E0idSNcxv6V3e3MrKMCrtxlGApwi2_4W_sLkCdHFnaWOELm6wR2Gn41dHBZpnxCJEbs8a5BhUsbhXWhZPBoh8lPYkNIPbJtA85roRF_kJGKCTKPSDiJiAUkA_gsV8GrsgaPtjaSOTzAKFxBtAyYpmWL_aBgCAsa6zVvBGuSVLNsNpK7dyKPnruVRezpln6B_Xfy3sXoaV0S_2EjF04uayXD7lYuJlcT-CG3QTrivleyQfQmzPosITifSSUy4AnC8miYWHc5eNuyuq063tdSCn-K1CpN-YRN8I8ykwm9Iv6cyWTO16e1p0Lm5Ov_alVOpVFO70gxP3K2_F42aRnbzQMmaiiFElMDZNG13rrPbyzp_OPYVk7ljDoocvz7Nw4sBEqPcov3wVbFMYoeBhOGuqsmKyed3AgWV9jjQH4Slkw3vs0gP8IO4LbYapFPU_pKMzRZwqY-LlR9cy84CSWBD-GYDm0SB8KChOPxGQhPzpZAezle5KLJlfyH-6-J6IUS4BsQiOx1N7pTooOBFU7WkxxybUdpxPP34sWXWFhBm36WZDC5DFlz2fS7ezFdCOFbjv4kJKO7MzY3t0HzLvbpmdEmpHw3pwgzSBKglXsZyEN2Pv6ktrb7_tqpgOk14zyJ-aoBA3RaV6GK1NHGqEdh9lRD4Kc3rISXADITUtdJnOEo87OMryES6I14s_yIz8SUE8Mgfts98Vjqp3vUM82pLDOn5hDOKw7z1MT94-uS2wB22-smvJ3rgdToHogLUzHMJCEbccrbDlg-5qVSsTmejYU3-T8suwbRmW32e7Z1ZiEABwFtrrOCZbP2TIqyfDty7WXvoIkIvFjNHOdn-comcvrvRNy5ENMUYqlZ6ZFoJBKh6uy7D_QwaE_klZnb-Wsf3I5tZXkBEUMCZuMo2UmzyrKF1HluE1izDMhFJxKGBYjp0n2aDgdTT_c9vaeVg9ZBGCRjixg&cid=CAQSTgDICaaNzGapUP_jDz8i-qY4SI_3oXXYpssJEwCQ5UboSK3hXoOLwhNXrAAo6DffKfnUBolvpa1OAVq_E4ETCqH2y0J80taok7A_blnPQxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fzaly.online%2F&ds=l&xdt=1&iif=1&cor=1087672831500912000&adk=521587874&idt=95&cac=0&dtd=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

610d24f5996131b3ab98f18e05441cc246aa8674c3842df0df2b40b57ac9fd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:17:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56589
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11874
x-xss-protection: 0
server: cafe
etag: 3876053170955424897
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 12:17:20 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 2CE8 41 KB
14 KB 52ms
52ms Script
text/javascript 2607:f8b0:4008:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 05:43:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 598631
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Nov 2024 05:43:18 GMT

GET
H2 200 attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTE0NDAyODk3MjI0OAogIHNlcnZlcl9pcDogMTQxMDM1OTYxCiAgcHJvY2Vzc19pZDogMTgxMjE1OTE2Nwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiA4MTc2MTgy...
ad.doubleclick.net/ddm/activity/ Frame 2CE8 0
852 B 131ms
62ms Image
image/png 142.250.81.230
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTE0NDAyODk3MjI0OAogIHNlcnZlcl9pcDogMTQxMDM1OTYxCiAgcHJvY2Vzc19pZDogMTgxMjE1OTE2Nwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiA4MTc2MTgyCmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly91c2JhbmsuY29tIgp4ZmFfYXR0cmlidXRpb25faW50ZXJhY3Rpb25fdHlwZTogVklFVwppbXByZXNzaW9uX3ByaW9yaXR5OiAwCmltcHJlc3Npb25fZXhwaXJ5X2luX2RheXM6IDMwCmV2ZW50X2ltcHJlc3Npb25faWQ6IDkwMDA0Nzk5OTY3MTk3NjI5OTUKZGVidWdfa2V5OiAxNDgzOTc0MDk3NjQ4MjcwNTYwCmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyMy0xMS0yOCIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDgxNzYxODIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzNTQ5NDkyMjEKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDE5NDIxNDIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0xJTkVfSVRFTV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTkzMTE5MTM1NjEKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0NSRUFUSVZFX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA0NjE4MTMwMTYKICB9Cn0KYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vdXNiYW5rLmNvbSIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2JsZW5kbGFicy5jb20iCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9lbGFuY2FyZC5jb20iCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3MzgxOTc1MDQK

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.230 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f6.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:29 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"12":"0x18920d3ab3d4f4600000000000000000","13":"0xb46990ceb53f82a00000000000000000","14":"0x77dfcc8f71d3943f0000000000000000","15":"0x84980dfd01e6dcb00000000000000000"},"debug_key":"1483974097648270560","debug_reporting":true,"destination":"https://usbank.com","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"8":["8176182"]},"priority":"0","source_event_id":"9000479996719762995"}
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 impl_v99.js Show response
www.googletagservices.com/dcm/ Frame 2CE8 59 KB
23 KB 54ms
53ms Script
text/javascript 2607:f8b0:4008:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v99.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:806::2002 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 11:46:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 144847
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23872
x-xss-protection: 0
last-modified: Thu, 02 Nov 2023 14:22:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 25 Nov 2024 11:46:22 GMT

GET
H2 200 38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js Show response
www.gstatic.com/mysidia/ Frame 31FD 9 KB
4 KB 56ms
54ms Script
text/javascript 2607:f8b0:4008:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4008:815::2003 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 22:08:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 107496
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4046
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 24 Feb 2024 22:08:53 GMT

GET
H2 200 7b504c1450659deb5d95b33621eeb0df.js Show response
www.gstatic.com/mysidia/ Frame 31FD 119 KB
42 KB 59ms
59ms Script
text/javascript 2607:f8b0:4008:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7b504c1450659deb5d95b33621eeb0df.js?tag=leadgen/frosmoth_image

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4008:815::2003 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74104393ff5df076b720705b4c4bab255e9c7c4343346113043b4e601df86cce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 00:15:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 359110
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42686
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 18:54:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 22 Feb 2024 00:15:19 GMT

GET
H2 200 1290528a0f60de16515866847082b13a.js Show response
www.gstatic.com/mysidia/ Frame 31FD 20 KB
8 KB 110ms
109ms Script
text/javascript 2607:f8b0:4008:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1290528a0f60de16515866847082b13a.js?tag=pingback

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4008:815::2003 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc683e932f79a2eec11f258cb15966aab5abd7269f7fed443bc8a0bca5fdb046

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 04:29:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 343886
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8379
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 22 Feb 2024 04:29:03 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 31FD 15 KB
1 KB 91ms
65ms Stylesheet
text/css 2607:f8b0:4008:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C600%7CRoboto%3A400%7CGoogle%20Sans%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4008:809::200a Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d0665e41f3c6d478e2d7bf31dce68ca102e14510cfa6cc39447dcae70b38b2ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 28 Nov 2023 04:00:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 02:24:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Nov 2023 04:00:29 GMT

GET
H3 200 mdc_list_min.js Show response
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame 31FD 27 KB
6 KB 91ms
70ms Script
text/javascript 2607:f8b0:4008:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_list_min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0a0610548e89956b26496552978f70638cbbba6f7d3fc204e137457a52d53f8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 02:23:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5836
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6467
x-xss-protection: 0
server: cafe
etag: 4758454654811317262
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 29 Nov 2023 02:23:13 GMT

GET
H3 200 mdc_menu_min.js Show response
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame 31FD 51 KB
11 KB 80ms
59ms Script
text/javascript 2607:f8b0:4008:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_menu_min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd543b21d162ee922201fe54b79778548f8102ea91376960e856c069a135cb76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 04:13:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85605
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11146
x-xss-protection: 0
server: cafe
etag: 2759356358486721826
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 28 Nov 2023 04:13:44 GMT

GET
H3 200 mdc_menu_surface.min.js Show response
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame 31FD 18 KB
5 KB 89ms
68ms Script
text/javascript 2607:f8b0:4008:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_menu_surface.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35ef325738aec617e593976f23534b7d5b159f4642f24bc7c1bbbb40a7dc181f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 04:34:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84342
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4739
x-xss-protection: 0
server: cafe
etag: 18373107336927916518
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 28 Nov 2023 04:34:47 GMT

GET
H3 200 mdc_select_min.js Show response
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame 31FD 103 KB
18 KB 102ms
81ms Script
text/javascript 2607:f8b0:4008:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_select_min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f61ce0d0d062c15912a8fd7067d050eb058a4947d7d516ffa6efc31fd32ea731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 21:16:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 24229
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18791
x-xss-protection: 0
server: cafe
etag: 10996637669125113147
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 28 Nov 2023 21:16:40 GMT

GET
H3 200 mdc_textfield_min.js Show response
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame 31FD 58 KB
10 KB 75ms
64ms Script
text/javascript 2607:f8b0:4008:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_textfield_min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bbd11d287d579b875f5ba1e88c62f56834dd8d925d7776fdc4eb201cf9aa5192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 23:23:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16599
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10107
x-xss-protection: 0
server: cafe
etag: 7588401036457704084
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 28 Nov 2023 23:23:50 GMT

GET
H3 200 mdc_list_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame 31FD 31 KB
3 KB 68ms
58ms Stylesheet
text/css 2607:f8b0:4008:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_list_min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

39473f41f6492001648e93d50aa18f14ae5e917cd9c93da48ec2dd50ca1f364b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 21:48:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22322
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3021
x-xss-protection: 0
server: cafe
etag: 18113988596513574663
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 28 Nov 2023 21:48:27 GMT

GET
H3 200 mdc_menu_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame 31FD 3 KB
797 B 72ms
62ms Stylesheet
text/css 2607:f8b0:4008:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_menu_min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3c4a4057f02182efe3e8959561124f215a4a8e50e03257b71d550cbf74ecc4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 01:58:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7321
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 766
x-xss-protection: 0
server: cafe
etag: 14497039402300002370
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 29 Nov 2023 01:58:28 GMT

GET
H3 200 mdc_menu_surface_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame 31FD 2 KB
640 B 71ms
61ms Stylesheet
text/css 2607:f8b0:4008:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_menu_surface_min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

389090922185d81fe757eb0e033fccb17583e98a7dc5b9900a1dbd7bb49aafa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 04:13:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85609
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 611
x-xss-protection: 0
server: cafe
etag: 18268606943400439583
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 28 Nov 2023 04:13:40 GMT

GET
H3 200 mdc_select_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame 31FD 37 KB
4 KB 73ms
63ms Stylesheet
text/css 2607:f8b0:4008:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_select_min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5737b0c371611ffbda25040aefb4a72202b3f4f4223da5802f9841823f125ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 02:23:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5810
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3940
x-xss-protection: 0
server: cafe
etag: 17986137158686949241
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 29 Nov 2023 02:23:39 GMT

GET
H3 200 mdc_textfield_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame 31FD 51 KB
5 KB 65ms
61ms Stylesheet
text/css 2607:f8b0:4008:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_textfield_min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5fb44f5faa5569cf002f97433c48ff5f53a0c6a181d3f67858c93a8379dbde0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 21:31:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23359
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4595
x-xss-protection: 0
server: cafe
etag: 17552977722549843295
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 28 Nov 2023 21:31:10 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 31FD 2 KB
828 B 57ms
52ms Script
text/javascript 2607:f8b0:4008:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 21:58:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21745
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 21:58:04 GMT

GET
H2 200 b91a06220cfa130b0e547db55a85d66b.js Show response
www.gstatic.com/mysidia/ Frame 31FD 23 KB
10 KB 108ms
101ms Script
text/javascript 2607:f8b0:4008:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b91a06220cfa130b0e547db55a85d66b.js?tag=exit_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4008:815::2003 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

230d5095dbd1dabfff7ef55aad99c662f57cd847bd3a5c9befd320551027045b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 03:30:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 347424
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9816
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 22 Feb 2024 03:30:05 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 31FD 23 KB
9 KB 58ms
54ms Script
text/javascript 2607:f8b0:4008:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 02:24:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5749
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 02:24:40 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 31FD 3 KB
1 KB 62ms
58ms Script
text/javascript 2607:f8b0:4008:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 04:22:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85057
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 04:22:52 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 31FD 20 KB
8 KB 58ms
54ms Script
text/javascript 2607:f8b0:4008:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 02:21:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5954
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 02:21:15 GMT

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 31FD 202 KB
64 KB 85ms
81ms Script
text/javascript 2607:f8b0:4008:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:806::2002 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:00:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Nov 2023 04:00:29 GMT

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 37DB 39 KB
15 KB 75ms
74ms Script
text/javascript 2607:f8b0:4008:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 21:52:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22078
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 26 Nov 2024 21:52:31 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 0CAB
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CKEVt2mVlZbHyOL-9xtYPxoGZmAXJluyWdK2IrZv_EbCQHxABIKmJ7IoBYMnujovApIwQoAGn7qDSA8gBAqgDAcgDyQSqBMMBT9BiCcnris2HII-0tE9z2AZ1gMbrbua8ckLwfGbasZ8AEE9...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x226d16466797ae030000000000000000%22,%222%22:%220xee2ea3547fed90660000000000000000%22,%223%22:%220xb108c9...

0
0

52ms
51ms

Fetch
text/css

142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x226d16466797ae030000000000000000%22,%222%22:%220xee2ea3547fed90660000000000000000%22,%223%22:%220xb108c9535706f17e0000000000000000%22,%224%22:%220xb502f3ecfed60ef0000000000000000%22,%225%22:%220x49aa1e69dc9a8ae10000000000000000%22},%22debug_key%22:%2212262638905288099247%22,%22debug_reporting%22:true,%22destination%22:%22https://villa.edu%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22977811239%22],%224%22:[%2211-28%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222051644339744000209%22}&andc=true

Protocol

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:00:29 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x226d16466797ae030000000000000000","2":"0xee2ea3547fed90660000000000000000","3":"0xb108c9535706f17e0000000000000000","4":"0xb502f3ecfed60ef0000000000000000","5":"0x49aa1e69dc9a8ae10000000000000000"},"debug_key":"12262638905288099247","debug_reporting":true,"destination":"https://villa.edu","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["977811239"],"4":["11-28"],"6":["true"]},"priority":"500","source_event_id":"2051644339744000209"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 28 Nov 2023 04:00:29 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 28 Nov 2023 04:00:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x226d16466797ae030000000000000000","2":"0xee2ea3547fed90660000000000000000","3":"0xb108c9535706f17e0000000000000000","4":"0xb502f3ecfed60ef0000000000000000","5":"0x49aa1e69dc9a8ae10000000000000000"},"debug_key":"12262638905288099247","debug_reporting":true,"destination":"https://villa.edu","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["977811239"],"4":["11-28"],"6":["true"]},"priority":"500","source_event_id":"2051644339744000209"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 B28975896.352599115;dc_ver=99.292;dc_eid=40004000;sz=160x600;u_sd=1;dc_adk=521587878;ord=39uovf;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCsdEZ2mVlZa_yOL-9xtYPxoGZ... Show response
ad.doubleclick.net/ddm/adj/N443804.2245506CAPTIFY/ Frame 2CE8 80 KB
33 KB 84ms
83ms Script
text/javascript 142.250.81.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N443804.2245506CAPTIFY/B28975896.352599115;dc_ver=99.292;dc_eid=40004000;sz=160x600;u_sd=1;dc_adk=521587878;ord=39uovf;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCsdEZ2mVlZa_yOL-9xtYPxoGZmAX_o5erdI6rkZHgEK_Mor3AARABIKmJ7IoBYMnujovApIwQoAHB1pSOA8gBCagDAcgDmwSqBOUBT9BTmV-aXVNsyQkMzuIl0veBkwyQ7qdFgR_AmPKABByJeaYbzZ2Ty3Kkq7n2PABkNO4txbyFgTTIp-hCaCVGVWN0M9Laqd9BwR3uk37nY0cc06VusHjAg5-ozwZDYV3jdjxzrJx_x6LmHudR3NE0s7wbb-08HnG2PUS_KlTb6Jze1jZRiJAAVogsrPZp2Q9oigCRuNZjPPwAEU3462YHRee4RtvrzeA9LSjw-DBGV3u02nIqsGd6NvWt0W41aN972LGL18By24GTwX5kTTNgCMrqQ-6PRpI60M0cbFGlndZC_2DQksAEo-iM5a8E4AQDiAXZ1NH4R5AGAaAGTYAHp6nrcagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgfMgKKAjoCgEBIvf3BOoAKAZgLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAqoNAlVTsBPx8foU0BMA2BMDiBQD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNzGapUP_jDz8i-qY4SI_3oXXYpssJEwCQ5UboSK3hXoOLwhNXrAAo6DffKfnUBolvpa1OAVq_E4ETCqH2y0J80taok7A_blnPQxgB%26sig%3DAOD64_3Ep0i9NSD8llj4fvCIx1OQB9N-wQ%26client%3Dca-pub-3130448679272231%26dbm_c%3DAKAmf-CN1Dyvc7rttAzYWGbsXTgLJ0jR14O52yvowlG2WtwUAfEv0dH3nTF9BkWGUfyVONKQRYL8u1LsC7oLkrM2PlEkDVMYatStHljLDjn8eks5MSYDmsrILg1LERGoR7ocgcczlKcH4Hc-X3F2tv6wFSLWSOk6mKWyinTXqs8oOM3exhcUpi0%26cry%3D1%26dbm_d%3DAKAmf-AjY0MrBwLUZsu7hnG9w37ArETUonCePN_fw1UQK3M1oQtUZQ7NeVoXr_LJfNYekTrQkCeNmF9JCV_so7yVJyI-AqQn2n40GSAp2VjMptMhqP0i1M2UBwq8Snz2zSdhjnNXqe7aAiisba4VIejoYIy-lB7Y4AqcHL52gJdifzYeihgmRDL5-Gu96hmkyIU92kOwQtLO5R4oWy8BushZrr4E_aIvNXpU4ik5X3QdrivbStb7LgZyI95uXhjdXvb9ccDwx_vhkIs1KM2KrGSCf_BJcw4TBYohuHl1WDfdvBpKUUH8iFUnl7ATnJTUzM03hslQC2N3r6Bw-tUcxSUqFTkbnpob1EqWMiMid7cMAtmtXVCD4I9ERjz4R3Rl17cb4vhPOsdUL307CoQzirRzMcmFwtrqomwgCd0IaQJAJbqZHQp0UC13oE8xOaYlqEG-9AgaFxabNzVjz2vKNQly-iIAQV4bSGN8rynpP5qzNC2QtlGeQoAlpZhyt3HJOn_yyQNgFvJUqVrWUo-Ci7l2eKmWEU5JLtPql6GKMIGVebGjr9DAqrY%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fzaly.online%2F$0;xdt=1;crlt=sD'IK5HzVI;stc=1;chaa=1;sttr=173;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v99.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.81.230 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f6.1e100.net

