URL: https://zaly.online/
Submission: On November 28 via api from US — Scanned from US

Summary

This website contacted 36 IPs in 4 countries across 33 domains to perform 239 HTTP transactions. The main IP is 2606:4700:3033::6815:3c43, located in United States and belongs to CLOUDFLARENET, US. The main domain is zaly.online.
TLS certificate: Issued by GTS CA 1P5 on November 14th 2023. Valid for: 3 months.
This is the only time zaly.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 2606:4700:303... 13335 (CLOUDFLAR...)
3 2607:f8b0:400... 15169 (GOOGLE)
2 2a02:6ea0:c45... 60068 (CDN77 ^_^)
1 2400:52e0:1a0... 200325 (BUNNYCDN)
8 212.124.124.115 47328 (TRI-AS Di...)
6 2607:f8b0:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
51 2607:f8b0:400... 15169 (GOOGLE)
4 20 2607:f8b0:400... 15169 (GOOGLE)
2 171.244.164.171 7552 (VIETEL-AS...)
40 2607:f8b0:400... 15169 (GOOGLE)
2 5 2607:f8b0:400... 15169 (GOOGLE)
10 2607:f8b0:400... 15169 (GOOGLE)
3 2607:f8b0:400... 15169 (GOOGLE)
7 2607:f8b0:400... 15169 (GOOGLE)
1 2 34.237.166.117 14618 (AMAZON-AES)
7 2607:f8b0:400... 15169 (GOOGLE)
8 142.250.176.194 15169 (GOOGLE)
7 20 142.250.217.226 15169 (GOOGLE)
4 8 172.64.151.101 13335 (CLOUDFLAR...)
4 6 68.67.179.155 29990 (ASN-APPNEX)
3 142.250.81.230 15169 (GOOGLE)
3 2600:9000:213... 16509 (AMAZON-02)
7 23.51.58.26 16625 (AKAMAI-AS)
1 2 52.45.157.3 14618 (AMAZON-AES)
2 172.217.3.66 15169 (GOOGLE)
1 2 23.44.203.13 20940 (AKAMAI-ASN1)
1 2600:9000:21d... 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
4 4 2606:ae80:145... 25751 (VALUECLICK)
1 1 69.90.254.78 13768 (COGECO-PEER1)
1 1 2600:1f18:4e9... 14618 (AMAZON-AES)
1 1 51.222.39.186 16276 (OVH)
2 3 2a02:6b8::90 208722 (GLOBAL_DC)
1 1 23.55.235.224 20940 (AKAMAI-ASN1)
2 2607:f8b0:400... 15169 (GOOGLE)
1 143.47.125.171 31898 (ORACLE-BM...)
8 2600:1f18:1ac... 14618 (AMAZON-AES)
2 2 54.165.156.137 ()
1 2 2606:4700::68... ()
2 2 35.211.178.172 ()
2 2 5.161.204.250 ()
239 36
Apex Domain
Subdomains
Transfer
91 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
987 KB
46 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
ad.doubleclick.net — Cisco Umbrella Rank: 154
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 439
325 KB
16 zaly.online
zaly.online
197 KB
13 adsafeprotected.com
pixel.adsafeprotected.com — Cisco Umbrella Rank: 736
static.adsafeprotected.com — Cisco Umbrella Rank: 587
dt.adsafeprotected.com — Cisco Umbrella Rank: 570
104 KB
10 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
541 KB
9 gstatic.com
www.gstatic.com
fonts.gstatic.com
112 KB
8 moatads.com
z.moatads.com — Cisco Umbrella Rank: 647
mb.moatads.com — Cisco Umbrella Rank: 744
px.moatads.com — Cisco Umbrella Rank: 593
116 KB
8 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625
5 KB
8 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 145
8 aj1559.online
aj1559.online — Cisco Umbrella Rank: 60218 Failed
81 KB
7 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
160 KB
6 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 246
5 KB
6 google.com
analytics.google.com — Cisco Umbrella Rank: 157
www.google.com — Cisco Umbrella Rank: 2
1 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
42 KB
4 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 3451
2 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
ajax.googleapis.com — Cisco Umbrella Rank: 364
33 KB
3 yandex.ru
an.yandex.ru — Cisco Umbrella Rank: 5085
954 B
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
232 KB
2 mobtrakk.com
sync-dmp.mobtrakk.com
744 B
2 bidswitch.net
x.bidswitch.net
2 KB
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 w55c.net
pm.w55c.net
2 KB
2 usbank.com
acxmetrics.usbank.com — Cisco Umbrella Rank: 12126
1 KB
2 demdex.net
usbank.demdex.net — Cisco Umbrella Rank: 18517
1 KB
2 zmedia.vn
server.zmedia.vn — Cisco Umbrella Rank: 71361
4 KB
2 plausible.io
plausible.io — Cisco Umbrella Rank: 10361
2 KB
1 pangle-ads.com
analytics.pangle-ads.com — Cisco Umbrella Rank: 2858
1022 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 746
388 B
1 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492
713 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1309
684 B
1 agkn.com
d.agkn.com — Cisco Umbrella Rank: 755
614 B
1 unibotscdn.com
cdn.unibotscdn.com — Cisco Umbrella Rank: 26964
121 KB
0 extend.tv Failed
sync.extend.tv Failed
239 33
Domain Requested by
51 pagead2.googlesyndication.com aj1559.online
pagead2.googlesyndication.com
tpc.googlesyndication.com
zaly.online
googleads.g.doubleclick.net
ad.doubleclick.net
www.gstatic.com
server.zmedia.vn
www.googletagservices.com
40 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
zaly.online
20 cm.g.doubleclick.net 7 redirects googleads.g.doubleclick.net
20 googleads.g.doubleclick.net 4 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
zaly.online
16 zaly.online zaly.online
10 www.googletagservices.com googleads.g.doubleclick.net
zaly.online
www.googletagservices.com
s0.2mdn.net
8 dt.adsafeprotected.com googleads.g.doubleclick.net
8 dsum-sec.casalemedia.com 4 redirects googleads.g.doubleclick.net
8 www.googleadservices.com
8 aj1559.online zaly.online
aj1559.online
7 s0.2mdn.net googleads.g.doubleclick.net
zaly.online
s0.2mdn.net
7 www.gstatic.com googleads.g.doubleclick.net
6 px.moatads.com googleads.g.doubleclick.net
6 ib.adnxs.com 4 redirects googleads.g.doubleclick.net
6 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
server.zmedia.vn
5 www.google.com 2 redirects tpc.googlesyndication.com
googleads.g.doubleclick.net
4 dclk-match.dotomi.com 4 redirects
3 an.yandex.ru 2 redirects
3 static.adsafeprotected.com pixel.adsafeprotected.com
googleads.g.doubleclick.net
3 ad.doubleclick.net googleads.g.doubleclick.net
www.googletagservices.com
zaly.online
3 fonts.googleapis.com googleads.g.doubleclick.net
3 www.googletagmanager.com zaly.online
www.googletagmanager.com
2 sync-dmp.mobtrakk.com 2 redirects
2 x.bidswitch.net 2 redirects
2 pm.w55c.net 2 redirects
2 fonts.gstatic.com fonts.googleapis.com
2 acxmetrics.usbank.com 1 redirects googleads.g.doubleclick.net
2 googleads4.g.doubleclick.net zaly.online
2 usbank.demdex.net 1 redirects googleads.g.doubleclick.net
2 pixel.adsafeprotected.com 1 redirects zaly.online
2 server.zmedia.vn aj1559.online
2 plausible.io zaly.online
plausible.io
1 s.tribalfusion.com
1 a.tribalfusion.com 1 redirects
1 mb.moatads.com z.moatads.com
1 analytics.pangle-ads.com 1 redirects
1 onetag-sys.com 1 redirects
1 pr-bh.ybp.yahoo.com 1 redirects
1 ums.acuityplatform.com 1 redirects
1 ajax.googleapis.com s0.2mdn.net
1 d.agkn.com googleads.g.doubleclick.net
1 z.moatads.com s0.2mdn.net
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com www.googletagmanager.com
1 cdn.unibotscdn.com zaly.online
0 sync.extend.tv Failed googleads.g.doubleclick.net
239 46

This site contains no links.

Subject Issuer Validity Valid
zaly.online
GTS CA 1P5
2023-11-14 -
2024-02-12
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
plausible.io
R3
2023-10-30 -
2024-01-28
3 months crt.sh
cdn.unibotscdn.com
R3
2023-11-27 -
2024-02-25
3 months crt.sh
aj1559.online
R3
2023-10-20 -
2024-01-18
3 months crt.sh
*.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
server.zmedia.vn
R3
2023-09-25 -
2023-12-24
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
www.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M01
2023-03-29 -
2024-04-27
a year crt.sh
*.doubleclick.net
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
www.googleadservices.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02
2023-07-07 -
2024-08-04
a year crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1
2023-10-25 -
2024-10-24
a year crt.sh
*.agkn.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1
2023-09-07 -
2024-09-29
a year crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1
2023-06-20 -
2024-07-20
a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M02
2023-05-09 -
2024-06-07
a year crt.sh
*.googleadservices.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh

This page contains 31 frames:

Primary Page: https://zaly.online/
Frame ID: 005304F0EB2A7F6555DD3511F463E198
Requests: 50 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: E30A69A61A3C15547967FE4B20B0C0F7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3130448679272231&output=html&adk=1812271804&adf=3025194257&lmt=1701143153&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x1080_r&format=0x0&url=https%3A%2F%2Fzaly.online%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~5&ascmds=1&aslcwct=300&asacwct=50&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701144026530&bpp=5&bdt=1150&idt=333&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5891447285237&frm=20&pv=2&ga_vid=1315140130.1701144026&ga_sid=1701144027&ga_hid=1864439633&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079654%2C44807405%2C44807763%2C44808149%2C44808285%2C44809054&oid=2&pvsid=3510725109261731&tmod=1102444141&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=358
Frame ID: 81967BAE6DEB6EA78316A9C1409A766B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3130448679272231&output=html&h=280&slotname=2381384350&adk=3213702284&adf=2759072096&pi=t.ma~as.2381384350&w=620&fwrn=4&fwrnh=100&lmt=1701143153&rafmt=1&format=620x280&url=https%3A%2F%2Fzaly.online%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701144026556&bpp=3&bdt=1176&idt=342&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5891447285237&frm=20&pv=1&ga_vid=1315140130.1701144026&ga_sid=1701144027&ga_hid=1864439633&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=184&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079654%2C44807405%2C44807763%2C44808149%2C44808285%2C44809054&oid=2&pvsid=3510725109261731&tmod=1102444141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=349
Frame ID: 6D5030A146B7CE043A0F9B6111539F4C
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A806F48D1D50CBA2E9035B8C302B0CE7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4CDAF4F41C7C80851082E547E8463E3D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 547A612BB4B3E8244D05536432D2011D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3130448679272231&output=html&h=280&adk=1980682340&adf=3750240013&pi=t.aa~a.1383163065~rp.4&w=940&fwrn=4&fwrnh=100&lmt=1701143153&rafmt=1&to=qs&pwprc=4365785914&format=940x280&url=https%3A%2F%2Fzaly.online%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701144028574&bpp=1&bdt=3194&idt=1&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51474cc3657465e7%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MbhfGLvMgVxjGDwVhkCy0kJo_etKg&gpic=UID%3D00000da452bb580f%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MaW2imH7PGd5p1aCMH2z2qBmuttGQ&prev_fmts=0x0%2C620x280&nras=2&correlator=5891447285237&frm=20&pv=1&ga_vid=1315140130.1701144026&ga_sid=1701144027&ga_hid=1864439633&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=2649&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079654%2C44807405%2C44807763%2C44808149%2C44808285%2C44809054&oid=2&psts=AOrYGskhb-bZ7MQrozXSy7Ek8nsl5PD-gOgYuW20QgE0XHCEki0MqEZEipt_O9oJN6aeg0_Mbeca7wjj2xirwRKtspJJkg&pvsid=3510725109261731&tmod=1102444141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6
Frame ID: 9B4BDD3A68C4C10ED4BC3C9AD20AC256
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 836FC2AFA214B6D9930E99B85D6D35A2
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 201ED01222081A85A2AC38487967C5DE
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: FE2A98D641E098C30FB250961057C59E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 0CAB047BA7E8E97FD6F3A58144CFCAD0
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIKFJhD-xHYYmOqa3AEwAQ&v=APEucNUguMZZcsMyOq4qx4bBgoKS82I3IAP4rTSZqwvc7gq2iu5yB9eKwWadtNdlZXwkLL4r_VKARgtJJCL_99AUphCDP5F6iw
Frame ID: 4ACCD9B79CB2C0277E3D4F52ABE4E5DD
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 2CE849854069DB6572B880ACEC87781C
Requests: 41 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNWYlwEQ__S4ARjmp-z9ATAB&v=APEucNVZHRaUD1Vp4vrgyynxoOPa_uPuhEs11Xq2IXUGy17980piMRl5bBeEEoEPYPTjzDNDe6F059b4Jya-qZ_BDufDKXCixA
Frame ID: 3BDC18C9F701FFA885137AC44A3B32FA
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js
Frame ID: 5841534465EC43DDCA0707A5193FB223
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 5C13FB816ABECAFE5F5D059CDA825EF8
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js
Frame ID: 380CA47B5D1A3BCA8A2BA47271D7A441
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 37DB37C9B507D2E4C78C7C802D86AE1B
Requests: 3 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js?tag=client_fast_engine_2019
Frame ID: 31FD72BD3BFB67AE80F1521FC45FF729
Requests: 21 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 0EB2513FA3B8EEAF9CD2C130E9F1B886
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js
Frame ID: 40E003EDD9CA93DAD12C3AD05594F072
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js
Frame ID: 90DD0DF9608AEE672413559E817589EB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 6D294F29C6963E9D1C046D3D3DC05781
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 32C41999B124F28B14E97BB0B077A2CF
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/214269559785654871/index.html?ev=01_250
Frame ID: 2682C3DA48545A344DF734CB29D943E5
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3130448679272231&output=html&h=250&slotname=6538754230&adk=3030280808&adf=299928974&pi=t.ma~as.6538754230&w=300&lmt=1701143153&format=300x250&url=https%3A%2F%2Fzaly.online%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701144029756&bpp=2&bdt=4376&idt=2&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51474cc3657465e7%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MbhfGLvMgVxjGDwVhkCy0kJo_etKg&gpic=UID%3D00000da452bb580f%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MaW2imH7PGd5p1aCMH2z2qBmuttGQ&prev_fmts=0x0%2C620x280%2C940x280%2C1600x1200%2C160x600%2C160x600%2C1005x124&nras=6&correlator=5891447285237&frm=20&pv=1&ga_vid=1315140130.1701144026&ga_sid=1701144027&ga_hid=1864439633&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1300&ady=944&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079654%2C44807405%2C44807763%2C44808149%2C44808285%2C44809054&oid=2&psts=AOrYGskhb-bZ7MQrozXSy7Ek8nsl5PD-gOgYuW20QgE0XHCEki0MqEZEipt_O9oJN6aeg0_Mbeca7wjj2xirwRKtspJJkg%2CAOrYGskwXkveVVZvs1-wDcxk_-1mgLpzGlIdMHzkEeNJWvkvVOuaBcYqvphc3ol8_lbZBfxcooWbelubZV0QcG2ioe6blruFfBrJbAzQmbHVN-OA77o&pvsid=3510725109261731&tmod=1102444141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&fsb=1&dtd=8
Frame ID: 45DAF24FBB5C3D258119AFF94A2D9128
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js
Frame ID: D8C2A502C66B884AE129F2AFEE1129B4
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: CF0E25D3ACE24028A1EF15F597B7C193
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 778FFB055873F87B035BD0334032ED62
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js
Frame ID: 3F7C638923A82322D043D990AA27749F
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Zaly.Online

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • moatads\.com

Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

239
Requests

88 %
HTTPS

56 %
IPv6

33
Domains

46
Subdomains

36
IPs

4
Countries

3077 kB
Transfer

8313 kB
Size

31
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 96
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CrxWD2mVlZenGOazlvPIPgaaNyA3JluyWdI2HrZv_EbCQHxABIKmJ7IoBYMnujovApIwQoAGn7qDSA8gBAqgDAcgDyQSqBLwBT9AJv7-Cywpj5y50COteHvDDbUK6NEHh9MaWXY-eHvePg4lrp5rKdkXy4aXELiGSbk1nKIBRSXjVlIFxUS4tb0yq7dBmGeQsU8BxfIKNJ478wdGcoNJ5l16v3iNRTidqsBfVLVGwqr7NsWusHJjmn66Y27LtjZq7GIW6NN4xHknPZgHHojgp1jVkIcJc2wp5jH_JUVEmE7HYsIvvxDXiIA6RyRaIlhSAUfwW_uU4lzhP7zb97Cm5h7jzqYHABJ2j08SWBIgF7fui0EmSBQQIBBgBkgUECAUYBKAGAoAHwZHfLagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEELHRZNIIHQiAYRABGB8yAooCOgKAQEi9_cE6WP_ov6vn5YIDmgltaHR0cHM6Ly93d3cudmlsbGEuZWR1L2dyb3cteW91ci1wb3RlbnRpYWwvP3V0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09ZGlzcGxheSZ1dG1fY2FtcGFpZ249Z2VuZXJhbC1hdWRpZW5jZYAKAcgLAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAtoMEQoLEOCZn4TN1pyx0QESAgED2BMN0BUBgBcBshccChoIABIUcHViLTMxMzA0NDg2NzkyNzIyMzEYAA&sigh=ZZlGxHTrx4I&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgDICaaN5jCgdMEV9KOYhqw8Et8d697m3AiaZZTS2hpQJ5Ki4Fc86gR3m3njpniUGctz4anQMpqU0Exb86I5Znoe4o6kuhChmEWSkMcVIhgB&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x226d16466797ae030000000000000000%22,%222%22:%220xee2ea3547fed90660000000000000000%22,%223%22:%220xb108c9535706f17e0000000000000000%22,%224%22:%220xb502f3ecfed60ef0000000000000000%22,%225%22:%220x49aa1e69dc9a8ae10000000000000000%22},%22debug_key%22:%2213463495911180650171%22,%22debug_reporting%22:true,%22destination%22:%22https://villa.edu%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22977811239%22],%224%22:[%2211-28%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2244452866232556289%22}&andc=true
Request Chain 97
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKn4e-PP9VF6OPE75AsLVv8&google_cver=1
Request Chain 98
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWVl3RPlwzLHUoESsLJE9QAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKn4e-PP9VF6OPE75AsLVv8&google_cver=1
Request Chain 99
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDh60NXdTIJAVvOiO1oUAkU&google_cver=1
Request Chain 100
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTgxNzk3MTUwODgxOTkyMjcxNw%3D%3D
Request Chain 102
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKn4e-PP9VF6OPE75AsLVv8&google_cver=1
Request Chain 103
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWVl3RPlwzLHUoESsLJE9QAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKn4e-PP9VF6OPE75AsLVv8&google_cver=1
Request Chain 104
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDh60NXdTIJAVvOiO1oUAkU&google_cver=1
Request Chain 105
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTgxNzk3MTUwODgxOTkyMjcxNw%3D%3D
Request Chain 111
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 138
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CKEVt2mVlZbHyOL-9xtYPxoGZmAXJluyWdK2IrZv_EbCQHxABIKmJ7IoBYMnujovApIwQoAGn7qDSA8gBAqgDAcgDyQSqBMMBT9BiCcnris2HII-0tE9z2AZ1gMbrbua8ckLwfGbasZ8AEE9ymceLEIaKubEVDczuajarZF6SMnMlMZ3tJs1i8FT3mfIVuGe5pFX5A8fPgYQL4f3WT85ryit_dzTq7j84mega0CVqcKy4ePS-ng7m_evlEIzh8mp8kYhsvT6S10SBOr7TRHkWhQDSFdEW9eC6cf6hwNa_HMvgsfSC7RXS5uYrnr8JRP4HXbp7-z-ASFPSp1wDi1LEVXerViKf7zYmVmJGwASdo9PElgSIBe37otBJkgUECAQYAZIFBAgFGASgBgKAB8GR3y2oB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBCrszXSCBQIgGEQARgfMgKKAjoCgEBIvf3BOpoJbWh0dHBzOi8vd3d3LnZpbGxhLmVkdS9ncm93LXlvdXItcG90ZW50aWFsLz91dG1fc291cmNlPWdvb2dsZSZ1dG1fbWVkaXVtPWRpc3BsYXkmdXRtX2NhbXBhaWduPWdlbmVyYWwtYXVkaWVuY2WACgHICwGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQLaDBEKCxCw69rOwrnw4OgBEgIBA9gTDdAVAYAXAbIXHAoaCAASFHB1Yi0zMTMwNDQ4Njc5MjcyMjMxGAA&sigh=apCCj7BVT20&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgDICaaNzGapUP_jDz8i-qY4SI_3oXXYpssJEwCQ5UboSK3hXoOLwhNXrAAo6DffKfnUBolvpa1OAVq_E4ETCqH2y0J80taok7A_blnPQxgB&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x226d16466797ae030000000000000000%22,%222%22:%220xee2ea3547fed90660000000000000000%22,%223%22:%220xb108c9535706f17e0000000000000000%22,%224%22:%220xb502f3ecfed60ef0000000000000000%22,%225%22:%220x49aa1e69dc9a8ae10000000000000000%22},%22debug_key%22:%2212262638905288099247%22,%22debug_reporting%22:true,%22destination%22:%22https://villa.edu%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22977811239%22],%224%22:[%2211-28%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222051644339744000209%22}&andc=true
Request Chain 167
  • https://usbank.demdex.net/event?d_event=imp&d_src=181138&d_creative=183441212&d_campaign=28975896&d_placement=352599115&d_site=3330315&d_bust=2877588321 HTTP 302
  • https://usbank.demdex.net/firstevent?d_event=imp&d_src=181138&d_creative=183441212&d_campaign=28975896&d_placement=352599115&d_site=3330315&d_bust=2877588321
Request Chain 171
  • https://acxmetrics.usbank.com/1/d/c.gif?aqet=imp&adv=6219544&ca=28975896&cr=183441212&pl=352599115&sid=3330315&sg=0&puu=AMsySZa-eDbp4KiQ6o_EaOfXyjDN&geo=ct=US&st=NY&city=13347&dma=16&zp=14202&bw=4&r=2877588321&img=true HTTP 302
  • https://acxmetrics.usbank.com/d/a.gif?gdpr=T&img=true&tt=c.gif&reload=true&z_evid=F55EABEADA4F7D738E33BB0147BDA64322361DDCF0245B7F4E3FD3EBD6BE9BCF
Request Chain 184
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEIZXvsvm_Bxl_8BaWPLxpq8&google_cver=1&google_push=AXcoOmR-OC8neh9ej8HxtNnGP-_w500sk7u0vzDdWgl3Id88zgCFVBW3OWQOaW3pk-fUoVN8RkRzNvSklWToFmdlyzbzFRdIW2DAmQ HTTP 302
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=5ae7fbf93c4f0fbd&is_secure=true&networkId=14000&version=1&google_gid=CAESEIZXvsvm_Bxl_8BaWPLxpq8&google_cver=1&google_push=AXcoOmR-OC8neh9ej8HxtNnGP-_w500sk7u0vzDdWgl3Id88zgCFVBW3OWQOaW3pk-fUoVN8RkRzNvSklWToFmdlyzbzFRdIW2DAmQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAFl2oUjZ-JuQMSqNRaAAAAAAA&expiration=1701230430&google_cver=1&is_secure=true&google_gid=CAESEIZXvsvm_Bxl_8BaWPLxpq8&google_push=AXcoOmR-OC8neh9ej8HxtNnGP-_w500sk7u0vzDdWgl3Id88zgCFVBW3OWQOaW3pk-fUoVN8RkRzNvSklWToFmdlyzbzFRdIW2DAmQ
Request Chain 185
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEOcpOw--LSXDLdaVVMxq_8Q&google_cver=1&google_push=AXcoOmQNVljckAkRhPnQAkDGFlDeK1ZKPmOV9CPhRUeriOgxVJ5nnC_Djd0IKv70tChoke6duF-sr63dL8lDX59ylch7diOcKmntBAc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=857704199194&us_privacy=1---
Request Chain 187
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJ0YUci0fR7ankA9WFx4jWI&google_cver=1&google_push=AXcoOmREi6rbZ6R_CsrU2t3Nf7eNfCMLMfEZ242HRSNwQE_WK21IaeVchH7SL2PxrQ7jPX-YhFupx4Iexrmm8eaXqz1167vNcUNFgyw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmREi6rbZ6R_CsrU2t3Nf7eNfCMLMfEZ242HRSNwQE_WK21IaeVchH7SL2PxrQ7jPX-YhFupx4Iexrmm8eaXqz1167vNcUNFgyw&google_hm=eS1iQ19oc3lkRTJwSDM5WmlIbHFJakdDT2toQ20uV1lEYn5B
Request Chain 188
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEE89yBAZJcCEz64dX6zmLio&google_cver=1&google_push=AXcoOmS-5dDYem_jKRvhZV0GdPrXcUFnMbDVa-hJBGz_1hTWZ-vlxjXRmh5pA-NUhgFrIjHB1bIpxAXvt__bABaYipVk87bvHL9fu0M HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmS-5dDYem_jKRvhZV0GdPrXcUFnMbDVa-hJBGz_1hTWZ-vlxjXRmh5pA-NUhgFrIjHB1bIpxAXvt__bABaYipVk87bvHL9fu0M
Request Chain 189
  • https://an.yandex.ru/mapuid/google/CAESEA23to7bA-13wb-16u1EZXI?ext-param=AXcoOmRXCX5dN6H7uscPWn8qjjYUywmtOMRwjPuSjtdEhgicBYsmf62iTdwNIMzEQV4XLDWOZpO7IEGPHUO5XRBt3xtZKbTCBOHA49Q&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://an.yandex.ru/mapuid/google/CAESEA23to7bA-13wb-16u1EZXI?redir-setuniq=1&ext-param=AXcoOmRXCX5dN6H7uscPWn8qjjYUywmtOMRwjPuSjtdEhgicBYsmf62iTdwNIMzEQV4XLDWOZpO7IEGPHUO5XRBt3xtZKbTCBOHA49Q&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEA23to7bA-13wb-16u1EZXI&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 190
  • https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEBYDJgM-rp449SinTMnNzeQ&google_cver=1&google_push=AXcoOmReVI3hNTjUJXccHJP-HL6RJeqlZaL-tJGU_syysktyiXveuv0DNSqV-QUMGf2Dqg5M9A7cDbl09EapwCOmCfb-KWRpSsTPSZOH HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmReVI3hNTjUJXccHJP-HL6RJeqlZaL-tJGU_syysktyiXveuv0DNSqV-QUMGf2Dqg5M9A7cDbl09EapwCOmCfb-KWRpSsTPSZOH
Request Chain 198
  • https://googleads.g.doubleclick.net/pagead/adview?ai=C3JMl3GVlZdPwJdb8vPIP0dGtwALo_a_kc7D60oDkD2QQASCpieyKAWDJ7o6LwKSMEKABltufxwPIAQmpAgDspEECYbI-qAMByAPLBKoEvwFP0J66BPy0k_mVqfRfPFYhR0anISbQkrDLoQbHhd5EKkaGP5kYseSeLV9Is-l-YS2ILd06uRqaIfYB_C9fshykfDBy2iCkjHlIyc2ns696RjFGNHNVP3cS14RiN36VhDkHXeYPdHWtTMu82a5vBHgc3FtP4908OB5qQOAEhFNwp8PvhxE7j_Bwhw5aUQ0MxnNKPaammSxpK3H6aV4v7uQ5qfS8wp3GedD9dZPnkPBw1ZX3VBJd43LKvBrnrqjxQsAEx7OYnIIEiAWdqtWSQZIFBAgEGAGSBQQIBRgEoAYugAfSpOA4qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQ6IQ-0ggUCIBhEAEYHzICigI6AoBASL39wTqaCSxodHRwczovL3d3dy5jdXBhcGl6YXJyYXMuY29tL3VzYS9yZWFkeXNsYXRlL4AKAcgLAaIMECoOCgzktLEC7rWxArW4sQLaDBAKChDAoZi6z5O21XESAgEDuBPkA9gTDIgUBdAVAZgWAYAXAbIXHAoaCAASFHB1Yi0zMTMwNDQ4Njc5MjcyMjMxGAA&sigh=krkso9tXCxM&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSOwDICaaN_sGwhgwIt3K0iRS2Ih4hkchmOsxZil9tC8ZOnkgKVtC6xdtlW8Lxr_bOakO8h7Q4NkFrZMsUGAE&template_id=484&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x7d213793d514629c0000000000000000%22,%222%22:%220x7910bfc654cbf3c20000000000000000%22,%223%22:%220xa29d88bba27ebbff0000000000000000%22,%224%22:%220xa7bbec44de3efea00000000000000000%22,%225%22:%220x79ec60475c3bc15e0000000000000000%22},%22debug_key%22:%224185405535379266994%22,%22debug_reporting%22:true,%22destination%22:%22https://cupapizarras.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22954723734%22],%224%22:[%2211-28%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211728279715667595681%22}&andc=true
Request Chain 200
  • https://pixel.adsafeprotected.com/rfw/st/1841082/76634004/skeleton.js?bundleId=&ias_dspID=3&ias_campId=27647240&ias_pubId=pub-3130448679272231&ias_chanId=1&ias_placementId=19311913561&bidurl=https://zaly.online/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0j219qjRqnpuv44KFe8zdGL&adsafe_url=https%3A%2F%2Fzaly.online&adsafe_type=g&adsafe_url=https%3A%2F%2Fzaly.online%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231109%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1&adsafe_type=d&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231109%2Fr20110914%2Fzrt_lookup_fy2021.html%3Ffsb%3D1%23RS-1-%26adk%3D1812271803%26client%3Dca-pub-3130448679272231%26fa%3D3%26ifi%3D5%26uci%3Da!5%26btvi%3D2&adsafe_type=be&adsafe_jsinfo=,id:14e4b36e-f3a4-104d-4aa0-1866a36b0755,c:vbXsXS,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-experiment-primary-5cb87bd5d6-2d69h,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:692,mot:0,app:0,maw:0,fm:tWSeZ0V+11%7C12%7C131%7C132%7C14%7C151%7C152%7C1611%7C171*.1841082-76634004%7C1711%7C1712%7C17131%7C1714%7C1811%7C1812%7C191%7C192%7C1a,idMap:171*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,tt:rjss,et:716,oid:ab17671f-8da2-11ee-9af4-6a2f95e9e08d,v:19.8.461,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js?bundleId=&ias_xappb=
Request Chain 229
  • https://googleads.g.doubleclick.net/pagead/adview?ai=Ckyz03WVlZcaNMda8xtYPxrW3mAXJluyWdLmpwdXlEWQQASCpieyKAWDJ7o6LwKSMEKABp-6g0gPIAQKoAwHIA8kEqgS_AU_Q47InpeWVlHTemd5QFj36b5Wo28zhjx1V1v56qKtR5qaG2jQKkNiphex3Ayc2pF0cEuueotBEgb4VTSc0xXX5LpgP0jCUoe2TMTpZRlcGEpl62dBPBgUlmBxCdZy_vh3HeDfZy-RytosIvMI3AtfowyINJkV22yCrZxFpacjMxg8nwjY3GqVwnwkXXs5Q376GxxLec5M-czZZDlcL_mQubAlKY65N6si6-0LOQouj5xnWi_1krxdowHuvvLFMwATFo9PElgSIBe37otBJkgUECAQYAZIFBAgFGASgBgKAB8GR3y2oB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDmvibSCBQIgGEQARgfMgKKAjoCgEBIvf3BOpoJcGh0dHBzOi8vd3d3LnZpbGxhLmVkdS9ncm93LXlvdXItcG90ZW50aWFsLz91dG1fc291cmNlPWdvb2dsZSZ1dG1fbWVkaXVtPWRpc3BsYXkmdXRtX2NhbXBhaWduPWdlbmVyYWwtcmVtYXJrZXRpbmeACgHICwGiDBgqFgoU5LSxAu61sQK1uLEC5LSxAu61sQLaDBEKCxCAtKKirvvUjtUBEgIBA9gTDdAVAYAXAbIXHAoaCAASFHB1Yi0zMTMwNDQ4Njc5MjcyMjMxGAA&sigh=OnKarwvBsks&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSOwDICaaNFI68SIfABHtLH84t-WsPnDZlBdIrr5Ozru5Z4ok2EbuuHCdWgeFL1hwdLAYudfLW-Q1o1kHvGAE&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x226d16466797ae030000000000000000%22,%222%22:%220xee2ea3547fed90660000000000000000%22,%223%22:%220xb108c9535706f17e0000000000000000%22,%224%22:%220xc18682bca3a379ee0000000000000000%22,%225%22:%220x49aa1e69dc9a8ae10000000000000000%22},%22debug_key%22:%225223034509681765110%22,%22debug_reporting%22:true,%22destination%22:%22https://villa.edu%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22977811239%22],%224%22:[%2211-28%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227592563383330705489%22}&andc=true
Request Chain 230
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEIZXvsvm_Bxl_8BaWPLxpq8&google_cver=1&google_push=AXcoOmSMdRlU7R2D_xjJcAvf0QqZGjhhy5kJhWSND3y-6fdZjEMcuqWytsF-Y1SCCKJbYeI9lZhnVwconzKedRym1irhu8Z7Vz-9fTufrKhsLV20wsRdfD28AA5JhkLuisq96lnXGfAK3Lo020vcQeXqOT6IExI HTTP 302
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=109fd08f95210fbd&is_secure=true&networkId=14000&version=1&google_gid=CAESEIZXvsvm_Bxl_8BaWPLxpq8&google_cver=1&google_push=AXcoOmSMdRlU7R2D_xjJcAvf0QqZGjhhy5kJhWSND3y-6fdZjEMcuqWytsF-Y1SCCKJbYeI9lZhnVwconzKedRym1irhu8Z7Vz-9fTufrKhsLV20wsRdfD28AA5JhkLuisq96lnXGfAK3Lo020vcQeXqOT6IExI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAGBp1DtQ1YngNvt4IrAAAAAAA&expiration=1701230431&google_cver=1&is_secure=true&google_gid=CAESEIZXvsvm_Bxl_8BaWPLxpq8&google_push=AXcoOmSMdRlU7R2D_xjJcAvf0QqZGjhhy5kJhWSND3y-6fdZjEMcuqWytsF-Y1SCCKJbYeI9lZhnVwconzKedRym1irhu8Z7Vz-9fTufrKhsLV20wsRdfD28AA5JhkLuisq96lnXGfAK3Lo020vcQeXqOT6IExI
Request Chain 231
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJvj_l545kXR5aCvtfgEbYY&google_cver=1&google_push=AXcoOmR1ydp3Q4Xh0IQzTlFeZzjEWsUcdlEaVnQWwlDXIRWI7rQ6MjdVpBK6-lL44T-j795mPI_A3FGOHmTlxCCtgsUB7SDxWiujPhuraBNglA0FFGIzp7imGODh9IfZr2YQS1zoVG8CDL1tFl4K5zKQE4mH0Ac HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJvj_l545kXR5aCvtfgEbYY&google_cver=1&google_push=AXcoOmR1ydp3Q4Xh0IQzTlFeZzjEWsUcdlEaVnQWwlDXIRWI7rQ6MjdVpBK6-lL44T-j795mPI_A3FGOHmTlxCCtgsUB7SDxWiujPhuraBNglA0FFGIzp7imGODh9IfZr2YQS1zoVG8CDL1tFl4K5zKQE4mH0Ac HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=M3pzS05LRncxUjdQZ1g1&google_gid=CAESEJvj_l545kXR5aCvtfgEbYY&google_cver=1&google_push=AXcoOmR1ydp3Q4Xh0IQzTlFeZzjEWsUcdlEaVnQWwlDXIRWI7rQ6MjdVpBK6-lL44T-j795mPI_A3FGOHmTlxCCtgsUB7SDxWiujPhuraBNglA0FFGIzp7imGODh9IfZr2YQS1zoVG8CDL1tFl4K5zKQE4mH0Ac
Request Chain 232
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEKAu7RTJUQZmWrlfQ1q0WA8&google_cver=1&google_push=AXcoOmT-V70gshPKpEy-gAAE3bn16kYnu63kLFpkn4Bft4swVDJV8EIcvrGCExXToWB-3HV93PSnie6lKb6T4dZj7M1Fb1ENsTId-f1ubK2UzlzL_XRckG-556DJoUaTKMP43vX2ECqSt4vBTkdsbYCg93Qw0A&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmT-V70gshPKpEy-gAAE3bn16kYnu63kLFpkn4Bft4swVDJV8EIcvrGCExXToWB-3HV93PSnie6lKb6T4dZj7M1Fb1ENsTId-f1ubK2UzlzL_XRckG-556DJoUaTKMP43vX2ECqSt4vBTkdsbYCg93Qw0A%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKAu7RTJUQZmWrlfQ1q0WA8&google_cver=1&google_push=AXcoOmT-V70gshPKpEy-gAAE3bn16kYnu63kLFpkn4Bft4swVDJV8EIcvrGCExXToWB-3HV93PSnie6lKb6T4dZj7M1Fb1ENsTId-f1ubK2UzlzL_XRckG-556DJoUaTKMP43vX2ECqSt4vBTkdsbYCg93Qw0A&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmT-V70gshPKpEy-gAAE3bn16kYnu63kLFpkn4Bft4swVDJV8EIcvrGCExXToWB-3HV93PSnie6lKb6T4dZj7M1Fb1ENsTId-f1ubK2UzlzL_XRckG-556DJoUaTKMP43vX2ECqSt4vBTkdsbYCg93Qw0A%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 233
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEAnM8wbwOEyDSR-z46BCCw0&google_cver=1&google_push=AXcoOmRHfCldT_jsgBs0afimf2FKogJJJv2Vw28L09WzXmTO3wewKFKTLenYT9QiNB9zV6jCVsJ3Y3vTOI3OffHkfDZNtEkNvXJ0MuFz2-wJaXTAihkuie2_cvveBK__T6SL2MtPcb3a-fdCz8HY_X-G6y63ekg HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEAnM8wbwOEyDSR-z46BCCw0&google_cver=1&google_push=AXcoOmRHfCldT_jsgBs0afimf2FKogJJJv2Vw28L09WzXmTO3wewKFKTLenYT9QiNB9zV6jCVsJ3Y3vTOI3OffHkfDZNtEkNvXJ0MuFz2-wJaXTAihkuie2_cvveBK__T6SL2MtPcb3a-fdCz8HY_X-G6y63ekg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmRHfCldT_jsgBs0afimf2FKogJJJv2Vw28L09WzXmTO3wewKFKTLenYT9QiNB9zV6jCVsJ3Y3vTOI3OffHkfDZNtEkNvXJ0MuFz2-wJaXTAihkuie2_cvveBK__T6SL2MtPcb3a-fdCz8HY_X-G6y63ekg&google_hm=eEtB35ukS8Ojh6Ofutbo2g==
Request Chain 234
  • https://sync-dmp.mobtrakk.com/match/google?google_gid=CAESEFHF-P23euaIPn6n0o2eDOo&google_cver=1&google_push=AXcoOmThJ1MJsBsB-fFLnosqY5iTiXhwmCsjjeUyUHpGHbVmgOWot2PJmzUX2KZqOEghYE66gEnjtVhWtuV1tqbiHHRjzFvqkaaO0s6j4SuKz5fin3OwChC8DHvZRjC4G58yxI0LFHfu9UuaE5ylzp14OXkUcvDq HTTP 302
  • https://sync-dmp.mobtrakk.com/match/google?google_gid=CAESEFHF-P23euaIPn6n0o2eDOo&google_cver=1&google_push=AXcoOmThJ1MJsBsB-fFLnosqY5iTiXhwmCsjjeUyUHpGHbVmgOWot2PJmzUX2KZqOEghYE66gEnjtVhWtuV1tqbiHHRjzFvqkaaO0s6j4SuKz5fin3OwChC8DHvZRjC4G58yxI0LFHfu9UuaE5ylzp14OXkUcvDq&chk=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=992917243&google_hm=MWUxNWMyNTNjYmM2MzUyOA&google_push=AXcoOmThJ1MJsBsB-fFLnosqY5iTiXhwmCsjjeUyUHpGHbVmgOWot2PJmzUX2KZqOEghYE66gEnjtVhWtuV1tqbiHHRjzFvqkaaO0s6j4SuKz5fin3OwChC8DHvZRjC4G58yxI0LFHfu9UuaE5ylzp14OXkUcvDq