Software

cafe /

Resource Hash

1e1078d97060cccda073393cca614c7aef5b94f3dce291fc0c075fd9a817145a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33666
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 0EB2 38 KB
13 KB 53ms
52ms Document
text/html 2607:f8b0:4008:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 18119
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 22:58:30 GMT
expires: Tue, 26 Nov 2024 22:58:30 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js Show response
pagead2.googlesyndication.com/bg/ Frame 40E0 38 KB
15 KB 55ms
54ms Script
text/javascript 2607:f8b0:4008:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf3ae3cb276e14b8260f0a5581a6da12c86d3963549a2747e0099a0d85361412

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 06:56:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 248663
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14894
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 24 Nov 2024 06:56:06 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 52ms
51ms Preflight
text/html 142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x226d16466797ae030000000000000000%22,%222%22:%220xee2ea3547fed90660000000000000000%22,%223%22:%220xb108c9535706f17e0000000000000000%22,%224%22:%220xb502f3ecfed60ef0000000000000000%22,%225%22:%220x49aa1e69dc9a8ae10000000000000000%22},%22debug_key%22:%2212262638905288099247%22,%22debug_reporting%22:true,%22destination%22:%22https://villa.edu%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22977811239%22],%224%22:[%2211-28%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222051644339744000209%22}&andc=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 28 Nov 2023 04:00:29 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5841 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e7fdf2a3ed48374d880561e4061612e2736284d20a4460a50fbff88d05631696

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 2CE8 111 KB
39 KB 165ms
53ms Script
text/javascript 2607:f8b0:4008:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: zaly.online
URL: https://zaly.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:801::2006 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:10:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57019
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 28 Nov 2023 12:10:10 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 2CE8 11 KB
4 KB 54ms
53ms Script
text/javascript 2607:f8b0:4008:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N443804.2245506CAPTIFY/B28975896.352599115;dc_ver=99.292;dc_eid=40004000;sz=160x600;u_sd=1;dc_adk=521587878;ord=39uovf;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCsdEZ2mVlZa_yOL-9xtYPxoGZmAX_o5erdI6rkZHgEK_Mor3AARABIKmJ7IoBYMnujovApIwQoAHB1pSOA8gBCagDAcgDmwSqBOUBT9BTmV-aXVNsyQkMzuIl0veBkwyQ7qdFgR_AmPKABByJeaYbzZ2Ty3Kkq7n2PABkNO4txbyFgTTIp-hCaCVGVWN0M9Laqd9BwR3uk37nY0cc06VusHjAg5-ozwZDYV3jdjxzrJx_x6LmHudR3NE0s7wbb-08HnG2PUS_KlTb6Jze1jZRiJAAVogsrPZp2Q9oigCRuNZjPPwAEU3462YHRee4RtvrzeA9LSjw-DBGV3u02nIqsGd6NvWt0W41aN972LGL18By24GTwX5kTTNgCMrqQ-6PRpI60M0cbFGlndZC_2DQksAEo-iM5a8E4AQDiAXZ1NH4R5AGAaAGTYAHp6nrcagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgfMgKKAjoCgEBIvf3BOoAKAZgLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAqoNAlVTsBPx8foU0BMA2BMDiBQD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNzGapUP_jDz8i-qY4SI_3oXXYpssJEwCQ5UboSK3hXoOLwhNXrAAo6DffKfnUBolvpa1OAVq_E4ETCqH2y0J80taok7A_blnPQxgB%26sig%3DAOD64_3Ep0i9NSD8llj4fvCIx1OQB9N-wQ%26client%3Dca-pub-3130448679272231%26dbm_c%3DAKAmf-CN1Dyvc7rttAzYWGbsXTgLJ0jR14O52yvowlG2WtwUAfEv0dH3nTF9BkWGUfyVONKQRYL8u1LsC7oLkrM2PlEkDVMYatStHljLDjn8eks5MSYDmsrILg1LERGoR7ocgcczlKcH4Hc-X3F2tv6wFSLWSOk6mKWyinTXqs8oOM3exhcUpi0%26cry%3D1%26dbm_d%3DAKAmf-AjY0MrBwLUZsu7hnG9w37ArETUonCePN_fw1UQK3M1oQtUZQ7NeVoXr_LJfNYekTrQkCeNmF9JCV_so7yVJyI-AqQn2n40GSAp2VjMptMhqP0i1M2UBwq8Snz2zSdhjnNXqe7aAiisba4VIejoYIy-lB7Y4AqcHL52gJdifzYeihgmRDL5-Gu96hmkyIU92kOwQtLO5R4oWy8BushZrr4E_aIvNXpU4ik5X3QdrivbStb7LgZyI95uXhjdXvb9ccDwx_vhkIs1KM2KrGSCf_BJcw4TBYohuHl1WDfdvBpKUUH8iFUnl7ATnJTUzM03hslQC2N3r6Bw-tUcxSUqFTkbnpob1EqWMiMid7cMAtmtXVCD4I9ERjz4R3Rl17cb4vhPOsdUL307CoQzirRzMcmFwtrqomwgCd0IaQJAJbqZHQp0UC13oE8xOaYlqEG-9AgaFxabNzVjz2vKNQly-iIAQV4bSGN8rynpP5qzNC2QtlGeQoAlpZhyt3HJOn_yyQNgFvJUqVrWUo-Ci7l2eKmWEU5JLtPql6GKMIGVebGjr9DAqrY%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fzaly.online%2F$0;xdt=1;crlt=sD'IK5HzVI;stc=1;chaa=1;sttr=173;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 12:17:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56589
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 12:17:20 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 2CE8 41 KB
14 KB 55ms
54ms Script
text/javascript 2607:f8b0:4008:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: zaly.online
URL: https://zaly.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 05:43:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 598631
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Nov 2024 05:43:18 GMT

GET
H2 200 main.19.8.461.js Show response
static.adsafeprotected.com/ Frame 2CE8 213 KB
66 KB 602ms
121ms Script
application/javascript 2600:9000:2137:3400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.461.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/1841082/76634004/skeleton.js?bundleId=&ias_dspID=3&ias_campId=27647240&ias_pubId=pub-3130448679272231&ias_chanId=1&ias_placementId=19311913561&bidurl=https://zaly.online/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0j219qjRqnpuv44KFe8zdGL
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2137:3400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5d60c053b0001fc62bddd8d273be2d45bd62085f6179c57e1d2ae8fc6be54819

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 09:25:22 GMT
x-amz-version-id: SsS9NfODLbDHY8VzzB.lL2F1gs9DY59I
content-encoding: gzip
via: 1.1 2efed3c5903f1fa517911255bb91ba4a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAH50-C4
age: 498908
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Wed, 22 Nov 2023 09:25:12 GMT
server: AmazonS3
etag: W/"315b08a0e21410ecc940dd381f9a8dd0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: dH8Z-hxxdZzETJuC9kqlyAhoqlV8j4U8Mash0jkGLyoB5S8TA64sow==

GET
H3 200 view
ad.doubleclick.net/pcs/ Frame 5841 0
0 69ms
68ms Fetch
image/gif 142.250.81.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsvI7GapFdDjdHBZfNkTDRwnu6wtmTkcQBQnBGcDLSK-Y7lWSOrvL05DZTp8485gw3CjwIJ7BEXGxL7vl3nP5s5bfQYX57yYdfRsnAm_vVE0clX4eFrIVYG1BQPo8iSsX9HX9tXW8vKNaRseolSJs47bVQcbT6WJNKolIP3enNEQk3NAv4gzgJOrQF3LrkMPg_OBEIFfhNu2t9HjB_H19ekQxWn_x6oypkAfi6yNayI2gHyWsSje0hFmS4jyWsPLVeqfKmTL9po8ICC9lD4Wu-8n034STDM2DNhsibU2t0k0Wtsd4Cft2IISNdwT7lts_EM7TcMilWJIczJReDX738CUgBRUwOHk7Rwl2RzyCkLPjynmZgw5Zc_WvRBHL58wTdNnr7AtJGv99b8Hu4Nfxq_QYizyxMQTuc4aiJytpbWlRZVx1K4ltKJTrbc3xWL7kMd5JYBdcPYjhZVRbSA39SEU2zaVuqVizCNNjtute4yLCozVQVJDHzSi6qhJa6UDCzft6uPcBq-JLHeaJi0RZpwrSEaaeS3T0j-AYS1DTlcApq2yiCqSca96yeH-ajj93p8up1XNwi6N6NFUWKXFVK3rFEOZLsTv3ScBzufR5Y2rIwtD2El7rkNficYfOdVomSIYVXNUNNv9VnNQad7M6Zg0AbyonVYOfyNHi1m2m9NmnVFuLZro533xrVzSodEj-HFIJOid9l_09e-QvFlPxIRvtebTwD9BO82eSLImlbc0LO7xvzvB_eKJgcCYAq2UEy6jB7MyyrQYsmttOzD0ZiucSdcpmdkieGG4ZDK_BMBFb665Zeyw00hMDPur7I5JQ4XRTXTUTKWrDHVhczgfWzGi2-BLpIxI7n2wpShe260Uo90KHO31TCDXXj1WTEdnudj-riw0xjy2suCPHh9HXihT-uOvhb2tM4DpYIHj2tjrEZQlQOpTmsMz7qB-ueqOH78Jj0jBwqekVNDz2vfBV0Le-zaciqYw-VY9ZUCR2hLsayLFecA0w3PtgkeFm-cUAWj6poX3-SwVPdWie438KP8XR9kb_LMqIEmrzmUJXmV3-lbBgA7zDsTk6CGZTf02cBywJDQrYuVHDMTGGM-dkCsiZ5te3WDhM5hE4D_nFCcE0qfyFRTOIDz9phnoWmY-ptUu-_IqZA5BAS71h7zz0zuQNZaLwbbUfv-jyM4fNWCaFr0MWnQFeW3FYditu_7qMwJWS06Ci54gKQztN8xIorqArsUTThOAkNjmHAPSNIPfDgkuBbj1dM3rttcQCrxSweqtu5CAiU1raIsTZikZmpq9wKJvFTu9XrSq9ZzIYA&sai=AMfl-YQfK-J_Wfe4O8D3CSw5RKRWAxwawt2-H0loMNSuCba0-Ru7xzDnVkzVr0TJCoxXHj_f2KZhy6isERx_GokXslFvM0vcbBvQzgdWXh0bf1Nac4FTi_FEPNxqc2GjLX4KnR8Os4JnEkGJN3pnO4qnVr0QlBZZYz2meTuqg0KvxORqQljetZ5tF9srSA2uRaqp8BxyQhUn0kCoPmEr27QC4TrfQIzU1tL0-xPkzg-CqKZccEc1pzD1oUPiw4-9Ol7ShbmX-6EFXL-IOWWHE5sYWhcwwjmVKOA_cIPDWQrQ3f9qGPX6NjZw4P-ICEJe7DEiZ7r2l0Ma8COq5yoPGjk_mpl_GnaYL6rgBSdALbwUeTfXZBTX5EHIOIRdUxsrkcNJsxUJonGwG0NhGB3xyn7hSzDMWr4RpMcxf6b5uwfPtqQVHk-SSz1hpCASJZPcV_eaiZDUJ9QYAyLwhbQlkGgH_lEldrdpZvCoc4bGQEJura-hyMsXyvml3gHeuCYljJS3wPFAtg&sig=Cg0ArKJSzDvLleZp98UyEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9tYXNpc3N0YWZmaW5nLmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=651&cbvp=2&dett=2&cstd=1&cisv=r20231109.61519&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: zaly.online
URL: https://zaly.online/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.81.230 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s74-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 28 Nov 2023 04:00:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 31FD 0
28 B 68ms
68ms Ping
image/gif 2607:f8b0:4008:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgoMCAEqCHBvcnRyYWl0CgoIAioGc2VydmVyChgIBCoUbXlzaWRpYV9yZWxlYXNlX3Byb2QKLhohZGlzcGxheV9sZWFkX2Zvcm1fcXVlc3Rpb25fbnVtYmVyIQAAAAAAAAhAMAEKDRArIQAAAAAAAElAMAESGkNLN0h2NnZuNVlJREZiLWUwUVFkeGtBR1V3IhZsZWFkZ2VuL2Zyb3Ntb3RoX2ltYWdlKCw=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/1290528a0f60de16515866847082b13a.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 0EB2 39 KB
15 KB 54ms
53ms Script
text/javascript 2607:f8b0:4008:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 21:52:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22078
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 26 Nov 2024 21:52:31 GMT

GET
H3 200 vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js Show response
pagead2.googlesyndication.com/bg/ Frame 90DD 38 KB
15 KB 53ms
53ms Script
text/javascript 2607:f8b0:4008:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf3ae3cb276e14b8260f0a5581a6da12c86d3963549a2747e0099a0d85361412

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 06:56:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 248663
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14894
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 24 Nov 2024 06:56:06 GMT

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 6D29 38 KB
13 KB 53ms
52ms Document
text/html 2607:f8b0:4008:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 18119
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 22:58:30 GMT
expires: Tue, 26 Nov 2024 22:58:30 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 9B4B 4 KB
655 B 71ms
70ms Stylesheet
text/css 2607:f8b0:4008:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3130448679272231&output=html&h=280&adk=1980682340&adf=3750240013&pi=t.aa~a.1383163065~rp.4&w=940&fwrn=4&fwrnh=100&lmt=1701143153&rafmt=1&to=qs&pwprc=4365785914&format=940x280&url=https%3A%2F%2Fzaly.online%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701144028574&bpp=1&bdt=3194&idt=1&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51474cc3657465e7%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MbhfGLvMgVxjGDwVhkCy0kJo_etKg&gpic=UID%3D00000da452bb580f%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MaW2imH7PGd5p1aCMH2z2qBmuttGQ&prev_fmts=0x0%2C620x280&nras=2&correlator=5891447285237&frm=20&pv=1&ga_vid=1315140130.1701144026&ga_sid=1701144027&ga_hid=1864439633&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=2649&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079654%2C44807405%2C44807763%2C44808149%2C44808285%2C44809054&oid=2&psts=AOrYGskhb-bZ7MQrozXSy7Ek8nsl5PD-gOgYuW20QgE0XHCEki0MqEZEipt_O9oJN6aeg0_Mbeca7wjj2xirwRKtspJJkg&pvsid=3510725109261731&tmod=1102444141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:809::200a Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 28 Nov 2023 04:00:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 02:24:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 28 Nov 2023 04:00:29 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 9B4B 2 KB
828 B 54ms
52ms Script
text/javascript 2607:f8b0:4008:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 21:58:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21745
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 21:58:04 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 9B4B 23 KB
9 KB 53ms
52ms Script
text/javascript 2607:f8b0:4008:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 02:24:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5749
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 02:24:40 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 9B4B 3 KB
1 KB 57ms
56ms Script
text/javascript 2607:f8b0:4008:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 04:22:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85057
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 04:22:52 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 9B4B 20 KB
8 KB 55ms
54ms Script
text/javascript 2607:f8b0:4008:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 02:21:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5954
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 02:21:15 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 9B4B 0
0 75ms
73ms Image
text/html 2607:f8b0:4008:805::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTUzld8mX1aomRZKrA62EWgEihE0blRQh5MHKNJI--LEpj4jd6O-G4r0gBsKwECAPOhu7DElA78R12wtI-NeF3ObyuL6w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3130448679272231&output=html&h=280&adk=1980682340&adf=3750240013&pi=t.aa~a.1383163065~rp.4&w=940&fwrn=4&fwrnh=100&lmt=1701143153&rafmt=1&to=qs&pwprc=4365785914&format=940x280&url=https%3A%2F%2Fzaly.online%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701144028574&bpp=1&bdt=3194&idt=1&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51474cc3657465e7%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MbhfGLvMgVxjGDwVhkCy0kJo_etKg&gpic=UID%3D00000da452bb580f%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MaW2imH7PGd5p1aCMH2z2qBmuttGQ&prev_fmts=0x0%2C620x280&nras=2&correlator=5891447285237&frm=20&pv=1&ga_vid=1315140130.1701144026&ga_sid=1701144027&ga_hid=1864439633&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=2649&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079654%2C44807405%2C44807763%2C44808149%2C44808285%2C44809054&oid=2&psts=AOrYGskhb-bZ7MQrozXSy7Ek8nsl5PD-gOgYuW20QgE0XHCEki0MqEZEipt_O9oJN6aeg0_Mbeca7wjj2xirwRKtspJJkg&pvsid=3510725109261731&tmod=1102444141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4008:805::2004 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9B4B 202 KB
64 KB 73ms
72ms Script
text/javascript 2607:f8b0:4008:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:806::2002 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:00:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Nov 2023 04:00:29 GMT