239 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
zaly.online/
139 KB
42 KB
Document
General
Full URL
https://zaly.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3c43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac979153353d406bad08c264561bd8a33c4e7b5444dbf23826b4f7f674ff932d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=2728, public
cf-cache-status
DYNAMIC
cf-ray
82cfb427ad8c0cba-EWR
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 28 Nov 2023 04:00:25 GMT
last-modified
Tue, 28 Nov 2023 03:45:53 GMT
link
<https://zaly.online/wp-json/>; rel="https://api.w.org/"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
public
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vD78ss3s8aFxKDEQSL2UwfHBMmr3EWP0KYSEM%2BuSLMptcc%2BB1MhQ%2FuDiQiaklzdcuknSqp8GyOqVs0EHNJ%2Bv%2BxG5vW7AyqB8R5hF4L2G1mTuXdssknp%2BJNCM%2BUjZBXF5P1aUjwno0E9gEg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
style.min.css
zaly.online/wp-includes/css/dist/block-library/
107 KB
15 KB
Stylesheet
General
Full URL
https://zaly.online/wp-includes/css/dist/block-library/style.min.css?ver=bb270fba1988038f5680f75b7475565e
Requested by
Host: zaly.online
URL: https://zaly.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3c43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 04:00:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 08 Nov 2023 03:52:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1531159
etag
W/"654b0603-1add3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AYDy3JDONY%2Fv1mzOFf28rWaaZRzh9xhtlx0Tj8XP4adNPheDTyFHODM7Mq9LVpJoYHeOXFUqFofzGjP5lIRoNRxgXqOcj5REMVuTt%2FbqfFW0YL0jDABYMrhXreNYY4OsoxlWvMss8b657w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
82cfb42ebae30cba-EWR
alt-svc
h3=":443"; ma=86400
expires
Sat, 09 Dec 2023 03:52:47 GMT
style.css
zaly.online/wp-content/themes/enjoymini-pro/
47 KB
10 KB
Stylesheet
General
Full URL
https://zaly.online/wp-content/themes/enjoymini-pro/style.css?ver=20221104
Requested by
Host: zaly.online
URL: https://zaly.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3c43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e47fae1dd3f30cd0e70b4783ebfc6bdc0769c2fe2798843b8dd2c5be0d014093

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 04:00:25 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1623663
cf-polished
origSize=65307
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 24 Jul 2023 15:52:25 GMT
server
cloudflare
etag
W/"64be9e39-ff1b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O7ibnzFdbXGXQJiPjOlJWKQHkGGW%2BAQF63FJv19WqEBb6SevSOLf3O4zHbImwSvtUkDZJ7OpXRO3T4cfMP1wGDGnTglS%2FA%2FhM%2FpISY5QKvo29VUQJzl8r2i7RxOiq2bC2RtdmVF0PaXQjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
82cfb42ebae60cba-EWR
expires
Fri, 17 Nov 2023 07:48:24 GMT
responsive.css
zaly.online/wp-content/themes/enjoymini-pro/
6 KB
2 KB
Stylesheet
General
Full URL
https://zaly.online/wp-content/themes/enjoymini-pro/responsive.css?ver=20221104
Requested by
Host: zaly.online
URL: https://zaly.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3c43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b267a683e31c4faf2cdee41bd70aa93fb8bd87b37358b243f3abae5c56ce5a3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 04:00:25 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1454291
cf-polished
origSize=8442
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 24 Jul 2023 15:52:25 GMT
server
cloudflare
etag
W/"64be9e39-20fa"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BZ6ESgb%2BTQq0Znrt%2FzsiiZ%2FPT7gJErEMiYivTFDOAwJoNpjhJcOqUUalDADwhmXNddBK2n5MEtNdPEQrf%2FFBsWK4%2B0%2FtYwxdlFG1oZYe%2FPg5Qn4Ohr6CxgKduuOjG%2FHcsagGqLvUpPtttA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
82cfb42ebae80cba-EWR
expires
Thu, 07 Dec 2023 21:17:22 GMT
genericons.css
zaly.online/wp-content/themes/enjoymini-pro/genericons/
36 B
482 B
Stylesheet
General
Full URL
https://zaly.online/wp-content/themes/enjoymini-pro/genericons/genericons.css?ver=bb270fba1988038f5680f75b7475565e
Requested by
Host: zaly.online
URL: https://zaly.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3c43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ffd83d094e6b3078255ba6f5df8fa60f2716b5cf558916a9ff30dca79631159

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 04:00:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1521549
cf-polished
origSize=154
alt-svc
h3=":443"; ma=86400
content-length
36
cf-bgj
minify
last-modified
Mon, 24 Jul 2023 15:52:25 GMT
server
cloudflare
etag
"64be9e39-9a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9phblm%2FyWXf6g1rmeUIizg6qwDdwU4CYSUj9WJvm66VGgACsxHdJWFrSnkTXkJVsw3yI50TebcVrEZlwf9Wn6RQkDyMbJ%2FYLteUEDQ3U6Bq%2F%2BiuSQBZbTAtste1jVoRspIa9Ibm%2Fxw8a4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges
bytes
cf-ray
82cfb42ebae90cba-EWR
expires
Sat, 09 Dec 2023 03:52:46 GMT
genericons.css
zaly.online/wp-content/themes/enjoymini-pro/genericons/genericons/
26 KB
16 KB
Stylesheet
General
Full URL
https://zaly.online/wp-content/themes/enjoymini-pro/genericons/genericons/genericons.css
Requested by
Host: zaly.online
URL: https://zaly.online/wp-content/themes/enjoymini-pro/genericons/genericons.css?ver=bb270fba1988038f5680f75b7475565e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3c43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44e77b4ab0368538b8c5a3fbcb36c31bc07d2798a8bc2fceeea6feaf8cbec859

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zaly.online/wp-content/themes/enjoymini-pro/genericons/genericons.css?ver=bb270fba1988038f5680f75b7475565e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 04:00:25 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1537521
cf-polished
origSize=28266
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 24 Jul 2023 15:52:25 GMT
server
cloudflare
etag
W/"64be9e39-6e6a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5upum0ALeXEiYKAngABvovvUzf%2FGxaJfboiNrmk3Rgxb6tQ9AotJEMVbaZQO7VsyZFFgQ5ir%2ByVSxLwdKQPdY%2B%2Fd%2FSzBWAB0qShksnjILnNQbQICWbOK4aCUAXGItetdfUeX1mhThPo8KQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
82cfb42efb1f0cba-EWR
expires
Fri, 17 Nov 2023 07:48:27 GMT
normal.woff2
zaly.online/cf-fonts/s/inter/5.0.13/latin/400/
16 KB
17 KB
Font
General
Full URL
https://zaly.online/cf-fonts/s/inter/5.0.13/latin/400/normal.woff2
Requested by
Host: zaly.online
URL: https://zaly.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3c43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0364d368abf457d4e70dbc7a7a360f3486eaea2837b194915b23d4398bee91ac

Request headers

Referer
https://zaly.online/
Origin
https://zaly.online
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 04:00:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sDDjF615GOyZ2I%2Bjk9YoCQrSZnhb5yP8dUEz6hei9k5K74QAO3x1%2By0q4XRLebSqLCXKoScvDm%2FIAemKcSv081AyKZjzG8PpdFxxSUrHL1RnAH572COzUPLRiw%2BbG2E%2F7WsU9uMoXMG75w%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
82cfb42f4d8d78d9-EWR
alt-svc
h3=":443"; ma=86400
content-length
16708
normal.woff2
zaly.online/cf-fonts/s/inter/5.0.13/latin/700/
17 KB
18 KB
Font
General
Full URL
https://zaly.online/cf-fonts/s/inter/5.0.13/latin/700/normal.woff2
Requested by
Host: zaly.online
URL: https://zaly.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3c43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ced2d8e02e2fbf08d2edec9b5f13648ed8348588a05f7181632f3c1dd6e1f5c3

Request headers

Referer
https://zaly.online/
Origin
https://zaly.online
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 04:00:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7abRifGOYhvKqij6lVl6Hr1D4bjy1jcu%2B16glC10OD%2FR9gcOV%2BB6e6gIixTfuhpGbF%2Bnix0sjmo2KGQ5AvThXSXzwH1yuN8E%2FC5yJKDTmdeeXnzHcpTCCS5YmJIkjdPNAT14FgUeWEMYHg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
82cfb42f4d8f78d9-EWR
alt-svc
h3=":443"; ma=86400
content-length
17784
truncated
/
14 KB
14 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6

Request headers

Referer
Origin
https://zaly.online
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
normal.woff2
zaly.online/cf-fonts/s/pt-serif/5.0.16/latin/700/
29 KB
29 KB
Font
General
Full URL
https://zaly.online/cf-fonts/s/pt-serif/5.0.16/latin/700/normal.woff2
Requested by
Host: zaly.online
URL: https://zaly.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3c43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f9694a5641741d04e1c98eb1011059826aa5feb34e47d2b2f95bdb47cb0c2f5

Request headers

Referer
https://zaly.online/
Origin
https://zaly.online
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 04:00:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=67f05tsSqrfVaaLWEdouQNd8%2BNoiRCEeExuSBdNMYJZf5cJiFKIAp5DmHEeNBv1j1nPiv8ypgPPtje%2F5sfR2M4sV%2BRfvKMwBFpaV3dzVI%2FOKoM5lcO9GJVScm0RTrlnIOr2zpfb%2FmEoYrw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=31536000, immutable
cf-ray
82cfb42f4d9178d9-EWR
alt-svc
h3=":443"; ma=86400
content-length
29492
rocket-loader.min.js
zaly.online/cdn-cgi/scripts/7d0fa10a/cloudflare-static/
12 KB
4 KB
Script
General
Full URL
https://zaly.online/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: zaly.online
URL: https://zaly.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3c43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 04:00:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 16 Nov 2023 21:55:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65568fe4-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZjcxMV%2FveoCSYf9LDnNPDoIjv%2BTlyy6Mt49rIkxzcasWJhJ%2B4TedfrasrYOZ128ZJ%2Bkekx%2FJ1K1FT2v5UUMk8Wj5c3Qybdv5lqH70whvmV0rKZW5eEy3VHNQnoYhV%2Fkte7FNIi0YGWMFxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
82cfb42f9dd778d9-EWR
expires
Thu, 30 Nov 2023 04:00:25 GMT
jquery.custom.js
zaly.online/wp-content/themes/enjoymini-pro/assets/js/
856 B
878 B
Script
General
Full URL
https://zaly.online/wp-content/themes/enjoymini-pro/assets/js/jquery.custom.js?ver=20221104
Requested by
Host: zaly.online
URL: https://zaly.online/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3c43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ab604b93177ff826952980a53cf8ddcaf06aa7df8fa00e79916786a26af5f1c

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 04:00:25 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2323975
cf-polished
origSize=2291
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 24 Jul 2023 15:52:25 GMT
server
cloudflare
etag
W/"64be9e39-8f3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iCo230%2FdaUL9SJD54c%2FRyo7jEirsDnMHnvn5U94Y2PuB5UTvwuRFUP0eHPIW%2Bp7vkhkeXpy6XJUPhWq7zh8od67hwxEmAB%2BIU8%2FMGZ1iQ5sITlkSFul7v%2BMzeVsn5Ol213XXjhYwq0J9%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
82cfb4301e2f78d9-EWR
expires
Thu, 30 Nov 2023 03:10:28 GMT
index.js
zaly.online/wp-content/themes/enjoymini-pro/assets/js/
14 KB
5 KB
Script
General
Full URL
https://zaly.online/wp-content/themes/enjoymini-pro/assets/js/index.js?ver=20221104
Requested by
Host: zaly.online
URL: https://zaly.online/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3c43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
124c62cfd395550a54fc8c6a8091a4cdb544c03232556dc9c4636eafa4a4ac1a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 04:00:25 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1361245
cf-polished
origSize=30630
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 24 Jul 2023 15:52:25 GMT
server
cloudflare
etag
W/"64be9e39-77a6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SR59novI454mkNCRU0jgC4jLPqDbgXRZumZAVhJPWtZI1W5hV%2BPofWcIHnXyorKrNVq2SvHrweJJMetfnsK0w3d6of%2FlAy1JDQRq2%2B1tpBrePXFOQOFWlT8M5vaIhxq3V9oJlAcwQ4xPKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
82cfb4301e3178d9-EWR
expires
Tue, 12 Dec 2023 02:49:46 GMT
theia-sticky-sidebar.js
zaly.online/wp-content/themes/enjoymini-pro/assets/js/
7 KB
3 KB
Script
General
Full URL
https://zaly.online/wp-content/themes/enjoymini-pro/assets/js/theia-sticky-sidebar.js?ver=bb270fba1988038f5680f75b7475565e
Requested by
Host: zaly.online
URL: https://zaly.online/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3c43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c3f4135ae3d85f96b87f9ecaab5099b1e9249a778b10114f3e53307e25b7a54

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 04:00:25 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
686356
cf-polished
origSize=16324
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 24 Jul 2023 15:52:25 GMT
server
cloudflare
etag
W/"64be9e39-3fc4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eQfIPGTLeSSeXsksl4hd8GK88sPFuH%2BQa60ulD0MhrTSxI9FwRdOEguCAUTJHpJJUpea4Vd0wRGCiqyBqXrxL%2F0FqIaqwSwyzWjMWJUkypMDDlNF6VkG%2BhbpRv90m1yrlORILEOGHB8QIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
82cfb4301e3278d9-EWR
expires
Mon, 11 Dec 2023 21:03:37 GMT
html5.js
zaly.online/wp-content/themes/enjoymini-pro/assets/js/
4 KB
2 KB
Script
General
Full URL
https://zaly.online/wp-content/themes/enjoymini-pro/assets/js/html5.js?ver=bb270fba1988038f5680f75b7475565e
Requested by
Host: zaly.online
URL: https://zaly.online/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3c43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1db9c8447699b34c4433d48a6b3a1fc1df74f4258935953c377bda8267144918

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 04:00:25 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1278979
cf-polished
origSize=10330
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 24 Jul 2023 15:52:25 GMT
server
cloudflare
etag
W/"64be9e39-285a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eT86WUUjKPp%2BmiR8%2Fp40pZ%2F8Z%2By%2B1x33J%2BTCxEhFme1GKrKSVf%2FgOzMS4afuSTzZAiDMDNcXfltu3cgS1j4VgFq%2FoKWuulft37fH%2BwNND%2FdK9phOWjKYEdls94tpNKn0zssPq%2Fz8Q2P7Ug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
82cfb4301e3378d9-EWR
expires
Sat, 09 Dec 2023 03:52:48 GMT
superfish.js
zaly.online/wp-content/themes/enjoymini-pro/assets/js/
5 KB
2 KB
Script
General
Full URL
https://zaly.online/wp-content/themes/enjoymini-pro/assets/js/superfish.js?ver=bb270fba1988038f5680f75b7475565e
Requested by
Host: zaly.online
URL: https://zaly.online/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3c43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9ecc05c7a6ae6794d682b669ae960b83822e8b57e1a5e675ca8022f366ea0f0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 04:00:25 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1458888
cf-polished
origSize=7548
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 24 Jul 2023 15:52:25 GMT
server
cloudflare
etag
W/"64be9e39-1d7c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=imuCElrj2S3Bj1%2FpfxqUM0LCzuex2UjblcEiXZXsGqZwES%2FeOKETMcRMkDT6n9%2FFuoGSpgY3tMXkOQR%2BkJRPft6%2FCwU9ffsrXXTSeFBdptKkTlcTVkbDE1L8Mps8ql%2BTtJfmlQq2SsrTkg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
82cfb4301e3478d9-EWR
expires
Sat, 09 Dec 2023 03:52:47 GMT
ba298f04.js
aj1559.online/
0
0

js
www.googletagmanager.com/gtag/
186 KB
67 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-189072159-22
Requested by
Host: zaly.online
URL: https://zaly.online/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
31b3b1992c9f0e0bd97370df1a975fce340e5cc99a75db06f0fc45efda7d43b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 04:00:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68696
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 28 Nov 2023 04:00:25 GMT
script.js
plausible.io/js/
1 KB
1 KB
Script
General
Full URL
https://plausible.io/js/script.js
Requested by
Host: zaly.online
URL: https://zaly.online/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 04:00:25 GMT
content-encoding
br
x-content-type-options
nosniff
cdn-edgestorageid
885
cdn-cachedat
11/27/2023 20:56:33
cdn-pullzone
682664
cross-origin-resource-policy
cross-origin
application
10.0.0.3
alt-svc
h3=":443"; ma=2592000
server
BunnyCDN-NY1-885
cdn-proxyver
1.04
cdn-requestpullcode
200
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
153cb5b1-399a-48ef-b5bf-098c03770254
cache-control
public, must-revalidate, max-age=86400
permissions-policy
interest-cohort=()
cdn-requestid
8dbe14f2a968446aeb88658c2121a1e1
cdn-requestcountrycode
US
cdn-status
200
cdn-requestpullsuccess
True
player.js
cdn.unibotscdn.com/ubplayer/mvp/
327 KB
121 KB
Script
General
Full URL
https://cdn.unibotscdn.com/ubplayer/mvp/player.js
Requested by
Host: zaly.online
URL: https://zaly.online/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1a00::1069:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-IL1-1069 /
Resource Hash
438eac9d3f8eabcd1fc9585819263fc5b6e393e9772ca54266c435b5ed287306

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 04:00:25 GMT
content-encoding
br
cdn-edgestorageid
1029
cdn-storageserver
DE-664
cdn-cachedat
10/31/2023 18:59:00
cdn-pullzone
873945
last-modified
Wed, 18 Oct 2023 10:47:55 GMT
server
BunnyCDN-IL1-1069
cdn-fileserver
565
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"652fb7db-51d4f"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
554198bfb91390bd9970713f966e193c
cdn-requestcountrycode
US
cdn-status
200
cdn-requestpullsuccess
True
js
www.googletagmanager.com/gtag/
247 KB
85 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-PX3PZ6Q9RG
Requested by
Host: zaly.online
URL: https://zaly.online/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
562cf20209bc574fcf9d8997d26f52cfd961eb7b5edcbdabdd6fc8a19ece753e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 04:00:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
87114
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 28 Nov 2023 04:00:25 GMT
jquery.min.js
zaly.online/wp-includes/js/jquery/
86 KB
31 KB
Script
General
Full URL
https://zaly.online/wp-includes/js/jquery/jquery.min.js?ver=3.7.1
Requested by
Host: zaly.online
URL: https://zaly.online/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:3c43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 04:00:25 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 08 Nov 2023 03:52:35 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1267920
etag
W/"654b0603-15601"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dy%2FXKUpGId08IRpMFlMWRpSTE%2FCCPdJTirZ%2BjKGJSCAJY9xzHqknA%2BgH0inNCbeZM0Z7Zr%2Bx4LSX04Ay6qQ7cPESDg3XfUv000eJYlGkOP2Fveki0Lh%2FoSU05pSjRQgHuKXD7PExOAt42w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray
82cfb4301e3578d9-EWR
alt-svc
h3=":443"; ma=86400
expires
Fri, 08 Dec 2023 03:55:55 GMT
event
plausible.io/api/
2 B
500 B
XHR
General
Full URL
https://plausible.io/api/event
Requested by
Host: plausible.io
URL: https://plausible.io/js/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://zaly.online/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 28 Nov 2023 04:00:26 GMT
cdn-edgestorageid
885
cdn-cachedat
11/28/2023 04:00:26
cdn-pullzone
682664
application
10.0.1.5
alt-svc
h3=":443"; ma=2592000
content-length
2
x-request-id
F5utepT7eyWIheWPGnQC
server
BunnyCDN-NY1-885
cdn-proxyver
1.04
cdn-requestpullcode
202
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cdn-uid
153cb5b1-399a-48ef-b5bf-098c03770254
cache-control
must-revalidate, max-age=0, private
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
cdn-requestid
0eba33fac9ed677d87dc3855c462ad43
cdn-requestcountrycode
US
cdn-requestpullsuccess
True
ba298f04.js
aj1559.online/
36 KB
36 KB
Script
General
Full URL
https://aj1559.online/ba298f04.js
Requested by
Host: zaly.online
URL: https://zaly.online/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.124.124.115 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software
/
Resource Hash
4e1fa87002cee040f474ff1646ed1cd7d79f689b957f0850b877a7679685e824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 04:00:25 GMT
accept-ranges
bytes
etag
"0bb94583ac821252a92ddc8d95c26c2ec"
content-length
37156
content-type
text/javascript
js
www.googletagmanager.com/gtag/
223 KB
79 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DBFL1E2103&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-189072159-22
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
115e7ac5cc32bc21997e9159bf8758fede10efa2bc3839ca36160b8f83d65bf9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 04:00:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80971
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 28 Nov 2023 04:00:25 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-189072159-22
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:815::200e Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 28 Nov 2023 03:16:40 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
2626
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 28 Nov 2023 05:16:40 GMT
collect
analytics.google.com/g/
0
251 B
Ping
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-PX3PZ6Q9RG&gtm=45je3b81v894073191&_p=1701144025791&_gaz=1&gcd=11l1l1l1l1&dma=0&cid=1315140130.1701144026&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701144025&sct=1&seg=0&dl=https%3A%2F%2Fzaly.online%2F&dt=Zaly.Online&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1830
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PX3PZ6Q9RG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://zaly.online
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
251 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-PX3PZ6Q9RG&cid=1315140130.1701144026&gtm=45je3b81v894073191&aip=1&dma=0&gcd=11l1l1l1l1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PX3PZ6Q9RG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400c:c05::9c Charleston, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://zaly.online
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
znCxPqt8Utl6-8QLk1uye854rm7HAEWKuHRpqqNANqnWPLH3s726ybhPLtK1myH-AIHv7QPum8pYDssHZHTqZja53fn7KfVw0syyV8Ggi_CAfO4wVuhBSZDDmv8QyZwUcPX8zL-lfB6Yzl6ROsljp-N2tWOE--MHyacIK78EQZ7vFOv2OnEuf_eNnoNzrFun5Xjnh...
aj1559.online/
1 KB
2 KB
XHR
General
Full URL
https://aj1559.online/znCxPqt8Utl6-8QLk1uye854rm7HAEWKuHRpqqNANqnWPLH3s726ybhPLtK1myH-AIHv7QPum8pYDssHZHTqZja53fn7KfVw0syyV8Ggi_CAfO4wVuhBSZDDmv8QyZwUcPX8zL-lfB6Yzl6ROsljp-N2tWOE--MHyacIK78EQZ7vFOv2OnEuf_eNnoNzrFun5Xjnhu42u26bQ4z3sucYFukaHLUFPlAw6a-7OrAp-W8mSBeskoV4U6TevlVsIfL0N6tjx37RB_vrew5Tjr_CROp7CdPBu1Ct4WAZwRCdv6Oc2Ow7JTHBPyHifK-iKpbel6kBmkdU_ZZjAPW2G7Y0LmQUrt0-1YsaSMzqhQbcI3SjeYqDmdVRyGTU_FYcvUiMdG46vbM4dWI4eh_NjLuvLKFcP2N567tMLhqdux7zz2hnYEwCMF7JB6xoYIUQda6E?
Requested by
Host: aj1559.online
URL: https://aj1559.online/ba298f04.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.124.124.115 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software
/
Resource Hash
eb38f233bc7939270157bebe271e65ad164732ab9e285c4569358a48605955dc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:25 GMT
accept-ch
Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://zaly.online
content-type
application/json;charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
permissions-policy
*
content-length
1254
expires
Thu, 01 Jan 1970 00:00:00 GMT
zoJ0QOOpdCMEQ_Lzqj9Bjjj9j4sbAupddBZuBJ5840EqSXaIXMXshKl6kHG3sL_LkVrExGaisu9e32yORS3VnxBjvDiA_J_Tv2Z_ew3H462tN2h2wyUvyNsDcM8mgLc2HgE5SJHmUgpQ5sl2peUxlZt7dniYJ7R0TazsgUIIO3N7y2vcV7rADjdzc9j65TzRUCsQ-...
aj1559.online/
2 KB
2 KB
XHR
General
Full URL
https://aj1559.online/zoJ0QOOpdCMEQ_Lzqj9Bjjj9j4sbAupddBZuBJ5840EqSXaIXMXshKl6kHG3sL_LkVrExGaisu9e32yORS3VnxBjvDiA_J_Tv2Z_ew3H462tN2h2wyUvyNsDcM8mgLc2HgE5SJHmUgpQ5sl2peUxlZt7dniYJ7R0TazsgUIIO3N7y2vcV7rADjdzc9j65TzRUCsQ-2Dd_xd_y3XCyuk22uKWggSNDVV44TjuLxDE87ze1ic1ue-vGxqRa98Cy556TVH4DLvMigx2ublCToteisSKf07bF8qUNI0Gqx8GIN6HAHmnrPS0CuO2sNNZI0Wz8eJX5MIHekelokIy6_cDNGBh8QYhftsIhnpMiOiI8Er92mI8LxPUHP4YqTgkr-u1xtFgsB7cxZPCXEkNh9JFvg3-hsiw2W-rldK8HY7HE-wNn7oIuAv_kwL0VHy5GSjem?
Requested by
Host: aj1559.online
URL: https://aj1559.online/ba298f04.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.124.124.115 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software
/
Resource Hash
6afd72df7a313f4c7f2526f95b4d10012d1029d80c2f7397512e94539d1f9334

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:25 GMT
accept-ch
Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://zaly.online
content-type
application/json;charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
permissions-policy
*
content-length
1915
expires
Thu, 01 Jan 1970 00:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
154 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3130448679272231
Requested by
Host: aj1559.online
URL: https://aj1559.online/ba298f04.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c7bb9105c52eb1bb223e5b1aac3162ea5b4144d4b9475ff8d0e8bdc0ec4accf2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zaly.online/
Origin
https://zaly.online
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 04:00:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52927
x-xss-protection
0
server
cafe
etag
9015268964616542690
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 28 Nov 2023 04:00:26 GMT
collect
www.google-analytics.com/g/
0
168 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-DBFL1E2103&gtm=45je3b81v9132955952&_p=1701144025791&gcd=11l1l1l1l1&dma=0&cid=1315140130.1701144026&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1701144026&sct=1&seg=0&dl=https%3A%2F%2Fzaly.online%2F&dt=Zaly.Online&en=page_view&_fv=1&_ss=1&tfd=2110
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DBFL1E2103&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:815::200e Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://zaly.online
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
1 B
91 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1864439633&t=pageview&_s=1&dl=https%3A%2F%2Fzaly.online%2F&ul=en-us&de=UTF-8&dt=Zaly.Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=917550918&gjid=1983055198&cid=1315140130.1701144026&tid=UA-189072159-22&_gid=1991288284.1701144026&_r=1&gtm=457e3b81&gcd=11l1l1l1l1&dma=0&jsscut=1&z=507631502
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:815::200e Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://zaly.online/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://zaly.online
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/
396 KB
134 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_fy2021.js?bust=31079654
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3130448679272231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b3e101d58c2711a8fd5c6f47f40e6b2ff8e3ec41c8f0495b0f0b56b2ea44e760
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 04:00:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137152
x-xss-protection
0
server
cafe
etag
15046603757517125610
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Nov 2023 04:00:26 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame E30A
9 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3130448679272231
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zaly.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
5785
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4118
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 02:24:01 GMT
etag
16674218716276178799
expires
Tue, 12 Dec 2023 02:24:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ba298f04.js
aj1559.online/
36 KB
36 KB
Script
General
Full URL
https://aj1559.online/ba298f04.js
Requested by
Host: aj1559.online
URL: https://aj1559.online/ba298f04.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.124.124.115 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software
/
Resource Hash
4e1fa87002cee040f474ff1646ed1cd7d79f689b957f0850b877a7679685e824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 04:00:26 GMT
accept-ranges
bytes
etag
"0bb94583ac821252a92ddc8d95c26c2ec"
content-length
37156
content-type
text/javascript
z9e8uuKix2Y40bGSySO_0LqOtWyJqSRPwa3PntEZ7vWjieWbk8XdV0NrlG8f0Zf12Wgj2LeL-lOY5Nl_CP6saKmi3tzEmYFPWFPGKA04hrl4pmiZ2pqk0G_LgdqdgwlD3cXtkkt0XE6OdBIy7hgS8bx3c7T6EtVeG6PMZ-bfWLcLBoTeFnG8YwB6nLAJxdT_nV05N...
aj1559.online/
2 KB
2 KB
XHR
General
Full URL
https://aj1559.online/z9e8uuKix2Y40bGSySO_0LqOtWyJqSRPwa3PntEZ7vWjieWbk8XdV0NrlG8f0Zf12Wgj2LeL-lOY5Nl_CP6saKmi3tzEmYFPWFPGKA04hrl4pmiZ2pqk0G_LgdqdgwlD3cXtkkt0XE6OdBIy7hgS8bx3c7T6EtVeG6PMZ-bfWLcLBoTeFnG8YwB6nLAJxdT_nV05N2LID1j-QAadMOPpkOB7ydIFTvc5ESiAS7gq2gksjKeILQW6eAOi1L_Ov6jO1WpXyUMu8wKfVbA_-54QFaaEHT9yb0bw3FiCKg4FoOe-D_VDUM4QkL8sfsjzhr7HotuUfHDBkqBbLMPwiZx2aQCpYaeA6x0_E_VMOcqeNxm2yV_Nh8CIYjP5uGbsiocXfPI6WHvvojwKRwpQa6wDbFJZlN3sv_4K2Eq7Tkbb7qqHVWr6Q3tRjMutOSHNEGTah?
Requested by
Host: aj1559.online
URL: https://aj1559.online/ba298f04.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.124.124.115 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software
/
Resource Hash
8b61c2b918d0adfa52912529724558567924bbb3e960ff21181ffaccae99aa87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:26 GMT
accept-ch
Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
p3p
CP="CAO PSA OUR"
access-control-allow-origin
https://zaly.online
content-type
application/json;charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
permissions-policy
*
content-length
1931
expires
Thu, 01 Jan 1970 00:00:00 GMT
balloon-pc.min.js
server.zmedia.vn/static/template/passback/
12 KB
4 KB
Script
General
Full URL
https://server.zmedia.vn/static/template/passback/balloon-pc.min.js
Requested by
Host: aj1559.online
URL: https://aj1559.online/ba298f04.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
171.244.164.171 Hanoi, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
dynamic-ip-adsl.viettel.vn
Software
Byte-nginx /
Resource Hash
9f3a91ccfb5f72ee6d100fb62b9cbf5b2541dcc60db55bf05ebf80ffb1e6e1d3

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

expires
Tue, 28 Nov 2023 04:15:29 GMT
date
Tue, 28 Nov 2023 04:00:29 GMT
content-encoding
gzip
last-modified
Mon, 14 Aug 2023 08:01:53 GMT
server
Byte-nginx
ef-country-code
US
etag
W/"64d9df71-2fd6"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900
ef-cache-status
HIT
zbW67D8YTjrRxJrRdy2xjcdt3DdqM8e-aOKXXpAmpNziJFSDDZ25U_hkLmXhAs7Up1BJYE9KXK4bjKQmcU-aR-fX4ekgho1p4ZPda3u_jSOE9mL7BKUj6o58WJ8QiwmjIgTwP7YUT_OG-xUfenYMwcFie9_sFhKdWXwvBUlbXdRQj0_TLfFKGtHxTvLZySIGlwh0j...
aj1559.online/
49 B
512 B
Image
General
Full URL
https://aj1559.online/zbW67D8YTjrRxJrRdy2xjcdt3DdqM8e-aOKXXpAmpNziJFSDDZ25U_hkLmXhAs7Up1BJYE9KXK4bjKQmcU-aR-fX4ekgho1p4ZPda3u_jSOE9mL7BKUj6o58WJ8QiwmjIgTwP7YUT_OG-xUfenYMwcFie9_sFhKdWXwvBUlbXdRQj0_TLfFKGtHxTvLZySIGlwh0j7MR28rIRZiefKyvInKq7luEtn1TO2reoAR2IKuMHb5PLnn6qV7qEhpn_T5O-Xfizz8hVsPXSv6yOm4-hjuJV5hr2G5fKPVGcGsgyNunMolIRc-8wG0-ejcQ3ebyNqMgg0_9XZNIs1eK13IRYUp9TGWxKU-YhJ_IB-KXcYpt4fufH9jXAxEtRayveqPdx63aA46X1hMiTdY_7e5c?DC=DO
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.124.124.115 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:26 GMT
last-modified
Mon, 06 Nov 2023 14:46:40 GMT
accept-ch
Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
etag
W/"49-1699282000000"
p3p
CP="CAO PSA OUR"
access-control-allow-origin
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
permissions-policy
*
accept-ranges
bytes
content-length
49
expires
Thu, 01 Jan 1970 00:00:00 GMT
select%20site-passback-ptopc.min.js
server.zmedia.vn/static/template-v2/passback_ptopc/
0
0
Script
General
Full URL
https://server.zmedia.vn/static/template-v2/passback_ptopc/select%20site-passback-ptopc.min.js
Requested by
Host: aj1559.online
URL: https://aj1559.online/ba298f04.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
171.244.164.171 Hanoi, Viet Nam, ASN7552 (VIETEL-AS-AP Viettel Group, VN),
Reverse DNS
dynamic-ip-adsl.viettel.vn
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

zqqjGN_Y3Jq3asQ55xyu0wMg7FS44Mmk8wCVsHTvS5HYm7bvrvmuOd0HRTKsrQ7aN7XHNXpx7LH0oWYi1xCWQafyCm6Wd-Pvx8Ajp3cV4mSU91_3UqpFzMJgRiFlbrCtYcx50s5tklED_wkoUXA2Y4OK8-V2VYBybvC1LoIYJJ38wvPw6yhV4MPx_ddebvZ7dz4-2...
aj1559.online/
43 B
641 B
Image
General
Full URL
https://aj1559.online/zqqjGN_Y3Jq3asQ55xyu0wMg7FS44Mmk8wCVsHTvS5HYm7bvrvmuOd0HRTKsrQ7aN7XHNXpx7LH0oWYi1xCWQafyCm6Wd-Pvx8Ajp3cV4mSU91_3UqpFzMJgRiFlbrCtYcx50s5tklED_wkoUXA2Y4OK8-V2VYBybvC1LoIYJJ38wvPw6yhV4MPx_ddebvZ7dz4-2K_syuTTeHaLLmw7Dvo1rU1hYP18PK-pWrmxvL2tKUNWWN-JX3DGaice5p5uIixkL9M8ExbfoUBglGW0GNSrPTR_zP1uxxxyQJUY5s4fJZJYgXi69vL_Dlho0jznM_6W-BL708jj2mONZXoaD8fyPP5sywiDrwGsgOWW4sKkjbqZXFPkUnxNtQLhO6lX7hzErjNH5TAsZqD9rbbmB_r0ZE4vf0fHqvqCFoD2PMA?DC=DO
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.124.124.115 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:26 GMT
last-modified
Mon, 06 Nov 2023 14:46:26 GMT
accept-ch
Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
etag
W/"43-1699281986000"
p3p
CP="CAO PSA OUR"
access-control-allow-origin
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
permissions-policy
*
accept-ranges
bytes
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 8196
512 KB
129 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3130448679272231&output=html&adk=1812271804&adf=3025194257&lmt=1701143153&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x1080_r&format=0x0&url=https%3A%2F%2Fzaly.online%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~5&ascmds=1&aslcwct=300&asacwct=50&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701144026530&bpp=5&bdt=1150&idt=333&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5891447285237&frm=20&pv=2&ga_vid=1315140130.1701144026&ga_sid=1701144027&ga_hid=1864439633&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079654%2C44807405%2C44807763%2C44808149%2C44808285%2C44809054&oid=2&pvsid=3510725109261731&tmod=1102444141&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=358
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_fy2021.js?bust=31079654
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cf9705cee9e8605ddf1754df3f792a5de8f5da41f7d704a0e29d013e5f3302e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zaly.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
131495
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 04:00:28 GMT
expires
Tue, 28 Nov 2023 04:00:28 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&ign=false&pw=1600&ph=1200&x=0&y=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_fy2021.js?bust=31079654
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a70e6e451f64209e84626740cf9374e76dd5963e1130c454e9e3356954853bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 04:00:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12366
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6D50
102 KB
38 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3130448679272231&output=html&h=280&slotname=2381384350&adk=3213702284&adf=2759072096&pi=t.ma~as.2381384350&w=620&fwrn=4&fwrnh=100&lmt=1701143153&rafmt=1&format=620x280&url=https%3A%2F%2Fzaly.online%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701144026556&bpp=3&bdt=1176&idt=342&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5891447285237&frm=20&pv=1&ga_vid=1315140130.1701144026&ga_sid=1701144027&ga_hid=1864439633&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=184&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079654%2C44807405%2C44807763%2C44808149%2C44808285%2C44809054&oid=2&pvsid=3510725109261731&tmod=1102444141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=349
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_fy2021.js?bust=31079654
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a52e42906b88f45aa3d22f22cc7a0072454af23e67af7580c8dbca7838f32b9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zaly.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
38696
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 04:00:28 GMT
expires
Tue, 28 Nov 2023 04:00:28 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_fy2021.js?bust=31079654
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 04:00:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 28 Nov 2023 04:00:27 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A806
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zaly.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
597427
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 21 Nov 2023 06:03:20 GMT
expires
Wed, 20 Nov 2024 06:03:20 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4CDA
829 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:805::2004 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5aa849bc469c6d7b20bddd54a6ab9c01686f0916ce64d8074e646adbdd19e737
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-pntDDUa0-RWSNedg0wobBw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://zaly.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-pntDDUa0-RWSNedg0wobBw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 04:00:27 GMT
expires
Tue, 28 Nov 2023 04:00:27 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame A806
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 21:52:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
22076
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 26 Nov 2024 21:52:31 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4CDA
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=3510725109261731&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame A806
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?9iKLDg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 04:00:27 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=3510725109261731&bg=!l5SllNvNAAZxrfrxUa07ADQBe5WfOLtu1K5_5gQvlKFAPBbPTnKOwXmnaocBNuFNJMHIu_rk4Tn9DHBxjE3nkw3zBbzDAgAAALNSAAAAA2gBBwoAHyctP_CZ5S5OkKr5ojpH4w6Ir8ob-6x6SDZ7iJYISYaZArP9CHYUX2XLUMMTG1oTRCHr2iC9odldewVqeSSNWhL9OUiDG_qVVnh3gq-qYECTvFRBAI7sUOZFwXvIKxqc_KmAMw8uchjXFT34wLcixwxqbkMzH7BAzQcbEAOG4pG4BK-Nb95ZLnhVcGnInvlQpKK7XWTdKuNFigUnEwCwOUrkCnt8Y5v9q5D9uFh6ekfgQKQSGgxXCJriQiejZ7ixRw25g0iMti8jRRgJwzfOSz33V2cL_RB5VN0YjKXl_h2I6kHqquKC_U9BK2ojpyA91uk8xeVn8LX7n5_OVk7nl3G3EFkOPwN7YNN8jc1i9ZMWDcaCdZiRaD-ifx4G862uUy0gV9Mfr9UMOh95anqQf7z9MyfSMlFKc1p23a7QkaT9WgyhqZYQjUYPe1NU5KdkNrWpqe-v2IqqXPvlvDQD4w7W16cjya3-AjGfT2Tew09BVF4Yfo2yfQkmc1wCAODSZAyRv5KeoOeF_vLvtFH8hexfq2mIo9pdb1-Il1IhaQ5uRzBVPrBU7R11wkc0qKqCrODwizgo_Wmgy33kkHE9YCFhHMIOdTgPTZb5Yya8Quv3IfbrMCwS40CFAHdKBa3afeFK0iU1Rm3hn6x5PlPk4RXwfFuwnSH2q_o_c6GiGoowD5-i5ez1s7Ggi0uMR1zG1SpxaMbGiX6q4_ECNXiQQt2zSoJ5tEobanJEfsWHxFIMX0BiZNiqp4Q_8PCJl7CgftNXqZ631po1YdYPpGx-u14eclr_p4FD5mcICzqEsnn-EfHHR3wAo-uU0WIc5aHnTjAGu2fmYDPMsDVKGBhKSkg3z90p8RyVhp4frmpREWH_HQ67Lgpoo5IDZvB2cdOaKkikNtYXR0hIPOCajiHGW0ZarzxwC0S2hHd_BUKkbgzW5zyv2UttNFzD75Ckf9rFtvhpAsRs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

9226134756512160806
tpc.googlesyndication.com/simgad/ Frame 6D50
38 KB
38 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/9226134756512160806?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkIAMjGcxbVOqqf9rciHBFFP37Zag
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3130448679272231&output=html&h=280&slotname=2381384350&adk=3213702284&adf=2759072096&pi=t.ma~as.2381384350&w=620&fwrn=4&fwrnh=100&lmt=1701143153&rafmt=1&format=620x280&url=https%3A%2F%2Fzaly.online%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701144026556&bpp=3&bdt=1176&idt=342&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5891447285237&frm=20&pv=1&ga_vid=1315140130.1701144026&ga_sid=1701144027&ga_hid=1864439633&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=184&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079654%2C44807405%2C44807763%2C44808149%2C44808285%2C44809054&oid=2&pvsid=3510725109261731&tmod=1102444141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=349
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bea053080bba70f6033acc67da70d1caf12a87f99750a472b00b2d53138cf2c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 21:47:27 GMT
x-content-type-options
nosniff
age
22381
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39111
x-xss-protection
0
last-modified
Mon, 20 Nov 2023 21:46:07 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 26 Nov 2024 21:47:27 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 6D50
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3130448679272231&output=html&h=280&slotname=2381384350&adk=3213702284&adf=2759072096&pi=t.ma~as.2381384350&w=620&fwrn=4&fwrnh=100&lmt=1701143153&rafmt=1&format=620x280&url=https%3A%2F%2Fzaly.online%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701144026556&bpp=3&bdt=1176&idt=342&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5891447285237&frm=20&pv=1&ga_vid=1315140130.1701144026&ga_sid=1701144027&ga_hid=1864439633&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=184&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079654%2C44807405%2C44807763%2C44808149%2C44808285%2C44809054&oid=2&pvsid=3510725109261731&tmod=1102444141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=349
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 02:24:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
5748
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9282
x-xss-protection
0
server
cafe
etag
14645652906762492339
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 02:24:40 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 547A
143 B
166 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3130448679272231&output=html&h=280&slotname=2381384350&adk=3213702284&adf=2759072096&pi=t.ma~as.2381384350&w=620&fwrn=4&fwrnh=100&lmt=1701143153&rafmt=1&format=620x280&url=https%3A%2F%2Fzaly.online%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701144026556&bpp=3&bdt=1176&idt=342&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5891447285237&frm=20&pv=1&ga_vid=1315140130.1701144026&ga_sid=1701144027&ga_hid=1864439633&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=184&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079654%2C44807405%2C44807763%2C44808149%2C44808285%2C44809054&oid=2&pvsid=3510725109261731&tmod=1102444141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=349
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3130448679272231&output=html&h=280&slotname=2381384350&adk=3213702284&adf=2759072096&pi=t.ma~as.2381384350&w=620&fwrn=4&fwrnh=100&lmt=1701143153&rafmt=1&format=620x280&url=https%3A%2F%2Fzaly.online%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701144026556&bpp=3&bdt=1176&idt=342&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5891447285237&frm=20&pv=1&ga_vid=1315140130.1701144026&ga_sid=1701144027&ga_hid=1864439633&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=184&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079654%2C44807405%2C44807763%2C44808149%2C44808285%2C44809054&oid=2&pvsid=3510725109261731&tmod=1102444141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=349
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
1614
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 03:33:34 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 6D50
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3130448679272231&output=html&h=280&slotname=2381384350&adk=3213702284&adf=2759072096&pi=t.ma~as.2381384350&w=620&fwrn=4&fwrnh=100&lmt=1701143153&rafmt=1&format=620x280&url=https%3A%2F%2Fzaly.online%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701144026556&bpp=3&bdt=1176&idt=342&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5891447285237&frm=20&pv=1&ga_vid=1315140130.1701144026&ga_sid=1701144027&ga_hid=1864439633&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=184&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079654%2C44807405%2C44807763%2C44808149%2C44808285%2C44809054&oid=2&pvsid=3510725109261731&tmod=1102444141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=349
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 04:22:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
85056
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Dec 2023 04:22:52 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 6D50
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3130448679272231&output=html&h=280&slotname=2381384350&adk=3213702284&adf=2759072096&pi=t.ma~as.2381384350&w=620&fwrn=4&fwrnh=100&lmt=1701143153&rafmt=1&format=620x280&url=https%3A%2F%2Fzaly.online%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701144026556&bpp=3&bdt=1176&idt=342&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5891447285237&frm=20&pv=1&ga_vid=1315140130.1701144026&ga_sid=1701144027&ga_hid=1864439633&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=184&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079654%2C44807405%2C44807763%2C44808149%2C44808285%2C44809054&oid=2&pvsid=3510725109261731&tmod=1102444141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=349
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 02:21:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
5953
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 02:21:15 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 6D50
202 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3130448679272231&output=html&h=280&slotname=2381384350&adk=3213702284&adf=2759072096&pi=t.ma~as.2381384350&w=620&fwrn=4&fwrnh=100&lmt=1701143153&rafmt=1&format=620x280&url=https%3A%2F%2Fzaly.online%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701144026556&bpp=3&bdt=1176&idt=342&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5891447285237&frm=20&pv=1&ga_vid=1315140130.1701144026&ga_sid=1701144027&ga_hid=1864439633&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=184&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079654%2C44807405%2C44807763%2C44808149%2C44808285%2C44809054&oid=2&pvsid=3510725109261731&tmod=1102444141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=349
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:806::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 04:00:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Nov 2023 04:00:28 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 6D50
36 KB
14 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3130448679272231&output=html&h=280&slotname=2381384350&adk=3213702284&adf=2759072096&pi=t.ma~as.2381384350&w=620&fwrn=4&fwrnh=100&lmt=1701143153&rafmt=1&format=620x280&url=https%3A%2F%2Fzaly.online%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701144026556&bpp=3&bdt=1176&idt=342&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5891447285237&frm=20&pv=1&ga_vid=1315140130.1701144026&ga_sid=1701144027&ga_hid=1864439633&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=184&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079654%2C44807405%2C44807763%2C44808149%2C44808285%2C44809054&oid=2&pvsid=3510725109261731&tmod=1102444141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=349
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a3e5c486ca9cab98b690f2f3fcc83c73141a667293c8a8236bb1e376313f0e36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 21:47:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
22407
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14803
x-xss-protection
0
server
cafe
etag
12205605038930952422
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Dec 2023 21:47:01 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 547A
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3130448679272231&output=html&h=280&slotname=2381384350&adk=3213702284&adf=2759072096&pi=t.ma~as.2381384350&w=620&fwrn=4&fwrnh=100&lmt=1701143153&rafmt=1&format=620x280&url=https%3A%2F%2Fzaly.online%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701144026556&bpp=3&bdt=1176&idt=342&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5891447285237&frm=20&pv=1&ga_vid=1315140130.1701144026&ga_sid=1701144027&ga_hid=1864439633&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=184&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079654%2C44807405%2C44807763%2C44808149%2C44808285%2C44809054&oid=2&pvsid=3510725109261731&tmod=1102444141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=349
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 04:00:28 GMT
expires
Tue, 28 Nov 2023 04:00:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 04:00:28 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 6D50
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8e6754a3cc44196dd0d960f5499ab1b02ddd0143dbedd9d7823defe3fdab7aea

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/
160 KB
55 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/reactive_library_fy2021.js?bust=31079654
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_fy2021.js?bust=31079654
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0f3df960ae417c51a3ae981e07fe06448835f98f7a58f53209f0d39042d3b2da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 04:00:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55783
x-xss-protection
0
server
cafe
etag
4078516496459740267
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Nov 2023 04:00:28 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 9B4B
122 KB
41 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3130448679272231&output=html&h=280&adk=1980682340&adf=3750240013&pi=t.aa~a.1383163065~rp.4&w=940&fwrn=4&fwrnh=100&lmt=1701143153&rafmt=1&to=qs&pwprc=4365785914&format=940x280&url=https%3A%2F%2Fzaly.online%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701144028574&bpp=1&bdt=3194&idt=1&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51474cc3657465e7%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MbhfGLvMgVxjGDwVhkCy0kJo_etKg&gpic=UID%3D00000da452bb580f%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MaW2imH7PGd5p1aCMH2z2qBmuttGQ&prev_fmts=0x0%2C620x280&nras=2&correlator=5891447285237&frm=20&pv=1&ga_vid=1315140130.1701144026&ga_sid=1701144027&ga_hid=1864439633&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=2649&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079654%2C44807405%2C44807763%2C44808149%2C44808285%2C44809054&oid=2&psts=AOrYGskhb-bZ7MQrozXSy7Ek8nsl5PD-gOgYuW20QgE0XHCEki0MqEZEipt_O9oJN6aeg0_Mbeca7wjj2xirwRKtspJJkg&pvsid=3510725109261731&tmod=1102444141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_fy2021.js?bust=31079654
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da9ab666e107cd56f25b3c8a97e089ef49cc8d7436ef18889751e9b856601a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zaly.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
42067
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 04:00:29 GMT
expires
Tue, 28 Nov 2023 04:00:29 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame 836F
9 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_fy2021.js?bust=31079654
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zaly.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
57436
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4118
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 27 Nov 2023 12:03:12 GMT
etag
16674218716276178799
expires
Mon, 11 Dec 2023 12:03:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame 201E
9 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_fy2021.js?bust=31079654
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zaly.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
57436
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4118
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 27 Nov 2023 12:03:12 GMT
etag
16674218716276178799
expires
Mon, 11 Dec 2023 12:03:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame FE2A
9 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_fy2021.js?bust=31079654
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zaly.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
57436
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4118
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 27 Nov 2023 12:03:12 GMT
etag
16674218716276178799
expires
Mon, 11 Dec 2023 12:03:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame 0CAB
9 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_fy2021.js?bust=31079654
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zaly.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
57436
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4118
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 27 Nov 2023 12:03:12 GMT
etag
16674218716276178799
expires
Mon, 11 Dec 2023 12:03:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame 836F
4 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:809::200a Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 28 Nov 2023 04:00:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 02:12:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 28 Nov 2023 04:00:28 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 836F
205 B
294 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:815::2003 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 02:10:15 GMT
x-content-type-options
nosniff
age
6613
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 27 Nov 2024 02:10:15 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 836F
604 B
1 KB
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:815::2003 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 21:31:33 GMT
x-content-type-options
nosniff
age
455335
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 21 Nov 2024 21:31:33 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 836F
15 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2881d8eadc298102d2462e8d32e40792adce37b6cd89d99045f574eb3ecbb748
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 03:30:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
1826
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6702
x-xss-protection
0
server
cafe
etag
11213825687312121238
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 03:30:02 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 836F
21 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 21:29:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
23438
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8781
x-xss-protection
0
server
cafe
etag
9666818975682992898
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Dec 2023 21:29:50 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 4ACC
624 B
246 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CIKFJhD-xHYYmOqa3AEwAQ&v=APEucNUguMZZcsMyOq4qx4bBgoKS82I3IAP4rTSZqwvc7gq2iu5yB9eKwWadtNdlZXwkLL4r_VKARgtJJCL_99AUphCDP5F6iw
Requested by
Host: zaly.online
URL: https://zaly.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 04:00:28 GMT
expires
Tue, 28 Nov 2023 04:00:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 2CE8
89 KB
31 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: zaly.online
URL: https://zaly.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 04:00:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 28 Nov 2023 04:00:28 GMT
dcmads.js
www.googletagservices.com/dcm/ Frame 2CE8
18 KB
8 KB
Script
General
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: zaly.online
URL: https://zaly.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:806::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 03:46:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
846
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7823
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 23:04:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 28 Nov 2023 04:46:22 GMT
skeleton.js
pixel.adsafeprotected.com/rjss/st/1841082/76634004/ Frame 2CE8
46 KB
12 KB
Script
General
Full URL
https://pixel.adsafeprotected.com/rjss/st/1841082/76634004/skeleton.js?bundleId=&ias_dspID=3&ias_campId=27647240&ias_pubId=pub-3130448679272231&ias_chanId=1&ias_placementId=19311913561&bidurl=https://zaly.online/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0j219qjRqnpuv44KFe8zdGL
Requested by
Host: zaly.online
URL: https://zaly.online/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.237.166.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-166-117.compute-1.amazonaws.com
Software
/
Resource Hash
53e453cfe0cf6561aa801cea98523338152bc6fa64ac53a695a4548016a1f824