GET
H3 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 9B4B 37 KB
15 KB 55ms
54ms Script
text/javascript 2607:f8b0:4008:815::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:815::2003 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 22:45:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 537308
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 19 Feb 2024 22:45:21 GMT

GET
H3 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 6D29 39 KB
15 KB 54ms
54ms Script
text/javascript 2607:f8b0:4008:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 21:52:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22078
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 26 Nov 2024 21:52:31 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 32C4 1 KB
650 B 58ms
55ms Document
text/html 2607:f8b0:4008:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 56641
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 12:16:28 GMT
etag: 48472445140208031
expires: Tue, 28 Nov 2023 12:16:28 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 37DB 0
28 B 71ms
70ms Image
image/gif 2607:f8b0:4008:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BnHWy2mVlZbDyOL-9xtYPxoGZmAUAAAAAOAHgBAI&bg=!hIelh8jNAAZxrfrxUa07ADQBe5WfOIzXe8MRMvr4GZw3IiPKy22ZmpVxZ1a_F3ZefOn40XEdQs94ieB8Z7BurHJItnFIAgAAAPlSAAAAAmgBB5kDBZ5TutUihLulHw4-bi1HvPQc_xCIL6tRXsX-C7WuTUphafaEpc3K5pl93x1r6SWtyx7itZWLJaw5DEohdU1GTpT4rNu1PLGMmtIZ99G61g6qmjGFvDIZZchm3-Gt3pOty4cmcRTtOKfe5-uOe5CNrhWwgKHSQ0XmY_eeFiAuGVk75h9LkIe0NLOXVQkii1RzbDYk2iZimu3U4sVZ0P3Rc4gpMmXGWHSbhDGaB3Narmg5FfR6gO8pD2n9w00FFriMDYBJtrauebyUSAf-Ht4ix0NHactY_1Rcp5gCWweGbbzjaP6oR21DlYRlqECeOk6oAfr18vK14PZTltxLMNKQx_dwCLiZuw6bBkuU01-fbEw0N4gjh5S5SqC2Za22t0sfYHNKNufAIzxXTvpw8zybHhz2O8BOgq4YpzSfWLFsrHK-fYAiN9a7RaubjtRxg5xUGNS9B0AiLoYlx0Uo5BU0d5d8xh9zBPRZHBDaNnhHmlGpKKmvng1mnSWI1K01O9BGZ07RkZ42JKQutP_z4egqniHtTVkATQqPaATy0XOtNDKMXz-VxNW1Y7WsyHQyxE68f9pBjj9jJseE7E_ou30BTLo10f2S-5UDhyPSmQpFBwstrzW--AvaGSogZed4pashSbqekEJMp_YlvOYcUZlQBYoiFmOPbGAbpwO4Sq47bNW6-eUQImAO3rT9sP1cVIz0JAnskMdsZyNMGuDzmEJgx2lR9FZtDlLyQ1PP4L6YSiHSEUKQ4oCS97WV3_59ZXDNPCnvKgL3xY8A2asO0CVJSGvQJmCwwmuvWWy2V4utW8lsCmZlDIApYQdmwsML2403UFn0yB6gOwHMG37HbkN51VmRJmdf4xUPEm82WXLbLK3o-Ql7xPwGEy8j4ttV-qYcEnPOLsbuu-hOcKcOdUpBW_6oTK7xGV_KTLbSBgG2IoD_mUBSTGOG5ro2GOKO09_pybEFbY4rpuNFLqJa2xagrxdS_TUbNdk9msh7WpN7aQX-KsPgw-5j-vaxpgxI_RIR2FCkHMit

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/12608145398759516290/ Frame 9B4B 55 KB
55 KB 100ms
100ms Image
image/jpeg 2607:f8b0:4008:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12608145398759516290/14763004658117789537?w=600&h=314&tw=1&q=75

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b8dbe372d55aac61751e3c8aa96d3ba9c73ca7c02cf85ab0499886137b5fbae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:00:29 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56582
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 12:56:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 27 Nov 2024 04:00:29 GMT

GET
H3 200 5894083041039939252
tpc.googlesyndication.com/simgad/ Frame 9B4B 2 KB
2 KB 55ms
55ms Image
image/png 2607:f8b0:4008:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5894083041039939252?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc4a1afb694e93410712d128ca7405dec5afb5561b347fa34f4da39ae17ad1f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 03:09:51 GMT
x-content-type-options: nosniff
age: 3038
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2333
x-xss-protection: 0
last-modified: Wed, 18 Nov 2020 09:57:44 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 27 Nov 2024 03:09:51 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/crossmediaadvdcm491634115592/ Frame 2CE8 336 KB
114 KB 115ms
28ms Script
application/x-javascript 23.51.58.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/crossmediaadvdcm491634115592/moatad.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.58.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-58-26.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: ebc94cc158b409fd54e12310afd7c12d0022544d0b64c659b9c1ecbf433a6a2f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:00:29 GMT
content-encoding: gzip
last-modified: Tue, 31 Oct 2023 08:17:44 GMT
server: AmazonS3
x-amz-request-id: 13Q776CBSZJ157MX
etag: "97bf7e1a47e0049408afefc025001b5f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=15826
accept-ranges: bytes
content-length: 116823
x-amz-id-2: GE3nrYYVMrioM5RECJ8JBsLiKcVsvb+IFPWqtuwF9npJ67straLHwgXjF/FN4UcHRRrinPJS3Rs=

GET
H2

200

firstevent Show response
usbank.demdex.net/ Frame 2CE8
Redirect Chain

https://usbank.demdex.net/event?d_event=imp&d_src=181138&d_creative=183441212&d_campaign=28975896&d_placement=352599115&d_site=3330315&d_bust=2877588321
https://usbank.demdex.net/firstevent?d_event=imp&d_src=181138&d_creative=183441212&d_campaign=28975896&d_placement=352599115&d_site=3330315&d_bust=2877588321

42 B
722 B

46ms
45ms

Script
image/gif

52.45.157.3
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://usbank.demdex.net/firstevent?d_event=imp&d_src=181138&d_creative=183441212&d_campaign=28975896&d_placement=352599115&d_site=3330315&d_bust=2877588321

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Server

52.45.157.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-45-157-3.compute-1.amazonaws.com

Software

Resource Hash

1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

dcs: dcs-prod-va6-2-v053-0c56b2299.edge-va6.demdex.com 5 ms
pragma: no-cache
date: Tue, 28 Nov 2023 04:00:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: GF0WUw7kSVQ=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-va6-1-v053-05b6c2351.edge-va6.demdex.com 0 ms
pragma: no-cache
date: Tue, 28 Nov 2023 04:00:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: n4nx+MVgQN4=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://usbank.demdex.net/firstevent?d_event=imp&d_src=181138&d_creative=183441212&d_campaign=28975896&d_placement=352599115&d_site=3330315&d_bust=2877588321
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2CE8 202 KB
64 KB 84ms
84ms Script
text/javascript 2607:f8b0:4008:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:806::2002 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:00:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Nov 2023 04:00:29 GMT

GET
H2 200 index.html Show response
s0.2mdn.net/sadbundle/214269559785654871/ Frame 2682 6 KB
2 KB 54ms
53ms Document
text/html 2607:f8b0:4008:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/214269559785654871/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4008:801::2006 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

842168fa3f7147fa8d30182b9b15f5a0fe207d9acc2687a8fdec6a524a61d1f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 540919
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2068
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 21 Nov 2023 21:45:10 GMT
expires: Wed, 20 Nov 2024 21:45:10 GMT
last-modified: Wed, 07 Dec 2022 16:50:14 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2CE8 0
0 213ms
70ms Fetch
image/gif 172.217.3.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuZYsfh7HXS1Rx5Ab6rhRTgNSbgN8qN34YEwP4KzsPJNPdZMNQPsJbQ1bATzvb3mkGLDZeRHHWpZ_6UA8HM7V26wrshnPn6vxuxsrRLgFBgjPNM2nhoRLDdY5dVzlqwq7Zmj21LGcfMbLxU2OJ3pcjPBPXDz7DDiTfNgDoGx229U7BqZRjao4Fd8wGbjA&sai=AMfl-YSUsnF9yoDD9sT0h7QW-z9A0gFQINGBPdluL2bMWr_7jM5dcxJIxVyPKTsXeLuDCumdBl-2xQdzBtYzjjppDmWTd4Bj5N60L8SGfA&sig=Cg0ArKJSzLDbhJeMpSAGEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=261&cbvp=1&cstd=259&cisv=r20231109.36745&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: zaly.online
URL: https://zaly.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.3.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mia07s54-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:00:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1

200
OK

a.gif
acxmetrics.usbank.com/d/ Frame 2CE8
Redirect Chain

https://acxmetrics.usbank.com/1/d/c.gif?aqet=imp&adv=6219544&ca=28975896&cr=183441212&pl=352599115&sid=3330315&sg=0&puu=AMsySZa-eDbp4KiQ6o_EaOfXyjDN&geo=ct=US&st=NY&city=13347&dma=16&zp=14202&bw=4&...
https://acxmetrics.usbank.com/d/a.gif?gdpr=T&img=true&tt=c.gif&reload=true&z_evid=F55EABEADA4F7D738E33BB0147BDA64322361DDCF0245B7F4E3FD3EBD6BE9BCF

42 B
304 B

29ms
28ms

Image
image/gif

23.44.203.13
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://acxmetrics.usbank.com/d/a.gif?gdpr=T&img=true&tt=c.gif&reload=true&z_evid=F55EABEADA4F7D738E33BB0147BDA64322361DDCF0245B7F4E3FD3EBD6BE9BCF
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: HTTP/1.1
Server: 23.44.203.13 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-203-13.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 28 Nov 2023 04:00:29 GMT
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 42
Expires: Tue, 28 Nov 2023 04:00:29 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 28 Nov 2023 04:00:29 GMT
Edge-Log-Oth: 0!beh!c030!null!acxmetrics.usbank.com!%2f1%2fd%2fc.gif!1701144029!US!252A741DDAD30DBDDEF52E241084EED1!Mozilla%2f5.0%20(Windows%20NT%2010.0%3b%20Win64%3b%20x64)%20AppleWebKit%2f537.36%20(KHTML%2c%20like%20Gecko)%20Chrome%2f119.0.6045.159%20Safari%2f537.36!image%2favif%2cimage%2fwebp%2cimage%2fapng%2cimage%2fsvg+xml%2cimage%2f*%2c*%2f*%3bq%3d0.8!en-US%2cen%3bq%3d0.9!gzip%2c%20deflate%2c%20br!NY!42.8954!-78.8862!514!1280!EST!716!36029!BUFFALO!!!vhigh!6E8F2CA68B713A394AE24B02F3E2827E!09D2B2ADF29007A70A3B16A4183266C0!,z_evid=F55EABEADA4F7D738E33BB0147BDA64322361DDCF0245B7F4E3FD3EBD6BE9BCF,newuu=1,ck__acxmetrics=FyzLDVZWXdaq0AEM
Content-Type: text/html
Location: /d/a.gif?gdpr=T&img=true&tt=c.gif&reload=true&z_evid=F55EABEADA4F7D738E33BB0147BDA64322361DDCF0245B7F4E3FD3EBD6BE9BCF
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 0
Expires: Tue, 28 Nov 2023 04:00:29 GMT

GET
H2 200 /
d.agkn.com/pixel/10690/ Frame 2CE8 43 B
614 B 138ms
32ms Image
image/gif 2600:9000:21da:8800:19:fc2c:a140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.agkn.com/pixel/10690/?che=2877588321&cmid=28975896&sid=3330315&pid=352599115&cgid=545364535&cid=183441212&aid=6219544&gdpr=&gdpr_consent=
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21da:8800:19:fc2c:a140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:29 GMT
via: 1.1 fd6ee8ff46440f33e22da71450793e70.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR53-C1
x-cache: Miss from cloudfront
p3p: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: image/gif
cache-control: no-cache, must-revalidate
content-length: 43
x-amz-cf-id: AnfcV2T2GFEn_W1HdR4IomTpcByb6QjeZR8o-SI6BZBiai1_d8enPw==
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 57ms
56ms Script
text/javascript 2607:f8b0:4008:815::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: server.zmedia.vn
URL: https://server.zmedia.vn/static/template/passback/balloon-pc.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:815::200e Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zaly.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 28 Nov 2023 03:16:40 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 2629
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 28 Nov 2023 05:16:40 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 3 B
23 B 65ms
64ms XHR
text/plain 2607:f8b0:4008:815::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1864439633&t=pageview&_s=1&dl=https%3A%2F%2Fzaly.online%2F&ul=en-us&de=UTF-8&dt=Zaly.Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cn=zaly.online&cs=Balloon&cm=&cc=&_u=aADAAUABAAAAACAAI~&jid=1164870637&gjid=303356168&cid=1315140130.1701144026&tid=UA-206083988-2&_gid=1991288284.1701144026&_r=1&_slc=1&z=660014020

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:815::200e Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://zaly.online/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://zaly.online
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 154 KB
52 KB 84ms
81ms Script
text/javascript 2607:f8b0:4008:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3130448679272231

Requested by

Host: server.zmedia.vn
URL: https://server.zmedia.vn/static/template/passback/balloon-pc.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3cb5d96dd83517f2586ecce90fa45ea2781cd63dc89bbceaae49319098deb7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zaly.online/
Origin: https://zaly.online
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:00:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52994
x-xss-protection: 0
server: cafe
etag: 15827408577248677140
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 28 Nov 2023 04:00:29 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 45DA 103 KB
39 KB 1247ms
1247ms Document
text/html 2607:f8b0:4006:816::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3130448679272231&output=html&h=250&slotname=6538754230&adk=3030280808&adf=299928974&pi=t.ma~as.6538754230&w=300&lmt=1701143153&format=300x250&url=https%3A%2F%2Fzaly.online%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701144029756&bpp=2&bdt=4376&idt=2&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51474cc3657465e7%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MbhfGLvMgVxjGDwVhkCy0kJo_etKg&gpic=UID%3D00000da452bb580f%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MaW2imH7PGd5p1aCMH2z2qBmuttGQ&prev_fmts=0x0%2C620x280%2C940x280%2C1600x1200%2C160x600%2C160x600%2C1005x124&nras=6&correlator=5891447285237&frm=20&pv=1&ga_vid=1315140130.1701144026&ga_sid=1701144027&ga_hid=1864439633&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1300&ady=944&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079654%2C44807405%2C44807763%2C44808149%2C44808285%2C44809054&oid=2&psts=AOrYGskhb-bZ7MQrozXSy7Ek8nsl5PD-gOgYuW20QgE0XHCEki0MqEZEipt_O9oJN6aeg0_Mbeca7wjj2xirwRKtspJJkg%2CAOrYGskwXkveVVZvs1-wDcxk_-1mgLpzGlIdMHzkEeNJWvkvVOuaBcYqvphc3ol8_lbZBfxcooWbelubZV0QcG2ioe6blruFfBrJbAzQmbHVN-OA77o&pvsid=3510725109261731&tmod=1102444141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&fsb=1&dtd=8