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:28 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 2CE8
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: zaly.online
URL: https://zaly.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 04:22:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
85056
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Dec 2023 04:22:52 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 2CE8
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: zaly.online
URL: https://zaly.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 02:21:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
5953
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 02:21:15 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 2CE8
202 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: zaly.online
URL: https://zaly.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:806::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 04:00:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Nov 2023 04:00:28 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2CE8
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BG8_E9SvEgYgnpFpr0mQcy5PuZ0i4keC7TIGElZ0AHfAHmDyfUrwJsyJNLlL8DZb9zF72590qYnhq6R_NUmqWEBqV7hoOt5drsTT8cKJxou4tIUQc
Requested by
Host: zaly.online
URL: https://zaly.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2CE8
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=1087672831500911996&x=1&ct=77
Requested by
Host: zaly.online
URL: https://zaly.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 3BDC
624 B
246 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNWYlwEQ__S4ARjmp-z9ATAB&v=APEucNVZHRaUD1Vp4vrgyynxoOPa_uPuhEs11Xq2IXUGy17980piMRl5bBeEEoEPYPTjzDNDe6F059b4Jya-qZ_BDufDKXCixA
Requested by
Host: zaly.online
URL: https://zaly.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 04:00:28 GMT
expires
Tue, 28 Nov 2023 04:00:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 5841
23 KB
9 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js
Requested by
Host: zaly.online
URL: https://zaly.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 03:22:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
2267
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9282
x-xss-protection
0
server
cafe
etag
14645652906762492339
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 03:22:41 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 5841
7 KB
3 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: zaly.online
URL: https://zaly.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 21:31:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
23348
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3071
x-xss-protection
0
server
cafe
etag
10674441169935035545
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Dec 2023 21:31:20 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 5841
41 KB
14 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: zaly.online
URL: https://zaly.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 05:43:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
598630
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Nov 2024 05:43:18 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 5841
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: zaly.online
URL: https://zaly.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 04:22:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
85056
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Dec 2023 04:22:52 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 5841
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: zaly.online
URL: https://zaly.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 02:21:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
5953
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 02:21:15 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 5841
202 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: zaly.online
URL: https://zaly.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:806::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 04:00:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Nov 2023 04:00:28 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5841
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CsUmQlMaZeKnzHbL0HIqJftmsiAKY-3T0uS_hqNBmmXy4mfGKVM4OhwYnn0h7wFQP4pFipkT8ZCaf3lzUSetSLcUiIbcMYS7RVcKcsbHbH9H7_q5s
Requested by
Host: zaly.online
URL: https://zaly.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1959733243977868808
s0.2mdn.net/simgad/ Frame 5841
82 KB
82 KB
Image
General
Full URL
https://s0.2mdn.net/simgad/1959733243977868808
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:801::2006 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7fbee0019a70035aab059c0f41765ddadacd3b39cd66de6d3c5e86ac45783e2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 04:57:46 GMT
x-content-type-options
nosniff
age
342163
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
83937
x-xss-protection
0
last-modified
Fri, 10 Nov 2023 14:32:37 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 23 Nov 2024 04:57:46 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 0CAB
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 02:24:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
5748
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9282
x-xss-protection
0
server
cafe
etag
14645652906762492339
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 02:24:40 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 5C13
143 B
166 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
1614
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 03:33:34 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 0CAB
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 04:22:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
85056
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Dec 2023 04:22:52 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 0CAB
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 02:21:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
5953
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 02:21:15 GMT
10865577078111609898
tpc.googlesyndication.com/simgad/ Frame 0CAB
28 KB
28 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/10865577078111609898?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnK_BFO59tvAAiSEGofeNErY-AiAA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef166db27f017c2cd97526363d1fba36f9cc2f649760a5bab0d88a9ccbcc4606
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 00:12:31 GMT
x-content-type-options
nosniff
age
13677
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28917
x-xss-protection
0
last-modified
Mon, 20 Nov 2023 21:46:07 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 27 Nov 2024 00:12:31 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 0CAB
202 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:806::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 04:00:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Nov 2023 04:00:28 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 0CAB
36 KB
14 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a3e5c486ca9cab98b690f2f3fcc83c73141a667293c8a8236bb1e376313f0e36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 21:47:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
22407
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14803
x-xss-protection
0
server
cafe
etag
12205605038930952422
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Dec 2023 21:47:01 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 6D50
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CrxWD2mVlZenGOazlvPIPgaaNyA3JluyWdI2HrZv_EbCQHxABIKmJ7IoBYMnujovApIwQoAGn7qDSA8gBAqgDAcgDyQSqBLwBT9AJv7-Cywpj5y50COteHvDDbUK6NEHh9MaWXY-eHvePg4l...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x226d16466797ae030000000000000000%22,%222%22:%220xee2ea3547fed90660000000000000000%22,%223%22:%220xb108c9...
0
0
Fetch
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x226d16466797ae030000000000000000%22,%222%22:%220xee2ea3547fed90660000000000000000%22,%223%22:%220xb108c9535706f17e0000000000000000%22,%224%22:%220xb502f3ecfed60ef0000000000000000%22,%225%22:%220x49aa1e69dc9a8ae10000000000000000%22},%22debug_key%22:%2213463495911180650171%22,%22debug_reporting%22:true,%22destination%22:%22https://villa.edu%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22977811239%22],%224%22:[%2211-28%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2244452866232556289%22}&andc=true
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 04:00:29 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x226d16466797ae030000000000000000","2":"0xee2ea3547fed90660000000000000000","3":"0xb108c9535706f17e0000000000000000","4":"0xb502f3ecfed60ef0000000000000000","5":"0x49aa1e69dc9a8ae10000000000000000"},"debug_key":"13463495911180650171","debug_reporting":true,"destination":"https://villa.edu","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["977811239"],"4":["11-28"],"6":["true"]},"priority":"500","source_event_id":"44452866232556289"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 28 Nov 2023 04:00:29 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 28 Nov 2023 04:00:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x226d16466797ae030000000000000000","2":"0xee2ea3547fed90660000000000000000","3":"0xb108c9535706f17e0000000000000000","4":"0xb502f3ecfed60ef0000000000000000","5":"0x49aa1e69dc9a8ae10000000000000000"},"debug_key":"13463495911180650171","debug_reporting":true,"destination":"https://villa.edu","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["977811239"],"4":["11-28"],"6":["true"]},"priority":"500","source_event_id":"44452866232556289"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
rum
dsum-sec.casalemedia.com/ Frame 4ACC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKn4e-PP9VF6OPE75AsLVv8&google_cver=1
43 B
743 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKn4e-PP9VF6OPE75AsLVv8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIKFJhD-xHYYmOqa3AEwAQ&v=APEucNUguMZZcsMyOq4qx4bBgoKS82I3IAP4rTSZqwvc7gq2iu5yB9eKwWadtNdlZXwkLL4r_VKARgtJJCL_99AUphCDP5F6iw
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KRmVZxEawVj6K8ixlZhrqvs6W6dXi2%2BTilp9GU5WENTqBwPv9BgvdH1AlU%2BpwVGHtClWJnVC%2BCZQM%2FNgPcEXcMEmZNLjkAhXyvBDuD6FA3SGdYvzxIUWZOvZl%2FF7IMt9zZHmVk%2FnIJ%2FC%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82cfb4463e703a05-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKn4e-PP9VF6OPE75AsLVv8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 4ACC
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWVl3RPlwzLHUoESsLJE9QAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKn4e-PP9VF6OPE75AsLVv8&google_cver=1
43 B
738 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKn4e-PP9VF6OPE75AsLVv8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIKFJhD-xHYYmOqa3AEwAQ&v=APEucNUguMZZcsMyOq4qx4bBgoKS82I3IAP4rTSZqwvc7gq2iu5yB9eKwWadtNdlZXwkLL4r_VKARgtJJCL_99AUphCDP5F6iw
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ItCS8P6Ypeoocs%2BX6NtGJgwxo0o5Z6zOC1x%2FOhXN3ThKXGjnbB%2FZqGakRdP7JT2aHlkGWBW4uw%2FS2vGbaGyaP2p%2FA%2FC2ZFO0V9vQhBobgIGEVKDHp2y%2B3hV9qnXwcAgQuTJaQXVO6OzmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82cfb446af1b3a05-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKn4e-PP9VF6OPE75AsLVv8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 4ACC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDh60NXdTIJAVvOiO1oUAkU&google_cver=1
43 B
842 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEDh60NXdTIJAVvOiO1oUAkU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIKFJhD-xHYYmOqa3AEwAQ&v=APEucNUguMZZcsMyOq4qx4bBgoKS82I3IAP4rTSZqwvc7gq2iu5yB9eKwWadtNdlZXwkLL4r_VKARgtJJCL_99AUphCDP5F6iw
Protocol
H2
Server
68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:29 GMT
an-x-request-uuid
e5d5f10c-58d7-4a5e-a7a5-4c9904256249
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.37; 96.9.249.37; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEDh60NXdTIJAVvOiO1oUAkU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4ACC
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTgxNzk3MTUwODgxOTkyMjcxNw%3D%3D
170 B
243 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTgxNzk3MTUwODgxOTkyMjcxNw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIKFJhD-xHYYmOqa3AEwAQ&v=APEucNUguMZZcsMyOq4qx4bBgoKS82I3IAP4rTSZqwvc7gq2iu5yB9eKwWadtNdlZXwkLL4r_VKARgtJJCL_99AUphCDP5F6iw
Protocol
H2
Server
142.250.217.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mia07s62-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:29 GMT
an-x-request-uuid
ab99c5c5-bbcd-4c99-887d-641cb8940c50
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTgxNzk3MTUwODgxOTkyMjcxNw%3D%3D
x-proxy-origin
96.9.249.37; 96.9.249.37; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js
pagead2.googlesyndication.com/bg/ Frame 380C
38 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3130448679272231&output=html&h=280&slotname=2381384350&adk=3213702284&adf=2759072096&pi=t.ma~as.2381384350&w=620&fwrn=4&fwrnh=100&lmt=1701143153&rafmt=1&format=620x280&url=https%3A%2F%2Fzaly.online%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701144026556&bpp=3&bdt=1176&idt=342&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5891447285237&frm=20&pv=1&ga_vid=1315140130.1701144026&ga_sid=1701144027&ga_hid=1864439633&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=184&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079654%2C44807405%2C44807763%2C44808149%2C44808285%2C44809054&oid=2&pvsid=3510725109261731&tmod=1102444141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=349
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf3ae3cb276e14b8260f0a5581a6da12c86d3963549a2747e0099a0d85361412
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 06:56:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
248662
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14894
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 24 Nov 2024 06:56:06 GMT
rum
dsum-sec.casalemedia.com/ Frame 3BDC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKn4e-PP9VF6OPE75AsLVv8&google_cver=1
43 B
765 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKn4e-PP9VF6OPE75AsLVv8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNWYlwEQ__S4ARjmp-z9ATAB&v=APEucNVZHRaUD1Vp4vrgyynxoOPa_uPuhEs11Xq2IXUGy17980piMRl5bBeEEoEPYPTjzDNDe6F059b4Jya-qZ_BDufDKXCixA
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SbbQFkUr9ea9caBi15601YVcv4rRlDIlhoQutLo8hASqPtfK0K%2FH4fFOC1k44fgPKfqLRROVkz5pgI5AbTe2VJtvbbcUN3YxQv2Y8Yw7wGDoqHT5fj1QSxWdNpJobHn%2BD2nB1vWqD4Cw4A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82cfb4463e733a05-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKn4e-PP9VF6OPE75AsLVv8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 3BDC
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZWVl3RPlwzLHUoESsLJE9QAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKn4e-PP9VF6OPE75AsLVv8&google_cver=1
43 B
741 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKn4e-PP9VF6OPE75AsLVv8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNWYlwEQ__S4ARjmp-z9ATAB&v=APEucNVZHRaUD1Vp4vrgyynxoOPa_uPuhEs11Xq2IXUGy17980piMRl5bBeEEoEPYPTjzDNDe6F059b4Jya-qZ_BDufDKXCixA
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:29 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ljG%2B9RhDS69v6xr0r660OK%2FMRQCcfuj6UBi2XX2nOHfjLCrbl9dFgmhvcxFu5eocI%2FIIeHwED%2FIY4Df%2Bx%2BGRbp2WWCys6RQ1Stf79RI%2B2znuuIfV8Hld7W%2Bfp%2BJ1FszVP91VZsZC%2BcN0Yw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82cfb446af1c3a05-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKn4e-PP9VF6OPE75AsLVv8&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 3BDC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDh60NXdTIJAVvOiO1oUAkU&google_cver=1
43 B
842 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEDh60NXdTIJAVvOiO1oUAkU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNWYlwEQ__S4ARjmp-z9ATAB&v=APEucNVZHRaUD1Vp4vrgyynxoOPa_uPuhEs11Xq2IXUGy17980piMRl5bBeEEoEPYPTjzDNDe6F059b4Jya-qZ_BDufDKXCixA
Protocol
H2
Server
68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:29 GMT
an-x-request-uuid
067ef829-2d52-4f1e-a43d-73729b720293
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
96.9.249.37; 96.9.249.37; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEDh60NXdTIJAVvOiO1oUAkU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3BDC
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTgxNzk3MTUwODgxOTkyMjcxNw%3D%3D
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTgxNzk3MTUwODgxOTkyMjcxNw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNWYlwEQ__S4ARjmp-z9ATAB&v=APEucNVZHRaUD1Vp4vrgyynxoOPa_uPuhEs11Xq2IXUGy17980piMRl5bBeEEoEPYPTjzDNDe6F059b4Jya-qZ_BDufDKXCixA
Protocol
H2
Server
142.250.217.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mia07s62-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:29 GMT
an-x-request-uuid
d3bc03c2-e733-4fda-902f-7d33ed4c1dcd
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTgxNzk3MTUwODgxOTkyMjcxNw%3D%3D
x-proxy-origin
96.9.249.37; 96.9.249.37; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2CE8
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=30851966076&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2CE8
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=30851966076&version=m202309260101&ct=77&x=1&cor=1087672831500912000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 2CE8
34 KB
19 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DUMj--qmvqlBNzhd-f7Vxdqb62rPRDzbug9SqNC5DwkRH1iWSI_WQO5CIuFyuxZw3rz1dRF7KvbCzjRj8j06Ub3-3ErutyMwJHA4Boms2LOgQh0co7BgNu32zqraOG0ETCJlbvifgzD4YUwX2UKMp1f7xr-gA_xP4F-LwUjMDHNhtUvGk&cry=1&dbm_d=AKAmf-CdgNTF3L9nwkcgrelhVBvJ4hNCEPmztfliGDbJtfbCfomKmhmIIFDSIA3t7e2HkjbMJr72sVedYqp6NG3nMBG5OB5TLK2_2kGrcAzfFQ9lz_9nzoHnGxY9B3mEpUXe6gHU_D1E99jpSp8J_iXSKCfBbLnRefrDohk-_LxYDdNq38Hp-iviLRUTY_TYpYvB0joZloxfo3h6C4HAW4WKMhwXKJ8IJd3EpRToTLAf7OMzQPXW79SQbf4WtQAZzAJptB5tw7yjfWCPx_-nKjTQEtkzPa-7KoKBjMpjjZOVRyqffWzRDZ-fXOFIPKIjMsaIQwO2ZIHyI0aOxAPMLHFsNfye5ZurDul65Vh0ONiJafV4flAuxKa0ftg4NWk0fcqPR4s6gkWzvjx-s3QxkjobFi-W3FvX_ql2ya2fJAwzYkNAwghzAM3rtLwhdtGSK84iQuv6BSuGSD0rp-mo1IVNKPsDBlt8fWIQAVL2FlJEViL5QyIUDe7ApV0I1imd_3G9ktJtYdZrcxmVhaI05ln9EsKlnCs8jqzjcQmkZ08xM55qeu3cwUGyM_JXaNXjaEQmeAIQukVNydxcEucKIVD_9aXpIru7EiLqTzqB_6Lu1rOLS5A-nUX1YI5Aiz4CLwym7CfaQ7JtM91LLG9q0BZ79Oc3fUNlvRNw0Z84LeLqNs63lMYtgtTURVMd9sXLIiYpVr7vfIexf2whsamGwSvV8BwNzBnmaSySrAgmvX14hhrlFqCkhHn9gXWHD09Qes8vxMGlb-zv9SMgffJX3Ao-1jueYowYbI-jS4nN0wyRZ2-rRFZsD4_a3IcAS9MBfkRV1GPm2B-bRKiOZxrWgb1llbekCELLtJxiQwnKKoLp6VNaSqjpPbrXNSuLVkTqTIno9zC-W_QqNaDCjBJR55sv0S_EpDJHy72QknSfoi07Pv3vpIYg4GNtlMoo3FF1eEy7cesqRKNB6lL90pSUEQGeerv9g9pQc0CXbsDoI0I-EieDjC7buNDimVwPhJRHZ1UIYtLHt5Q4kvlT0qdvebA2F-u5LF_2EMp3Mb9WR3sY-1LeQRo0u-orSFvtl3fyr6WjYHBc3Zdh_HMLVqqXhVD8OwYiVf2QxJunsPPGdK4oTyKVXX-wyNpmYqmAmdbvXgdrFHKkr62lWo6CnBM_9QaJ1t8oF04fAO1OIPK80wHo6YkahuywZxB2DhRHmUHFl1z6jgVdX2-di3uLBAeIU-yrlpkpWOP-pqfQ4cI4Ks0RTY_JUgGohgCT97F51VqATc_h9vyk2Nhu5n8VUQmVZ2ZRyZLj5KrsXkUG_nBRzBQ4SNnoSzv_pEbf4jQ2YbDbQVEEYJHP7l0aYGTxJsEGN6-fcvFBe95NR1yzdUs3GFwShtc3st6A_1nmXw_xb2deIN890jXNEt3Pawsy5COkehE0G3YtsZwjH5EgH1D8p5TR--KKnH1ItAYpulVVa9oda-BqnnY4NG43-H61Vw6gsLsZWabcieQ9RfFHIyGjW_HnJMohgWiOh1-zncwz4aWTxVNcFw5hLari1iI29JP979VO9UXYHaWARljYNlMiXKN5SBztV7OCUnMxZD6JLc-YOR7_jUwl7DcqRGNgWHUU-sUhpgpd8CUmjHlacEWqbwTfVC-ZN-witxIyD4tXT3vbqUQNW8TEMu0elerkfKpnPPagJhNl6CWzSJLV0N1YQ-Fc9aYDBXpcBIAUxgXJFBzGOpanLysPwiZKzyCDXAkaTaARyQiz2U2xesVHtN4enfmUVt7Jiwf2B_pSB2OqNpwqbuLcvB77uvtrgc063boH8LjDuCp1ptZT8LlB___Wg2rV2I3x2qJtssUWIOCk0UIsS3QUR0Yp_9YzRhi5mMZ7OeZ22gql7JNpPtF4R40NWutRBErZ5rmTE3du5henras8RrEihlicoVItglt_2YnPy8WxAShWNwho1lVxH3A_CZmfXQCQBYDOnC-997nXoCarjlSMCVcsmG56vJbB5fM6eWIIresgEiQiA5sDAOp7OwXavQjscl7TRJr0JTvk-jTaGLQWH4Wxv1csock2w82HfQQVr-bvo54GB522Ubi3vtpjB6VjSnCjzLjDGvUYa21SBMmfC8PZgBQylmotc3XptYVuPXyqdXXOAqMFEPJFPmD31z-Dr-w-PJRGFJs_j3-atjN3_zhjJLDH9PJMo9zdIeBr0q1_SXCbhx7BT7nm96BtwVssOku_GeVdS2UyOCe_NIRIwpwcvK5WF93uT7BFjJCpH2pQyhMFKBTMKb7pB8ymCEZbz7kdsGKQmNDsWczvZys8M-VrLTsyCNMe9lZFQrpke4oK2yl4zngUCAXJTdVTAvEwYMsnId5FcGmIjQuloheknmrtKokgGrE_wJeb70NAmQM31umlOgT_4swLIMH1Ad_8WpVSauNxl8RvdWokyDQH8TJ7bamok-pX54aYO0GNwMiIWIysWG5ketVLavZxz2rr6aot_KXOlyu_IM3jtc7pSms0vy3OAPyZx9n2b1qP6DAuYFdSoiC-f_RXMoyQPsrPcNgZZ88ampXYkZ9esuoKhJ5vknQVM9Md8EZ34WR8GQfkViEZ6VYL0h3B02a0pbGQW9mSZ27iw3P71RUa-c67b7RP5PMxR57ecTHSDwTa0HO-E0idSNcxv6V3e3MrKMCrtxlGApwi2_4W_sLkCdHFnaWOELm6wR2Gn41dHBZpnxCJEbs8a5BhUsbhXWhZPBoh8lPYkNIPbJtA85roRF_kJGKCTKPSDiJiAUkA_gsV8GrsgaPtjaSOTzAKFxBtAyYpmWL_aBgCAsa6zVvBGuSVLNsNpK7dyKPnruVRezpln6B_Xfy3sXoaV0S_2EjF04uayXD7lYuJlcT-CG3QTrivleyQfQmzPosITifSSUy4AnC8miYWHc5eNuyuq063tdSCn-K1CpN-YRN8I8ykwm9Iv6cyWTO16e1p0Lm5Ov_alVOpVFO70gxP3K2_F42aRnbzQMmaiiFElMDZNG13rrPbyzp_OPYVk7ljDoocvz7Nw4sBEqPcov3wVbFMYoeBhOGuqsmKyed3AgWV9jjQH4Slkw3vs0gP8IO4LbYapFPU_pKMzRZwqY-LlR9cy84CSWBD-GYDm0SB8KChOPxGQhPzpZAezle5KLJlfyH-6-J6IUS4BsQiOx1N7pTooOBFU7WkxxybUdpxPP34sWXWFhBm36WZDC5DFlz2fS7ezFdCOFbjv4kJKO7MzY3t0HzLvbpmdEmpHw3pwgzSBKglXsZyEN2Pv6ktrb7_tqpgOk14zyJ-aoBA3RaV6GK1NHGqEdh9lRD4Kc3rISXADITUtdJnOEo87OMryES6I14s_yIz8SUE8Mgfts98Vjqp3vUM82pLDOn5hDOKw7z1MT94-uS2wB22-smvJ3rgdToHogLUzHMJCEbccrbDlg-5qVSsTmejYU3-T8suwbRmW32e7Z1ZiEABwFtrrOCZbP2TIqyfDty7WXvoIkIvFjNHOdn-comcvrvRNy5ENMUYqlZ6ZFoJBKh6uy7D_QwaE_klZnb-Wsf3I5tZXkBEUMCZuMo2UmzyrKF1HluE1izDMhFJxKGBYjp0n2aDgdTT_c9vaeVg9ZBGCRjixg&cid=CAQSTgDICaaNzGapUP_jDz8i-qY4SI_3oXXYpssJEwCQ5UboSK3hXoOLwhNXrAAo6DffKfnUBolvpa1OAVq_E4ETCqH2y0J80taok7A_blnPQxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fzaly.online%2F&ds=l&xdt=1&iif=1&cor=1087672831500912000&adk=521587874&idt=95&cac=0&dtd=15
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68306ebb67e2ed518aed44cad59d49b381ad16d42cc9555e73cd27fdac6e1a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19834
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame
0
0
Preflight
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x226d16466797ae030000000000000000%22,%222%22:%220xee2ea3547fed90660000000000000000%22,%223%22:%220xb108c9535706f17e0000000000000000%22,%224%22:%220xb502f3ecfed60ef0000000000000000%22,%225%22:%220x49aa1e69dc9a8ae10000000000000000%22},%22debug_key%22:%2213463495911180650171%22,%22debug_reporting%22:true,%22destination%22:%22https://villa.edu%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22977811239%22],%224%22:[%2211-28%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2244452866232556289%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 28 Nov 2023 04:00:29 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 37DB
38 KB
13 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
18119
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 27 Nov 2023 22:58:30 GMT
expires
Tue, 26 Nov 2024 22:58:30 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 5C13
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 04:00:29 GMT
expires
Tue, 28 Nov 2023 04:00:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 04:00:29 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 0CAB
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
912a9416c7ad44940eff4598d9e8331d082945a877e71068f739d28d8f3658bc

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 2CE8
31 KB
12 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DUMj--qmvqlBNzhd-f7Vxdqb62rPRDzbug9SqNC5DwkRH1iWSI_WQO5CIuFyuxZw3rz1dRF7KvbCzjRj8j06Ub3-3ErutyMwJHA4Boms2LOgQh0co7BgNu32zqraOG0ETCJlbvifgzD4YUwX2UKMp1f7xr-gA_xP4F-LwUjMDHNhtUvGk&cry=1&dbm_d=AKAmf-CdgNTF3L9nwkcgrelhVBvJ4hNCEPmztfliGDbJtfbCfomKmhmIIFDSIA3t7e2HkjbMJr72sVedYqp6NG3nMBG5OB5TLK2_2kGrcAzfFQ9lz_9nzoHnGxY9B3mEpUXe6gHU_D1E99jpSp8J_iXSKCfBbLnRefrDohk-_LxYDdNq38Hp-iviLRUTY_TYpYvB0joZloxfo3h6C4HAW4WKMhwXKJ8IJd3EpRToTLAf7OMzQPXW79SQbf4WtQAZzAJptB5tw7yjfWCPx_-nKjTQEtkzPa-7KoKBjMpjjZOVRyqffWzRDZ-fXOFIPKIjMsaIQwO2ZIHyI0aOxAPMLHFsNfye5ZurDul65Vh0ONiJafV4flAuxKa0ftg4NWk0fcqPR4s6gkWzvjx-s3QxkjobFi-W3FvX_ql2ya2fJAwzYkNAwghzAM3rtLwhdtGSK84iQuv6BSuGSD0rp-mo1IVNKPsDBlt8fWIQAVL2FlJEViL5QyIUDe7ApV0I1imd_3G9ktJtYdZrcxmVhaI05ln9EsKlnCs8jqzjcQmkZ08xM55qeu3cwUGyM_JXaNXjaEQmeAIQukVNydxcEucKIVD_9aXpIru7EiLqTzqB_6Lu1rOLS5A-nUX1YI5Aiz4CLwym7CfaQ7JtM91LLG9q0BZ79Oc3fUNlvRNw0Z84LeLqNs63lMYtgtTURVMd9sXLIiYpVr7vfIexf2whsamGwSvV8BwNzBnmaSySrAgmvX14hhrlFqCkhHn9gXWHD09Qes8vxMGlb-zv9SMgffJX3Ao-1jueYowYbI-jS4nN0wyRZ2-rRFZsD4_a3IcAS9MBfkRV1GPm2B-bRKiOZxrWgb1llbekCELLtJxiQwnKKoLp6VNaSqjpPbrXNSuLVkTqTIno9zC-W_QqNaDCjBJR55sv0S_EpDJHy72QknSfoi07Pv3vpIYg4GNtlMoo3FF1eEy7cesqRKNB6lL90pSUEQGeerv9g9pQc0CXbsDoI0I-EieDjC7buNDimVwPhJRHZ1UIYtLHt5Q4kvlT0qdvebA2F-u5LF_2EMp3Mb9WR3sY-1LeQRo0u-orSFvtl3fyr6WjYHBc3Zdh_HMLVqqXhVD8OwYiVf2QxJunsPPGdK4oTyKVXX-wyNpmYqmAmdbvXgdrFHKkr62lWo6CnBM_9QaJ1t8oF04fAO1OIPK80wHo6YkahuywZxB2DhRHmUHFl1z6jgVdX2-di3uLBAeIU-yrlpkpWOP-pqfQ4cI4Ks0RTY_JUgGohgCT97F51VqATc_h9vyk2Nhu5n8VUQmVZ2ZRyZLj5KrsXkUG_nBRzBQ4SNnoSzv_pEbf4jQ2YbDbQVEEYJHP7l0aYGTxJsEGN6-fcvFBe95NR1yzdUs3GFwShtc3st6A_1nmXw_xb2deIN890jXNEt3Pawsy5COkehE0G3YtsZwjH5EgH1D8p5TR--KKnH1ItAYpulVVa9oda-BqnnY4NG43-H61Vw6gsLsZWabcieQ9RfFHIyGjW_HnJMohgWiOh1-zncwz4aWTxVNcFw5hLari1iI29JP979VO9UXYHaWARljYNlMiXKN5SBztV7OCUnMxZD6JLc-YOR7_jUwl7DcqRGNgWHUU-sUhpgpd8CUmjHlacEWqbwTfVC-ZN-witxIyD4tXT3vbqUQNW8TEMu0elerkfKpnPPagJhNl6CWzSJLV0N1YQ-Fc9aYDBXpcBIAUxgXJFBzGOpanLysPwiZKzyCDXAkaTaARyQiz2U2xesVHtN4enfmUVt7Jiwf2B_pSB2OqNpwqbuLcvB77uvtrgc063boH8LjDuCp1ptZT8LlB___Wg2rV2I3x2qJtssUWIOCk0UIsS3QUR0Yp_9YzRhi5mMZ7OeZ22gql7JNpPtF4R40NWutRBErZ5rmTE3du5henras8RrEihlicoVItglt_2YnPy8WxAShWNwho1lVxH3A_CZmfXQCQBYDOnC-997nXoCarjlSMCVcsmG56vJbB5fM6eWIIresgEiQiA5sDAOp7OwXavQjscl7TRJr0JTvk-jTaGLQWH4Wxv1csock2w82HfQQVr-bvo54GB522Ubi3vtpjB6VjSnCjzLjDGvUYa21SBMmfC8PZgBQylmotc3XptYVuPXyqdXXOAqMFEPJFPmD31z-Dr-w-PJRGFJs_j3-atjN3_zhjJLDH9PJMo9zdIeBr0q1_SXCbhx7BT7nm96BtwVssOku_GeVdS2UyOCe_NIRIwpwcvK5WF93uT7BFjJCpH2pQyhMFKBTMKb7pB8ymCEZbz7kdsGKQmNDsWczvZys8M-VrLTsyCNMe9lZFQrpke4oK2yl4zngUCAXJTdVTAvEwYMsnId5FcGmIjQuloheknmrtKokgGrE_wJeb70NAmQM31umlOgT_4swLIMH1Ad_8WpVSauNxl8RvdWokyDQH8TJ7bamok-pX54aYO0GNwMiIWIysWG5ketVLavZxz2rr6aot_KXOlyu_IM3jtc7pSms0vy3OAPyZx9n2b1qP6DAuYFdSoiC-f_RXMoyQPsrPcNgZZ88ampXYkZ9esuoKhJ5vknQVM9Md8EZ34WR8GQfkViEZ6VYL0h3B02a0pbGQW9mSZ27iw3P71RUa-c67b7RP5PMxR57ecTHSDwTa0HO-E0idSNcxv6V3e3MrKMCrtxlGApwi2_4W_sLkCdHFnaWOELm6wR2Gn41dHBZpnxCJEbs8a5BhUsbhXWhZPBoh8lPYkNIPbJtA85roRF_kJGKCTKPSDiJiAUkA_gsV8GrsgaPtjaSOTzAKFxBtAyYpmWL_aBgCAsa6zVvBGuSVLNsNpK7dyKPnruVRezpln6B_Xfy3sXoaV0S_2EjF04uayXD7lYuJlcT-CG3QTrivleyQfQmzPosITifSSUy4AnC8miYWHc5eNuyuq063tdSCn-K1CpN-YRN8I8ykwm9Iv6cyWTO16e1p0Lm5Ov_alVOpVFO70gxP3K2_F42aRnbzQMmaiiFElMDZNG13rrPbyzp_OPYVk7ljDoocvz7Nw4sBEqPcov3wVbFMYoeBhOGuqsmKyed3AgWV9jjQH4Slkw3vs0gP8IO4LbYapFPU_pKMzRZwqY-LlR9cy84CSWBD-GYDm0SB8KChOPxGQhPzpZAezle5KLJlfyH-6-J6IUS4BsQiOx1N7pTooOBFU7WkxxybUdpxPP34sWXWFhBm36WZDC5DFlz2fS7ezFdCOFbjv4kJKO7MzY3t0HzLvbpmdEmpHw3pwgzSBKglXsZyEN2Pv6ktrb7_tqpgOk14zyJ-aoBA3RaV6GK1NHGqEdh9lRD4Kc3rISXADITUtdJnOEo87OMryES6I14s_yIz8SUE8Mgfts98Vjqp3vUM82pLDOn5hDOKw7z1MT94-uS2wB22-smvJ3rgdToHogLUzHMJCEbccrbDlg-5qVSsTmejYU3-T8suwbRmW32e7Z1ZiEABwFtrrOCZbP2TIqyfDty7WXvoIkIvFjNHOdn-comcvrvRNy5ENMUYqlZ6ZFoJBKh6uy7D_QwaE_klZnb-Wsf3I5tZXkBEUMCZuMo2UmzyrKF1HluE1izDMhFJxKGBYjp0n2aDgdTT_c9vaeVg9ZBGCRjixg&cid=CAQSTgDICaaNzGapUP_jDz8i-qY4SI_3oXXYpssJEwCQ5UboSK3hXoOLwhNXrAAo6DffKfnUBolvpa1OAVq_E4ETCqH2y0J80taok7A_blnPQxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fzaly.online%2F&ds=l&xdt=1&iif=1&cor=1087672831500912000&adk=521587874&idt=95&cac=0&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
610d24f5996131b3ab98f18e05441cc246aa8674c3842df0df2b40b57ac9fd0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 12:17:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
56589
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11874
x-xss-protection
0
server
cafe
etag
3876053170955424897
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Dec 2023 12:17:20 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 2CE8
41 KB
14 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DUMj--qmvqlBNzhd-f7Vxdqb62rPRDzbug9SqNC5DwkRH1iWSI_WQO5CIuFyuxZw3rz1dRF7KvbCzjRj8j06Ub3-3ErutyMwJHA4Boms2LOgQh0co7BgNu32zqraOG0ETCJlbvifgzD4YUwX2UKMp1f7xr-gA_xP4F-LwUjMDHNhtUvGk&cry=1&dbm_d=AKAmf-CdgNTF3L9nwkcgrelhVBvJ4hNCEPmztfliGDbJtfbCfomKmhmIIFDSIA3t7e2HkjbMJr72sVedYqp6NG3nMBG5OB5TLK2_2kGrcAzfFQ9lz_9nzoHnGxY9B3mEpUXe6gHU_D1E99jpSp8J_iXSKCfBbLnRefrDohk-_LxYDdNq38Hp-iviLRUTY_TYpYvB0joZloxfo3h6C4HAW4WKMhwXKJ8IJd3EpRToTLAf7OMzQPXW79SQbf4WtQAZzAJptB5tw7yjfWCPx_-nKjTQEtkzPa-7KoKBjMpjjZOVRyqffWzRDZ-fXOFIPKIjMsaIQwO2ZIHyI0aOxAPMLHFsNfye5ZurDul65Vh0ONiJafV4flAuxKa0ftg4NWk0fcqPR4s6gkWzvjx-s3QxkjobFi-W3FvX_ql2ya2fJAwzYkNAwghzAM3rtLwhdtGSK84iQuv6BSuGSD0rp-mo1IVNKPsDBlt8fWIQAVL2FlJEViL5QyIUDe7ApV0I1imd_3G9ktJtYdZrcxmVhaI05ln9EsKlnCs8jqzjcQmkZ08xM55qeu3cwUGyM_JXaNXjaEQmeAIQukVNydxcEucKIVD_9aXpIru7EiLqTzqB_6Lu1rOLS5A-nUX1YI5Aiz4CLwym7CfaQ7JtM91LLG9q0BZ79Oc3fUNlvRNw0Z84LeLqNs63lMYtgtTURVMd9sXLIiYpVr7vfIexf2whsamGwSvV8BwNzBnmaSySrAgmvX14hhrlFqCkhHn9gXWHD09Qes8vxMGlb-zv9SMgffJX3Ao-1jueYowYbI-jS4nN0wyRZ2-rRFZsD4_a3IcAS9MBfkRV1GPm2B-bRKiOZxrWgb1llbekCELLtJxiQwnKKoLp6VNaSqjpPbrXNSuLVkTqTIno9zC-W_QqNaDCjBJR55sv0S_EpDJHy72QknSfoi07Pv3vpIYg4GNtlMoo3FF1eEy7cesqRKNB6lL90pSUEQGeerv9g9pQc0CXbsDoI0I-EieDjC7buNDimVwPhJRHZ1UIYtLHt5Q4kvlT0qdvebA2F-u5LF_2EMp3Mb9WR3sY-1LeQRo0u-orSFvtl3fyr6WjYHBc3Zdh_HMLVqqXhVD8OwYiVf2QxJunsPPGdK4oTyKVXX-wyNpmYqmAmdbvXgdrFHKkr62lWo6CnBM_9QaJ1t8oF04fAO1OIPK80wHo6YkahuywZxB2DhRHmUHFl1z6jgVdX2-di3uLBAeIU-yrlpkpWOP-pqfQ4cI4Ks0RTY_JUgGohgCT97F51VqATc_h9vyk2Nhu5n8VUQmVZ2ZRyZLj5KrsXkUG_nBRzBQ4SNnoSzv_pEbf4jQ2YbDbQVEEYJHP7l0aYGTxJsEGN6-fcvFBe95NR1yzdUs3GFwShtc3st6A_1nmXw_xb2deIN890jXNEt3Pawsy5COkehE0G3YtsZwjH5EgH1D8p5TR--KKnH1ItAYpulVVa9oda-BqnnY4NG43-H61Vw6gsLsZWabcieQ9RfFHIyGjW_HnJMohgWiOh1-zncwz4aWTxVNcFw5hLari1iI29JP979VO9UXYHaWARljYNlMiXKN5SBztV7OCUnMxZD6JLc-YOR7_jUwl7DcqRGNgWHUU-sUhpgpd8CUmjHlacEWqbwTfVC-ZN-witxIyD4tXT3vbqUQNW8TEMu0elerkfKpnPPagJhNl6CWzSJLV0N1YQ-Fc9aYDBXpcBIAUxgXJFBzGOpanLysPwiZKzyCDXAkaTaARyQiz2U2xesVHtN4enfmUVt7Jiwf2B_pSB2OqNpwqbuLcvB77uvtrgc063boH8LjDuCp1ptZT8LlB___Wg2rV2I3x2qJtssUWIOCk0UIsS3QUR0Yp_9YzRhi5mMZ7OeZ22gql7JNpPtF4R40NWutRBErZ5rmTE3du5henras8RrEihlicoVItglt_2YnPy8WxAShWNwho1lVxH3A_CZmfXQCQBYDOnC-997nXoCarjlSMCVcsmG56vJbB5fM6eWIIresgEiQiA5sDAOp7OwXavQjscl7TRJr0JTvk-jTaGLQWH4Wxv1csock2w82HfQQVr-bvo54GB522Ubi3vtpjB6VjSnCjzLjDGvUYa21SBMmfC8PZgBQylmotc3XptYVuPXyqdXXOAqMFEPJFPmD31z-Dr-w-PJRGFJs_j3-atjN3_zhjJLDH9PJMo9zdIeBr0q1_SXCbhx7BT7nm96BtwVssOku_GeVdS2UyOCe_NIRIwpwcvK5WF93uT7BFjJCpH2pQyhMFKBTMKb7pB8ymCEZbz7kdsGKQmNDsWczvZys8M-VrLTsyCNMe9lZFQrpke4oK2yl4zngUCAXJTdVTAvEwYMsnId5FcGmIjQuloheknmrtKokgGrE_wJeb70NAmQM31umlOgT_4swLIMH1Ad_8WpVSauNxl8RvdWokyDQH8TJ7bamok-pX54aYO0GNwMiIWIysWG5ketVLavZxz2rr6aot_KXOlyu_IM3jtc7pSms0vy3OAPyZx9n2b1qP6DAuYFdSoiC-f_RXMoyQPsrPcNgZZ88ampXYkZ9esuoKhJ5vknQVM9Md8EZ34WR8GQfkViEZ6VYL0h3B02a0pbGQW9mSZ27iw3P71RUa-c67b7RP5PMxR57ecTHSDwTa0HO-E0idSNcxv6V3e3MrKMCrtxlGApwi2_4W_sLkCdHFnaWOELm6wR2Gn41dHBZpnxCJEbs8a5BhUsbhXWhZPBoh8lPYkNIPbJtA85roRF_kJGKCTKPSDiJiAUkA_gsV8GrsgaPtjaSOTzAKFxBtAyYpmWL_aBgCAsa6zVvBGuSVLNsNpK7dyKPnruVRezpln6B_Xfy3sXoaV0S_2EjF04uayXD7lYuJlcT-CG3QTrivleyQfQmzPosITifSSUy4AnC8miYWHc5eNuyuq063tdSCn-K1CpN-YRN8I8ykwm9Iv6cyWTO16e1p0Lm5Ov_alVOpVFO70gxP3K2_F42aRnbzQMmaiiFElMDZNG13rrPbyzp_OPYVk7ljDoocvz7Nw4sBEqPcov3wVbFMYoeBhOGuqsmKyed3AgWV9jjQH4Slkw3vs0gP8IO4LbYapFPU_pKMzRZwqY-LlR9cy84CSWBD-GYDm0SB8KChOPxGQhPzpZAezle5KLJlfyH-6-J6IUS4BsQiOx1N7pTooOBFU7WkxxybUdpxPP34sWXWFhBm36WZDC5DFlz2fS7ezFdCOFbjv4kJKO7MzY3t0HzLvbpmdEmpHw3pwgzSBKglXsZyEN2Pv6ktrb7_tqpgOk14zyJ-aoBA3RaV6GK1NHGqEdh9lRD4Kc3rISXADITUtdJnOEo87OMryES6I14s_yIz8SUE8Mgfts98Vjqp3vUM82pLDOn5hDOKw7z1MT94-uS2wB22-smvJ3rgdToHogLUzHMJCEbccrbDlg-5qVSsTmejYU3-T8suwbRmW32e7Z1ZiEABwFtrrOCZbP2TIqyfDty7WXvoIkIvFjNHOdn-comcvrvRNy5ENMUYqlZ6ZFoJBKh6uy7D_QwaE_klZnb-Wsf3I5tZXkBEUMCZuMo2UmzyrKF1HluE1izDMhFJxKGBYjp0n2aDgdTT_c9vaeVg9ZBGCRjixg&cid=CAQSTgDICaaNzGapUP_jDz8i-qY4SI_3oXXYpssJEwCQ5UboSK3hXoOLwhNXrAAo6DffKfnUBolvpa1OAVq_E4ETCqH2y0J80taok7A_blnPQxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fzaly.online%2F&ds=l&xdt=1&iif=1&cor=1087672831500912000&adk=521587874&idt=95&cac=0&dtd=15
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 05:43:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
598631
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Nov 2024 05:43:18 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTE0NDAyODk3MjI0OAogIHNlcnZlcl9pcDogMTQxMDM1OTYxCiAgcHJvY2Vzc19pZDogMTgxMjE1OTE2Nwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiA4MTc2MTgy...
ad.doubleclick.net/ddm/activity/ Frame 2CE8
0
852 B
Image
General
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwMTE0NDAyODk3MjI0OAogIHNlcnZlcl9pcDogMTQxMDM1OTYxCiAgcHJvY2Vzc19pZDogMTgxMjE1OTE2Nwp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiA4MTc2MTgyCmFkdmVydGlzZXJfZG9tYWluOiAiaHR0cHM6Ly91c2JhbmsuY29tIgp4ZmFfYXR0cmlidXRpb25faW50ZXJhY3Rpb25fdHlwZTogVklFVwppbXByZXNzaW9uX3ByaW9yaXR5OiAwCmltcHJlc3Npb25fZXhwaXJ5X2luX2RheXM6IDMwCmV2ZW50X2ltcHJlc3Npb25faWQ6IDkwMDA0Nzk5OTY3MTk3NjI5OTUKZGVidWdfa2V5OiAxNDgzOTc0MDk3NjQ4MjcwNTYwCmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BST0RVQ1RfVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX0RBVEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgc3RyaW5nX3ZhbHVlOiAiMjAyMy0xMS0yOCIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRkxPT0RMSUdIVF9DT05GSUdfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDgxNzYxODIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzNTQ5NDkyMjEKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDE5NDIxNDIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0xJTkVfSVRFTV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTkzMTE5MTM1NjEKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0NSRUFUSVZFX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiA0NjE4MTMwMTYKICB9Cn0KYXJjaGV0eXBlX2lkOiAxMgphcmNoZXR5cGVfaWQ6IDEzCmFyY2hldHlwZV9pZDogMTQKYXJjaGV0eXBlX2lkOiAxNQphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vdXNiYW5rLmNvbSIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2JsZW5kbGFicy5jb20iCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9lbGFuY2FyZC5jb20iCmltcHJlc3Npb25fZXZlbnRfcmVwb3J0aW5nX3dpbmRvd19kYXlzOiA0CmJyb3dzZXJfYXR0cmlidXRpb25fYXBpX3JlcXVlc3RfcHJvY2Vzc2luZ19iaXRzOiA3MzgxOTc1MDQK
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.81.230 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f6.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:29 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"12":"0x18920d3ab3d4f4600000000000000000","13":"0xb46990ceb53f82a00000000000000000","14":"0x77dfcc8f71d3943f0000000000000000","15":"0x84980dfd01e6dcb00000000000000000"},"debug_key":"1483974097648270560","debug_reporting":true,"destination":"https://usbank.com","event_report_window":"345600","expiry":"2592000","filter_data":{"14":[],"8":["8176182"]},"priority":"0","source_event_id":"9000479996719762995"}
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
impl_v99.js
www.googletagservices.com/dcm/ Frame 2CE8
59 KB
23 KB
Script
General
Full URL
https://www.googletagservices.com/dcm/impl_v99.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:806::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 11:46:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
144847
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23872
x-xss-protection
0
last-modified
Thu, 02 Nov 2023 14:22:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 25 Nov 2024 11:46:22 GMT
38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js
www.gstatic.com/mysidia/ Frame 31FD
9 KB
4 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:815::2003 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 22:08:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
107496
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4046
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 14:10:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sat, 24 Feb 2024 22:08:53 GMT
7b504c1450659deb5d95b33621eeb0df.js
www.gstatic.com/mysidia/ Frame 31FD
119 KB
42 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/7b504c1450659deb5d95b33621eeb0df.js?tag=leadgen/frosmoth_image
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:815::2003 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
74104393ff5df076b720705b4c4bab255e9c7c4343346113043b4e601df86cce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 00:15:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
359110
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42686
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 18:54:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 22 Feb 2024 00:15:19 GMT
1290528a0f60de16515866847082b13a.js
www.gstatic.com/mysidia/ Frame 31FD
20 KB
8 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/1290528a0f60de16515866847082b13a.js?tag=pingback
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:815::2003 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc683e932f79a2eec11f258cb15966aab5abd7269f7fed443bc8a0bca5fdb046
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 04:29:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
343886
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8379
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 14:10:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 22 Feb 2024 04:29:03 GMT
css
fonts.googleapis.com/ Frame 31FD
15 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C600%7CRoboto%3A400%7CGoogle%20Sans%3A400
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:809::200a Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d0665e41f3c6d478e2d7bf31dce68ca102e14510cfa6cc39447dcae70b38b2ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 28 Nov 2023 04:00:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 02:24:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 28 Nov 2023 04:00:29 GMT
mdc_list_min.js
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame 31FD
27 KB
6 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_list_min.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0a0610548e89956b26496552978f70638cbbba6f7d3fc204e137457a52d53f8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 02:23:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
5836
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6467
x-xss-protection
0
server
cafe
etag
4758454654811317262
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 29 Nov 2023 02:23:13 GMT
mdc_menu_min.js
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame 31FD
51 KB
11 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_menu_min.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd543b21d162ee922201fe54b79778548f8102ea91376960e856c069a135cb76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 04:13:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
85605
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11146
x-xss-protection
0
server
cafe
etag
2759356358486721826
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 28 Nov 2023 04:13:44 GMT
mdc_menu_surface.min.js
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame 31FD
18 KB
5 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_menu_surface.min.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
35ef325738aec617e593976f23534b7d5b159f4642f24bc7c1bbbb40a7dc181f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 04:34:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
84342
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4739
x-xss-protection
0
server
cafe
etag
18373107336927916518
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 28 Nov 2023 04:34:47 GMT
mdc_select_min.js
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame 31FD
103 KB
18 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_select_min.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f61ce0d0d062c15912a8fd7067d050eb058a4947d7d516ffa6efc31fd32ea731
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 21:16:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
24229
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18791
x-xss-protection
0
server
cafe
etag
10996637669125113147
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 28 Nov 2023 21:16:40 GMT
mdc_textfield_min.js
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/ Frame 31FD
58 KB
10 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/js/mdc_textfield_min.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bbd11d287d579b875f5ba1e88c62f56834dd8d925d7776fdc4eb201cf9aa5192
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 23:23:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
16599
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10107
x-xss-protection
0
server
cafe
etag
7588401036457704084
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 28 Nov 2023 23:23:50 GMT
mdc_list_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame 31FD
31 KB
3 KB
Stylesheet
General
Full URL
https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_list_min.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
39473f41f6492001648e93d50aa18f14ae5e917cd9c93da48ec2dd50ca1f364b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 21:48:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
22322
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3021
x-xss-protection
0
server
cafe
etag
18113988596513574663
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 28 Nov 2023 21:48:27 GMT
mdc_menu_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame 31FD
3 KB
797 B
Stylesheet
General
Full URL
https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_menu_min.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3c4a4057f02182efe3e8959561124f215a4a8e50e03257b71d550cbf74ecc4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 01:58:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
7321
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
766
x-xss-protection
0
server
cafe
etag
14497039402300002370
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 29 Nov 2023 01:58:28 GMT
mdc_menu_surface_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame 31FD
2 KB
640 B
Stylesheet
General
Full URL
https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_menu_surface_min.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
389090922185d81fe757eb0e033fccb17583e98a7dc5b9900a1dbd7bb49aafa5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 04:13:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
85609
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
611
x-xss-protection
0
server
cafe
etag
18268606943400439583
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 28 Nov 2023 04:13:40 GMT
mdc_select_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame 31FD
37 KB
4 KB
Stylesheet
General
Full URL
https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_select_min.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b5737b0c371611ffbda25040aefb4a72202b3f4f4223da5802f9841823f125ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 02:23:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
5810
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3940
x-xss-protection
0
server
cafe
etag
17986137158686949241
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Wed, 29 Nov 2023 02:23:39 GMT
mdc_textfield_min.css
pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/ Frame 31FD
51 KB
5 KB
Stylesheet
General
Full URL
https://pagead2.googlesyndication.com/pagead/gadgets/mysidia/static/css/mdc_textfield_min.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5fb44f5faa5569cf002f97433c48ff5f53a0c6a181d3f67858c93a8379dbde0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 21:31:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
23359
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4595
x-xss-protection
0
server
cafe
etag
17552977722549843295
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Tue, 28 Nov 2023 21:31:10 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 31FD
2 KB
828 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 21:58:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
21745
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Dec 2023 21:58:04 GMT
b91a06220cfa130b0e547db55a85d66b.js
www.gstatic.com/mysidia/ Frame 31FD
23 KB
10 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/b91a06220cfa130b0e547db55a85d66b.js?tag=exit_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:815::2003 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
230d5095dbd1dabfff7ef55aad99c662f57cd847bd3a5c9befd320551027045b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 03:30:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
347424
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9816
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 14:10:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 22 Feb 2024 03:30:05 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 31FD
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 02:24:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
5749
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9282
x-xss-protection
0
server
cafe
etag
14645652906762492339
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 02:24:40 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 31FD
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 04:22:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
85057
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Dec 2023 04:22:52 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 31FD
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 02:21:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
5954
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 02:21:15 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 31FD
202 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:806::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 04:00:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Nov 2023 04:00:29 GMT
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 37DB
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 21:52:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
22078
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 26 Nov 2024 21:52:31 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 0CAB
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CKEVt2mVlZbHyOL-9xtYPxoGZmAXJluyWdK2IrZv_EbCQHxABIKmJ7IoBYMnujovApIwQoAGn7qDSA8gBAqgDAcgDyQSqBMMBT9BiCcnris2HII-0tE9z2AZ1gMbrbua8ckLwfGbasZ8AEE9...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x226d16466797ae030000000000000000%22,%222%22:%220xee2ea3547fed90660000000000000000%22,%223%22:%220xb108c9...
0
0
Fetch
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x226d16466797ae030000000000000000%22,%222%22:%220xee2ea3547fed90660000000000000000%22,%223%22:%220xb108c9535706f17e0000000000000000%22,%224%22:%220xb502f3ecfed60ef0000000000000000%22,%225%22:%220x49aa1e69dc9a8ae10000000000000000%22},%22debug_key%22:%2212262638905288099247%22,%22debug_reporting%22:true,%22destination%22:%22https://villa.edu%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22977811239%22],%224%22:[%2211-28%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222051644339744000209%22}&andc=true
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 04:00:29 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x226d16466797ae030000000000000000","2":"0xee2ea3547fed90660000000000000000","3":"0xb108c9535706f17e0000000000000000","4":"0xb502f3ecfed60ef0000000000000000","5":"0x49aa1e69dc9a8ae10000000000000000"},"debug_key":"12262638905288099247","debug_reporting":true,"destination":"https://villa.edu","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["977811239"],"4":["11-28"],"6":["true"]},"priority":"500","source_event_id":"2051644339744000209"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 28 Nov 2023 04:00:29 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 28 Nov 2023 04:00:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x226d16466797ae030000000000000000","2":"0xee2ea3547fed90660000000000000000","3":"0xb108c9535706f17e0000000000000000","4":"0xb502f3ecfed60ef0000000000000000","5":"0x49aa1e69dc9a8ae10000000000000000"},"debug_key":"12262638905288099247","debug_reporting":true,"destination":"https://villa.edu","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["977811239"],"4":["11-28"],"6":["true"]},"priority":"500","source_event_id":"2051644339744000209"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
B28975896.352599115;dc_ver=99.292;dc_eid=40004000;sz=160x600;u_sd=1;dc_adk=521587878;ord=39uovf;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCsdEZ2mVlZa_yOL-9xtYPxoGZ...
ad.doubleclick.net/ddm/adj/N443804.2245506CAPTIFY/ Frame 2CE8
80 KB
33 KB
Script
General
Full URL
https://ad.doubleclick.net/ddm/adj/N443804.2245506CAPTIFY/B28975896.352599115;dc_ver=99.292;dc_eid=40004000;sz=160x600;u_sd=1;dc_adk=521587878;ord=39uovf;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCsdEZ2mVlZa_yOL-9xtYPxoGZmAX_o5erdI6rkZHgEK_Mor3AARABIKmJ7IoBYMnujovApIwQoAHB1pSOA8gBCagDAcgDmwSqBOUBT9BTmV-aXVNsyQkMzuIl0veBkwyQ7qdFgR_AmPKABByJeaYbzZ2Ty3Kkq7n2PABkNO4txbyFgTTIp-hCaCVGVWN0M9Laqd9BwR3uk37nY0cc06VusHjAg5-ozwZDYV3jdjxzrJx_x6LmHudR3NE0s7wbb-08HnG2PUS_KlTb6Jze1jZRiJAAVogsrPZp2Q9oigCRuNZjPPwAEU3462YHRee4RtvrzeA9LSjw-DBGV3u02nIqsGd6NvWt0W41aN972LGL18By24GTwX5kTTNgCMrqQ-6PRpI60M0cbFGlndZC_2DQksAEo-iM5a8E4AQDiAXZ1NH4R5AGAaAGTYAHp6nrcagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgfMgKKAjoCgEBIvf3BOoAKAZgLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAqoNAlVTsBPx8foU0BMA2BMDiBQD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNzGapUP_jDz8i-qY4SI_3oXXYpssJEwCQ5UboSK3hXoOLwhNXrAAo6DffKfnUBolvpa1OAVq_E4ETCqH2y0J80taok7A_blnPQxgB%26sig%3DAOD64_3Ep0i9NSD8llj4fvCIx1OQB9N-wQ%26client%3Dca-pub-3130448679272231%26dbm_c%3DAKAmf-CN1Dyvc7rttAzYWGbsXTgLJ0jR14O52yvowlG2WtwUAfEv0dH3nTF9BkWGUfyVONKQRYL8u1LsC7oLkrM2PlEkDVMYatStHljLDjn8eks5MSYDmsrILg1LERGoR7ocgcczlKcH4Hc-X3F2tv6wFSLWSOk6mKWyinTXqs8oOM3exhcUpi0%26cry%3D1%26dbm_d%3DAKAmf-AjY0MrBwLUZsu7hnG9w37ArETUonCePN_fw1UQK3M1oQtUZQ7NeVoXr_LJfNYekTrQkCeNmF9JCV_so7yVJyI-AqQn2n40GSAp2VjMptMhqP0i1M2UBwq8Snz2zSdhjnNXqe7aAiisba4VIejoYIy-lB7Y4AqcHL52gJdifzYeihgmRDL5-Gu96hmkyIU92kOwQtLO5R4oWy8BushZrr4E_aIvNXpU4ik5X3QdrivbStb7LgZyI95uXhjdXvb9ccDwx_vhkIs1KM2KrGSCf_BJcw4TBYohuHl1WDfdvBpKUUH8iFUnl7ATnJTUzM03hslQC2N3r6Bw-tUcxSUqFTkbnpob1EqWMiMid7cMAtmtXVCD4I9ERjz4R3Rl17cb4vhPOsdUL307CoQzirRzMcmFwtrqomwgCd0IaQJAJbqZHQp0UC13oE8xOaYlqEG-9AgaFxabNzVjz2vKNQly-iIAQV4bSGN8rynpP5qzNC2QtlGeQoAlpZhyt3HJOn_yyQNgFvJUqVrWUo-Ci7l2eKmWEU5JLtPql6GKMIGVebGjr9DAqrY%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fzaly.online%2F$0;xdt=1;crlt=sD'IK5HzVI;stc=1;chaa=1;sttr=173;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v99.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.81.230 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f6.1e100.net
Software
cafe /
Resource Hash
1e1078d97060cccda073393cca614c7aef5b94f3dce291fc0c075fd9a817145a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:29 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33666
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 0EB2
38 KB
13 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
18119
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 27 Nov 2023 22:58:30 GMT
expires
Tue, 26 Nov 2024 22:58:30 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js
pagead2.googlesyndication.com/bg/ Frame 40E0
38 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf3ae3cb276e14b8260f0a5581a6da12c86d3963549a2747e0099a0d85361412
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 06:56:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
248663
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14894
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 24 Nov 2024 06:56:06 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame
0
0
Preflight
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x226d16466797ae030000000000000000%22,%222%22:%220xee2ea3547fed90660000000000000000%22,%223%22:%220xb108c9535706f17e0000000000000000%22,%224%22:%220xb502f3ecfed60ef0000000000000000%22,%225%22:%220x49aa1e69dc9a8ae10000000000000000%22},%22debug_key%22:%2212262638905288099247%22,%22debug_reporting%22:true,%22destination%22:%22https://villa.edu%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22977811239%22],%224%22:[%2211-28%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222051644339744000209%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 28 Nov 2023 04:00:29 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 5841
212 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e7fdf2a3ed48374d880561e4061612e2736284d20a4460a50fbff88d05631696

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 2CE8
111 KB
39 KB
Script
General
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: zaly.online
URL: https://zaly.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:801::2006 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 12:10:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
57019
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 28 Nov 2023 12:10:10 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 2CE8
11 KB
4 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N443804.2245506CAPTIFY/B28975896.352599115;dc_ver=99.292;dc_eid=40004000;sz=160x600;u_sd=1;dc_adk=521587878;ord=39uovf;click=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCsdEZ2mVlZa_yOL-9xtYPxoGZmAX_o5erdI6rkZHgEK_Mor3AARABIKmJ7IoBYMnujovApIwQoAHB1pSOA8gBCagDAcgDmwSqBOUBT9BTmV-aXVNsyQkMzuIl0veBkwyQ7qdFgR_AmPKABByJeaYbzZ2Ty3Kkq7n2PABkNO4txbyFgTTIp-hCaCVGVWN0M9Laqd9BwR3uk37nY0cc06VusHjAg5-ozwZDYV3jdjxzrJx_x6LmHudR3NE0s7wbb-08HnG2PUS_KlTb6Jze1jZRiJAAVogsrPZp2Q9oigCRuNZjPPwAEU3462YHRee4RtvrzeA9LSjw-DBGV3u02nIqsGd6NvWt0W41aN972LGL18By24GTwX5kTTNgCMrqQ-6PRpI60M0cbFGlndZC_2DQksAEo-iM5a8E4AQDiAXZ1NH4R5AGAaAGTYAHp6nrcagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgGEQARgfMgKKAjoCgEBIvf3BOoAKAZgLAcgLAYAMAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAqoNAlVTsBPx8foU0BMA2BMDiBQD2BQB0BUB-BYBgBcB%26ae%3D1%26num%3D1%26cid%3DCAQSTgDICaaNzGapUP_jDz8i-qY4SI_3oXXYpssJEwCQ5UboSK3hXoOLwhNXrAAo6DffKfnUBolvpa1OAVq_E4ETCqH2y0J80taok7A_blnPQxgB%26sig%3DAOD64_3Ep0i9NSD8llj4fvCIx1OQB9N-wQ%26client%3Dca-pub-3130448679272231%26dbm_c%3DAKAmf-CN1Dyvc7rttAzYWGbsXTgLJ0jR14O52yvowlG2WtwUAfEv0dH3nTF9BkWGUfyVONKQRYL8u1LsC7oLkrM2PlEkDVMYatStHljLDjn8eks5MSYDmsrILg1LERGoR7ocgcczlKcH4Hc-X3F2tv6wFSLWSOk6mKWyinTXqs8oOM3exhcUpi0%26cry%3D1%26dbm_d%3DAKAmf-AjY0MrBwLUZsu7hnG9w37ArETUonCePN_fw1UQK3M1oQtUZQ7NeVoXr_LJfNYekTrQkCeNmF9JCV_so7yVJyI-AqQn2n40GSAp2VjMptMhqP0i1M2UBwq8Snz2zSdhjnNXqe7aAiisba4VIejoYIy-lB7Y4AqcHL52gJdifzYeihgmRDL5-Gu96hmkyIU92kOwQtLO5R4oWy8BushZrr4E_aIvNXpU4ik5X3QdrivbStb7LgZyI95uXhjdXvb9ccDwx_vhkIs1KM2KrGSCf_BJcw4TBYohuHl1WDfdvBpKUUH8iFUnl7ATnJTUzM03hslQC2N3r6Bw-tUcxSUqFTkbnpob1EqWMiMid7cMAtmtXVCD4I9ERjz4R3Rl17cb4vhPOsdUL307CoQzirRzMcmFwtrqomwgCd0IaQJAJbqZHQp0UC13oE8xOaYlqEG-9AgaFxabNzVjz2vKNQly-iIAQV4bSGN8rynpP5qzNC2QtlGeQoAlpZhyt3HJOn_yyQNgFvJUqVrWUo-Ci7l2eKmWEU5JLtPql6GKMIGVebGjr9DAqrY%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.;dc_rfl=2,https%3A%2F%2Fzaly.online%2F$0;xdt=1;crlt=sD'IK5HzVI;stc=1;chaa=1;sttr=173;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 12:17:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
56589
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
17947678125179771625
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Dec 2023 12:17:20 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 2CE8
41 KB
14 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: zaly.online
URL: https://zaly.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 05:43:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
598631
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Nov 2024 05:43:18 GMT
main.19.8.461.js
static.adsafeprotected.com/ Frame 2CE8
213 KB
66 KB
Script
General
Full URL
https://static.adsafeprotected.com/main.19.8.461.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/1841082/76634004/skeleton.js?bundleId=&ias_dspID=3&ias_campId=27647240&ias_pubId=pub-3130448679272231&ias_chanId=1&ias_placementId=19311913561&bidurl=https://zaly.online/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0j219qjRqnpuv44KFe8zdGL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2137:3400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5d60c053b0001fc62bddd8d273be2d45bd62085f6179c57e1d2ae8fc6be54819