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_fy2021.js?bust=31079654

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c48b867bef0ad9445c7fec13b7fb379804641bbe9c4b1231fad7f42502a150e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://zaly.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 39542
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 28 Nov 2023 04:00:30 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200 zOHQRhkXT0fmXXtzTLxs6KUxZKQf7sLCmBNOcLU2FEcJ-0LuigSv7DQ8wYyFs3RUB9FJ37c_QDEP1d3xfHdZPfjMlFC1_kFIlOPM9nDdtgiwjCxbdayBlXrsbKEhBFPoGFVzZS2qawV6zfzpIsxBHkM7d33zX-TOIN-V4WWFZAc3mENL-Okwxw1qrX0bIXk6yAtc7...
aj1559.online/ 49 B
512 B 35ms
35ms Image
image/gif 212.124.124.115
TRI-AS DigitalOne AG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aj1559.online/zOHQRhkXT0fmXXtzTLxs6KUxZKQf7sLCmBNOcLU2FEcJ-0LuigSv7DQ8wYyFs3RUB9FJ37c_QDEP1d3xfHdZPfjMlFC1_kFIlOPM9nDdtgiwjCxbdayBlXrsbKEhBFPoGFVzZS2qawV6zfzpIsxBHkM7d33zX-TOIN-V4WWFZAc3mENL-Okwxw1qrX0bIXk6yAtc7uWiFbPc1f_vwx1DDkq2jboKuS2m-c-PXY5qckdLoAElfRJfktXGZjVl3Oqxwfk3_GRCFfLyXw5cng8bsqUeyDvkTWeOh4DwPIiz3TKUcvR_i5dku8c7z4grcgSsi-XMGwgGB65V4qt2XwGKTms4dWyESVAPN3-uVGX1LSxXKAZ_Mj8UZsEFmepWhaKAwMj_vduX8y-L3_vVpX_Y?DC=DO
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 212.124.124.115 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zaly.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:29 GMT
last-modified: Mon, 06 Nov 2023 14:46:40 GMT
accept-ch: Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
etag: W/"49-1699282000000"
p3p: CP="CAO PSA OUR"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
permissions-policy: *
accept-ranges: bytes
content-length: 49
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6D50 42 B
64 B 76ms
75ms Fetch
image/gif 2607:f8b0:4008:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvZmoWDLMQiePAAMrAjZ5uokCeolHtcuvczUDlBD5zAxb5l41gRFVTfsEmMnEiYCiLQsFaBa6gh70EyqPWd2DS6elUzncMJE1UQTu-UXErvw2yV0uMbjGl-HNcNVqF1KYioERxzjNyVFQ&sai=AMfl-YRhmw7NEfQphz-wb39WXu2ADaqNojbWrQj1Uq89P8Ejvj-NELI4U6-F0xg5_4SsIVPfVPrAlidirFxAdMuvdAmDTbJH4d24QtO1ECe0zdY6w_Rr_uux4Qzoy6gi9YFdB-JY6bvqDQsBH80XeexZvud1mGE0gskZn1g&sig=Cg0ArKJSzLPLVMYgF3YQEAE&cid=CAQSTgDICaaN5jCgdMEV9KOYhqw8Et8d697m3AiaZZTS2hpQJ5Ki4Fc86gR3m3njpniUGctz4anQMpqU0Exb86I5Znoe4o6kuhChmEWSkMcVIhgB&id=lidar2&mcvt=1027&p=0,142,280,478&mtos=1027,1027,1027,1027,1027&tos=1027,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=3213702284&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701144026906&rpt=1839&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ Frame 2682 85 KB
30 KB 185ms
53ms Script
text/javascript 2607:f8b0:4008:804::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/214269559785654871/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4008:804::200a Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 21:14:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 283569
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30306
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Nov 2024 21:14:20 GMT

GET
H2 200 jquery.transit.min.js Show response
s0.2mdn.net/sadbundle/214269559785654871/js/ Frame 2682 7 KB
3 KB 56ms
51ms Script
application/x-javascript 2607:f8b0:4008:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/214269559785654871/js/jquery.transit.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/214269559785654871/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4008:801::2006 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14614a5e76b685075a852b60e7f4242bb6fac8bb71af11eedadad1521c918c7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/214269559785654871/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 00:03:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 359822
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2718
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 16:50:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 23 Nov 2024 00:03:27 GMT

GET
H2 200 Banner-160x600.js Show response
s0.2mdn.net/sadbundle/214269559785654871/js/ Frame 2682 4 KB
1 KB 58ms
53ms Script
application/x-javascript 2607:f8b0:4008:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/214269559785654871/js/Banner-160x600.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/214269559785654871/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4008:801::2006 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82555e78137699464bd690f1e6f4ae38f441073926244ff635b0a920ce18cfb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/214269559785654871/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 22:11:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 452956
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1365
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 16:50:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 21 Nov 2024 22:11:13 GMT

GET
H2 200 Transitions.js Show response
s0.2mdn.net/sadbundle/214269559785654871/js/ Frame 2682 4 KB
702 B 58ms
54ms Script
application/x-javascript 2607:f8b0:4008:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/214269559785654871/js/Transitions.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/214269559785654871/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4008:801::2006 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54efe90d6d9fce78a85ba8eebcec5beb03fae2b674aadf5cc87f2b1065c80280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/214269559785654871/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 21:45:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 540919
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 635
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 16:50:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 20 Nov 2024 21:45:10 GMT

GET
DATA 200
OK truncated
/ Frame 9B4B 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 001809079c0839eb4f835581971320de66ca5291c8b3c16c9bb799e62b71077a

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 32C4
Redirect Chain

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEIZXvsvm_Bxl_8BaWPLxpq8&google_cver=1&google_push=AXcoOmR-OC8neh9ej8HxtNnGP-_w500sk7u0vzDdWgl3Id88zgCFVBW...
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=5ae7fbf93c4f0fbd&is_secure=true&networkId=14000&version=1&google_gid=CAESEIZXvsvm_Bxl_8BaWPLxpq8&google_cver=1&google_push=AXcoOmR-OC8n...
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAFl2oUjZ-JuQMSqNRaAAAAAAA&expiration=1701230430&google_cver=1&is_secure=true&google_gid=CAESEIZXvsvm_Bxl_8BaWPLxp...

170 B
188 B

69ms
69ms

Image
image/png

142.250.217.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAFl2oUjZ-JuQMSqNRaAAAAAAA&expiration=1701230430&google_cver=1&is_secure=true&google_gid=CAESEIZXvsvm_Bxl_8BaWPLxpq8&google_push=AXcoOmR-OC8neh9ej8HxtNnGP-_w500sk7u0vzDdWgl3Id88zgCFVBW3OWQOaW3pk-fUoVN8RkRzNvSklWToFmdlyzbzFRdIW2DAmQ

Requested by

Protocol

Server

142.250.217.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mia07s62-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:30 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAFl2oUjZ-JuQMSqNRaAAAAAAA&expiration=1701230430&google_cver=1&is_secure=true&google_gid=CAESEIZXvsvm_Bxl_8BaWPLxpq8&google_push=AXcoOmR-OC8neh9ej8HxtNnGP-_w500sk7u0vzDdWgl3Id88zgCFVBW3OWQOaW3pk-fUoVN8RkRzNvSklWToFmdlyzbzFRdIW2DAmQ
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 32C4
Redirect Chain

https://ums.acuityplatform.com/tum?umid=4&uid=CAESEOcpOw--LSXDLdaVVMxq_8Q&google_cver=1&google_push=AXcoOmQNVljckAkRhPnQAkDGFlDeK1ZKPmOV9CPhRUeriOgxVJ5nnC_Djd0IKv70tChoke6duF-sr63dL8lDX59ylch7diOcK...
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=857704199194&us_privacy=1---

170 B
232 B

70ms
69ms

Image
image/png

142.250.217.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=857704199194&us_privacy=1---

Requested by

Protocol

Server

142.250.217.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mia07s62-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=857704199194&us_privacy=1---
Content-Length: 0

GET r.gif
sync.extend.tv/ Frame 32C4 0
0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 32C4
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJ0YUci0fR7ankA9WFx4jWI&google_cver=1&google_push=AXcoOmREi6rbZ6R_CsrU2t3Nf7eNfCMLMfEZ242HRSNwQE_WK21IaeVchH7SL2PxrQ7jPX-YhFupx4Iexrmm8eaXqz1167v...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmREi6rbZ6R_CsrU2t3Nf7eNfCMLMfEZ242HRSNwQE_WK21IaeVchH7SL2PxrQ7jPX-YhFupx4Iexrmm8eaXqz1167vNcUNFgyw&google_hm=eS1iQ19oc3lkRTJwSDM...

170 B
232 B

71ms
70ms

Image
image/png

142.250.217.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmREi6rbZ6R_CsrU2t3Nf7eNfCMLMfEZ242HRSNwQE_WK21IaeVchH7SL2PxrQ7jPX-YhFupx4Iexrmm8eaXqz1167vNcUNFgyw&google_hm=eS1iQ19oc3lkRTJwSDM5WmlIbHFJakdDT2toQ20uV1lEYn5B

Requested by

Protocol

Server

142.250.217.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mia07s62-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 28 Nov 2023 04:00:29 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmREi6rbZ6R_CsrU2t3Nf7eNfCMLMfEZ242HRSNwQE_WK21IaeVchH7SL2PxrQ7jPX-YhFupx4Iexrmm8eaXqz1167vNcUNFgyw&google_hm=eS1iQ19oc3lkRTJwSDM5WmlIbHFJakdDT2toQ20uV1lEYn5B
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 32C4
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEE89yBAZJcCEz64dX6zmLio&google_cver=1&google_push=AXcoOmS-5dDYem_jKRvhZV0GdPrXcUFnMbDVa-hJBGz_1hTWZ-vlxjXRmh5pA-NUhgFrIjHB1bIpxAXvt__b...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmS-5dDYem_jKRvhZV0GdPrXcUFnMbDVa-hJBGz_1hTWZ-vlxjXRmh5pA-NUhgFrIjHB1bIpxAXvt__bABaYipVk87bvHL9fu0M

170 B
232 B

67ms
67ms

Image
image/png

142.250.217.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmS-5dDYem_jKRvhZV0GdPrXcUFnMbDVa-hJBGz_1hTWZ-vlxjXRmh5pA-NUhgFrIjHB1bIpxAXvt__bABaYipVk87bvHL9fu0M

Requested by

Protocol

Server

142.250.217.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mia07s62-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmS-5dDYem_jKRvhZV0GdPrXcUFnMbDVa-hJBGz_1hTWZ-vlxjXRmh5pA-NUhgFrIjHB1bIpxAXvt__bABaYipVk87bvHL9fu0M
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

spacer.gif
an.yandex.ru/resource/ Frame 32C4
Redirect Chain

https://an.yandex.ru/mapuid/google/CAESEA23to7bA-13wb-16u1EZXI?ext-param=AXcoOmRXCX5dN6H7uscPWn8qjjYUywmtOMRwjPuSjtdEhgicBYsmf62iTdwNIMzEQV4XLDWOZpO7IEGPHUO5XRBt3xtZKbTCBOHA49Q&partner-tag=yandex_a...
https://an.yandex.ru/mapuid/google/CAESEA23to7bA-13wb-16u1EZXI?redir-setuniq=1&ext-param=AXcoOmRXCX5dN6H7uscPWn8qjjYUywmtOMRwjPuSjtdEhgicBYsmf62iTdwNIMzEQV4XLDWOZpO7IEGPHUO5XRBt3xtZKbTCBOHA49Q&part...
https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEA23to7bA-13wb-16u1EZXI&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
https://an.yandex.ru/resource/spacer.gif

43 B
144 B

158ms
157ms

Image
image/gif

2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/resource/spacer.gif

Protocol

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:00:30 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 18 Apr 2001 10:28:03 GMT
content-type: image/gif
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Tue, 12 Nov 2024 04:00:30 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://an.yandex.ru/resource/spacer.gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 237
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 32C4
Redirect Chain

https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEBYDJgM-rp449SinTMnNzeQ&google_cver=1&google_push=AXcoOmReVI3hNTjUJXccHJP-HL6RJeqlZaL-tJGU_syysktyiXveuv0DNSqV-QUMGf2...
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmReVI3hNTjUJXccHJP-HL6RJeqlZaL-tJGU_syysktyiXveuv0DNSqV-QUMGf2Dqg5M9A7cDbl09EapwCOmCfb-KWRpSsTPSZOH

170 B
188 B

69ms
68ms

Image
image/png

142.250.217.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmReVI3hNTjUJXccHJP-HL6RJeqlZaL-tJGU_syysktyiXveuv0DNSqV-QUMGf2Dqg5M9A7cDbl09EapwCOmCfb-KWRpSsTPSZOH

Requested by

Protocol

Server

142.250.217.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mia07s62-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-akamai-request-id: 24718009.ff4ed6d8
date: Tue, 28 Nov 2023 04:00:30 GMT
x-bytefaas-request-id: 20231128040030365F6744EC23E3A6DFAC
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-55-235-220.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52183077) (-)
x-parent-response-time: 23,23.55.235.220
server-timing: cdn-cache; desc=MISS, edge; dur=21, origin; dur=8, inner; dur=5
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231128040030365F6744EC23E3A6DFAC
x-cache-remote: TCP_MISS from a23-213-246-177.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52183077) (-)
access-control-max-age: 86400
access-control-allow-methods: *
location: https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmReVI3hNTjUJXccHJP-HL6RJeqlZaL-tJGU_syysktyiXveuv0DNSqV-QUMGf2Dqg5M9A7cDbl09EapwCOmCfb-KWRpSsTPSZOH
x-bytefaas-execution-duration: 3.53
access-control-allow-origin: *
access-control-allow-credentials: true
x-gw-dst-psm: ad.union.pangle_web_traffic
x-tt-trace-host: 01d035e8b11131fb292575ae5c23a06c3f79d57e159d8f2196556f48c40d4838a68887ff6fe582aacd63059890e3e2782587d73f265ad259488dd4d98ad2057de3d74ae3f9ae97d0ea695fff19288d7a6167f74afa75ec7d50d40362a81bc5f986021eb35c647c50418bce65389082a523
x-origin-response-time: 8,23.213.246.177
cache-control: max-age=0, no-cache, no-store
access-control-allow-headers: *
expires: Tue, 28 Nov 2023 04:00:30 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 32C4 0
50 B 68ms
65ms Image
text/html 142.250.217.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Il6NwlnvOPtByJs15pcVgIu_WvK9c7sEWO2VW9wjkWkXI9nbUCm3kukoY_xmudZo3em7xjhRM

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.217.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mia07s62-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:00:29 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9B4B 16 KB
16 KB 176ms
54ms Font
font/woff2 2607:f8b0:4008:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4008:806::2003 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 21:50:20 GMT
x-content-type-options: nosniff
age: 454210
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Nov 2024 21:50:20 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9B4B 15 KB
15 KB 189ms
70ms Font
font/woff2 2607:f8b0:4008:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4008:806::2003 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 04:32:54 GMT
x-content-type-options: nosniff
age: 343656
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Nov 2024 04:32:54 GMT

GET
H2 200 n.js Show response
mb.moatads.com/ Frame 201E 98 B
275 B 294ms
42ms Script
text/html 143.47.125.171
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/n.js?e=35&ol=972795819&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BY%24%3D!%5Dx%24P%5Bh3MrI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-eqhQdUIJ33QxUrdGk7NYu%2BFfHV3eib89DkRB2436S0SxzRtAIyeo1MnKlpdMQlJdIBr9&rs=1-znSbt24580cdYQ%3D%3D&sc=1&os=1-Sg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=0&qe=0&qh=1600&qg=1200&qm=600&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=CROSSMEDIA_DCM1A&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fzaly.online&lp=https%3A%2F%2Fzaly.online&t=1701144029991&de=806735796172&m=0&ar=51bd715ca6c-clean&iw=4a0122c&q=2&cb=0&ym=0&cu=1701144029991&ll=2&lm=2&ln=1&em=0&en=0&d=6219544%3A28975896%3A352599115%3A183441212&zMoatAmobeeIO=-&zMoatAmobeeLI=-&zMoatAmobeePKG=-&zMoatDV360LI=-&zMoatDV360EXCH=-&zMoatTTD_SSP=-&zMoatTTD_ADV=-&zMoatTTD_CP=-&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fzaly.online%2F&id=0&ii=3&bo=3330315&bd=zaly.online&zMoatOrigSlicer1=3330315&zMoatOrigSlicer2=N%2FA&gw=crossmediaadvdcm491634115592&fd=1&it=500&ti=0&ih=2&pe=0%3A-%3A-%3A0%3A222&jm=-1&fs=205853&na=506004743&cs=0&ord=1701144029991&jv=978421606&callback=DOMlessLLDcallback_38788532
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/crossmediaadvdcm491634115592/moatad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.47.125.171 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: 856b7a3a9f9fbde659dcd1c988106a7cc4c3e0d820c8a0478c4136c8f4d33c9f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:00:30 GMT
server: istio-envoy
etag: "0a7d19354bf6e7839390e85c1040629e2527c688"
content-type: text/html; charset=UTF-8
cache-control: max-age=900
x-envoy-upstream-service-time: 8
timing-allow-origin: *
content-length: 98

GET
H2 200 pixel.gif
px.moatads.com/ Frame 201E 43 B
251 B 37ms
27ms Image
image/gif 23.51.58.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=CROSSMEDIA_DCM1A&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fzaly.online&lp=https%3A%2F%2Fzaly.online&t=1701144029991&de=806735796172&m=0&ar=51bd715ca6c-clean&iw=4a0122c&q=3&cb=0&ym=0&cu=1701144029991&ll=2&lm=2&ln=1&em=0&en=0&d=6219544%3A28975896%3A352599115%3A183441212&zMoatAmobeeIO=-&zMoatAmobeeLI=-&zMoatAmobeePKG=-&zMoatDV360LI=-&zMoatDV360EXCH=-&zMoatTTD_SSP=-&zMoatTTD_ADV=-&zMoatTTD_CP=-&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fzaly.online%2F&id=0&ii=3&bo=3330315&bd=zaly.online&zMoatOrigSlicer1=3330315&zMoatOrigSlicer2=N%2FA&gw=crossmediaadvdcm491634115592&fd=1&it=500&ti=0&ih=2&pe=0%3A-%3A-%3A0%3A222&jm=-1&fs=205853&na=1195265112&cs=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.58.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-58-26.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:30 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 28 Nov 2023 04:00:30 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0EB2 0
28 B 71ms
70ms Image
image/gif 2607:f8b0:4008:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BrR_e3GVlZdirO7mToPMPv7WN4AYAAAAAOAHgBAI&bg=!W1ilWBfNAAZxrfrxUa07ADQBe5WfON3UdWOeL9QRukJ3DANUkn0hW_YitaIUIhxIYYjNlXl8ge8oxeYOUZQJeszTwTRXAgAAAUlSAAAAAmgBB5kDB9XqYeUr_tUdDtoSYQ2js4sSN_Bo1scm3zwb2kDvQKfDhqUsXKEihuCXnmOqPpqCI3TIoNn9EOvzSgNafQh-plYStYJrKcR4rWyXKGpVXpZzaFWjs_5eWrbJamCCyUAs-Ek_55-YKPB4x8Wd9adBkUkbI_oG7NsMc_UTO8Jn8GeuLNJYWe2oH_Y4IFZpAlEekol4HEMyTDoZKQZmbUBNtq0G3mX48W03DTUGcdnOUkmlPMxzFLQSMeEf7sWIZa7YFVweRdMMCvFoyapFqoQmqCScgoKOcbJ8E8BJFnx7aTYUejLWsPVLIF-kH8Ke278C2shR5wY_nxyH7VCeUDhxveJwvpfHeWltmx34bJJf_vLLwrav9yTmp5Tm2vm-VKMrMvnT7rBaRWiU_xt45xmye62mPIeBvT6ZlewKrqcKzcIixtk7A1UMX-_I61YGaaaREbIQtf9KimWTk-WrNumPMy37yOsD7qYNay6y2vzAKhWARbW23ehgvUdmR29nhVkvUM_ubkJIXT8lupXYd4C1rfzfLYbHd0uRlZiBcKAGEqdhCAozTI2OX8vVGOH3tsRkEOVB25TfVHu2wv3wdrP2aqvkf4H9Kc012Z_1IBazMpAexJHHc-atZUZCFpHojXtO3-mBP54VDzakVNlzeqyFn9EjQrKZApBZj0vv9tzOp67cuiX2eyfuUZIZJQMBzTZUmL0pTXx52t0hNs9yJylBXFLY5SSCwfb0cylKNbGXP_uA-J-t6TCuBuPqpQ7m6tcyT3xLLUPebaB6z-HydJ-yLRjXrp9OWDtFsI8JvfvvwO1rpPrSvTFO8BbpCs__XCNaDxveDAftuNh4tsUFe9WU7QFtn2ZjAnJh81RvKNh6Q6VbddmoompExjaAVjE5SnIK4f96rRhs4aT5grhJCFUhre7D4kCj3hhVtfUmBosYUHu-C9SCrZrlAn1ZxgOzd4uLeyGmRir7fxbK9RUGfyNDAHaREcYvjoDvkI9A_CIvcHj1ELX_I6xcy9YHYruYTUCL7wlcDdduHGM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2CE8 0
0 72ms
72ms Fetch
image/gif 172.217.3.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuZYsfh7HXS1Rx5Ab6rhRTgNSbgN8qN34YEwP4KzsPJNPdZMNQPsJbQ1bATzvb3mkGLDZeRHHWpZ_6UA8HM7V26wrshnPn6vxuxsrRLgFBgjPNM2nhoRLDdY5dVzlqwq7Zmj21LGcfMbLxU2OJ3pcjPBPXDz7DDiTfNgDoGx229U7BqZRjao4Fd8wGbjA&sai=AMfl-YSUsnF9yoDD9sT0h7QW-z9A0gFQINGBPdluL2bMWr_7jM5dcxJIxVyPKTsXeLuDCumdBl-2xQdzBtYzjjppDmWTd4Bj5N60L8SGfA&sig=Cg0ArKJSzLDbhJeMpSAGEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=654&vt=11&dtpt=393&dett=3&cstd=259&cisv=r20231109.36745&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: zaly.online
URL: https://zaly.online/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.3.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mia07s54-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:00:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 9B4B
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C3JMl3GVlZdPwJdb8vPIP0dGtwALo_a_kc7D60oDkD2QQASCpieyKAWDJ7o6LwKSMEKABltufxwPIAQmpAgDspEECYbI-qAMByAPLBKoEvwFP0J66BPy0k_mVqfRfPFYhR0anISbQkrDLoQb...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x7d213793d514629c0000000000000000%22,%222%22:%220x7910bfc654cbf3c20000000000000000%22,%223%22:%220xa29d88...

0
0

55ms
54ms

Fetch
text/css

142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x7d213793d514629c0000000000000000%22,%222%22:%220x7910bfc654cbf3c20000000000000000%22,%223%22:%220xa29d88bba27ebbff0000000000000000%22,%224%22:%220xa7bbec44de3efea00000000000000000%22,%225%22:%220x79ec60475c3bc15e0000000000000000%22},%22debug_key%22:%224185405535379266994%22,%22debug_reporting%22:true,%22destination%22:%22https://cupapizarras.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22954723734%22],%224%22:[%2211-28%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211728279715667595681%22}&andc=true

Protocol

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:00:30 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x7d213793d514629c0000000000000000","2":"0x7910bfc654cbf3c20000000000000000","3":"0xa29d88bba27ebbff0000000000000000","4":"0xa7bbec44de3efea00000000000000000","5":"0x79ec60475c3bc15e0000000000000000"},"debug_key":"4185405535379266994","debug_reporting":true,"destination":"https://cupapizarras.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["954723734"],"4":["11-28"],"6":["true"]},"priority":"500","source_event_id":"11728279715667595681"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 28 Nov 2023 04:00:30 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 28 Nov 2023 04:00:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x7d213793d514629c0000000000000000","2":"0x7910bfc654cbf3c20000000000000000","3":"0xa29d88bba27ebbff0000000000000000","4":"0xa7bbec44de3efea00000000000000000","5":"0x79ec60475c3bc15e0000000000000000"},"debug_key":"4185405535379266994","debug_reporting":true,"destination":"https://cupapizarras.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["954723734"],"4":["11-28"],"6":["true"]},"priority":"500","source_event_id":"11728279715667595681"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js Show response
pagead2.googlesyndication.com/bg/ Frame D8C2 38 KB
15 KB 55ms
54ms Script
text/javascript 2607:f8b0:4008:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf3ae3cb276e14b8260f0a5581a6da12c86d3963549a2747e0099a0d85361412

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 06:56:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 248664
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14894
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 24 Nov 2024 06:56:06 GMT

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame 2CE8
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/1841082/76634004/skeleton.js?bundleId=&ias_dspID=3&ias_campId=27647240&ias_pubId=pub-3130448679272231&ias_chanId=1&ias_placementId=19311913561&bidurl=https:...
https://static.adsafeprotected.com/skeleton.js?bundleId=&ias_xappb=

17 B
465 B

59ms
59ms

Script
application/javascript

2600:9000:2137:3400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js?bundleId=&ias_xappb=
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Server: 2600:9000:2137:3400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 01 Aug 2023 00:59:33 GMT
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via: 1.1 2efed3c5903f1fa517911255bb91ba4a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAH50-C4
age: 10292458
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: sjV75w-4eRpIzu_G8po6Q2pLzfPzQuF4b4BJMWpvlbgfKuhYkjDO6g==

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:30 GMT
server: nginx
x-server-name: app04.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js?bundleId=&ias_xappb=
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame CF0E 91 KB
23 KB 125ms
124ms Script
application/javascript 2600:9000:2137:3400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2137:3400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 31 Jul 2023 03:25:40 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 2efed3c5903f1fa517911255bb91ba4a.cloudfront.net (CloudFront)
x-amz-cf-pop: IAH50-C4
age: 10370091
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: M5RTDz5Hii--6HhsXWzNRFQ85e6aPAjLC_rH9pD0P-bjSEW58cgt8g==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 2CE8 43 B
215 B 156ms
31ms Image
image/gif 2600:1f18:1aca:4280:bd8:1771:243e:3319
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1841082&asId=14e4b36e-f3a4-104d-4aa0-1866a36b0755&tv=%7Bc:vbXsYx,pingTime:-3,time:756,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:0,h:0,t:715%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:0,o:756,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:715,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B58~0%5D,as:%5B58~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tWSeZ0V+11%7C12%7C131%7C132%7C14%7C151%7C152%7C1611%7C171*.1841082-76634004%7C1711%7C1712%7C17131%7C1714%7C1811%7C1812%7C191%7C192%7C1a,idMap:171*,rmeas:1,rend:0,renddet:IMG.us,siq:717%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:bd8:1771:243e:3319 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:30 GMT
server: nginx
x-server-name: dt19.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 2CE8 43 B
215 B 151ms
32ms Image
image/gif 2600:1f18:1aca:4280:bd8:1771:243e:3319
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1841082&asId=14e4b36e-f3a4-104d-4aa0-1866a36b0755&tv=%7Bc:vbXsYz,pingTime:-6,time:758,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:0,o:758,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:715,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B60~0%5D,as:%5B60~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tWSeZ0V+11%7C12%7C131%7C132%7C14%7C151%7C152%7C1611%7C171*.1841082-76634004%7C1711%7C1712%7C17131%7C1714%7C1811%7C1812%7C191%7C192%7C1a,idMap:171*,rmeas:1,rend:0,renddet:IMG.us,siq:717%7D&tpiLookup=ao:zaly.online*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:bd8:1771:243e:3319 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:30 GMT
server: nginx
x-server-name: dt17.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0CAB 42 B
64 B 74ms
74ms Fetch
image/gif 2607:f8b0:4008:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstLdo62VUGJlTS3bSf1zFsDSzsjIkSTq00g5ZlQBj_LYw8VlQ8eCdb4gsBS-H-LuRI_45wHwnENkimjiP_mzfczt22hFIHscS4xa0qcKBOSUW9jcvHjkyItDl3Ng82HKJj5LxqmAAtOOQ&sai=AMfl-YTdcZXulsb0mZCr5mFB9XFuLR1LVQIsNJVdJKjoMvhF1Pt821VY7vDcm6njhuKPNoDcI2S99qLYsZXmJS3vXNJfORY9WAi3hiKIYOZWLhksKg6Lu5Bi6a-fDpxD7eyfLnZNhDuWTZPyti-DiXPq&sig=Cg0ArKJSzLLFyXMyhLuPEAE&cid=CAQSTgDICaaNzGapUP_jDz8i-qY4SI_3oXXYpssJEwCQ5UboSK3hXoOLwhNXrAAo6DffKfnUBolvpa1OAVq_E4ETCqH2y0J80taok7A_blnPQxgB&id=lidar2&mcvt=1037&p=0,0,124,1005&mtos=247,962,1037,1037,1037&tos=247,715,75,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701144028684&rpt=446&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 54ms
54ms Preflight
text/html 142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 28 Nov 2023 04:00:30 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 2CE8 43 B
216 B 137ms
30ms Image
image/gif 2600:1f18:1aca:4280:bd8:1771:243e:3319
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1841082&asId=14e4b36e-f3a4-104d-4aa0-1866a36b0755&tv=%7Bc:vbXsYP,pingTime:-2,time:774,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:664,beZ:665,mfA:1356,cmA:1359,inA:1359,inZ:1364,prA:1364,prZ:1370,si:1380,poA:1381,poZ:1398,cmZ:1398,mfZ:1398,loA:1421,loZ:1425,ltA:1437,ltZ:1437,mdA:665,mdZ:1317%7D%7D,sca:%7Bdfp:%7Bdf:3,sz:160.600,dom:div%7D,ha1:%7Bres1:1,ps:1,ts:1701144030229,psfr:1%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:0,h:0,t:715%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:0,o:774,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:715,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B76~0%5D,as:%5B76~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tWSeZ0V+11%7C12%7C131%7C132%7C14%7C151%7C152%7C1611%7C171*.1841082-76634004%7C1711%7C1712%7C17131%7C1714%7C1811%7C1812%7C191%7C192%7C1a,idMap:171*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:IMG.us,siq:717,sinceFw:56,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:bd8:1771:243e:3319 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:30 GMT
server: nginx
x-server-name: dt16.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6D29 0
28 B 71ms
71ms Image
image/gif 2607:f8b0:4008:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B9V2P3WVlZa6DEYGRnboPwoejgAIAAAAAOAHgBAI&bg=!PD-lP3DNAAZxrfrxUa07ADQBe5WfOK-uQZgpmQieOpbrk_-y8BAFwxU9X9xxBaBC1R7FE5EldJwD5P60vCNj8RQYv4I5AgAAAY5SAAAAA2gBB5kDBqIfRNmR-0P9kwlBj5JLcjh870s-xRvjoU1oEb9BebRxLnJgu7TXRJwyHMzOCYEiXPEUuVUQE2VZheFeGyr9zV_g5VUkgr4eKPgbJdcVj2oYTDbRS0S1r1rVRmngIjgxBC6f-IYRJPwL7tbs_NH_3w-5Cee-kZX2nhWl_DER-ptUwNQgfWb76V6gSyyi7XB5mjIM_rYWymlUaujJij0oplOUNm-772g3bjuvqe7p5eIApcSi4LDTdlRY-lQAZsBG2nPTGWOEmWjrDc0y6jO_h7cOP0j60FwQ7xs69_pEUlRSq3XB5AlgGM2K1SiGOYDZu5B-DjqD5lP0BpsIkXs9UhSc0dhUxnjhBt6HZYtoJKtRfsmUtsgReKSZ31WJTfa2-MtsUQAvVXKQhDhtZlrXJmVcS2lx9b_hVLGprVwPovWyyxlDhoOLbE2Kb5RVb2_qjJHHqwHLi1pmfIhfp2ONbcuf69sJoNL6GhqlNqtzYaSK7MVAWuMEgl0bUSUTIVQ8icB7z7eoBopVX5xeRCpx1bEib_8hed-06D-nouIcnb-Q1qc9cSZ_LB2NBMAmSj3J3j6eNTXZR6Gks_TWwAVVreEMcNzCBpJNDRc9H-Ot1wV05SsUUF65N1hcLC-BWECsEEE6hk1tgYVHYCjgKdk0PJakQFfjV0wwCYRdPeoh5XrlcfT7Z8dCYpjG4XRf5V8yZ9zKvpziXLdGPzMV-2Ms69yP3Sa9moQjqRvyNfPNIRkIcEM4qiParxkbh1N-3VhwDNzQoXKEoKjoj3ESM7i9H5m51vpdgSrJgPo4P2uSabOYD-g_KE-ZN3RxlJU_fih8xQmDka-9WCo_8rjES5HevJ_IpM8M9g9jwItRdP6iQe1apNzHiZY7D65cDL9ITgNsbIDQO2ksNWmmYa_5BwTmd61rziiKEqN8CI4yylFIBMnKgphv5uBtUJGI8iyBojvTmFGGkm9rk-YB1MltLqtbBabF1RcLOC7tcskg-6GfunHntfBMDE0TA0Y3dlM-uhjRLN5pQCQ_AQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 2CE8 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e4af82b925da82db3129437cdbe8463f333cfd8af5c6a4bb3daa46df1a4ad6e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2CE8 0
28 B 72ms
72ms Ping
image/gif 2607:f8b0:4008:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=58&version=r20231109&sample=0.01

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sprite.png
s0.2mdn.net/sadbundle/214269559785654871/img/ Frame 2682 31 KB
31 KB 58ms
57ms Image
image/png 2607:f8b0:4008:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/214269559785654871/img/sprite.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:801::2006 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0937756972fc004db913d555fb16863c098a978d8b7202e248b8401bec107609

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/214269559785654871/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 24 Nov 2023 00:03:27 GMT
x-content-type-options: nosniff
age: 359823
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31966
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 16:50:14 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 23 Nov 2024 00:03:27 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 61ms
60ms Image
image/gif 2607:f8b0:4008:815::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1864439633&t=event&_s=2&dl=https%3A%2F%2Fzaly.online%2F&ul=en-us&de=UTF-8&dt=Zaly.Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cn=zaly.online&cs=Balloon&cm=&cc=&ec=zaly.online&ea=Balloon&el=google-ads&_u=aADAAUABAAAAACAAI~&jid=&gjid=&cid=1315140130.1701144026&tid=UA-206083988-2&_gid=1991288284.1701144026&z=138295051