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 09:25:22 GMT
x-amz-version-id
SsS9NfODLbDHY8VzzB.lL2F1gs9DY59I
content-encoding
gzip
via
1.1 2efed3c5903f1fa517911255bb91ba4a.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C4
age
498908
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Wed, 22 Nov 2023 09:25:12 GMT
server
AmazonS3
etag
W/"315b08a0e21410ecc940dd381f9a8dd0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
dH8Z-hxxdZzETJuC9kqlyAhoqlV8j4U8Mash0jkGLyoB5S8TA64sow==
view
ad.doubleclick.net/pcs/ Frame 5841
0
0
Fetch
General
Full URL
https://ad.doubleclick.net/pcs/view?xai=AKAOjsvI7GapFdDjdHBZfNkTDRwnu6wtmTkcQBQnBGcDLSK-Y7lWSOrvL05DZTp8485gw3CjwIJ7BEXGxL7vl3nP5s5bfQYX57yYdfRsnAm_vVE0clX4eFrIVYG1BQPo8iSsX9HX9tXW8vKNaRseolSJs47bVQcbT6WJNKolIP3enNEQk3NAv4gzgJOrQF3LrkMPg_OBEIFfhNu2t9HjB_H19ekQxWn_x6oypkAfi6yNayI2gHyWsSje0hFmS4jyWsPLVeqfKmTL9po8ICC9lD4Wu-8n034STDM2DNhsibU2t0k0Wtsd4Cft2IISNdwT7lts_EM7TcMilWJIczJReDX738CUgBRUwOHk7Rwl2RzyCkLPjynmZgw5Zc_WvRBHL58wTdNnr7AtJGv99b8Hu4Nfxq_QYizyxMQTuc4aiJytpbWlRZVx1K4ltKJTrbc3xWL7kMd5JYBdcPYjhZVRbSA39SEU2zaVuqVizCNNjtute4yLCozVQVJDHzSi6qhJa6UDCzft6uPcBq-JLHeaJi0RZpwrSEaaeS3T0j-AYS1DTlcApq2yiCqSca96yeH-ajj93p8up1XNwi6N6NFUWKXFVK3rFEOZLsTv3ScBzufR5Y2rIwtD2El7rkNficYfOdVomSIYVXNUNNv9VnNQad7M6Zg0AbyonVYOfyNHi1m2m9NmnVFuLZro533xrVzSodEj-HFIJOid9l_09e-QvFlPxIRvtebTwD9BO82eSLImlbc0LO7xvzvB_eKJgcCYAq2UEy6jB7MyyrQYsmttOzD0ZiucSdcpmdkieGG4ZDK_BMBFb665Zeyw00hMDPur7I5JQ4XRTXTUTKWrDHVhczgfWzGi2-BLpIxI7n2wpShe260Uo90KHO31TCDXXj1WTEdnudj-riw0xjy2suCPHh9HXihT-uOvhb2tM4DpYIHj2tjrEZQlQOpTmsMz7qB-ueqOH78Jj0jBwqekVNDz2vfBV0Le-zaciqYw-VY9ZUCR2hLsayLFecA0w3PtgkeFm-cUAWj6poX3-SwVPdWie438KP8XR9kb_LMqIEmrzmUJXmV3-lbBgA7zDsTk6CGZTf02cBywJDQrYuVHDMTGGM-dkCsiZ5te3WDhM5hE4D_nFCcE0qfyFRTOIDz9phnoWmY-ptUu-_IqZA5BAS71h7zz0zuQNZaLwbbUfv-jyM4fNWCaFr0MWnQFeW3FYditu_7qMwJWS06Ci54gKQztN8xIorqArsUTThOAkNjmHAPSNIPfDgkuBbj1dM3rttcQCrxSweqtu5CAiU1raIsTZikZmpq9wKJvFTu9XrSq9ZzIYA&sai=AMfl-YQfK-J_Wfe4O8D3CSw5RKRWAxwawt2-H0loMNSuCba0-Ru7xzDnVkzVr0TJCoxXHj_f2KZhy6isERx_GokXslFvM0vcbBvQzgdWXh0bf1Nac4FTi_FEPNxqc2GjLX4KnR8Os4JnEkGJN3pnO4qnVr0QlBZZYz2meTuqg0KvxORqQljetZ5tF9srSA2uRaqp8BxyQhUn0kCoPmEr27QC4TrfQIzU1tL0-xPkzg-CqKZccEc1pzD1oUPiw4-9Ol7ShbmX-6EFXL-IOWWHE5sYWhcwwjmVKOA_cIPDWQrQ3f9qGPX6NjZw4P-ICEJe7DEiZ7r2l0Ma8COq5yoPGjk_mpl_GnaYL6rgBSdALbwUeTfXZBTX5EHIOIRdUxsrkcNJsxUJonGwG0NhGB3xyn7hSzDMWr4RpMcxf6b5uwfPtqQVHk-SSz1hpCASJZPcV_eaiZDUJ9QYAyLwhbQlkGgH_lEldrdpZvCoc4bGQEJura-hyMsXyvml3gHeuCYljJS3wPFAtg&sig=Cg0ArKJSzDvLleZp98UyEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9tYXNpc3N0YWZmaW5nLmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=651&cbvp=2&dett=2&cstd=1&cisv=r20231109.61519&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: zaly.online
URL: https://zaly.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.81.230 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga25s74-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 28 Nov 2023 04:00:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 31FD
0
28 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA2x0cgoMCAEqCHBvcnRyYWl0CgoIAioGc2VydmVyChgIBCoUbXlzaWRpYV9yZWxlYXNlX3Byb2QKLhohZGlzcGxheV9sZWFkX2Zvcm1fcXVlc3Rpb25fbnVtYmVyIQAAAAAAAAhAMAEKDRArIQAAAAAAAElAMAESGkNLN0h2NnZuNVlJREZiLWUwUVFkeGtBR1V3IhZsZWFkZ2VuL2Zyb3Ntb3RoX2ltYWdlKCw=
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/1290528a0f60de16515866847082b13a.js?tag=pingback
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 0EB2
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 21:52:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
22078
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 26 Nov 2024 21:52:31 GMT
vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js
pagead2.googlesyndication.com/bg/ Frame 90DD
38 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf3ae3cb276e14b8260f0a5581a6da12c86d3963549a2747e0099a0d85361412
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 06:56:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
248663
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14894
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 24 Nov 2024 06:56:06 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 6D29
38 KB
13 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
18119
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 27 Nov 2023 22:58:30 GMT
expires
Tue, 26 Nov 2024 22:58:30 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame 9B4B
4 KB
655 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3130448679272231&output=html&h=280&adk=1980682340&adf=3750240013&pi=t.aa~a.1383163065~rp.4&w=940&fwrn=4&fwrnh=100&lmt=1701143153&rafmt=1&to=qs&pwprc=4365785914&format=940x280&url=https%3A%2F%2Fzaly.online%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701144028574&bpp=1&bdt=3194&idt=1&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51474cc3657465e7%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MbhfGLvMgVxjGDwVhkCy0kJo_etKg&gpic=UID%3D00000da452bb580f%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MaW2imH7PGd5p1aCMH2z2qBmuttGQ&prev_fmts=0x0%2C620x280&nras=2&correlator=5891447285237&frm=20&pv=1&ga_vid=1315140130.1701144026&ga_sid=1701144027&ga_hid=1864439633&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=2649&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079654%2C44807405%2C44807763%2C44808149%2C44808285%2C44809054&oid=2&psts=AOrYGskhb-bZ7MQrozXSy7Ek8nsl5PD-gOgYuW20QgE0XHCEki0MqEZEipt_O9oJN6aeg0_Mbeca7wjj2xirwRKtspJJkg&pvsid=3510725109261731&tmod=1102444141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:809::200a Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 28 Nov 2023 04:00:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 02:24:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 28 Nov 2023 04:00:29 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 9B4B
2 KB
828 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3130448679272231&output=html&h=280&adk=1980682340&adf=3750240013&pi=t.aa~a.1383163065~rp.4&w=940&fwrn=4&fwrnh=100&lmt=1701143153&rafmt=1&to=qs&pwprc=4365785914&format=940x280&url=https%3A%2F%2Fzaly.online%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701144028574&bpp=1&bdt=3194&idt=1&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51474cc3657465e7%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MbhfGLvMgVxjGDwVhkCy0kJo_etKg&gpic=UID%3D00000da452bb580f%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MaW2imH7PGd5p1aCMH2z2qBmuttGQ&prev_fmts=0x0%2C620x280&nras=2&correlator=5891447285237&frm=20&pv=1&ga_vid=1315140130.1701144026&ga_sid=1701144027&ga_hid=1864439633&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=2649&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079654%2C44807405%2C44807763%2C44808149%2C44808285%2C44809054&oid=2&psts=AOrYGskhb-bZ7MQrozXSy7Ek8nsl5PD-gOgYuW20QgE0XHCEki0MqEZEipt_O9oJN6aeg0_Mbeca7wjj2xirwRKtspJJkg&pvsid=3510725109261731&tmod=1102444141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 21:58:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
21745
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Dec 2023 21:58:04 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 9B4B
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3130448679272231&output=html&h=280&adk=1980682340&adf=3750240013&pi=t.aa~a.1383163065~rp.4&w=940&fwrn=4&fwrnh=100&lmt=1701143153&rafmt=1&to=qs&pwprc=4365785914&format=940x280&url=https%3A%2F%2Fzaly.online%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701144028574&bpp=1&bdt=3194&idt=1&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51474cc3657465e7%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MbhfGLvMgVxjGDwVhkCy0kJo_etKg&gpic=UID%3D00000da452bb580f%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MaW2imH7PGd5p1aCMH2z2qBmuttGQ&prev_fmts=0x0%2C620x280&nras=2&correlator=5891447285237&frm=20&pv=1&ga_vid=1315140130.1701144026&ga_sid=1701144027&ga_hid=1864439633&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=2649&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079654%2C44807405%2C44807763%2C44808149%2C44808285%2C44809054&oid=2&psts=AOrYGskhb-bZ7MQrozXSy7Ek8nsl5PD-gOgYuW20QgE0XHCEki0MqEZEipt_O9oJN6aeg0_Mbeca7wjj2xirwRKtspJJkg&pvsid=3510725109261731&tmod=1102444141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 02:24:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
5749
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9282
x-xss-protection
0
server
cafe
etag
14645652906762492339
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 02:24:40 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 9B4B
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3130448679272231&output=html&h=280&adk=1980682340&adf=3750240013&pi=t.aa~a.1383163065~rp.4&w=940&fwrn=4&fwrnh=100&lmt=1701143153&rafmt=1&to=qs&pwprc=4365785914&format=940x280&url=https%3A%2F%2Fzaly.online%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701144028574&bpp=1&bdt=3194&idt=1&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51474cc3657465e7%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MbhfGLvMgVxjGDwVhkCy0kJo_etKg&gpic=UID%3D00000da452bb580f%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MaW2imH7PGd5p1aCMH2z2qBmuttGQ&prev_fmts=0x0%2C620x280&nras=2&correlator=5891447285237&frm=20&pv=1&ga_vid=1315140130.1701144026&ga_sid=1701144027&ga_hid=1864439633&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=2649&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079654%2C44807405%2C44807763%2C44808149%2C44808285%2C44809054&oid=2&psts=AOrYGskhb-bZ7MQrozXSy7Ek8nsl5PD-gOgYuW20QgE0XHCEki0MqEZEipt_O9oJN6aeg0_Mbeca7wjj2xirwRKtspJJkg&pvsid=3510725109261731&tmod=1102444141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 04:22:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
85057
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Dec 2023 04:22:52 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 9B4B
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3130448679272231&output=html&h=280&adk=1980682340&adf=3750240013&pi=t.aa~a.1383163065~rp.4&w=940&fwrn=4&fwrnh=100&lmt=1701143153&rafmt=1&to=qs&pwprc=4365785914&format=940x280&url=https%3A%2F%2Fzaly.online%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701144028574&bpp=1&bdt=3194&idt=1&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51474cc3657465e7%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MbhfGLvMgVxjGDwVhkCy0kJo_etKg&gpic=UID%3D00000da452bb580f%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MaW2imH7PGd5p1aCMH2z2qBmuttGQ&prev_fmts=0x0%2C620x280&nras=2&correlator=5891447285237&frm=20&pv=1&ga_vid=1315140130.1701144026&ga_sid=1701144027&ga_hid=1864439633&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=2649&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079654%2C44807405%2C44807763%2C44808149%2C44808285%2C44809054&oid=2&psts=AOrYGskhb-bZ7MQrozXSy7Ek8nsl5PD-gOgYuW20QgE0XHCEki0MqEZEipt_O9oJN6aeg0_Mbeca7wjj2xirwRKtspJJkg&pvsid=3510725109261731&tmod=1102444141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 02:21:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
5954
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 02:21:15 GMT
l
www.google.com/ads/measurement/ Frame 9B4B
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTUzld8mX1aomRZKrA62EWgEihE0blRQh5MHKNJI--LEpj4jd6O-G4r0gBsKwECAPOhu7DElA78R12wtI-NeF3ObyuL6w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3130448679272231&output=html&h=280&adk=1980682340&adf=3750240013&pi=t.aa~a.1383163065~rp.4&w=940&fwrn=4&fwrnh=100&lmt=1701143153&rafmt=1&to=qs&pwprc=4365785914&format=940x280&url=https%3A%2F%2Fzaly.online%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701144028574&bpp=1&bdt=3194&idt=1&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51474cc3657465e7%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MbhfGLvMgVxjGDwVhkCy0kJo_etKg&gpic=UID%3D00000da452bb580f%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MaW2imH7PGd5p1aCMH2z2qBmuttGQ&prev_fmts=0x0%2C620x280&nras=2&correlator=5891447285237&frm=20&pv=1&ga_vid=1315140130.1701144026&ga_sid=1701144027&ga_hid=1864439633&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=2649&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079654%2C44807405%2C44807763%2C44808149%2C44808285%2C44809054&oid=2&psts=AOrYGskhb-bZ7MQrozXSy7Ek8nsl5PD-gOgYuW20QgE0XHCEki0MqEZEipt_O9oJN6aeg0_Mbeca7wjj2xirwRKtspJJkg&pvsid=3510725109261731&tmod=1102444141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:805::2004 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 9B4B
202 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3130448679272231&output=html&h=280&adk=1980682340&adf=3750240013&pi=t.aa~a.1383163065~rp.4&w=940&fwrn=4&fwrnh=100&lmt=1701143153&rafmt=1&to=qs&pwprc=4365785914&format=940x280&url=https%3A%2F%2Fzaly.online%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701144028574&bpp=1&bdt=3194&idt=1&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51474cc3657465e7%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MbhfGLvMgVxjGDwVhkCy0kJo_etKg&gpic=UID%3D00000da452bb580f%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MaW2imH7PGd5p1aCMH2z2qBmuttGQ&prev_fmts=0x0%2C620x280&nras=2&correlator=5891447285237&frm=20&pv=1&ga_vid=1315140130.1701144026&ga_sid=1701144027&ga_hid=1864439633&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=2649&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079654%2C44807405%2C44807763%2C44808149%2C44808285%2C44809054&oid=2&psts=AOrYGskhb-bZ7MQrozXSy7Ek8nsl5PD-gOgYuW20QgE0XHCEki0MqEZEipt_O9oJN6aeg0_Mbeca7wjj2xirwRKtspJJkg&pvsid=3510725109261731&tmod=1102444141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:806::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 04:00:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Nov 2023 04:00:29 GMT
a6de5423b7c632060e8f86136bd5d27a.js
www.gstatic.com/mysidia/ Frame 9B4B
37 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3130448679272231&output=html&h=280&adk=1980682340&adf=3750240013&pi=t.aa~a.1383163065~rp.4&w=940&fwrn=4&fwrnh=100&lmt=1701143153&rafmt=1&to=qs&pwprc=4365785914&format=940x280&url=https%3A%2F%2Fzaly.online%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701144028574&bpp=1&bdt=3194&idt=1&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51474cc3657465e7%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MbhfGLvMgVxjGDwVhkCy0kJo_etKg&gpic=UID%3D00000da452bb580f%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MaW2imH7PGd5p1aCMH2z2qBmuttGQ&prev_fmts=0x0%2C620x280&nras=2&correlator=5891447285237&frm=20&pv=1&ga_vid=1315140130.1701144026&ga_sid=1701144027&ga_hid=1864439633&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=2649&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079654%2C44807405%2C44807763%2C44808149%2C44808285%2C44809054&oid=2&psts=AOrYGskhb-bZ7MQrozXSy7Ek8nsl5PD-gOgYuW20QgE0XHCEki0MqEZEipt_O9oJN6aeg0_Mbeca7wjj2xirwRKtspJJkg&pvsid=3510725109261731&tmod=1102444141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:815::2003 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 22:45:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
537308
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15478
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 14:10:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 19 Feb 2024 22:45:21 GMT
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 6D29
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 21:52:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
22078
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 26 Nov 2024 21:52:31 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 32C4
1 KB
650 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3130448679272231&output=html&h=280&adk=1980682340&adf=3750240013&pi=t.aa~a.1383163065~rp.4&w=940&fwrn=4&fwrnh=100&lmt=1701143153&rafmt=1&to=qs&pwprc=4365785914&format=940x280&url=https%3A%2F%2Fzaly.online%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701144028574&bpp=1&bdt=3194&idt=1&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51474cc3657465e7%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MbhfGLvMgVxjGDwVhkCy0kJo_etKg&gpic=UID%3D00000da452bb580f%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MaW2imH7PGd5p1aCMH2z2qBmuttGQ&prev_fmts=0x0%2C620x280&nras=2&correlator=5891447285237&frm=20&pv=1&ga_vid=1315140130.1701144026&ga_sid=1701144027&ga_hid=1864439633&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=2649&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079654%2C44807405%2C44807763%2C44808149%2C44808285%2C44809054&oid=2&psts=AOrYGskhb-bZ7MQrozXSy7Ek8nsl5PD-gOgYuW20QgE0XHCEki0MqEZEipt_O9oJN6aeg0_Mbeca7wjj2xirwRKtspJJkg&pvsid=3510725109261731&tmod=1102444141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
56641
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 27 Nov 2023 12:16:28 GMT
etag
48472445140208031
expires
Tue, 28 Nov 2023 12:16:28 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 37DB
0
28 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BnHWy2mVlZbDyOL-9xtYPxoGZmAUAAAAAOAHgBAI&bg=!hIelh8jNAAZxrfrxUa07ADQBe5WfOIzXe8MRMvr4GZw3IiPKy22ZmpVxZ1a_F3ZefOn40XEdQs94ieB8Z7BurHJItnFIAgAAAPlSAAAAAmgBB5kDBZ5TutUihLulHw4-bi1HvPQc_xCIL6tRXsX-C7WuTUphafaEpc3K5pl93x1r6SWtyx7itZWLJaw5DEohdU1GTpT4rNu1PLGMmtIZ99G61g6qmjGFvDIZZchm3-Gt3pOty4cmcRTtOKfe5-uOe5CNrhWwgKHSQ0XmY_eeFiAuGVk75h9LkIe0NLOXVQkii1RzbDYk2iZimu3U4sVZ0P3Rc4gpMmXGWHSbhDGaB3Narmg5FfR6gO8pD2n9w00FFriMDYBJtrauebyUSAf-Ht4ix0NHactY_1Rcp5gCWweGbbzjaP6oR21DlYRlqECeOk6oAfr18vK14PZTltxLMNKQx_dwCLiZuw6bBkuU01-fbEw0N4gjh5S5SqC2Za22t0sfYHNKNufAIzxXTvpw8zybHhz2O8BOgq4YpzSfWLFsrHK-fYAiN9a7RaubjtRxg5xUGNS9B0AiLoYlx0Uo5BU0d5d8xh9zBPRZHBDaNnhHmlGpKKmvng1mnSWI1K01O9BGZ07RkZ42JKQutP_z4egqniHtTVkATQqPaATy0XOtNDKMXz-VxNW1Y7WsyHQyxE68f9pBjj9jJseE7E_ou30BTLo10f2S-5UDhyPSmQpFBwstrzW--AvaGSogZed4pashSbqekEJMp_YlvOYcUZlQBYoiFmOPbGAbpwO4Sq47bNW6-eUQImAO3rT9sP1cVIz0JAnskMdsZyNMGuDzmEJgx2lR9FZtDlLyQ1PP4L6YSiHSEUKQ4oCS97WV3_59ZXDNPCnvKgL3xY8A2asO0CVJSGvQJmCwwmuvWWy2V4utW8lsCmZlDIApYQdmwsML2403UFn0yB6gOwHMG37HbkN51VmRJmdf4xUPEm82WXLbLK3o-Ql7xPwGEy8j4ttV-qYcEnPOLsbuu-hOcKcOdUpBW_6oTK7xGV_KTLbSBgG2IoD_mUBSTGOG5ro2GOKO09_pybEFbY4rpuNFLqJa2xagrxdS_TUbNdk9msh7WpN7aQX-KsPgw-5j-vaxpgxI_RIR2FCkHMit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/12608145398759516290/ Frame 9B4B
55 KB
55 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/12608145398759516290/14763004658117789537?w=600&h=314&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3130448679272231&output=html&h=280&adk=1980682340&adf=3750240013&pi=t.aa~a.1383163065~rp.4&w=940&fwrn=4&fwrnh=100&lmt=1701143153&rafmt=1&to=qs&pwprc=4365785914&format=940x280&url=https%3A%2F%2Fzaly.online%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701144028574&bpp=1&bdt=3194&idt=1&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51474cc3657465e7%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MbhfGLvMgVxjGDwVhkCy0kJo_etKg&gpic=UID%3D00000da452bb580f%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MaW2imH7PGd5p1aCMH2z2qBmuttGQ&prev_fmts=0x0%2C620x280&nras=2&correlator=5891447285237&frm=20&pv=1&ga_vid=1315140130.1701144026&ga_sid=1701144027&ga_hid=1864439633&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=2649&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079654%2C44807405%2C44807763%2C44808149%2C44808285%2C44809054&oid=2&psts=AOrYGskhb-bZ7MQrozXSy7Ek8nsl5PD-gOgYuW20QgE0XHCEki0MqEZEipt_O9oJN6aeg0_Mbeca7wjj2xirwRKtspJJkg&pvsid=3510725109261731&tmod=1102444141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8b8dbe372d55aac61751e3c8aa96d3ba9c73ca7c02cf85ab0499886137b5fbae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 04:00:29 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56582
x-xss-protection
0
last-modified
Thu, 21 Jul 2022 12:56:10 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 27 Nov 2024 04:00:29 GMT
5894083041039939252
tpc.googlesyndication.com/simgad/ Frame 9B4B
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/5894083041039939252?w=100&h=100&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3130448679272231&output=html&h=280&adk=1980682340&adf=3750240013&pi=t.aa~a.1383163065~rp.4&w=940&fwrn=4&fwrnh=100&lmt=1701143153&rafmt=1&to=qs&pwprc=4365785914&format=940x280&url=https%3A%2F%2Fzaly.online%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701144028574&bpp=1&bdt=3194&idt=1&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51474cc3657465e7%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MbhfGLvMgVxjGDwVhkCy0kJo_etKg&gpic=UID%3D00000da452bb580f%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MaW2imH7PGd5p1aCMH2z2qBmuttGQ&prev_fmts=0x0%2C620x280&nras=2&correlator=5891447285237&frm=20&pv=1&ga_vid=1315140130.1701144026&ga_sid=1701144027&ga_hid=1864439633&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=2649&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079654%2C44807405%2C44807763%2C44808149%2C44808285%2C44809054&oid=2&psts=AOrYGskhb-bZ7MQrozXSy7Ek8nsl5PD-gOgYuW20QgE0XHCEki0MqEZEipt_O9oJN6aeg0_Mbeca7wjj2xirwRKtspJJkg&pvsid=3510725109261731&tmod=1102444141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc4a1afb694e93410712d128ca7405dec5afb5561b347fa34f4da39ae17ad1f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 03:09:51 GMT
x-content-type-options
nosniff
age
3038
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2333
x-xss-protection
0
last-modified
Wed, 18 Nov 2020 09:57:44 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 27 Nov 2024 03:09:51 GMT
moatad.js
z.moatads.com/crossmediaadvdcm491634115592/ Frame 2CE8
336 KB
114 KB
Script
General
Full URL
https://z.moatads.com/crossmediaadvdcm491634115592/moatad.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.51.58.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-51-58-26.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
ebc94cc158b409fd54e12310afd7c12d0022544d0b64c659b9c1ecbf433a6a2f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 04:00:29 GMT
content-encoding
gzip
last-modified
Tue, 31 Oct 2023 08:17:44 GMT
server
AmazonS3
x-amz-request-id
13Q776CBSZJ157MX
etag
"97bf7e1a47e0049408afefc025001b5f"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=15826
accept-ranges
bytes
content-length
116823
x-amz-id-2
GE3nrYYVMrioM5RECJ8JBsLiKcVsvb+IFPWqtuwF9npJ67straLHwgXjF/FN4UcHRRrinPJS3Rs=
firstevent
usbank.demdex.net/ Frame 2CE8
Redirect Chain
  • https://usbank.demdex.net/event?d_event=imp&d_src=181138&d_creative=183441212&d_campaign=28975896&d_placement=352599115&d_site=3330315&d_bust=2877588321
  • https://usbank.demdex.net/firstevent?d_event=imp&d_src=181138&d_creative=183441212&d_campaign=28975896&d_placement=352599115&d_site=3330315&d_bust=2877588321
42 B
722 B
Script
General
Full URL
https://usbank.demdex.net/firstevent?d_event=imp&d_src=181138&d_creative=183441212&d_campaign=28975896&d_placement=352599115&d_site=3330315&d_bust=2877588321
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Server
52.45.157.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-45-157-3.compute-1.amazonaws.com
Software
/
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

dcs
dcs-prod-va6-2-v053-0c56b2299.edge-va6.demdex.com 5 ms
pragma
no-cache
date
Tue, 28 Nov 2023 04:00:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
GF0WUw7kSVQ=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-va6-1-v053-05b6c2351.edge-va6.demdex.com 0 ms
pragma
no-cache
date
Tue, 28 Nov 2023 04:00:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
n4nx+MVgQN4=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://usbank.demdex.net/firstevent?d_event=imp&d_src=181138&d_creative=183441212&d_campaign=28975896&d_placement=352599115&d_site=3330315&d_bust=2877588321
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 2CE8
202 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:806::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 04:00:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Nov 2023 04:00:29 GMT
index.html
s0.2mdn.net/sadbundle/214269559785654871/ Frame 2682
6 KB
2 KB
Document
General
Full URL
https://s0.2mdn.net/sadbundle/214269559785654871/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:801::2006 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
842168fa3f7147fa8d30182b9b15f5a0fe207d9acc2687a8fdec6a524a61d1f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
540919
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2068
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 21 Nov 2023 21:45:10 GMT
expires
Wed, 20 Nov 2024 21:45:10 GMT
last-modified
Wed, 07 Dec 2022 16:50:14 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 2CE8
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuZYsfh7HXS1Rx5Ab6rhRTgNSbgN8qN34YEwP4KzsPJNPdZMNQPsJbQ1bATzvb3mkGLDZeRHHWpZ_6UA8HM7V26wrshnPn6vxuxsrRLgFBgjPNM2nhoRLDdY5dVzlqwq7Zmj21LGcfMbLxU2OJ3pcjPBPXDz7DDiTfNgDoGx229U7BqZRjao4Fd8wGbjA&sai=AMfl-YSUsnF9yoDD9sT0h7QW-z9A0gFQINGBPdluL2bMWr_7jM5dcxJIxVyPKTsXeLuDCumdBl-2xQdzBtYzjjppDmWTd4Bj5N60L8SGfA&sig=Cg0ArKJSzLDbhJeMpSAGEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=261&cbvp=1&cstd=259&cisv=r20231109.36745&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: zaly.online
URL: https://zaly.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.3.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mia07s54-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 04:00:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
a.gif
acxmetrics.usbank.com/d/ Frame 2CE8
Redirect Chain
  • https://acxmetrics.usbank.com/1/d/c.gif?aqet=imp&adv=6219544&ca=28975896&cr=183441212&pl=352599115&sid=3330315&sg=0&puu=AMsySZa-eDbp4KiQ6o_EaOfXyjDN&geo=ct=US&st=NY&city=13347&dma=16&zp=14202&bw=4&...
  • https://acxmetrics.usbank.com/d/a.gif?gdpr=T&img=true&tt=c.gif&reload=true&z_evid=F55EABEADA4F7D738E33BB0147BDA64322361DDCF0245B7F4E3FD3EBD6BE9BCF
42 B
304 B
Image
General
Full URL
https://acxmetrics.usbank.com/d/a.gif?gdpr=T&img=true&tt=c.gif&reload=true&z_evid=F55EABEADA4F7D738E33BB0147BDA64322361DDCF0245B7F4E3FD3EBD6BE9BCF
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
HTTP/1.1
Server
23.44.203.13 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-203-13.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 28 Nov 2023 04:00:29 GMT
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
42
Expires
Tue, 28 Nov 2023 04:00:29 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 28 Nov 2023 04:00:29 GMT
Edge-Log-Oth
0!beh!c030!null!acxmetrics.usbank.com!%2f1%2fd%2fc.gif!1701144029!US!252A741DDAD30DBDDEF52E241084EED1!Mozilla%2f5.0%20(Windows%20NT%2010.0%3b%20Win64%3b%20x64)%20AppleWebKit%2f537.36%20(KHTML%2c%20like%20Gecko)%20Chrome%2f119.0.6045.159%20Safari%2f537.36!image%2favif%2cimage%2fwebp%2cimage%2fapng%2cimage%2fsvg+xml%2cimage%2f*%2c*%2f*%3bq%3d0.8!en-US%2cen%3bq%3d0.9!gzip%2c%20deflate%2c%20br!NY!42.8954!-78.8862!514!1280!EST!716!36029!BUFFALO!!!vhigh!6E8F2CA68B713A394AE24B02F3E2827E!09D2B2ADF29007A70A3B16A4183266C0!,z_evid=F55EABEADA4F7D738E33BB0147BDA64322361DDCF0245B7F4E3FD3EBD6BE9BCF,newuu=1,ck__acxmetrics=FyzLDVZWXdaq0AEM
Content-Type
text/html
Location
/d/a.gif?gdpr=T&img=true&tt=c.gif&reload=true&z_evid=F55EABEADA4F7D738E33BB0147BDA64322361DDCF0245B7F4E3FD3EBD6BE9BCF
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
0
Expires
Tue, 28 Nov 2023 04:00:29 GMT
/
d.agkn.com/pixel/10690/ Frame 2CE8
43 B
614 B
Image
General
Full URL
https://d.agkn.com/pixel/10690/?che=2877588321&cmid=28975896&sid=3330315&pid=352599115&cgid=545364535&cid=183441212&aid=6219544&gdpr=&gdpr_consent=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21da:8800:19:fc2c:a140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:29 GMT
via
1.1 fd6ee8ff46440f33e22da71450793e70.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR53-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
image/gif
cache-control
no-cache, must-revalidate
content-length
43
x-amz-cf-id
AnfcV2T2GFEn_W1HdR4IomTpcByb6QjeZR8o-SI6BZBiai1_d8enPw==
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: server.zmedia.vn
URL: https://server.zmedia.vn/static/template/passback/balloon-pc.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:815::200e Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 28 Nov 2023 03:16:40 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
2629
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 28 Nov 2023 05:16:40 GMT
collect
www.google-analytics.com/j/
3 B
23 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1864439633&t=pageview&_s=1&dl=https%3A%2F%2Fzaly.online%2F&ul=en-us&de=UTF-8&dt=Zaly.Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cn=zaly.online&cs=Balloon&cm=&cc=&_u=aADAAUABAAAAACAAI~&jid=1164870637&gjid=303356168&cid=1315140130.1701144026&tid=UA-206083988-2&_gid=1991288284.1701144026&_r=1&_slc=1&z=660014020
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:815::200e Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://zaly.online/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:29 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://zaly.online
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
154 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3130448679272231
Requested by
Host: server.zmedia.vn
URL: https://server.zmedia.vn/static/template/passback/balloon-pc.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c3cb5d96dd83517f2586ecce90fa45ea2781cd63dc89bbceaae49319098deb7c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zaly.online/
Origin
https://zaly.online
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 04:00:29 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52994
x-xss-protection
0
server
cafe
etag
15827408577248677140
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 28 Nov 2023 04:00:29 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 45DA
103 KB
39 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3130448679272231&output=html&h=250&slotname=6538754230&adk=3030280808&adf=299928974&pi=t.ma~as.6538754230&w=300&lmt=1701143153&format=300x250&url=https%3A%2F%2Fzaly.online%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701144029756&bpp=2&bdt=4376&idt=2&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51474cc3657465e7%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MbhfGLvMgVxjGDwVhkCy0kJo_etKg&gpic=UID%3D00000da452bb580f%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MaW2imH7PGd5p1aCMH2z2qBmuttGQ&prev_fmts=0x0%2C620x280%2C940x280%2C1600x1200%2C160x600%2C160x600%2C1005x124&nras=6&correlator=5891447285237&frm=20&pv=1&ga_vid=1315140130.1701144026&ga_sid=1701144027&ga_hid=1864439633&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1300&ady=944&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079654%2C44807405%2C44807763%2C44808149%2C44808285%2C44809054&oid=2&psts=AOrYGskhb-bZ7MQrozXSy7Ek8nsl5PD-gOgYuW20QgE0XHCEki0MqEZEipt_O9oJN6aeg0_Mbeca7wjj2xirwRKtspJJkg%2CAOrYGskwXkveVVZvs1-wDcxk_-1mgLpzGlIdMHzkEeNJWvkvVOuaBcYqvphc3ol8_lbZBfxcooWbelubZV0QcG2ioe6blruFfBrJbAzQmbHVN-OA77o&pvsid=3510725109261731&tmod=1102444141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&fsb=1&dtd=8
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_fy2021.js?bust=31079654
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:816::2002 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2c48b867bef0ad9445c7fec13b7fb379804641bbe9c4b1231fad7f42502a150e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zaly.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
39542
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 28 Nov 2023 04:00:30 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
zOHQRhkXT0fmXXtzTLxs6KUxZKQf7sLCmBNOcLU2FEcJ-0LuigSv7DQ8wYyFs3RUB9FJ37c_QDEP1d3xfHdZPfjMlFC1_kFIlOPM9nDdtgiwjCxbdayBlXrsbKEhBFPoGFVzZS2qawV6zfzpIsxBHkM7d33zX-TOIN-V4WWFZAc3mENL-Okwxw1qrX0bIXk6yAtc7...
aj1559.online/
49 B
512 B
Image
General
Full URL
https://aj1559.online/zOHQRhkXT0fmXXtzTLxs6KUxZKQf7sLCmBNOcLU2FEcJ-0LuigSv7DQ8wYyFs3RUB9FJ37c_QDEP1d3xfHdZPfjMlFC1_kFIlOPM9nDdtgiwjCxbdayBlXrsbKEhBFPoGFVzZS2qawV6zfzpIsxBHkM7d33zX-TOIN-V4WWFZAc3mENL-Okwxw1qrX0bIXk6yAtc7uWiFbPc1f_vwx1DDkq2jboKuS2m-c-PXY5qckdLoAElfRJfktXGZjVl3Oqxwfk3_GRCFfLyXw5cng8bsqUeyDvkTWeOh4DwPIiz3TKUcvR_i5dku8c7z4grcgSsi-XMGwgGB65V4qt2XwGKTms4dWyESVAPN3-uVGX1LSxXKAZ_Mj8UZsEFmepWhaKAwMj_vduX8y-L3_vVpX_Y?DC=DO
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
212.124.124.115 Reston, United States, ASN47328 (TRI-AS DigitalOne AG, CH),
Reverse DNS
Software
/
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:29 GMT
last-modified
Mon, 06 Nov 2023 14:46:40 GMT
accept-ch
Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
etag
W/"49-1699282000000"
p3p
CP="CAO PSA OUR"
access-control-allow-origin
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
permissions-policy
*
accept-ranges
bytes
content-length
49
expires
Thu, 01 Jan 1970 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 6D50
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvZmoWDLMQiePAAMrAjZ5uokCeolHtcuvczUDlBD5zAxb5l41gRFVTfsEmMnEiYCiLQsFaBa6gh70EyqPWd2DS6elUzncMJE1UQTu-UXErvw2yV0uMbjGl-HNcNVqF1KYioERxzjNyVFQ&sai=AMfl-YRhmw7NEfQphz-wb39WXu2ADaqNojbWrQj1Uq89P8Ejvj-NELI4U6-F0xg5_4SsIVPfVPrAlidirFxAdMuvdAmDTbJH4d24QtO1ECe0zdY6w_Rr_uux4Qzoy6gi9YFdB-JY6bvqDQsBH80XeexZvud1mGE0gskZn1g&sig=Cg0ArKJSzLPLVMYgF3YQEAE&cid=CAQSTgDICaaN5jCgdMEV9KOYhqw8Et8d697m3AiaZZTS2hpQJ5Ki4Fc86gR3m3njpniUGctz4anQMpqU0Exb86I5Znoe4o6kuhChmEWSkMcVIhgB&id=lidar2&mcvt=1027&p=0,142,280,478&mtos=1027,1027,1027,1027,1027&tos=1027,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=3213702284&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701144026906&rpt=1839&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ Frame 2682
85 KB
30 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/214269559785654871/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:804::200a Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 21:14:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
283569
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30306
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Nov 2024 21:14:20 GMT
jquery.transit.min.js
s0.2mdn.net/sadbundle/214269559785654871/js/ Frame 2682
7 KB
3 KB
Script
General
Full URL
https://s0.2mdn.net/sadbundle/214269559785654871/js/jquery.transit.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/214269559785654871/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:801::2006 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
14614a5e76b685075a852b60e7f4242bb6fac8bb71af11eedadad1521c918c7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/214269559785654871/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 00:03:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
359822
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2718
x-xss-protection
0
last-modified
Wed, 07 Dec 2022 16:50:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 23 Nov 2024 00:03:27 GMT
Banner-160x600.js
s0.2mdn.net/sadbundle/214269559785654871/js/ Frame 2682
4 KB
1 KB
Script
General
Full URL
https://s0.2mdn.net/sadbundle/214269559785654871/js/Banner-160x600.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/214269559785654871/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:801::2006 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82555e78137699464bd690f1e6f4ae38f441073926244ff635b0a920ce18cfb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/214269559785654871/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 22:11:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
452956
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1365
x-xss-protection
0
last-modified
Wed, 07 Dec 2022 16:50:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 21 Nov 2024 22:11:13 GMT
Transitions.js
s0.2mdn.net/sadbundle/214269559785654871/js/ Frame 2682
4 KB
702 B
Script
General
Full URL
https://s0.2mdn.net/sadbundle/214269559785654871/js/Transitions.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/214269559785654871/index.html?ev=01_250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:801::2006 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
54efe90d6d9fce78a85ba8eebcec5beb03fae2b674aadf5cc87f2b1065c80280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/214269559785654871/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 21:45:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
540919
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
635
x-xss-protection
0
last-modified
Wed, 07 Dec 2022 16:50:14 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 20 Nov 2024 21:45:10 GMT
truncated
/ Frame 9B4B
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
001809079c0839eb4f835581971320de66ca5291c8b3c16c9bb799e62b71077a