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:815::200e Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://zaly.online/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 27 Nov 2023 23:38:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 15722
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5841 42 B
64 B 78ms
78ms Fetch
image/gif 2607:f8b0:4008:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstKLqDU8CZRNn9x6KETKPLUYxO8ozwMOfommT7uGYJFTYPDzGaxbTBGLf3kLSjF4TQ2B31jVAVoOEco3ehobObn9L-jZZogEnWvrMy1mpvkDrC01KMXy1WjNBV06zs5X8XJmPwBCjD1Ng&sai=AMfl-YRz2vIxtCAiaahHS391fx_97ur8a80QXKl9wu7uf8fXEWzYR2B7MhraWrDBdEbqkEuZjjFuYLDMyEFHXqIQQHwG47qVdyFA7m4mU6ZnTpX5iyqPMJUfE_1kSelM7Pogd5Hk8_FqsLycRpRTJTcj&sig=Cg0ArKJSzIJVZLDpW236EAE&cid=CAQSTgDICaaNzGapUP_jDz8i-qY4SI_3oXXYpssJEwCQ5UboSK3hXoOLwhNXrAAo6DffKfnUBolvpa1OAVq_E4ETCqH2y0J80taok7A_blnPQxgB&id=lidar2&mcvt=1003&p=0,0,600,160&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701144028831&rpt=490&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 2CE8 43 B
215 B 39ms
38ms Image
image/gif 2600:1f18:1aca:4280:bd8:1771:243e:3319
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1841082&asId=14e4b36e-f3a4-104d-4aa0-1866a36b0755&tv=%7Bc:vbXt47,time:1102,type:e,sca:%7Bha1:%7Bres1:0,ps:0,ts:1701144030529,psfr:na%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:0,o:1102,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:715,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B405~0%5D,as:%5B212~0.0,193~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:158,fm:tWSeZ0V+11%7C12%7C131%7C132%7C14%7C151%7C152%7C1611%7C171*.1841082-76634004%7C1711%7C1712%7C17131%7C1714%7C1811%7C1812%7C191%7C192%7C1a,idMap:171*,rmeas:1,rend:0,renddet:IMG.us,siq:717,sis:881%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:bd8:1771:243e:3319 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:30 GMT
server: nginx
x-server-name: dt06.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 pixel.gif
px.moatads.com/ Frame 201E 43 B
251 B 111ms
111ms Image
image/gif 23.51.58.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fs0.2mdn.net%2Fsadbundle%2F214269559785654871%2Findex.html%3Fev%3D01_250&i=CROSSMEDIA_DCM1A&ol=972795819&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BY%24%3D!%5Dx%24P%5Bh3MrI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-eqhQdUIJ33QxUrdGk7NYu%2BFfHV3eib89DkRB2436S0SxzRtAIyeo1MnKlpdMQlJdIBr9&rs=1-znSbt24580cdYQ%3D%3D&sc=1&os=1-Sg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=160&qe=600&qh=1600&qg=1200&qm=600&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=600&w=160&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fzaly.online%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fzaly.online&lp=https%3A%2F%2Fzaly.online&t=1701144029991&de=806735796172&cu=1701144029991&m=600&ar=51bd715ca6c-clean&iw=4a0122c&cb=0&ym=0&ll=2&lm=2&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=600&le=1&lf=297&lg=1&lh=30&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A-%3A-%3A1680%3A222&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=144&cd=0&ah=144&am=0&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=6219544%3A28975896%3A352599115%3A183441212&bo=3330315&bd=zaly.online&gw=crossmediaadvdcm491634115592&zMoatOrigSlicer1=3330315&zMoatOrigSlicer2=N%2FA&zMoatAmobeeIO=-&zMoatAmobeeLI=-&zMoatAmobeePKG=-&zMoatDV360LI=-&zMoatDV360EXCH=-&zMoatTTD_SSP=-&zMoatTTD_ADV=-&zMoatTTD_CP=-&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&jm=-1&tc=0&fs=205853&na=2093355765&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.58.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-58-26.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:30 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 28 Nov 2023 04:00:30 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 2CE8 43 B
215 B 41ms
40ms Image
image/gif 2600:1f18:1aca:4280:bd8:1771:243e:3319
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1841082&asId=14e4b36e-f3a4-104d-4aa0-1866a36b0755&tv=%7Bc:vbXt58,pingTime:-10,time:1165,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHw2MDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTkuMC42MDQ1LjE1OSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1701144030634%7C%7Cc5b4602dfc35f7a84831392a90d951de%7C%7C1b7de7e82db1163ab7a1342e5def95a8%7C%7Cc689b466a47fe7ec35d28c82d95a3e43%7C%7Cd1c7a4fc9a189f0802b9450c4e8a1a85%7C%7C177c6256f6cda919994bed7f24c67b6d%7C%7C56b117b0e02e7f2075d54cf8882a17c0%7C%7C46291e3acebd2d9fc2e346b02168b5d9%7C%7C1663701684%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:bd8:1771:243e:3319 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:30 GMT
server: nginx
x-server-name: dt04.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 pixel.gif
px.moatads.com/ Frame 201E 43 B
251 B 65ms
65ms Image
image/gif 23.51.58.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=CROSSMEDIA_DCM1A&ol=972795819&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BY%24%3D!%5Dx%24P%5Bh3MrI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-eqhQdUIJ33QxUrdGk7NYu%2BFfHV3eib89DkRB2436S0SxzRtAIyeo1MnKlpdMQlJdIBr9&rs=1-znSbt24580cdYQ%3D%3D&sc=1&os=1-Sg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=160&qe=600&qh=1600&qg=1200&qm=600&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=1&h=600&w=160&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fzaly.online%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fzaly.online&lp=https%3A%2F%2Fzaly.online&t=1701144029991&de=806735796172&cu=1701144029991&m=649&ar=51bd715ca6c-clean&iw=4a0122c&cb=0&ym=0&ll=2&lm=2&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=600&le=1&lf=297&lg=1&lh=30&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A-%3A-%3A1680%3A222&aa=0&ad=30&cn=0&gk=30&gl=0&ik=30&ic=30&ez=1&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=144&cd=144&ah=144&am=144&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=6219544%3A28975896%3A352599115%3A183441212&bo=3330315&bd=zaly.online&gw=crossmediaadvdcm491634115592&zMoatOrigSlicer1=3330315&zMoatOrigSlicer2=N%2FA&zMoatAmobeeIO=-&zMoatAmobeeLI=-&zMoatAmobeePKG=-&zMoatDV360LI=-&zMoatDV360EXCH=-&zMoatTTD_SSP=-&zMoatTTD_ADV=-&zMoatTTD_CP=-&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jm=-1&tc=0&fs=205853&na=1471202782&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.58.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-58-26.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:30 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 28 Nov 2023 04:00:30 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 2CE8 43 B
215 B 41ms
40ms Image
image/gif 2600:1f18:1aca:4280:bd8:1771:243e:3319
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1841082&asId=14e4b36e-f3a4-104d-4aa0-1866a36b0755&tv=%7Bc:vbXt6C,time:1257,type:e,im:%7Bpci:%7Btdr:509%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:0,o:1257,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:715,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B559~0%5D,as:%5B212~0.0,347~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:44,fm:tWSeZ0V+11%7C12%7C131%7C132%7C14%7C151%7C152%7C1611%7C171*.1841082-76634004%7C1711%7C1712%7C17131%7C1714%7C1811%7C1812%7C191%7C192%7C1a,idMap:171*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:717,sis:881%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:bd8:1771:243e:3319 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:30 GMT
server: nginx
x-server-name: dt15.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 9226134756512160806
tpc.googlesyndication.com/simgad/ Frame 45DA 38 KB
38 KB 64ms
63ms Image
image/png 2607:f8b0:4008:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9226134756512160806?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkIAMjGcxbVOqqf9rciHBFFP37Zag

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3130448679272231&output=html&h=250&slotname=6538754230&adk=3030280808&adf=299928974&pi=t.ma~as.6538754230&w=300&lmt=1701143153&format=300x250&url=https%3A%2F%2Fzaly.online%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701144029756&bpp=2&bdt=4376&idt=2&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51474cc3657465e7%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MbhfGLvMgVxjGDwVhkCy0kJo_etKg&gpic=UID%3D00000da452bb580f%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MaW2imH7PGd5p1aCMH2z2qBmuttGQ&prev_fmts=0x0%2C620x280%2C940x280%2C1600x1200%2C160x600%2C160x600%2C1005x124&nras=6&correlator=5891447285237&frm=20&pv=1&ga_vid=1315140130.1701144026&ga_sid=1701144027&ga_hid=1864439633&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1300&ady=944&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079654%2C44807405%2C44807763%2C44808149%2C44808285%2C44809054&oid=2&psts=AOrYGskhb-bZ7MQrozXSy7Ek8nsl5PD-gOgYuW20QgE0XHCEki0MqEZEipt_O9oJN6aeg0_Mbeca7wjj2xirwRKtspJJkg%2CAOrYGskwXkveVVZvs1-wDcxk_-1mgLpzGlIdMHzkEeNJWvkvVOuaBcYqvphc3ol8_lbZBfxcooWbelubZV0QcG2ioe6blruFfBrJbAzQmbHVN-OA77o&pvsid=3510725109261731&tmod=1102444141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&fsb=1&dtd=8

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bea053080bba70f6033acc67da70d1caf12a87f99750a472b00b2d53138cf2c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 21:47:27 GMT
x-content-type-options: nosniff
age: 22384
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39111
x-xss-protection: 0
last-modified: Mon, 20 Nov 2023 21:46:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 26 Nov 2024 21:47:27 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 45DA 23 KB
9 KB 75ms
75ms Script
text/javascript 2607:f8b0:4008:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 02:24:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5751
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 02:24:40 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 45DA 3 KB
1 KB 64ms
63ms Script
text/javascript 2607:f8b0:4008:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 04:22:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 85059
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 04:22:52 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 45DA 20 KB
8 KB 71ms
70ms Script
text/javascript 2607:f8b0:4008:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 02:21:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5956
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 12 Dec 2023 02:21:15 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 45DA 0
0 83ms
76ms Image
text/html 2607:f8b0:4008:805::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRuoxtxY4HnDLGsDpuDvqYt_UzVgTe_HsTOpZ5ZbOr2ZPzWMLi_m0oNcQExU3IcoyHiTkb3A806i1XLNqfW-_dMNkkmPA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3130448679272231&output=html&h=250&slotname=6538754230&adk=3030280808&adf=299928974&pi=t.ma~as.6538754230&w=300&lmt=1701143153&format=300x250&url=https%3A%2F%2Fzaly.online%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701144029756&bpp=2&bdt=4376&idt=2&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51474cc3657465e7%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MbhfGLvMgVxjGDwVhkCy0kJo_etKg&gpic=UID%3D00000da452bb580f%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MaW2imH7PGd5p1aCMH2z2qBmuttGQ&prev_fmts=0x0%2C620x280%2C940x280%2C1600x1200%2C160x600%2C160x600%2C1005x124&nras=6&correlator=5891447285237&frm=20&pv=1&ga_vid=1315140130.1701144026&ga_sid=1701144027&ga_hid=1864439633&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1300&ady=944&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079654%2C44807405%2C44807763%2C44808149%2C44808285%2C44809054&oid=2&psts=AOrYGskhb-bZ7MQrozXSy7Ek8nsl5PD-gOgYuW20QgE0XHCEki0MqEZEipt_O9oJN6aeg0_Mbeca7wjj2xirwRKtspJJkg%2CAOrYGskwXkveVVZvs1-wDcxk_-1mgLpzGlIdMHzkEeNJWvkvVOuaBcYqvphc3ol8_lbZBfxcooWbelubZV0QcG2ioe6blruFfBrJbAzQmbHVN-OA77o&pvsid=3510725109261731&tmod=1102444141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&fsb=1&dtd=8
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4008:805::2004 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 45DA 202 KB
64 KB 92ms
85ms Script
text/javascript 2607:f8b0:4008:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:806::2002 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:00:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Nov 2023 04:00:31 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 45DA 36 KB
14 KB 65ms
64ms Script
text/javascript 2607:f8b0:4008:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3e5c486ca9cab98b690f2f3fcc83c73141a667293c8a8236bb1e376313f0e36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Mon, 27 Nov 2023 21:47:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22410
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14803
x-xss-protection: 0
server: cafe
etag: 12205605038930952422
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 11 Dec 2023 21:47:01 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 778F 1 KB
650 B 65ms
61ms Document
text/html 2607:f8b0:4008:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 56643
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 27 Nov 2023 12:16:28 GMT
etag: 48472445140208031
expires: Tue, 28 Nov 2023 12:16:28 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 45DA 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2a0f9051abeef67004195f8c483d5a956303a090e656d957ed34ba48081c665d

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2CE8 0
28 B 77ms
76ms Ping
image/gif 2607:f8b0:4008:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=30851966076&version=m202309260101&ct=77&x=1&cor=1087672831500912000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2CE8 42 B
64 B 82ms
81ms Fetch
image/gif 2607:f8b0:4008:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvavUC49gD_JISuknc1J7XLvK--j48jr6dB-P6NWFPHXVS27I3Lm39KIT_rBkX97-D_w6bH4CjM5ohbQkrKEbel0vvnQKC9t1L96qaD8k-vH0Nc7yhNSmuEQtm7&sig=Cg0ArKJSzCRR5uEzziIeEAE&id=lidar2&mcvt=1010&p=0,0,600,160&mtos=1010,1010,1010,1010,1010&tos=1010,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=521587878&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701144028806&rpt=1152&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 45DA
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=Ckyz03WVlZcaNMda8xtYPxrW3mAXJluyWdLmpwdXlEWQQASCpieyKAWDJ7o6LwKSMEKABp-6g0gPIAQKoAwHIA8kEqgS_AU_Q47InpeWVlHTemd5QFj36b5Wo28zhjx1V1v56qKtR5qaG2jQ...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x226d16466797ae030000000000000000%22,%222%22:%220xee2ea3547fed90660000000000000000%22,%223%22:%220xb108c9...

0
0

67ms
66ms

Fetch
text/css

142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x226d16466797ae030000000000000000%22,%222%22:%220xee2ea3547fed90660000000000000000%22,%223%22:%220xb108c9535706f17e0000000000000000%22,%224%22:%220xc18682bca3a379ee0000000000000000%22,%225%22:%220x49aa1e69dc9a8ae10000000000000000%22},%22debug_key%22:%225223034509681765110%22,%22debug_reporting%22:true,%22destination%22:%22https://villa.edu%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22977811239%22],%224%22:[%2211-28%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227592563383330705489%22}&andc=true

Protocol

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:00:31 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x226d16466797ae030000000000000000","2":"0xee2ea3547fed90660000000000000000","3":"0xb108c9535706f17e0000000000000000","4":"0xc18682bca3a379ee0000000000000000","5":"0x49aa1e69dc9a8ae10000000000000000"},"debug_key":"5223034509681765110","debug_reporting":true,"destination":"https://villa.edu","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["977811239"],"4":["11-28"],"6":["true"]},"priority":"500","source_event_id":"7592563383330705489"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 28 Nov 2023 04:00:31 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 28 Nov 2023 04:00:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x226d16466797ae030000000000000000","2":"0xee2ea3547fed90660000000000000000","3":"0xb108c9535706f17e0000000000000000","4":"0xc18682bca3a379ee0000000000000000","5":"0x49aa1e69dc9a8ae10000000000000000"},"debug_key":"5223034509681765110","debug_reporting":true,"destination":"https://villa.edu","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["977811239"],"4":["11-28"],"6":["true"]},"priority":"500","source_event_id":"7592563383330705489"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 778F
Redirect Chain

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEIZXvsvm_Bxl_8BaWPLxpq8&google_cver=1&google_push=AXcoOmSMdRlU7R2D_xjJcAvf0QqZGjhhy5kJhWSND3y-6fdZjEMcuqW...
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=109fd08f95210fbd&is_secure=true&networkId=14000&version=1&google_gid=CAESEIZXvsvm_Bxl_8BaWPLxpq8&google_cver=1&google_push=AXcoOmSMdRlU...
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAGBp1DtQ1YngNvt4IrAAAAAAA&expiration=1701230431&google_cver=1&is_secure=true&google_gid=CAESEIZXvsvm_Bxl_8BaWPLxp...

170 B
188 B

88ms
87ms

Image
image/png

142.250.217.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAGBp1DtQ1YngNvt4IrAAAAAAA&expiration=1701230431&google_cver=1&is_secure=true&google_gid=CAESEIZXvsvm_Bxl_8BaWPLxpq8&google_push=AXcoOmSMdRlU7R2D_xjJcAvf0QqZGjhhy5kJhWSND3y-6fdZjEMcuqWytsF-Y1SCCKJbYeI9lZhnVwconzKedRym1irhu8Z7Vz-9fTufrKhsLV20wsRdfD28AA5JhkLuisq96lnXGfAK3Lo020vcQeXqOT6IExI

Protocol

Server

142.250.217.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mia07s62-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:31 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAGBp1DtQ1YngNvt4IrAAAAAAA&expiration=1701230431&google_cver=1&is_secure=true&google_gid=CAESEIZXvsvm_Bxl_8BaWPLxpq8&google_push=AXcoOmSMdRlU7R2D_xjJcAvf0QqZGjhhy5kJhWSND3y-6fdZjEMcuqWytsF-Y1SCCKJbYeI9lZhnVwconzKedRym1irhu8Z7Vz-9fTufrKhsLV20wsRdfD28AA5JhkLuisq96lnXGfAK3Lo020vcQeXqOT6IExI
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 778F
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJvj_l545kXR5aCvtfgEbYY&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJvj_l545kXR5aCvtfgEbYY&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=M3pzS05LRncxUjdQZ1g1&google_gid=CAESEJvj_l545kXR5aCvtfgEbYY&google_cver=1&google_push=AXcoOmR1ydp3Q4Xh0IQzTlFeZzjEWsUcdlEaVnQWwlDXIRW...