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 32C4
Redirect Chain
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEIZXvsvm_Bxl_8BaWPLxpq8&google_cver=1&google_push=AXcoOmR-OC8neh9ej8HxtNnGP-_w500sk7u0vzDdWgl3Id88zgCFVBW...
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=5ae7fbf93c4f0fbd&is_secure=true&networkId=14000&version=1&google_gid=CAESEIZXvsvm_Bxl_8BaWPLxpq8&google_cver=1&google_push=AXcoOmR-OC8n...
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAFl2oUjZ-JuQMSqNRaAAAAAAA&expiration=1701230430&google_cver=1&is_secure=true&google_gid=CAESEIZXvsvm_Bxl_8BaWPLxp...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAFl2oUjZ-JuQMSqNRaAAAAAAA&expiration=1701230430&google_cver=1&is_secure=true&google_gid=CAESEIZXvsvm_Bxl_8BaWPLxpq8&google_push=AXcoOmR-OC8neh9ej8HxtNnGP-_w500sk7u0vzDdWgl3Id88zgCFVBW3OWQOaW3pk-fUoVN8RkRzNvSklWToFmdlyzbzFRdIW2DAmQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3130448679272231&output=html&h=280&adk=1980682340&adf=3750240013&pi=t.aa~a.1383163065~rp.4&w=940&fwrn=4&fwrnh=100&lmt=1701143153&rafmt=1&to=qs&pwprc=4365785914&format=940x280&url=https%3A%2F%2Fzaly.online%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701144028574&bpp=1&bdt=3194&idt=1&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51474cc3657465e7%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MbhfGLvMgVxjGDwVhkCy0kJo_etKg&gpic=UID%3D00000da452bb580f%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MaW2imH7PGd5p1aCMH2z2qBmuttGQ&prev_fmts=0x0%2C620x280&nras=2&correlator=5891447285237&frm=20&pv=1&ga_vid=1315140130.1701144026&ga_sid=1701144027&ga_hid=1864439633&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=2649&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079654%2C44807405%2C44807763%2C44808149%2C44808285%2C44809054&oid=2&psts=AOrYGskhb-bZ7MQrozXSy7Ek8nsl5PD-gOgYuW20QgE0XHCEki0MqEZEipt_O9oJN6aeg0_Mbeca7wjj2xirwRKtspJJkg&pvsid=3510725109261731&tmod=1102444141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6
Protocol
H3
Server
142.250.217.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mia07s62-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:30 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAFl2oUjZ-JuQMSqNRaAAAAAAA&expiration=1701230430&google_cver=1&is_secure=true&google_gid=CAESEIZXvsvm_Bxl_8BaWPLxpq8&google_push=AXcoOmR-OC8neh9ej8HxtNnGP-_w500sk7u0vzDdWgl3Id88zgCFVBW3OWQOaW3pk-fUoVN8RkRzNvSklWToFmdlyzbzFRdIW2DAmQ
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 32C4
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=4&uid=CAESEOcpOw--LSXDLdaVVMxq_8Q&google_cver=1&google_push=AXcoOmQNVljckAkRhPnQAkDGFlDeK1ZKPmOV9CPhRUeriOgxVJ5nnC_Djd0IKv70tChoke6duF-sr63dL8lDX59ylch7diOcK...
  • https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=857704199194&us_privacy=1---
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=857704199194&us_privacy=1---
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3130448679272231&output=html&h=280&adk=1980682340&adf=3750240013&pi=t.aa~a.1383163065~rp.4&w=940&fwrn=4&fwrnh=100&lmt=1701143153&rafmt=1&to=qs&pwprc=4365785914&format=940x280&url=https%3A%2F%2Fzaly.online%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701144028574&bpp=1&bdt=3194&idt=1&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51474cc3657465e7%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MbhfGLvMgVxjGDwVhkCy0kJo_etKg&gpic=UID%3D00000da452bb580f%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MaW2imH7PGd5p1aCMH2z2qBmuttGQ&prev_fmts=0x0%2C620x280&nras=2&correlator=5891447285237&frm=20&pv=1&ga_vid=1315140130.1701144026&ga_sid=1701144027&ga_hid=1864439633&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=2649&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079654%2C44807405%2C44807763%2C44808149%2C44808285%2C44809054&oid=2&psts=AOrYGskhb-bZ7MQrozXSy7Ek8nsl5PD-gOgYuW20QgE0XHCEki0MqEZEipt_O9oJN6aeg0_Mbeca7wjj2xirwRKtspJJkg&pvsid=3510725109261731&tmod=1102444141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6
Protocol
H2
Server
142.250.217.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mia07s62-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=acuity&google_hm=857704199194&us_privacy=1---
Content-Length
0
r.gif
sync.extend.tv/ Frame 32C4
0
0

pixel
cm.g.doubleclick.net/ Frame 32C4
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJ0YUci0fR7ankA9WFx4jWI&google_cver=1&google_push=AXcoOmREi6rbZ6R_CsrU2t3Nf7eNfCMLMfEZ242HRSNwQE_WK21IaeVchH7SL2PxrQ7jPX-YhFupx4Iexrmm8eaXqz1167v...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmREi6rbZ6R_CsrU2t3Nf7eNfCMLMfEZ242HRSNwQE_WK21IaeVchH7SL2PxrQ7jPX-YhFupx4Iexrmm8eaXqz1167vNcUNFgyw&google_hm=eS1iQ19oc3lkRTJwSDM...
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmREi6rbZ6R_CsrU2t3Nf7eNfCMLMfEZ242HRSNwQE_WK21IaeVchH7SL2PxrQ7jPX-YhFupx4Iexrmm8eaXqz1167vNcUNFgyw&google_hm=eS1iQ19oc3lkRTJwSDM5WmlIbHFJakdDT2toQ20uV1lEYn5B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3130448679272231&output=html&h=280&adk=1980682340&adf=3750240013&pi=t.aa~a.1383163065~rp.4&w=940&fwrn=4&fwrnh=100&lmt=1701143153&rafmt=1&to=qs&pwprc=4365785914&format=940x280&url=https%3A%2F%2Fzaly.online%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701144028574&bpp=1&bdt=3194&idt=1&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51474cc3657465e7%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MbhfGLvMgVxjGDwVhkCy0kJo_etKg&gpic=UID%3D00000da452bb580f%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MaW2imH7PGd5p1aCMH2z2qBmuttGQ&prev_fmts=0x0%2C620x280&nras=2&correlator=5891447285237&frm=20&pv=1&ga_vid=1315140130.1701144026&ga_sid=1701144027&ga_hid=1864439633&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=2649&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079654%2C44807405%2C44807763%2C44808149%2C44808285%2C44809054&oid=2&psts=AOrYGskhb-bZ7MQrozXSy7Ek8nsl5PD-gOgYuW20QgE0XHCEki0MqEZEipt_O9oJN6aeg0_Mbeca7wjj2xirwRKtspJJkg&pvsid=3510725109261731&tmod=1102444141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6
Protocol
H2
Server
142.250.217.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mia07s62-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 28 Nov 2023 04:00:29 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmREi6rbZ6R_CsrU2t3Nf7eNfCMLMfEZ242HRSNwQE_WK21IaeVchH7SL2PxrQ7jPX-YhFupx4Iexrmm8eaXqz1167vNcUNFgyw&google_hm=eS1iQ19oc3lkRTJwSDM5WmlIbHFJakdDT2toQ20uV1lEYn5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 32C4
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEE89yBAZJcCEz64dX6zmLio&google_cver=1&google_push=AXcoOmS-5dDYem_jKRvhZV0GdPrXcUFnMbDVa-hJBGz_1hTWZ-vlxjXRmh5pA-NUhgFrIjHB1bIpxAXvt__b...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmS-5dDYem_jKRvhZV0GdPrXcUFnMbDVa-hJBGz_1hTWZ-vlxjXRmh5pA-NUhgFrIjHB1bIpxAXvt__bABaYipVk87bvHL9fu0M
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmS-5dDYem_jKRvhZV0GdPrXcUFnMbDVa-hJBGz_1hTWZ-vlxjXRmh5pA-NUhgFrIjHB1bIpxAXvt__bABaYipVk87bvHL9fu0M
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3130448679272231&output=html&h=280&adk=1980682340&adf=3750240013&pi=t.aa~a.1383163065~rp.4&w=940&fwrn=4&fwrnh=100&lmt=1701143153&rafmt=1&to=qs&pwprc=4365785914&format=940x280&url=https%3A%2F%2Fzaly.online%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701144028574&bpp=1&bdt=3194&idt=1&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51474cc3657465e7%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MbhfGLvMgVxjGDwVhkCy0kJo_etKg&gpic=UID%3D00000da452bb580f%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MaW2imH7PGd5p1aCMH2z2qBmuttGQ&prev_fmts=0x0%2C620x280&nras=2&correlator=5891447285237&frm=20&pv=1&ga_vid=1315140130.1701144026&ga_sid=1701144027&ga_hid=1864439633&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=2649&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079654%2C44807405%2C44807763%2C44808149%2C44808285%2C44809054&oid=2&psts=AOrYGskhb-bZ7MQrozXSy7Ek8nsl5PD-gOgYuW20QgE0XHCEki0MqEZEipt_O9oJN6aeg0_Mbeca7wjj2xirwRKtspJJkg&pvsid=3510725109261731&tmod=1102444141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6
Protocol
H2
Server
142.250.217.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mia07s62-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmS-5dDYem_jKRvhZV0GdPrXcUFnMbDVa-hJBGz_1hTWZ-vlxjXRmh5pA-NUhgFrIjHB1bIpxAXvt__bABaYipVk87bvHL9fu0M
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
spacer.gif
an.yandex.ru/resource/ Frame 32C4
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESEA23to7bA-13wb-16u1EZXI?ext-param=AXcoOmRXCX5dN6H7uscPWn8qjjYUywmtOMRwjPuSjtdEhgicBYsmf62iTdwNIMzEQV4XLDWOZpO7IEGPHUO5XRBt3xtZKbTCBOHA49Q&partner-tag=yandex_a...
  • https://an.yandex.ru/mapuid/google/CAESEA23to7bA-13wb-16u1EZXI?redir-setuniq=1&ext-param=AXcoOmRXCX5dN6H7uscPWn8qjjYUywmtOMRwjPuSjtdEhgicBYsmf62iTdwNIMzEQV4XLDWOZpO7IEGPHUO5XRBt3xtZKbTCBOHA49Q&part...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEA23to7bA-13wb-16u1EZXI&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
144 B
Image
General
Full URL
https://an.yandex.ru/resource/spacer.gif
Protocol
H2
Server
2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 04:00:30 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
content-type
image/gif
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Tue, 12 Nov 2024 04:00:30 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:30 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://an.yandex.ru/resource/spacer.gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 32C4
Redirect Chain
  • https://analytics.pangle-ads.com/api/ad/union/gg_cookie_matching?google_gid=CAESEBYDJgM-rp449SinTMnNzeQ&google_cver=1&google_push=AXcoOmReVI3hNTjUJXccHJP-HL6RJeqlZaL-tJGU_syysktyiXveuv0DNSqV-QUMGf2...
  • https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmReVI3hNTjUJXccHJP-HL6RJeqlZaL-tJGU_syysktyiXveuv0DNSqV-QUMGf2Dqg5M9A7cDbl09EapwCOmCfb-KWRpSsTPSZOH
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmReVI3hNTjUJXccHJP-HL6RJeqlZaL-tJGU_syysktyiXveuv0DNSqV-QUMGf2Dqg5M9A7cDbl09EapwCOmCfb-KWRpSsTPSZOH
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3130448679272231&output=html&h=280&adk=1980682340&adf=3750240013&pi=t.aa~a.1383163065~rp.4&w=940&fwrn=4&fwrnh=100&lmt=1701143153&rafmt=1&to=qs&pwprc=4365785914&format=940x280&url=https%3A%2F%2Fzaly.online%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701144028574&bpp=1&bdt=3194&idt=1&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51474cc3657465e7%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MbhfGLvMgVxjGDwVhkCy0kJo_etKg&gpic=UID%3D00000da452bb580f%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MaW2imH7PGd5p1aCMH2z2qBmuttGQ&prev_fmts=0x0%2C620x280&nras=2&correlator=5891447285237&frm=20&pv=1&ga_vid=1315140130.1701144026&ga_sid=1701144027&ga_hid=1864439633&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=2649&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079654%2C44807405%2C44807763%2C44808149%2C44808285%2C44809054&oid=2&psts=AOrYGskhb-bZ7MQrozXSy7Ek8nsl5PD-gOgYuW20QgE0XHCEki0MqEZEipt_O9oJN6aeg0_Mbeca7wjj2xirwRKtspJJkg&pvsid=3510725109261731&tmod=1102444141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6
Protocol
H3
Server
142.250.217.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mia07s62-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-akamai-request-id
24718009.ff4ed6d8
date
Tue, 28 Nov 2023 04:00:30 GMT
x-bytefaas-request-id
20231128040030365F6744EC23E3A6DFAC
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
x-cache
TCP_MISS from a23-55-235-220.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52183077) (-)
x-parent-response-time
23,23.55.235.220
server-timing
cdn-cache; desc=MISS, edge; dur=21, origin; dur=8, inner; dur=5
content-length
0
pragma
no-cache
server
nginx
x-tt-logid
20231128040030365F6744EC23E3A6DFAC
x-cache-remote
TCP_MISS from a23-213-246-177.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52183077) (-)
access-control-max-age
86400
access-control-allow-methods
*
location
https://cm.g.doubleclick.net/pixel?google_nid=toutiao_usd&google_push=AXcoOmReVI3hNTjUJXccHJP-HL6RJeqlZaL-tJGU_syysktyiXveuv0DNSqV-QUMGf2Dqg5M9A7cDbl09EapwCOmCfb-KWRpSsTPSZOH
x-bytefaas-execution-duration
3.53
access-control-allow-origin
*
access-control-allow-credentials
true
x-gw-dst-psm
ad.union.pangle_web_traffic
x-tt-trace-host
01d035e8b11131fb292575ae5c23a06c3f79d57e159d8f2196556f48c40d4838a68887ff6fe582aacd63059890e3e2782587d73f265ad259488dd4d98ad2057de3d74ae3f9ae97d0ea695fff19288d7a6167f74afa75ec7d50d40362a81bc5f986021eb35c647c50418bce65389082a523
x-origin-response-time
8,23.213.246.177
cache-control
max-age=0, no-cache, no-store
access-control-allow-headers
*
expires
Tue, 28 Nov 2023 04:00:30 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 32C4
0
50 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Il6NwlnvOPtByJs15pcVgIu_WvK9c7sEWO2VW9wjkWkXI9nbUCm3kukoY_xmudZo3em7xjhRM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3130448679272231&output=html&h=280&adk=1980682340&adf=3750240013&pi=t.aa~a.1383163065~rp.4&w=940&fwrn=4&fwrnh=100&lmt=1701143153&rafmt=1&to=qs&pwprc=4365785914&format=940x280&url=https%3A%2F%2Fzaly.online%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701144028574&bpp=1&bdt=3194&idt=1&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51474cc3657465e7%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MbhfGLvMgVxjGDwVhkCy0kJo_etKg&gpic=UID%3D00000da452bb580f%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MaW2imH7PGd5p1aCMH2z2qBmuttGQ&prev_fmts=0x0%2C620x280&nras=2&correlator=5891447285237&frm=20&pv=1&ga_vid=1315140130.1701144026&ga_sid=1701144027&ga_hid=1864439633&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=2649&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079654%2C44807405%2C44807763%2C44808149%2C44808285%2C44809054&oid=2&psts=AOrYGskhb-bZ7MQrozXSy7Ek8nsl5PD-gOgYuW20QgE0XHCEki0MqEZEipt_O9oJN6aeg0_Mbeca7wjj2xirwRKtspJJkg&pvsid=3510725109261731&tmod=1102444141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.217.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mia07s62-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 04:00:29 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9B4B
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:806::2003 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 21:50:20 GMT
x-content-type-options
nosniff
age
454210
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Nov 2024 21:50:20 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9B4B
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:806::2003 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 04:32:54 GMT
x-content-type-options
nosniff
age
343656
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Nov 2024 04:32:54 GMT
n.js
mb.moatads.com/ Frame 201E
98 B
275 B
Script
General
Full URL
https://mb.moatads.com/n.js?e=35&ol=972795819&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BY%24%3D!%5Dx%24P%5Bh3MrI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-eqhQdUIJ33QxUrdGk7NYu%2BFfHV3eib89DkRB2436S0SxzRtAIyeo1MnKlpdMQlJdIBr9&rs=1-znSbt24580cdYQ%3D%3D&sc=1&os=1-Sg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=0&qe=0&qh=1600&qg=1200&qm=600&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=CROSSMEDIA_DCM1A&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fzaly.online&lp=https%3A%2F%2Fzaly.online&t=1701144029991&de=806735796172&m=0&ar=51bd715ca6c-clean&iw=4a0122c&q=2&cb=0&ym=0&cu=1701144029991&ll=2&lm=2&ln=1&em=0&en=0&d=6219544%3A28975896%3A352599115%3A183441212&zMoatAmobeeIO=-&zMoatAmobeeLI=-&zMoatAmobeePKG=-&zMoatDV360LI=-&zMoatDV360EXCH=-&zMoatTTD_SSP=-&zMoatTTD_ADV=-&zMoatTTD_CP=-&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fzaly.online%2F&id=0&ii=3&bo=3330315&bd=zaly.online&zMoatOrigSlicer1=3330315&zMoatOrigSlicer2=N%2FA&gw=crossmediaadvdcm491634115592&fd=1&it=500&ti=0&ih=2&pe=0%3A-%3A-%3A0%3A222&jm=-1&fs=205853&na=506004743&cs=0&ord=1701144029991&jv=978421606&callback=DOMlessLLDcallback_38788532
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/crossmediaadvdcm491634115592/moatad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.47.125.171 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
856b7a3a9f9fbde659dcd1c988106a7cc4c3e0d820c8a0478c4136c8f4d33c9f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 04:00:30 GMT
server
istio-envoy
etag
"0a7d19354bf6e7839390e85c1040629e2527c688"
content-type
text/html; charset=UTF-8
cache-control
max-age=900
x-envoy-upstream-service-time
8
timing-allow-origin
*
content-length
98
pixel.gif
px.moatads.com/ Frame 201E
43 B
251 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=17&i=CROSSMEDIA_DCM1A&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fzaly.online&lp=https%3A%2F%2Fzaly.online&t=1701144029991&de=806735796172&m=0&ar=51bd715ca6c-clean&iw=4a0122c&q=3&cb=0&ym=0&cu=1701144029991&ll=2&lm=2&ln=1&em=0&en=0&d=6219544%3A28975896%3A352599115%3A183441212&zMoatAmobeeIO=-&zMoatAmobeeLI=-&zMoatAmobeePKG=-&zMoatDV360LI=-&zMoatDV360EXCH=-&zMoatTTD_SSP=-&zMoatTTD_ADV=-&zMoatTTD_CP=-&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fzaly.online%2F&id=0&ii=3&bo=3330315&bd=zaly.online&zMoatOrigSlicer1=3330315&zMoatOrigSlicer2=N%2FA&gw=crossmediaadvdcm491634115592&fd=1&it=500&ti=0&ih=2&pe=0%3A-%3A-%3A0%3A222&jm=-1&fs=205853&na=1195265112&cs=0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.51.58.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-51-58-26.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:30 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 28 Nov 2023 04:00:30 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0EB2
0
28 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BrR_e3GVlZdirO7mToPMPv7WN4AYAAAAAOAHgBAI&bg=!W1ilWBfNAAZxrfrxUa07ADQBe5WfON3UdWOeL9QRukJ3DANUkn0hW_YitaIUIhxIYYjNlXl8ge8oxeYOUZQJeszTwTRXAgAAAUlSAAAAAmgBB5kDB9XqYeUr_tUdDtoSYQ2js4sSN_Bo1scm3zwb2kDvQKfDhqUsXKEihuCXnmOqPpqCI3TIoNn9EOvzSgNafQh-plYStYJrKcR4rWyXKGpVXpZzaFWjs_5eWrbJamCCyUAs-Ek_55-YKPB4x8Wd9adBkUkbI_oG7NsMc_UTO8Jn8GeuLNJYWe2oH_Y4IFZpAlEekol4HEMyTDoZKQZmbUBNtq0G3mX48W03DTUGcdnOUkmlPMxzFLQSMeEf7sWIZa7YFVweRdMMCvFoyapFqoQmqCScgoKOcbJ8E8BJFnx7aTYUejLWsPVLIF-kH8Ke278C2shR5wY_nxyH7VCeUDhxveJwvpfHeWltmx34bJJf_vLLwrav9yTmp5Tm2vm-VKMrMvnT7rBaRWiU_xt45xmye62mPIeBvT6ZlewKrqcKzcIixtk7A1UMX-_I61YGaaaREbIQtf9KimWTk-WrNumPMy37yOsD7qYNay6y2vzAKhWARbW23ehgvUdmR29nhVkvUM_ubkJIXT8lupXYd4C1rfzfLYbHd0uRlZiBcKAGEqdhCAozTI2OX8vVGOH3tsRkEOVB25TfVHu2wv3wdrP2aqvkf4H9Kc012Z_1IBazMpAexJHHc-atZUZCFpHojXtO3-mBP54VDzakVNlzeqyFn9EjQrKZApBZj0vv9tzOp67cuiX2eyfuUZIZJQMBzTZUmL0pTXx52t0hNs9yJylBXFLY5SSCwfb0cylKNbGXP_uA-J-t6TCuBuPqpQ7m6tcyT3xLLUPebaB6z-HydJ-yLRjXrp9OWDtFsI8JvfvvwO1rpPrSvTFO8BbpCs__XCNaDxveDAftuNh4tsUFe9WU7QFtn2ZjAnJh81RvKNh6Q6VbddmoompExjaAVjE5SnIK4f96rRhs4aT5grhJCFUhre7D4kCj3hhVtfUmBosYUHu-C9SCrZrlAn1ZxgOzd4uLeyGmRir7fxbK9RUGfyNDAHaREcYvjoDvkI9A_CIvcHj1ELX_I6xcy9YHYruYTUCL7wlcDdduHGM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 2CE8
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuZYsfh7HXS1Rx5Ab6rhRTgNSbgN8qN34YEwP4KzsPJNPdZMNQPsJbQ1bATzvb3mkGLDZeRHHWpZ_6UA8HM7V26wrshnPn6vxuxsrRLgFBgjPNM2nhoRLDdY5dVzlqwq7Zmj21LGcfMbLxU2OJ3pcjPBPXDz7DDiTfNgDoGx229U7BqZRjao4Fd8wGbjA&sai=AMfl-YSUsnF9yoDD9sT0h7QW-z9A0gFQINGBPdluL2bMWr_7jM5dcxJIxVyPKTsXeLuDCumdBl-2xQdzBtYzjjppDmWTd4Bj5N60L8SGfA&sig=Cg0ArKJSzLDbhJeMpSAGEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=654&vt=11&dtpt=393&dett=3&cstd=259&cisv=r20231109.36745&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: zaly.online
URL: https://zaly.online/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.3.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mia07s54-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 04:00:30 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 9B4B
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=C3JMl3GVlZdPwJdb8vPIP0dGtwALo_a_kc7D60oDkD2QQASCpieyKAWDJ7o6LwKSMEKABltufxwPIAQmpAgDspEECYbI-qAMByAPLBKoEvwFP0J66BPy0k_mVqfRfPFYhR0anISbQkrDLoQb...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x7d213793d514629c0000000000000000%22,%222%22:%220x7910bfc654cbf3c20000000000000000%22,%223%22:%220xa29d88...
0
0
Fetch
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x7d213793d514629c0000000000000000%22,%222%22:%220x7910bfc654cbf3c20000000000000000%22,%223%22:%220xa29d88bba27ebbff0000000000000000%22,%224%22:%220xa7bbec44de3efea00000000000000000%22,%225%22:%220x79ec60475c3bc15e0000000000000000%22},%22debug_key%22:%224185405535379266994%22,%22debug_reporting%22:true,%22destination%22:%22https://cupapizarras.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22954723734%22],%224%22:[%2211-28%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211728279715667595681%22}&andc=true
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 04:00:30 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x7d213793d514629c0000000000000000","2":"0x7910bfc654cbf3c20000000000000000","3":"0xa29d88bba27ebbff0000000000000000","4":"0xa7bbec44de3efea00000000000000000","5":"0x79ec60475c3bc15e0000000000000000"},"debug_key":"4185405535379266994","debug_reporting":true,"destination":"https://cupapizarras.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["954723734"],"4":["11-28"],"6":["true"]},"priority":"500","source_event_id":"11728279715667595681"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 28 Nov 2023 04:00:30 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 28 Nov 2023 04:00:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x7d213793d514629c0000000000000000","2":"0x7910bfc654cbf3c20000000000000000","3":"0xa29d88bba27ebbff0000000000000000","4":"0xa7bbec44de3efea00000000000000000","5":"0x79ec60475c3bc15e0000000000000000"},"debug_key":"4185405535379266994","debug_reporting":true,"destination":"https://cupapizarras.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["954723734"],"4":["11-28"],"6":["true"]},"priority":"500","source_event_id":"11728279715667595681"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js
pagead2.googlesyndication.com/bg/ Frame D8C2
38 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3130448679272231&output=html&h=280&adk=1980682340&adf=3750240013&pi=t.aa~a.1383163065~rp.4&w=940&fwrn=4&fwrnh=100&lmt=1701143153&rafmt=1&to=qs&pwprc=4365785914&format=940x280&url=https%3A%2F%2Fzaly.online%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701144028574&bpp=1&bdt=3194&idt=1&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51474cc3657465e7%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MbhfGLvMgVxjGDwVhkCy0kJo_etKg&gpic=UID%3D00000da452bb580f%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MaW2imH7PGd5p1aCMH2z2qBmuttGQ&prev_fmts=0x0%2C620x280&nras=2&correlator=5891447285237&frm=20&pv=1&ga_vid=1315140130.1701144026&ga_sid=1701144027&ga_hid=1864439633&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=2649&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079654%2C44807405%2C44807763%2C44808149%2C44808285%2C44809054&oid=2&psts=AOrYGskhb-bZ7MQrozXSy7Ek8nsl5PD-gOgYuW20QgE0XHCEki0MqEZEipt_O9oJN6aeg0_Mbeca7wjj2xirwRKtspJJkg&pvsid=3510725109261731&tmod=1102444141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf3ae3cb276e14b8260f0a5581a6da12c86d3963549a2747e0099a0d85361412
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 06:56:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
248664
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14894
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 24 Nov 2024 06:56:06 GMT
skeleton.js
static.adsafeprotected.com/ Frame 2CE8
Redirect Chain
  • https://pixel.adsafeprotected.com/rfw/st/1841082/76634004/skeleton.js?bundleId=&ias_dspID=3&ias_campId=27647240&ias_pubId=pub-3130448679272231&ias_chanId=1&ias_placementId=19311913561&bidurl=https:...
  • https://static.adsafeprotected.com/skeleton.js?bundleId=&ias_xappb=
17 B
465 B
Script
General
Full URL
https://static.adsafeprotected.com/skeleton.js?bundleId=&ias_xappb=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Server
2600:9000:2137:3400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 00:59:33 GMT
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via
1.1 2efed3c5903f1fa517911255bb91ba4a.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C4
age
10292458
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
sjV75w-4eRpIzu_G8po6Q2pLzfPzQuF4b4BJMWpvlbgfKuhYkjDO6g==