170 B
188 B

85ms
85ms

Image
image/png

142.250.217.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=M3pzS05LRncxUjdQZ1g1&google_gid=CAESEJvj_l545kXR5aCvtfgEbYY&google_cver=1&google_push=AXcoOmR1ydp3Q4Xh0IQzTlFeZzjEWsUcdlEaVnQWwlDXIRWI7rQ6MjdVpBK6-lL44T-j795mPI_A3FGOHmTlxCCtgsUB7SDxWiujPhuraBNglA0FFGIzp7imGODh9IfZr2YQS1zoVG8CDL1tFl4K5zKQE4mH0Ac

Protocol

Server

142.250.217.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mia07s62-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 28 Nov 2023 04:00:31 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-0b833971c6150453a@us-east-1b@dxedge-app-us-east-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=M3pzS05LRncxUjdQZ1g1&google_gid=CAESEJvj_l545kXR5aCvtfgEbYY&google_cver=1&google_push=AXcoOmR1ydp3Q4Xh0IQzTlFeZzjEWsUcdlEaVnQWwlDXIRWI7rQ6MjdVpBK6-lL44T-j795mPI_A3FGOHmTlxCCtgsUB7SDxWiujPhuraBNglA0FFGIzp7imGODh9IfZr2YQS1zoVG8CDL1tFl4K5zKQE4mH0Ac
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 778F
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEKAu7RTJUQZmWrlfQ1q0WA8&google_cver=1&google_push=AXcoOmT-V70gshPKpEy-gAAE3bn16kYnu63kLFpkn4Bft4swVDJV8EIcvrGCExXToWB-3HV93PSnie6lKb6T4dZj7M1Fb1ENsTId-...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKAu7RTJUQZmWrlfQ1q0WA8&google_cver=1&google_push=AXcoOmT-V70gshPKpEy-gAAE3bn16kYnu63kLFpkn4Bft4swVDJV8EIcvrGCExXToWB-3HV93PSnie6lKb6T4dZj7M1Fb1ENsTI...

43 B
424 B

128ms
127ms

Image
image/gif

2606:4700::6812:18ad

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKAu7RTJUQZmWrlfQ1q0WA8&google_cver=1&google_push=AXcoOmT-V70gshPKpEy-gAAE3bn16kYnu63kLFpkn4Bft4swVDJV8EIcvrGCExXToWB-3HV93PSnie6lKb6T4dZj7M1Fb1ENsTId-f1ubK2UzlzL_XRckG-556DJoUaTKMP43vX2ECqSt4vBTkdsbYCg93Qw0A&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmT-V70gshPKpEy-gAAE3bn16kYnu63kLFpkn4Bft4swVDJV8EIcvrGCExXToWB-3HV93PSnie6lKb6T4dZj7M1Fb1ENsTId-f1ubK2UzlzL_XRckG-556DJoUaTKMP43vX2ECqSt4vBTkdsbYCg93Qw0A%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:18ad -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:31 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 82cfb455cef51865-EWR
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:31 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 231
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKAu7RTJUQZmWrlfQ1q0WA8&google_cver=1&google_push=AXcoOmT-V70gshPKpEy-gAAE3bn16kYnu63kLFpkn4Bft4swVDJV8EIcvrGCExXToWB-3HV93PSnie6lKb6T4dZj7M1Fb1ENsTId-f1ubK2UzlzL_XRckG-556DJoUaTKMP43vX2ECqSt4vBTkdsbYCg93Qw0A&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmT-V70gshPKpEy-gAAE3bn16kYnu63kLFpkn4Bft4swVDJV8EIcvrGCExXToWB-3HV93PSnie6lKb6T4dZj7M1Fb1ENsTId-f1ubK2UzlzL_XRckG-556DJoUaTKMP43vX2ECqSt4vBTkdsbYCg93Qw0A%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 82cfb4550e3d1865-EWR
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 778F
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEAnM8wbwOEyDSR-z46BCCw0&google_cver=1&google_push=AXcoOmRHfCldT_jsgBs0afimf2FKogJJJv2Vw28L09WzXmTO3wewKFKTLenYT9QiNB9zV6jCVsJ3Y3vTOI3OffHkfDZN...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEAnM8wbwOEyDSR-z46BCCw0&google_cver=1&google_push=AXcoOmRHfCldT_jsgBs0afimf2FKogJJJv2Vw28L09WzXmTO3wewKFKTLenYT9QiNB9zV6jCVsJ3Y3vTOI3Off...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmRHfCldT_jsgBs0afimf2FKogJJJv2Vw28L09WzXmTO3wewKFKTLenYT9QiNB9zV6jCVsJ3Y3vTOI3OffHkfDZNtEkNvXJ0MuFz2-wJaXTAihkuie2_cvveBK__T6SL2M...

170 B
188 B

85ms
85ms

Image
image/png

142.250.217.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmRHfCldT_jsgBs0afimf2FKogJJJv2Vw28L09WzXmTO3wewKFKTLenYT9QiNB9zV6jCVsJ3Y3vTOI3OffHkfDZNtEkNvXJ0MuFz2-wJaXTAihkuie2_cvveBK__T6SL2MtPcb3a-fdCz8HY_X-G6y63ekg&google_hm=eEtB35ukS8Ojh6Ofutbo2g==

Protocol

Server

142.250.217.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mia07s62-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmRHfCldT_jsgBs0afimf2FKogJJJv2Vw28L09WzXmTO3wewKFKTLenYT9QiNB9zV6jCVsJ3Y3vTOI3OffHkfDZNtEkNvXJ0MuFz2-wJaXTAihkuie2_cvveBK__T6SL2MtPcb3a-fdCz8HY_X-G6y63ekg&google_hm=eEtB35ukS8Ojh6Ofutbo2g==
Date: Tue, 28 Nov 2023 04:00:31 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 778F
Redirect Chain

https://sync-dmp.mobtrakk.com/match/google?google_gid=CAESEFHF-P23euaIPn6n0o2eDOo&google_cver=1&google_push=AXcoOmThJ1MJsBsB-fFLnosqY5iTiXhwmCsjjeUyUHpGHbVmgOWot2PJmzUX2KZqOEghYE66gEnjtVhWtuV1tqbiH...
https://sync-dmp.mobtrakk.com/match/google?google_gid=CAESEFHF-P23euaIPn6n0o2eDOo&google_cver=1&google_push=AXcoOmThJ1MJsBsB-fFLnosqY5iTiXhwmCsjjeUyUHpGHbVmgOWot2PJmzUX2KZqOEghYE66gEnjtVhWtuV1tqbiH...
https://cm.g.doubleclick.net/pixel?google_nid=992917243&google_hm=MWUxNWMyNTNjYmM2MzUyOA&google_push=AXcoOmThJ1MJsBsB-fFLnosqY5iTiXhwmCsjjeUyUHpGHbVmgOWot2PJmzUX2KZqOEghYE66gEnjtVhWtuV1tqbiHHRjzFvq...

170 B
188 B

85ms
84ms

Image
image/png

142.250.217.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=992917243&google_hm=MWUxNWMyNTNjYmM2MzUyOA&google_push=AXcoOmThJ1MJsBsB-fFLnosqY5iTiXhwmCsjjeUyUHpGHbVmgOWot2PJmzUX2KZqOEghYE66gEnjtVhWtuV1tqbiHHRjzFvqkaaO0s6j4SuKz5fin3OwChC8DHvZRjC4G58yxI0LFHfu9UuaE5ylzp14OXkUcvDq

Protocol

Server

142.250.217.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mia07s62-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=992917243&google_hm=MWUxNWMyNTNjYmM2MzUyOA&google_push=AXcoOmThJ1MJsBsB-fFLnosqY5iTiXhwmCsjjeUyUHpGHbVmgOWot2PJmzUX2KZqOEghYE66gEnjtVhWtuV1tqbiHHRjzFvqkaaO0s6j4SuKz5fin3OwChC8DHvZRjC4G58yxI0LFHfu9UuaE5ylzp14OXkUcvDq
date: Tue, 28 Nov 2023 04:00:31 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: nginx
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 778F 0
12 B 76ms
75ms Image
text/html 142.250.217.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ILZSImjgZ1ZFry56uId844MJPTU6brtO_3HRwzZGMp09nfWcCp2vnVraUe

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.217.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mia07s62-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 28 Nov 2023 04:00:31 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2CE8 42 B
64 B 80ms
80ms Fetch
image/gif 2607:f8b0:4008:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvfa-sIBC1KHbNNdDud7Pgmsydng4IrqRPgDTor8D6hdsESk7IpB5CRIPi2rQuFHh7cSHHghErchCyL_WImYIvJIi6x1Sdbybvz9AQIXRi-P9bLjgMNCnGB_2STKl9ua7cQu04Nh32qvg&sai=AMfl-YQBcsxXrgwSdPkKOJ0BiP9ftNurIunuRQW93JTiWgKPLcfHrdp0201jV1zrrjVe3mZ77X0frU_kUacAd6MiTbUOqVfj5Nchuuq_9vQr4pdRYTGqR7OSK-BXNA9VBcN5kV_a8bQJPH1_wymQhDOI&sig=Cg0ArKJSzA7yg6bbuqdoEAE&cid=CAQSTgDICaaNzGapUP_jDz8i-qY4SI_3oXXYpssJEwCQ5UboSK3hXoOLwhNXrAAo6DffKfnUBolvpa1OAVq_E4ETCqH2y0J80taok7A_blnPQxgB&id=lidar2&mcvt=1038&p=0,0,600,160&mtos=1038,1038,1038,1038,1038&tos=1038,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701144028806&rpt=682&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js Show response
pagead2.googlesyndication.com/bg/ Frame 3F7C 38 KB
15 KB 65ms
64ms Script
text/javascript 2607:f8b0:4008:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf3ae3cb276e14b8260f0a5581a6da12c86d3963549a2747e0099a0d85361412

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 25 Nov 2023 06:56:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 248665
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14894
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 24 Nov 2024 06:56:06 GMT

OPTIONS
H3 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 64ms
64ms Preflight
text/html 142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x226d16466797ae030000000000000000%22,%222%22:%220xee2ea3547fed90660000000000000000%22,%223%22:%220xb108c9535706f17e0000000000000000%22,%224%22:%220xc18682bca3a379ee0000000000000000%22,%225%22:%220x49aa1e69dc9a8ae10000000000000000%22},%22debug_key%22:%225223034509681765110%22,%22debug_reporting%22:true,%22destination%22:%22https://villa.edu%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22977811239%22],%224%22:[%2211-28%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227592563383330705489%22}&andc=true

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Tue, 28 Nov 2023 04:00:31 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel.gif
px.moatads.com/ Frame 201E 43 B
251 B 43ms
43ms Image
image/gif 23.51.58.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=CROSSMEDIA_DCM1A&ol=972795819&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BY%24%3D!%5Dx%24P%5Bh3MrI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-eqhQdUIJ33QxUrdGk7NYu%2BFfHV3eib89DkRB2436S0SxzRtAIyeo1MnKlpdMQlJdIBr9&rs=1-znSbt24580cdYQ%3D%3D&sc=1&os=1-Sg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=160&qe=600&qh=1600&qg=1200&qm=600&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=600&w=160&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fzaly.online%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fzaly.online&lp=https%3A%2F%2Fzaly.online&t=1701144029991&de=806735796172&cu=1701144029991&m=1668&ar=51bd715ca6c-clean&iw=4a0122c&cb=0&ym=0&ll=2&lm=2&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=600&le=1&lf=297&lg=1&lh=30&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A-%3A-%3A1680%3A222&aa=1&ad=1050&cn=30&gn=1&gk=1050&gl=30&ik=1050&ic=1050&ez=1&co=1050&cp=1022&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1022&cd=144&ah=1022&am=144&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=6219544%3A28975896%3A352599115%3A183441212&bo=3330315&bd=zaly.online&gw=crossmediaadvdcm491634115592&zMoatOrigSlicer1=3330315&zMoatOrigSlicer2=N%2FA&zMoatAmobeeIO=-&zMoatAmobeeLI=-&zMoatAmobeePKG=-&zMoatDV360LI=-&zMoatDV360EXCH=-&zMoatTTD_SSP=-&zMoatTTD_ADV=-&zMoatTTD_CP=-&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jm=-1&tc=0&fs=205853&na=1086580218&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.58.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-58-26.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:31 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 28 Nov 2023 04:00:31 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 201E 43 B
251 B 44ms
44ms Image
image/gif 23.51.58.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=CROSSMEDIA_DCM1A&ol=972795819&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BY%24%3D!%5Dx%24P%5Bh3MrI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-eqhQdUIJ33QxUrdGk7NYu%2BFfHV3eib89DkRB2436S0SxzRtAIyeo1MnKlpdMQlJdIBr9&rs=1-znSbt24580cdYQ%3D%3D&sc=1&os=1-Sg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=160&qe=600&qh=1600&qg=1200&qm=600&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=600&w=160&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fzaly.online%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fzaly.online&lp=https%3A%2F%2Fzaly.online&t=1701144029991&de=806735796172&cu=1701144029991&m=1669&ar=51bd715ca6c-clean&iw=4a0122c&cb=0&ym=0&ll=2&lm=2&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=600&le=1&lf=297&lg=1&lh=30&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A-%3A-%3A1680%3A222&aa=1&ad=1050&cn=1050&gn=1&gk=1050&gl=1050&ik=1050&ic=1050&ez=1&co=1050&cp=1022&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1022&cd=1022&ah=1022&am=1022&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=6219544%3A28975896%3A352599115%3A183441212&bo=3330315&bd=zaly.online&gw=crossmediaadvdcm491634115592&zMoatOrigSlicer1=3330315&zMoatOrigSlicer2=N%2FA&zMoatAmobeeIO=-&zMoatAmobeeLI=-&zMoatAmobeePKG=-&zMoatDV360LI=-&zMoatDV360EXCH=-&zMoatTTD_SSP=-&zMoatTTD_ADV=-&zMoatTTD_CP=-&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jm=-1&tc=0&fs=205853&na=998004390&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.58.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-58-26.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:31 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 28 Nov 2023 04:00:31 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 201E 43 B
251 B 44ms
43ms Image
image/gif 23.51.58.26
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=2&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=CROSSMEDIA_DCM1A&ol=972795819&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BY%24%3D!%5Dx%24P%5Bh3MrI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-eqhQdUIJ33QxUrdGk7NYu%2BFfHV3eib89DkRB2436S0SxzRtAIyeo1MnKlpdMQlJdIBr9&rs=1-znSbt24580cdYQ%3D%3D&sc=1&os=1-Sg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=160&qe=600&qh=1600&qg=1200&qm=600&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=600&w=160&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fzaly.online%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fzaly.online&lp=https%3A%2F%2Fzaly.online&t=1701144029991&de=806735796172&cu=1701144029991&m=1670&ar=51bd715ca6c-clean&iw=4a0122c&cb=0&ym=0&ll=2&lm=2&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=600&le=1&lf=297&lg=1&lh=30&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A-%3A-%3A1680%3A222&aa=1&ad=1050&cn=1050&gn=1&gk=1050&gl=1050&ik=1050&ic=1050&ez=1&co=1050&cp=1022&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1022&cd=1022&ah=1022&am=1022&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=6219544%3A28975896%3A352599115%3A183441212&bo=3330315&bd=zaly.online&gw=crossmediaadvdcm491634115592&zMoatOrigSlicer1=3330315&zMoatOrigSlicer2=N%2FA&zMoatAmobeeIO=-&zMoatAmobeeLI=-&zMoatAmobeePKG=-&zMoatDV360LI=-&zMoatDV360EXCH=-&zMoatTTD_SSP=-&zMoatTTD_ADV=-&zMoatTTD_CP=-&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jm=-1&tc=0&fs=205853&na=542815314&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.51.58.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-51-58-26.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:31 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 28 Nov 2023 04:00:31 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 45DA 42 B
64 B 90ms
89ms Fetch
image/gif 2607:f8b0:4008:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstOeeP1vc4dDXrgLFjF-wBJ9OK2khgsyPpwV0n4mh6ITYnfNWhaBskLz2wCTo3Kkx0_1i62s7qJpli9E7MkwUhjUT-nsTyTzcEhwqQePSDVmHDjYoQGpwKVRFuDyJwBM8msb10Ws_zirQ&sai=AMfl-YS0y2iNHKMzaWYIHwmtrb_bfTOjrwznjyEZoSXPMp69astCYNAzdvP24_b-2ai3xxWaRbmv463yJdHv2HJv5fcHBMBa7Ks71qDd9LR85u7kR6UzT5LqDX44q20&sig=Cg0ArKJSzBfo-Zao6zx2EAE&cid=CAQSOwDICaaNFI68SIfABHtLH84t-WsPnDZlBdIrr5Ozru5Z4ok2EbuuHCdWgeFL1hwdLAYudfLW-Q1o1kHvGAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=3030280808&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701144029765&rpt=1596&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 2CE8 43 B
215 B 40ms
39ms Image
image/gif 2600:1f18:1aca:4280:bd8:1771:243e:3319
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1841082&asId=14e4b36e-f3a4-104d-4aa0-1866a36b0755&tv=%7Bc:vbXtxB,pingTime:1,time:2930,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:0,h:0,t:715%7D,%7Bw:160,h:600,t:910%7D,%7Bpiv:100,vs:i,r:,t:1929%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:1001,o:1929,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:715,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1231~0,1~100%5D,as:%5B212~0.0,1020~160.600%5D%7D%7D,%7Bsl:i,t:1929,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~100%5D,as:%5B1000~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:44,fm:tWSeZ0V+11%7C12%7C131%7C132%7C14%7C151%7C152%7C1611%7C171*.1841082-76634004%7C1711%7C1712%7C17131%7C1714%7C1811%7C1812%7C191%7C192%7C1a,idMap:171*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:717,sis:881%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:bd8:1771:243e:3319 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:32 GMT
server: nginx
x-server-name: dt06.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 2CE8 43 B
215 B 38ms
37ms Image
image/gif 2600:1f18:1aca:4280:bd8:1771:243e:3319
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1841082&asId=14e4b36e-f3a4-104d-4aa0-1866a36b0755&tv=%7Bc:vbXtxC,pingTime:1,time:2931,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:0,h:0,t:715%7D,%7Bw:160,h:600,t:910%7D,%7Bpiv:100,vs:i,r:,t:1929%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:1002,o:1929,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:715,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1231~0,1~100%5D,as:%5B212~0.0,1020~160.600%5D%7D%7D,%7Bsl:i,t:1929,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:44,fm:tWSeZ0V+11%7C12%7C131%7C132%7C14%7C151%7C152%7C1611%7C171*.1841082-76634004%7C1711%7C1712%7C17131%7C1714%7C1811%7C1812%7C191%7C192%7C1a,idMap:171*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:717,sis:881%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4280:bd8:1771:243e:3319 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 28 Nov 2023 04:00:32 GMT
server: nginx
x-server-name: dt03.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: aj1559.online
URL: https://aj1559.online/ba298f04.js

Domain: sync.extend.tv
URL: https://sync.extend.tv/r.gif?exchange=googleadx&google_gid=CAESECtr-h0Xznwejj9FwmJhrxM&google_cver=1&google_push=AXcoOmRl2OGB1lyLcGnqdF0up7RuuTsPkDXmvQM1zpDMTyNuQrAJNma-SWOLs9VpOm3jgvrjrZ84h2Fys41z4U9IjGxXytBTHG0Mdg

Verdicts & Comments Add Verdict or Comment

128 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.zaly.online/	1970-01-21 02:08:24	Name: _ga_PX3PZ6Q9RG Value: GS1.1.1701144025.1.0.1701144025.60.0.0
.aj1559.online/	1970-01-21 02:08:24	Name: UUID Value: 66a53f05-6d99-5330-af7e-1ee74ec0d62c
.zaly.online/	1970-01-21 02:08:24	Name: _ga Value: GA1.2.1315140130.1701144026
.zaly.online/	1970-01-20 16:33:50	Name: _gid Value: GA1.2.1991288284.1701144026
.zaly.online/	1970-01-20 16:32:24	Name: _gat_gtag_UA_189072159_22 Value: 1
.aj1559.online/	1970-01-21 01:18:00	Name: ucv Value: 667-US-1701230426811-24--
.zaly.online/	1970-01-21 01:54:00	Name: __gads Value: ID=51474cc3657465e7:T=1701144026:RT=1701144026:S=ALNI_MbhfGLvMgVxjGDwVhkCy0kJo_etKg
.zaly.online/	1970-01-21 01:54:00	Name: __gpi Value: UID=00000da452bb580f:T=1701144026:RT=1701144026:S=ALNI_MaW2imH7PGd5p1aCMH2z2qBmuttGQ
.doubleclick.net/	1970-01-20 16:32:27	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 20:51:36	Name: APC Value: AfxxVi5uDkUZKzhmn54pzHtX88LFZlJ7hukJMIkc9E3w-ZOYyV2_uw
.adnxs.com/	1970-01-20 18:42:00	Name: uuid2 Value: 5817971508819922717
.casalemedia.com/	1970-01-21 01:18:00	Name: CMID Value: ZWVl3RPlwzLHUoESsLJE9QAA
.casalemedia.com/	1970-01-20 18:42:00	Name: CMPS Value: 032
.casalemedia.com/	1970-01-20 18:42:00	Name: CMPRO Value: 032
.adnxs.com/	1970-01-20 18:42:00	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GU$v[dn^!]tbPl1M>e)ZlrFUfJ+tGXxo7P:-Y#9v[=8U]f0hN$=ymMb0g#[819@?hl>x3If)y3KL9D3I?+#-^q0f
.doubleclick.net/	1970-01-20 17:15:36	Name: ar_debug Value: 1
.googleadservices.com/	1970-01-20 18:42:00	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-21 02:08:24	Name: IDE Value: AHWqTUk-5Y9_352rKg1QWz2Lk61g836jjtK6ZOSBICWWXcKoxluFEv5S0O6rF6b0yaw
.zaly.online/	1970-01-20 16:32:24	Name: _gat_Balloon Value: 1
.agkn.com/	1970-01-21 01:18:00	Name: ab Value: 0001%3Af%2FCICbBfn9nQ4w00kjo5JStWHTkpXdU%2B
.agkn.com/	1970-01-21 01:18:00	Name: u Value: C\|0EAAs-CJdLPgiXQAAAAAAAQAHAAAAAAG6Ixj__x4AAAAAADLRCwAAAAAVBDxLAAAAAArvFzwAAAAAIIGaNwA
.demdex.net/	1970-01-20 20:51:36	Name: demdex Value: 58487999888341268790050495534384543439
.usbank.com/	1970-01-21 02:08:24	Name: _acxmetrics Value: FyzLDVZWXdaq0AEM
.acuityplatform.com/	1970-01-21 01:18:00	Name: auid Value: 857704199194
.acuityplatform.com/	1970-01-21 01:18:00	Name: aum Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANPqNdXNlck1hdGNoaW5nSWTIkWxhc3REcm9wVGltZU1pbGxpcyUBRgUCXleAmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUYFAl5XgI90aGlyZFBhcnR5VXNlcklkWkNBRVNFT2NwT3ctLUxTWERMZGFWVk14cV84Ufv7hnZlcnNpb27C+w=="
.yahoo.com/	1970-01-21 01:18:21	Name: A3 Value: d=AQABBN1lZWUCEPvY9t58vOG-hybywMlRkK8FEgEBAQG3ZmVvZQAAAAAA_eMAAA&S=AQAAAtz4gWdS4-5_CCX8gj7W0Nk
.usbank.demdex.net/	1970-01-20 20:51:36	Name: usbank Value: 58487999888341268790050495534384543439
.dotomi.com/	1970-01-20 16:32:24	Name: DotomiTest Value: 5ae7fbf93c4f0fbd
.yandex.ru/	1970-01-21 02:08:24	Name: yuidss Value: 858692251701144030
.yandex.ru/	1970-01-21 02:08:24	Name: yandexuid Value: 858692251701144030
.zaly.online/	1970-01-21 02:08:24	Name: _ga_DBFL1E2103 Value: GS1.1.1701144026.1.0.1701144030.0.0.0

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.googletagservices.com/dcm/impl_v99.js(Line 92) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://server.zmedia.vn/static/template-v2/passback_ptopc/select%20site-passback-ptopc.min.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sync.extend.tv/r.gif?exchange=googleadx&google_gid=CAESECtr-h0Xznwejj9FwmJhrxM&google_cver=1&google_push=AXcoOmRl2OGB1lyLcGnqdF0up7RuuTsPkDXmvQM1zpDMTyNuQrAJNma-SWOLs9VpOm3jgvrjrZ84h2Fys41z4U9IjGxXytBTHG0Mdg Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security	error	URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1 Message: Refused to execute script from 'https://usbank.demdex.net/firstevent?d_event=imp&d_src=181138&d_creative=183441212&d_campaign=28975896&d_placement=352599115&d_site=3330315&d_bust=2877588321' because its MIME type ('image/gif') is not executable, and strict MIME type checking is enabled.
javascript	warning	(Line 3) Message: The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
acxmetrics.usbank.com
ad.doubleclick.net
aj1559.online
ajax.googleapis.com
an.yandex.ru
analytics.google.com
analytics.pangle-ads.com
cdn.unibotscdn.com
cm.g.doubleclick.net
d.agkn.com
dclk-match.dotomi.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
mb.moatads.com
onetag-sys.com
pagead2.googlesyndication.com
pixel.adsafeprotected.com
plausible.io
pm.w55c.net
pr-bh.ybp.yahoo.com
px.moatads.com
s.tribalfusion.com
s0.2mdn.net
server.zmedia.vn
static.adsafeprotected.com
stats.g.doubleclick.net
sync-dmp.mobtrakk.com
sync.extend.tv
tpc.googlesyndication.com
ums.acuityplatform.com
usbank.demdex.net
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
z.moatads.com
zaly.online
aj1559.online
sync.extend.tv
142.250.176.194
142.250.217.226
142.250.81.230
143.47.125.171
171.244.164.171
172.217.3.66
172.64.151.101
2001:4860:4802:36::181
212.124.124.115
23.44.203.13
23.51.58.26
23.55.235.224
2400:52e0:1a00::1069:1
2600:1f18:1aca:4280:bd8:1771:243e:3319
2600:1f18:4e9:5a07:d3af:beee:a4a3:137e
2600:9000:2137:3400:8:48e:53c0:93a1
2600:9000:21da:8800:19:fc2c:a140:93a1
2606:4700:3033::6815:3c43
2606:4700::6812:18ad
2606:ae80:1451:21::440
2607:f8b0:4006:80f::2008
2607:f8b0:4006:816::2002
2607:f8b0:4008:800::2001
2607:f8b0:4008:801::2006
2607:f8b0:4008:804::200a
2607:f8b0:4008:805::2004
2607:f8b0:4008:806::2002
2607:f8b0:4008:806::2003
2607:f8b0:4008:809::200a
2607:f8b0:4008:813::2002
2607:f8b0:4008:815::2003
2607:f8b0:4008:815::200e
2607:f8b0:400c:c05::9c
2a02:6b8::90
2a02:6ea0:c454::1
34.237.166.117
35.211.178.172
5.161.204.250
51.222.39.186
52.45.157.3
54.165.156.137
68.67.179.155
69.90.254.78
001809079c0839eb4f835581971320de66ca5291c8b3c16c9bb799e62b71077a
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94
0364d368abf457d4e70dbc7a7a360f3486eaea2837b194915b23d4398bee91ac
0937756972fc004db913d555fb16863c098a978d8b7202e248b8401bec107609
0a0610548e89956b26496552978f70638cbbba6f7d3fc204e137457a52d53f8d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0f3df960ae417c51a3ae981e07fe06448835f98f7a58f53209f0d39042d3b2da
115e7ac5cc32bc21997e9159bf8758fede10efa2bc3839ca36160b8f83d65bf9
124c62cfd395550a54fc8c6a8091a4cdb544c03232556dc9c4636eafa4a4ac1a
14614a5e76b685075a852b60e7f4242bb6fac8bb71af11eedadad1521c918c7e
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1b267a683e31c4faf2cdee41bd70aa93fb8bd87b37358b243f3abae5c56ce5a3
1c3f4135ae3d85f96b87f9ecaab5099b1e9249a778b10114f3e53307e25b7a54
1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1db9c8447699b34c4433d48a6b3a1fc1df74f4258935953c377bda8267144918
1e1078d97060cccda073393cca614c7aef5b94f3dce291fc0c075fd9a817145a
1e4af82b925da82db3129437cdbe8463f333cfd8af5c6a4bb3daa46df1a4ad6e
1ffd83d094e6b3078255ba6f5df8fa60f2716b5cf558916a9ff30dca79631159
230d5095dbd1dabfff7ef55aad99c662f57cd847bd3a5c9befd320551027045b
25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2881d8eadc298102d2462e8d32e40792adce37b6cd89d99045f574eb3ecbb748
2a0f9051abeef67004195f8c483d5a956303a090e656d957ed34ba48081c665d
2c48b867bef0ad9445c7fec13b7fb379804641bbe9c4b1231fad7f42502a150e
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b3b1992c9f0e0bd97370df1a975fce340e5cc99a75db06f0fc45efda7d43b0
35ef325738aec617e593976f23534b7d5b159f4642f24bc7c1bbbb40a7dc181f
389090922185d81fe757eb0e033fccb17583e98a7dc5b9900a1dbd7bb49aafa5
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
39473f41f6492001648e93d50aa18f14ae5e917cd9c93da48ec2dd50ca1f364b
3ab604b93177ff826952980a53cf8ddcaf06aa7df8fa00e79916786a26af5f1c
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
438eac9d3f8eabcd1fc9585819263fc5b6e393e9772ca54266c435b5ed287306
44e77b4ab0368538b8c5a3fbcb36c31bc07d2798a8bc2fceeea6feaf8cbec859
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e1fa87002cee040f474ff1646ed1cd7d79f689b957f0850b877a7679685e824
53e453cfe0cf6561aa801cea98523338152bc6fa64ac53a695a4548016a1f824
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54efe90d6d9fce78a85ba8eebcec5beb03fae2b674aadf5cc87f2b1065c80280
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
562cf20209bc574fcf9d8997d26f52cfd961eb7b5edcbdabdd6fc8a19ece753e
5aa849bc469c6d7b20bddd54a6ab9c01686f0916ce64d8074e646adbdd19e737
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d60c053b0001fc62bddd8d273be2d45bd62085f6179c57e1d2ae8fc6be54819
5fb44f5faa5569cf002f97433c48ff5f53a0c6a181d3f67858c93a8379dbde0d
610d24f5996131b3ab98f18e05441cc246aa8674c3842df0df2b40b57ac9fd0c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2
68306ebb67e2ed518aed44cad59d49b381ad16d42cc9555e73cd27fdac6e1a4a
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
6afd72df7a313f4c7f2526f95b4d10012d1029d80c2f7397512e94539d1f9334
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4
74104393ff5df076b720705b4c4bab255e9c7c4343346113043b4e601df86cce
7f9694a5641741d04e1c98eb1011059826aa5feb34e47d2b2f95bdb47cb0c2f5
7fbee0019a70035aab059c0f41765ddadacd3b39cd66de6d3c5e86ac45783e2b
82555e78137699464bd690f1e6f4ae38f441073926244ff635b0a920ce18cfb3
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
842168fa3f7147fa8d30182b9b15f5a0fe207d9acc2687a8fdec6a524a61d1f4
856b7a3a9f9fbde659dcd1c988106a7cc4c3e0d820c8a0478c4136c8f4d33c9f
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8b61c2b918d0adfa52912529724558567924bbb3e960ff21181ffaccae99aa87
8b8dbe372d55aac61751e3c8aa96d3ba9c73ca7c02cf85ab0499886137b5fbae
8e6754a3cc44196dd0d960f5499ab1b02ddd0143dbedd9d7823defe3fdab7aea
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
912a9416c7ad44940eff4598d9e8331d082945a877e71068f739d28d8f3658bc
9a70e6e451f64209e84626740cf9374e76dd5963e1130c454e9e3356954853bc
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9da9ab666e107cd56f25b3c8a97e089ef49cc8d7436ef18889751e9b856601a8
9f3a91ccfb5f72ee6d100fb62b9cbf5b2541dcc60db55bf05ebf80ffb1e6e1d3
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a3e5c486ca9cab98b690f2f3fcc83c73141a667293c8a8236bb1e376313f0e36
a52e42906b88f45aa3d22f22cc7a0072454af23e67af7580c8dbca7838f32b9c
ac979153353d406bad08c264561bd8a33c4e7b5444dbf23826b4f7f674ff932d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3e101d58c2711a8fd5c6f47f40e6b2ff8e3ec41c8f0495b0f0b56b2ea44e760
b5737b0c371611ffbda25040aefb4a72202b3f4f4223da5802f9841823f125ec
bbd11d287d579b875f5ba1e88c62f56834dd8d925d7776fdc4eb201cf9aa5192
bc4a1afb694e93410712d128ca7405dec5afb5561b347fa34f4da39ae17ad1f9
bc683e932f79a2eec11f258cb15966aab5abd7269f7fed443bc8a0bca5fdb046
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bea053080bba70f6033acc67da70d1caf12a87f99750a472b00b2d53138cf2c8
bf3ae3cb276e14b8260f0a5581a6da12c86d3963549a2747e0099a0d85361412
c3cb5d96dd83517f2586ecce90fa45ea2781cd63dc89bbceaae49319098deb7c
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c7bb9105c52eb1bb223e5b1aac3162ea5b4144d4b9475ff8d0e8bdc0ec4accf2
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ced2d8e02e2fbf08d2edec9b5f13648ed8348588a05f7181632f3c1dd6e1f5c3
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf9705cee9e8605ddf1754df3f792a5de8f5da41f7d704a0e29d013e5f3302e8
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
d0665e41f3c6d478e2d7bf31dce68ca102e14510cfa6cc39447dcae70b38b2ec
d9ecc05c7a6ae6794d682b669ae960b83822e8b57e1a5e675ca8022f366ea0f0
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c4a4057f02182efe3e8959561124f215a4a8e50e03257b71d550cbf74ecc4f
e47fae1dd3f30cd0e70b4783ebfc6bdc0769c2fe2798843b8dd2c5be0d014093
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e7fdf2a3ed48374d880561e4061612e2736284d20a4460a50fbff88d05631696
eb38f233bc7939270157bebe271e65ad164732ab9e285c4569358a48605955dc
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ebc94cc158b409fd54e12310afd7c12d0022544d0b64c659b9c1ecbf433a6a2f
ef166db27f017c2cd97526363d1fba36f9cc2f649760a5bab0d88a9ccbcc4606
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f61ce0d0d062c15912a8fd7067d050eb058a4947d7d516ffa6efc31fd32ea731
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
fd543b21d162ee922201fe54b79778548f8102ea91376960e856c069a135cb76

zaly.online Open in urlscan Pro 2606:4700:3033::6815:3c43 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

239 Requests

88 %HTTPS

56 %IPv6

33 Domains

46 Subdomains

36 IPs

4 Countries

3077 kBTransfer

8313 kBSize

31 Cookies

0 Outgoing links

Redirected requests

239 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

zaly.online Open in urlscan Pro
2606:4700:3033::6815:3c43 Public Scan

Screenshot
Live screenshot

Full Image

239
Requests

88 %
HTTPS

56 %
IPv6

33
Domains

46
Subdomains

36
IPs

4
Countries

3077 kB
Transfer

8313 kB
Size

31
Cookies

239 HTTP transactions
7 data transactions