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:30 GMT
server
nginx
x-server-name
app04.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js?bundleId=&ias_xappb=
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame CF0E
91 KB
23 KB
Script
General
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2137:3400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 03:25:40 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 2efed3c5903f1fa517911255bb91ba4a.cloudfront.net (CloudFront)
x-amz-cf-pop
IAH50-C4
age
10370091
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
M5RTDz5Hii--6HhsXWzNRFQ85e6aPAjLC_rH9pD0P-bjSEW58cgt8g==
dt
dt.adsafeprotected.com/ Frame 2CE8
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1841082&asId=14e4b36e-f3a4-104d-4aa0-1866a36b0755&tv=%7Bc:vbXsYx,pingTime:-3,time:756,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:0,h:0,t:715%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:0,o:756,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:715,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B58~0%5D,as:%5B58~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tWSeZ0V+11%7C12%7C131%7C132%7C14%7C151%7C152%7C1611%7C171*.1841082-76634004%7C1711%7C1712%7C17131%7C1714%7C1811%7C1812%7C191%7C192%7C1a,idMap:171*,rmeas:1,rend:0,renddet:IMG.us,siq:717%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:bd8:1771:243e:3319 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:30 GMT
server
nginx
x-server-name
dt19.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 2CE8
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1841082&asId=14e4b36e-f3a4-104d-4aa0-1866a36b0755&tv=%7Bc:vbXsYz,pingTime:-6,time:758,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:0,o:758,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:715,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B60~0%5D,as:%5B60~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tWSeZ0V+11%7C12%7C131%7C132%7C14%7C151%7C152%7C1611%7C171*.1841082-76634004%7C1711%7C1712%7C17131%7C1714%7C1811%7C1812%7C191%7C192%7C1a,idMap:171*,rmeas:1,rend:0,renddet:IMG.us,siq:717%7D&tpiLookup=ao:zaly.online*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:bd8:1771:243e:3319 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:30 GMT
server
nginx
x-server-name
dt17.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
activeview
pagead2.googlesyndication.com/pcs/ Frame 0CAB
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstLdo62VUGJlTS3bSf1zFsDSzsjIkSTq00g5ZlQBj_LYw8VlQ8eCdb4gsBS-H-LuRI_45wHwnENkimjiP_mzfczt22hFIHscS4xa0qcKBOSUW9jcvHjkyItDl3Ng82HKJj5LxqmAAtOOQ&sai=AMfl-YTdcZXulsb0mZCr5mFB9XFuLR1LVQIsNJVdJKjoMvhF1Pt821VY7vDcm6njhuKPNoDcI2S99qLYsZXmJS3vXNJfORY9WAi3hiKIYOZWLhksKg6Lu5Bi6a-fDpxD7eyfLnZNhDuWTZPyti-DiXPq&sig=Cg0ArKJSzLLFyXMyhLuPEAE&cid=CAQSTgDICaaNzGapUP_jDz8i-qY4SI_3oXXYpssJEwCQ5UboSK3hXoOLwhNXrAAo6DffKfnUBolvpa1OAVq_E4ETCqH2y0J80taok7A_blnPQxgB&id=lidar2&mcvt=1037&p=0,0,124,1005&mtos=247,962,1037,1037,1037&tos=247,715,75,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701144028684&rpt=446&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame
0
0
Preflight
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x7d213793d514629c0000000000000000%22,%222%22:%220x7910bfc654cbf3c20000000000000000%22,%223%22:%220xa29d88bba27ebbff0000000000000000%22,%224%22:%220xa7bbec44de3efea00000000000000000%22,%225%22:%220x79ec60475c3bc15e0000000000000000%22},%22debug_key%22:%224185405535379266994%22,%22debug_reporting%22:true,%22destination%22:%22https://cupapizarras.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22954723734%22],%224%22:[%2211-28%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211728279715667595681%22}&andc=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 28 Nov 2023 04:00:30 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dt
dt.adsafeprotected.com/ Frame 2CE8
43 B
216 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1841082&asId=14e4b36e-f3a4-104d-4aa0-1866a36b0755&tv=%7Bc:vbXsYP,pingTime:-2,time:774,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:664,beZ:665,mfA:1356,cmA:1359,inA:1359,inZ:1364,prA:1364,prZ:1370,si:1380,poA:1381,poZ:1398,cmZ:1398,mfZ:1398,loA:1421,loZ:1425,ltA:1437,ltZ:1437,mdA:665,mdZ:1317%7D%7D,sca:%7Bdfp:%7Bdf:3,sz:160.600,dom:div%7D,ha1:%7Bres1:1,ps:1,ts:1701144030229,psfr:1%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:0,h:0,t:715%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:0,o:774,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:715,wc:0.0.1600.1200,ac:NaN.NaN.0.0,am:i,cc:NaN.NaN.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B76~0%5D,as:%5B76~0.0%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tWSeZ0V+11%7C12%7C131%7C132%7C14%7C151%7C152%7C1611%7C171*.1841082-76634004%7C1711%7C1712%7C17131%7C1714%7C1811%7C1812%7C191%7C192%7C1a,idMap:171*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:IMG.us,siq:717,sinceFw:56,readyFired:true%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:bd8:1771:243e:3319 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:30 GMT
server
nginx
x-server-name
dt16.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6D29
0
28 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B9V2P3WVlZa6DEYGRnboPwoejgAIAAAAAOAHgBAI&bg=!PD-lP3DNAAZxrfrxUa07ADQBe5WfOK-uQZgpmQieOpbrk_-y8BAFwxU9X9xxBaBC1R7FE5EldJwD5P60vCNj8RQYv4I5AgAAAY5SAAAAA2gBB5kDBqIfRNmR-0P9kwlBj5JLcjh870s-xRvjoU1oEb9BebRxLnJgu7TXRJwyHMzOCYEiXPEUuVUQE2VZheFeGyr9zV_g5VUkgr4eKPgbJdcVj2oYTDbRS0S1r1rVRmngIjgxBC6f-IYRJPwL7tbs_NH_3w-5Cee-kZX2nhWl_DER-ptUwNQgfWb76V6gSyyi7XB5mjIM_rYWymlUaujJij0oplOUNm-772g3bjuvqe7p5eIApcSi4LDTdlRY-lQAZsBG2nPTGWOEmWjrDc0y6jO_h7cOP0j60FwQ7xs69_pEUlRSq3XB5AlgGM2K1SiGOYDZu5B-DjqD5lP0BpsIkXs9UhSc0dhUxnjhBt6HZYtoJKtRfsmUtsgReKSZ31WJTfa2-MtsUQAvVXKQhDhtZlrXJmVcS2lx9b_hVLGprVwPovWyyxlDhoOLbE2Kb5RVb2_qjJHHqwHLi1pmfIhfp2ONbcuf69sJoNL6GhqlNqtzYaSK7MVAWuMEgl0bUSUTIVQ8icB7z7eoBopVX5xeRCpx1bEib_8hed-06D-nouIcnb-Q1qc9cSZ_LB2NBMAmSj3J3j6eNTXZR6Gks_TWwAVVreEMcNzCBpJNDRc9H-Ot1wV05SsUUF65N1hcLC-BWECsEEE6hk1tgYVHYCjgKdk0PJakQFfjV0wwCYRdPeoh5XrlcfT7Z8dCYpjG4XRf5V8yZ9zKvpziXLdGPzMV-2Ms69yP3Sa9moQjqRvyNfPNIRkIcEM4qiParxkbh1N-3VhwDNzQoXKEoKjoj3ESM7i9H5m51vpdgSrJgPo4P2uSabOYD-g_KE-ZN3RxlJU_fih8xQmDka-9WCo_8rjES5HevJ_IpM8M9g9jwItRdP6iQe1apNzHiZY7D65cDL9ITgNsbIDQO2ksNWmmYa_5BwTmd61rziiKEqN8CI4yylFIBMnKgphv5uBtUJGI8iyBojvTmFGGkm9rk-YB1MltLqtbBabF1RcLOC7tcskg-6GfunHntfBMDE0TA0Y3dlM-uhjRLN5pQCQ_AQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 2CE8
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1e4af82b925da82db3129437cdbe8463f333cfd8af5c6a4bb3daa46df1a4ad6e

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2CE8
0
28 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=58&version=r20231109&sample=0.01
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sprite.png
s0.2mdn.net/sadbundle/214269559785654871/img/ Frame 2682
31 KB
31 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/214269559785654871/img/sprite.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:801::2006 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0937756972fc004db913d555fb16863c098a978d8b7202e248b8401bec107609
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/214269559785654871/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 00:03:27 GMT
x-content-type-options
nosniff
age
359823
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31966
x-xss-protection
0
last-modified
Wed, 07 Dec 2022 16:50:14 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 23 Nov 2024 00:03:27 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1864439633&t=event&_s=2&dl=https%3A%2F%2Fzaly.online%2F&ul=en-us&de=UTF-8&dt=Zaly.Online&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cn=zaly.online&cs=Balloon&cm=&cc=&ec=zaly.online&ea=Balloon&el=google-ads&_u=aADAAUABAAAAACAAI~&jid=&gjid=&cid=1315140130.1701144026&tid=UA-206083988-2&_gid=1991288284.1701144026&z=138295051
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:815::200e Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://zaly.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 27 Nov 2023 23:38:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
15722
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5841
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstKLqDU8CZRNn9x6KETKPLUYxO8ozwMOfommT7uGYJFTYPDzGaxbTBGLf3kLSjF4TQ2B31jVAVoOEco3ehobObn9L-jZZogEnWvrMy1mpvkDrC01KMXy1WjNBV06zs5X8XJmPwBCjD1Ng&sai=AMfl-YRz2vIxtCAiaahHS391fx_97ur8a80QXKl9wu7uf8fXEWzYR2B7MhraWrDBdEbqkEuZjjFuYLDMyEFHXqIQQHwG47qVdyFA7m4mU6ZnTpX5iyqPMJUfE_1kSelM7Pogd5Hk8_FqsLycRpRTJTcj&sig=Cg0ArKJSzIJVZLDpW236EAE&cid=CAQSTgDICaaNzGapUP_jDz8i-qY4SI_3oXXYpssJEwCQ5UboSK3hXoOLwhNXrAAo6DffKfnUBolvpa1OAVq_E4ETCqH2y0J80taok7A_blnPQxgB&id=lidar2&mcvt=1003&p=0,0,600,160&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701144028831&rpt=490&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 2CE8
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1841082&asId=14e4b36e-f3a4-104d-4aa0-1866a36b0755&tv=%7Bc:vbXt47,time:1102,type:e,sca:%7Bha1:%7Bres1:0,ps:0,ts:1701144030529,psfr:na%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:0,o:1102,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:715,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B405~0%5D,as:%5B212~0.0,193~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:158,fm:tWSeZ0V+11%7C12%7C131%7C132%7C14%7C151%7C152%7C1611%7C171*.1841082-76634004%7C1711%7C1712%7C17131%7C1714%7C1811%7C1812%7C191%7C192%7C1a,idMap:171*,rmeas:1,rend:0,renddet:IMG.us,siq:717,sis:881%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:bd8:1771:243e:3319 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:30 GMT
server
nginx
x-server-name
dt06.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
pixel.gif
px.moatads.com/ Frame 201E
43 B
251 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fs0.2mdn.net%2Fsadbundle%2F214269559785654871%2Findex.html%3Fev%3D01_250&i=CROSSMEDIA_DCM1A&ol=972795819&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BY%24%3D!%5Dx%24P%5Bh3MrI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-eqhQdUIJ33QxUrdGk7NYu%2BFfHV3eib89DkRB2436S0SxzRtAIyeo1MnKlpdMQlJdIBr9&rs=1-znSbt24580cdYQ%3D%3D&sc=1&os=1-Sg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=160&qe=600&qh=1600&qg=1200&qm=600&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=600&w=160&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fzaly.online%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fzaly.online&lp=https%3A%2F%2Fzaly.online&t=1701144029991&de=806735796172&cu=1701144029991&m=600&ar=51bd715ca6c-clean&iw=4a0122c&cb=0&ym=0&ll=2&lm=2&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=600&le=1&lf=297&lg=1&lh=30&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A-%3A-%3A1680%3A222&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=144&cd=0&ah=144&am=0&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=6219544%3A28975896%3A352599115%3A183441212&bo=3330315&bd=zaly.online&gw=crossmediaadvdcm491634115592&zMoatOrigSlicer1=3330315&zMoatOrigSlicer2=N%2FA&zMoatAmobeeIO=-&zMoatAmobeeLI=-&zMoatAmobeePKG=-&zMoatDV360LI=-&zMoatDV360EXCH=-&zMoatTTD_SSP=-&zMoatTTD_ADV=-&zMoatTTD_CP=-&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&jm=-1&tc=0&fs=205853&na=2093355765&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.51.58.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-51-58-26.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:30 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 28 Nov 2023 04:00:30 GMT
dt
dt.adsafeprotected.com/ Frame 2CE8
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1841082&asId=14e4b36e-f3a4-104d-4aa0-1866a36b0755&tv=%7Bc:vbXt58,pingTime:-10,time:1165,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHw2MDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMTkuMC42MDQ1LjE1OSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1701144030634%7C%7Cc5b4602dfc35f7a84831392a90d951de%7C%7C1b7de7e82db1163ab7a1342e5def95a8%7C%7Cc689b466a47fe7ec35d28c82d95a3e43%7C%7Cd1c7a4fc9a189f0802b9450c4e8a1a85%7C%7C177c6256f6cda919994bed7f24c67b6d%7C%7C56b117b0e02e7f2075d54cf8882a17c0%7C%7C46291e3acebd2d9fc2e346b02168b5d9%7C%7C1663701684%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:bd8:1771:243e:3319 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:30 GMT
server
nginx
x-server-name
dt04.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
pixel.gif
px.moatads.com/ Frame 201E
43 B
251 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=CROSSMEDIA_DCM1A&ol=972795819&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BY%24%3D!%5Dx%24P%5Bh3MrI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-eqhQdUIJ33QxUrdGk7NYu%2BFfHV3eib89DkRB2436S0SxzRtAIyeo1MnKlpdMQlJdIBr9&rs=1-znSbt24580cdYQ%3D%3D&sc=1&os=1-Sg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=160&qe=600&qh=1600&qg=1200&qm=600&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=1&h=600&w=160&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fzaly.online%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fzaly.online&lp=https%3A%2F%2Fzaly.online&t=1701144029991&de=806735796172&cu=1701144029991&m=649&ar=51bd715ca6c-clean&iw=4a0122c&cb=0&ym=0&ll=2&lm=2&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=600&le=1&lf=297&lg=1&lh=30&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A-%3A-%3A1680%3A222&aa=0&ad=30&cn=0&gk=30&gl=0&ik=30&ic=30&ez=1&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=144&cd=144&ah=144&am=144&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=6219544%3A28975896%3A352599115%3A183441212&bo=3330315&bd=zaly.online&gw=crossmediaadvdcm491634115592&zMoatOrigSlicer1=3330315&zMoatOrigSlicer2=N%2FA&zMoatAmobeeIO=-&zMoatAmobeeLI=-&zMoatAmobeePKG=-&zMoatDV360LI=-&zMoatDV360EXCH=-&zMoatTTD_SSP=-&zMoatTTD_ADV=-&zMoatTTD_CP=-&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jm=-1&tc=0&fs=205853&na=1471202782&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.51.58.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-51-58-26.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:30 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 28 Nov 2023 04:00:30 GMT
dt
dt.adsafeprotected.com/ Frame 2CE8
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1841082&asId=14e4b36e-f3a4-104d-4aa0-1866a36b0755&tv=%7Bc:vbXt6C,time:1257,type:e,im:%7Bpci:%7Btdr:509%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:0,o:1257,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:715,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B559~0%5D,as:%5B212~0.0,347~160.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:44,fm:tWSeZ0V+11%7C12%7C131%7C132%7C14%7C151%7C152%7C1611%7C171*.1841082-76634004%7C1711%7C1712%7C17131%7C1714%7C1811%7C1812%7C191%7C192%7C1a,idMap:171*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:717,sis:881%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:bd8:1771:243e:3319 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:30 GMT
server
nginx
x-server-name
dt15.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
9226134756512160806
tpc.googlesyndication.com/simgad/ Frame 45DA
38 KB
38 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/9226134756512160806?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkIAMjGcxbVOqqf9rciHBFFP37Zag
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3130448679272231&output=html&h=250&slotname=6538754230&adk=3030280808&adf=299928974&pi=t.ma~as.6538754230&w=300&lmt=1701143153&format=300x250&url=https%3A%2F%2Fzaly.online%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701144029756&bpp=2&bdt=4376&idt=2&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51474cc3657465e7%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MbhfGLvMgVxjGDwVhkCy0kJo_etKg&gpic=UID%3D00000da452bb580f%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MaW2imH7PGd5p1aCMH2z2qBmuttGQ&prev_fmts=0x0%2C620x280%2C940x280%2C1600x1200%2C160x600%2C160x600%2C1005x124&nras=6&correlator=5891447285237&frm=20&pv=1&ga_vid=1315140130.1701144026&ga_sid=1701144027&ga_hid=1864439633&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1300&ady=944&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079654%2C44807405%2C44807763%2C44808149%2C44808285%2C44809054&oid=2&psts=AOrYGskhb-bZ7MQrozXSy7Ek8nsl5PD-gOgYuW20QgE0XHCEki0MqEZEipt_O9oJN6aeg0_Mbeca7wjj2xirwRKtspJJkg%2CAOrYGskwXkveVVZvs1-wDcxk_-1mgLpzGlIdMHzkEeNJWvkvVOuaBcYqvphc3ol8_lbZBfxcooWbelubZV0QcG2ioe6blruFfBrJbAzQmbHVN-OA77o&pvsid=3510725109261731&tmod=1102444141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&fsb=1&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bea053080bba70f6033acc67da70d1caf12a87f99750a472b00b2d53138cf2c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 21:47:27 GMT
x-content-type-options
nosniff
age
22384
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39111
x-xss-protection
0
last-modified
Mon, 20 Nov 2023 21:46:07 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 26 Nov 2024 21:47:27 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 45DA
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3130448679272231&output=html&h=250&slotname=6538754230&adk=3030280808&adf=299928974&pi=t.ma~as.6538754230&w=300&lmt=1701143153&format=300x250&url=https%3A%2F%2Fzaly.online%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701144029756&bpp=2&bdt=4376&idt=2&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51474cc3657465e7%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MbhfGLvMgVxjGDwVhkCy0kJo_etKg&gpic=UID%3D00000da452bb580f%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MaW2imH7PGd5p1aCMH2z2qBmuttGQ&prev_fmts=0x0%2C620x280%2C940x280%2C1600x1200%2C160x600%2C160x600%2C1005x124&nras=6&correlator=5891447285237&frm=20&pv=1&ga_vid=1315140130.1701144026&ga_sid=1701144027&ga_hid=1864439633&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1300&ady=944&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079654%2C44807405%2C44807763%2C44808149%2C44808285%2C44809054&oid=2&psts=AOrYGskhb-bZ7MQrozXSy7Ek8nsl5PD-gOgYuW20QgE0XHCEki0MqEZEipt_O9oJN6aeg0_Mbeca7wjj2xirwRKtspJJkg%2CAOrYGskwXkveVVZvs1-wDcxk_-1mgLpzGlIdMHzkEeNJWvkvVOuaBcYqvphc3ol8_lbZBfxcooWbelubZV0QcG2ioe6blruFfBrJbAzQmbHVN-OA77o&pvsid=3510725109261731&tmod=1102444141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&fsb=1&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 02:24:40 GMT
content-encoding
br
x-content-type-options
nosniff
age
5751
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9282
x-xss-protection
0
server
cafe
etag
14645652906762492339
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 02:24:40 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 45DA
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3130448679272231&output=html&h=250&slotname=6538754230&adk=3030280808&adf=299928974&pi=t.ma~as.6538754230&w=300&lmt=1701143153&format=300x250&url=https%3A%2F%2Fzaly.online%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701144029756&bpp=2&bdt=4376&idt=2&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51474cc3657465e7%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MbhfGLvMgVxjGDwVhkCy0kJo_etKg&gpic=UID%3D00000da452bb580f%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MaW2imH7PGd5p1aCMH2z2qBmuttGQ&prev_fmts=0x0%2C620x280%2C940x280%2C1600x1200%2C160x600%2C160x600%2C1005x124&nras=6&correlator=5891447285237&frm=20&pv=1&ga_vid=1315140130.1701144026&ga_sid=1701144027&ga_hid=1864439633&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1300&ady=944&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079654%2C44807405%2C44807763%2C44808149%2C44808285%2C44809054&oid=2&psts=AOrYGskhb-bZ7MQrozXSy7Ek8nsl5PD-gOgYuW20QgE0XHCEki0MqEZEipt_O9oJN6aeg0_Mbeca7wjj2xirwRKtspJJkg%2CAOrYGskwXkveVVZvs1-wDcxk_-1mgLpzGlIdMHzkEeNJWvkvVOuaBcYqvphc3ol8_lbZBfxcooWbelubZV0QcG2ioe6blruFfBrJbAzQmbHVN-OA77o&pvsid=3510725109261731&tmod=1102444141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&fsb=1&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 04:22:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
85059
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Dec 2023 04:22:52 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 45DA
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3130448679272231&output=html&h=250&slotname=6538754230&adk=3030280808&adf=299928974&pi=t.ma~as.6538754230&w=300&lmt=1701143153&format=300x250&url=https%3A%2F%2Fzaly.online%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701144029756&bpp=2&bdt=4376&idt=2&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51474cc3657465e7%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MbhfGLvMgVxjGDwVhkCy0kJo_etKg&gpic=UID%3D00000da452bb580f%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MaW2imH7PGd5p1aCMH2z2qBmuttGQ&prev_fmts=0x0%2C620x280%2C940x280%2C1600x1200%2C160x600%2C160x600%2C1005x124&nras=6&correlator=5891447285237&frm=20&pv=1&ga_vid=1315140130.1701144026&ga_sid=1701144027&ga_hid=1864439633&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1300&ady=944&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079654%2C44807405%2C44807763%2C44808149%2C44808285%2C44809054&oid=2&psts=AOrYGskhb-bZ7MQrozXSy7Ek8nsl5PD-gOgYuW20QgE0XHCEki0MqEZEipt_O9oJN6aeg0_Mbeca7wjj2xirwRKtspJJkg%2CAOrYGskwXkveVVZvs1-wDcxk_-1mgLpzGlIdMHzkEeNJWvkvVOuaBcYqvphc3ol8_lbZBfxcooWbelubZV0QcG2ioe6blruFfBrJbAzQmbHVN-OA77o&pvsid=3510725109261731&tmod=1102444141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&fsb=1&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 02:21:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
5956
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Dec 2023 02:21:15 GMT
l
www.google.com/ads/measurement/ Frame 45DA
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRuoxtxY4HnDLGsDpuDvqYt_UzVgTe_HsTOpZ5ZbOr2ZPzWMLi_m0oNcQExU3IcoyHiTkb3A806i1XLNqfW-_dMNkkmPA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3130448679272231&output=html&h=250&slotname=6538754230&adk=3030280808&adf=299928974&pi=t.ma~as.6538754230&w=300&lmt=1701143153&format=300x250&url=https%3A%2F%2Fzaly.online%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701144029756&bpp=2&bdt=4376&idt=2&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51474cc3657465e7%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MbhfGLvMgVxjGDwVhkCy0kJo_etKg&gpic=UID%3D00000da452bb580f%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MaW2imH7PGd5p1aCMH2z2qBmuttGQ&prev_fmts=0x0%2C620x280%2C940x280%2C1600x1200%2C160x600%2C160x600%2C1005x124&nras=6&correlator=5891447285237&frm=20&pv=1&ga_vid=1315140130.1701144026&ga_sid=1701144027&ga_hid=1864439633&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1300&ady=944&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079654%2C44807405%2C44807763%2C44808149%2C44808285%2C44809054&oid=2&psts=AOrYGskhb-bZ7MQrozXSy7Ek8nsl5PD-gOgYuW20QgE0XHCEki0MqEZEipt_O9oJN6aeg0_Mbeca7wjj2xirwRKtspJJkg%2CAOrYGskwXkveVVZvs1-wDcxk_-1mgLpzGlIdMHzkEeNJWvkvVOuaBcYqvphc3ol8_lbZBfxcooWbelubZV0QcG2ioe6blruFfBrJbAzQmbHVN-OA77o&pvsid=3510725109261731&tmod=1102444141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&fsb=1&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:805::2004 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 45DA
202 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3130448679272231&output=html&h=250&slotname=6538754230&adk=3030280808&adf=299928974&pi=t.ma~as.6538754230&w=300&lmt=1701143153&format=300x250&url=https%3A%2F%2Fzaly.online%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701144029756&bpp=2&bdt=4376&idt=2&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51474cc3657465e7%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MbhfGLvMgVxjGDwVhkCy0kJo_etKg&gpic=UID%3D00000da452bb580f%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MaW2imH7PGd5p1aCMH2z2qBmuttGQ&prev_fmts=0x0%2C620x280%2C940x280%2C1600x1200%2C160x600%2C160x600%2C1005x124&nras=6&correlator=5891447285237&frm=20&pv=1&ga_vid=1315140130.1701144026&ga_sid=1701144027&ga_hid=1864439633&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1300&ady=944&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079654%2C44807405%2C44807763%2C44808149%2C44808285%2C44809054&oid=2&psts=AOrYGskhb-bZ7MQrozXSy7Ek8nsl5PD-gOgYuW20QgE0XHCEki0MqEZEipt_O9oJN6aeg0_Mbeca7wjj2xirwRKtspJJkg%2CAOrYGskwXkveVVZvs1-wDcxk_-1mgLpzGlIdMHzkEeNJWvkvVOuaBcYqvphc3ol8_lbZBfxcooWbelubZV0QcG2ioe6blruFfBrJbAzQmbHVN-OA77o&pvsid=3510725109261731&tmod=1102444141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&fsb=1&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:806::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 04:00:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 28 Nov 2023 04:00:31 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 45DA
36 KB
14 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3130448679272231&output=html&h=250&slotname=6538754230&adk=3030280808&adf=299928974&pi=t.ma~as.6538754230&w=300&lmt=1701143153&format=300x250&url=https%3A%2F%2Fzaly.online%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701144029756&bpp=2&bdt=4376&idt=2&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51474cc3657465e7%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MbhfGLvMgVxjGDwVhkCy0kJo_etKg&gpic=UID%3D00000da452bb580f%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MaW2imH7PGd5p1aCMH2z2qBmuttGQ&prev_fmts=0x0%2C620x280%2C940x280%2C1600x1200%2C160x600%2C160x600%2C1005x124&nras=6&correlator=5891447285237&frm=20&pv=1&ga_vid=1315140130.1701144026&ga_sid=1701144027&ga_hid=1864439633&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1300&ady=944&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079654%2C44807405%2C44807763%2C44808149%2C44808285%2C44809054&oid=2&psts=AOrYGskhb-bZ7MQrozXSy7Ek8nsl5PD-gOgYuW20QgE0XHCEki0MqEZEipt_O9oJN6aeg0_Mbeca7wjj2xirwRKtspJJkg%2CAOrYGskwXkveVVZvs1-wDcxk_-1mgLpzGlIdMHzkEeNJWvkvVOuaBcYqvphc3ol8_lbZBfxcooWbelubZV0QcG2ioe6blruFfBrJbAzQmbHVN-OA77o&pvsid=3510725109261731&tmod=1102444141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&fsb=1&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:800::2001 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a3e5c486ca9cab98b690f2f3fcc83c73141a667293c8a8236bb1e376313f0e36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 21:47:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
22410
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14803
x-xss-protection
0
server
cafe
etag
12205605038930952422
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Dec 2023 21:47:01 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 778F
1 KB
650 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3130448679272231&output=html&h=250&slotname=6538754230&adk=3030280808&adf=299928974&pi=t.ma~as.6538754230&w=300&lmt=1701143153&format=300x250&url=https%3A%2F%2Fzaly.online%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701144029756&bpp=2&bdt=4376&idt=2&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51474cc3657465e7%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MbhfGLvMgVxjGDwVhkCy0kJo_etKg&gpic=UID%3D00000da452bb580f%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MaW2imH7PGd5p1aCMH2z2qBmuttGQ&prev_fmts=0x0%2C620x280%2C940x280%2C1600x1200%2C160x600%2C160x600%2C1005x124&nras=6&correlator=5891447285237&frm=20&pv=1&ga_vid=1315140130.1701144026&ga_sid=1701144027&ga_hid=1864439633&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1300&ady=944&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079654%2C44807405%2C44807763%2C44808149%2C44808285%2C44809054&oid=2&psts=AOrYGskhb-bZ7MQrozXSy7Ek8nsl5PD-gOgYuW20QgE0XHCEki0MqEZEipt_O9oJN6aeg0_Mbeca7wjj2xirwRKtspJJkg%2CAOrYGskwXkveVVZvs1-wDcxk_-1mgLpzGlIdMHzkEeNJWvkvVOuaBcYqvphc3ol8_lbZBfxcooWbelubZV0QcG2ioe6blruFfBrJbAzQmbHVN-OA77o&pvsid=3510725109261731&tmod=1102444141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&fsb=1&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
56643
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 27 Nov 2023 12:16:28 GMT
etag
48472445140208031
expires
Tue, 28 Nov 2023 12:16:28 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 45DA
209 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2a0f9051abeef67004195f8c483d5a956303a090e656d957ed34ba48081c665d

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2CE8
0
28 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=30851966076&version=m202309260101&ct=77&x=1&cor=1087672831500912000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2CE8
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvavUC49gD_JISuknc1J7XLvK--j48jr6dB-P6NWFPHXVS27I3Lm39KIT_rBkX97-D_w6bH4CjM5ohbQkrKEbel0vvnQKC9t1L96qaD8k-vH0Nc7yhNSmuEQtm7&sig=Cg0ArKJSzCRR5uEzziIeEAE&id=lidar2&mcvt=1010&p=0,0,600,160&mtos=1010,1010,1010,1010,1010&tos=1010,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=521587878&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701144028806&rpt=1152&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 45DA
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=Ckyz03WVlZcaNMda8xtYPxrW3mAXJluyWdLmpwdXlEWQQASCpieyKAWDJ7o6LwKSMEKABp-6g0gPIAQKoAwHIA8kEqgS_AU_Q47InpeWVlHTemd5QFj36b5Wo28zhjx1V1v56qKtR5qaG2jQ...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x226d16466797ae030000000000000000%22,%222%22:%220xee2ea3547fed90660000000000000000%22,%223%22:%220xb108c9...
0
0
Fetch
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x226d16466797ae030000000000000000%22,%222%22:%220xee2ea3547fed90660000000000000000%22,%223%22:%220xb108c9535706f17e0000000000000000%22,%224%22:%220xc18682bca3a379ee0000000000000000%22,%225%22:%220x49aa1e69dc9a8ae10000000000000000%22},%22debug_key%22:%225223034509681765110%22,%22debug_reporting%22:true,%22destination%22:%22https://villa.edu%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22977811239%22],%224%22:[%2211-28%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227592563383330705489%22}&andc=true
Protocol
H3
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 04:00:31 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x226d16466797ae030000000000000000","2":"0xee2ea3547fed90660000000000000000","3":"0xb108c9535706f17e0000000000000000","4":"0xc18682bca3a379ee0000000000000000","5":"0x49aa1e69dc9a8ae10000000000000000"},"debug_key":"5223034509681765110","debug_reporting":true,"destination":"https://villa.edu","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["977811239"],"4":["11-28"],"6":["true"]},"priority":"500","source_event_id":"7592563383330705489"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 28 Nov 2023 04:00:31 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 28 Nov 2023 04:00:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x226d16466797ae030000000000000000","2":"0xee2ea3547fed90660000000000000000","3":"0xb108c9535706f17e0000000000000000","4":"0xc18682bca3a379ee0000000000000000","5":"0x49aa1e69dc9a8ae10000000000000000"},"debug_key":"5223034509681765110","debug_reporting":true,"destination":"https://villa.edu","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["977811239"],"4":["11-28"],"6":["true"]},"priority":"500","source_event_id":"7592563383330705489"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 778F
Redirect Chain
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEIZXvsvm_Bxl_8BaWPLxpq8&google_cver=1&google_push=AXcoOmSMdRlU7R2D_xjJcAvf0QqZGjhhy5kJhWSND3y-6fdZjEMcuqW...
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=109fd08f95210fbd&is_secure=true&networkId=14000&version=1&google_gid=CAESEIZXvsvm_Bxl_8BaWPLxpq8&google_cver=1&google_push=AXcoOmSMdRlU...
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAGBp1DtQ1YngNvt4IrAAAAAAA&expiration=1701230431&google_cver=1&is_secure=true&google_gid=CAESEIZXvsvm_Bxl_8BaWPLxp...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAGBp1DtQ1YngNvt4IrAAAAAAA&expiration=1701230431&google_cver=1&is_secure=true&google_gid=CAESEIZXvsvm_Bxl_8BaWPLxpq8&google_push=AXcoOmSMdRlU7R2D_xjJcAvf0QqZGjhhy5kJhWSND3y-6fdZjEMcuqWytsF-Y1SCCKJbYeI9lZhnVwconzKedRym1irhu8Z7Vz-9fTufrKhsLV20wsRdfD28AA5JhkLuisq96lnXGfAK3Lo020vcQeXqOT6IExI
Protocol
H3
Server
142.250.217.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mia07s62-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:31 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAGBp1DtQ1YngNvt4IrAAAAAAA&expiration=1701230431&google_cver=1&is_secure=true&google_gid=CAESEIZXvsvm_Bxl_8BaWPLxpq8&google_push=AXcoOmSMdRlU7R2D_xjJcAvf0QqZGjhhy5kJhWSND3y-6fdZjEMcuqWytsF-Y1SCCKJbYeI9lZhnVwconzKedRym1irhu8Z7Vz-9fTufrKhsLV20wsRdfD28AA5JhkLuisq96lnXGfAK3Lo020vcQeXqOT6IExI
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 778F
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJvj_l545kXR5aCvtfgEbYY&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJvj_l545kXR5aCvtfgEbYY&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=M3pzS05LRncxUjdQZ1g1&google_gid=CAESEJvj_l545kXR5aCvtfgEbYY&google_cver=1&google_push=AXcoOmR1ydp3Q4Xh0IQzTlFeZzjEWsUcdlEaVnQWwlDXIRW...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=M3pzS05LRncxUjdQZ1g1&google_gid=CAESEJvj_l545kXR5aCvtfgEbYY&google_cver=1&google_push=AXcoOmR1ydp3Q4Xh0IQzTlFeZzjEWsUcdlEaVnQWwlDXIRWI7rQ6MjdVpBK6-lL44T-j795mPI_A3FGOHmTlxCCtgsUB7SDxWiujPhuraBNglA0FFGIzp7imGODh9IfZr2YQS1zoVG8CDL1tFl4K5zKQE4mH0Ac
Protocol
H3
Server
142.250.217.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mia07s62-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 28 Nov 2023 04:00:31 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-0b833971c6150453a@us-east-1b@dxedge-app-us-east-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=M3pzS05LRncxUjdQZ1g1&google_gid=CAESEJvj_l545kXR5aCvtfgEbYY&google_cver=1&google_push=AXcoOmR1ydp3Q4Xh0IQzTlFeZzjEWsUcdlEaVnQWwlDXIRWI7rQ6MjdVpBK6-lL44T-j795mPI_A3FGOHmTlxCCtgsUB7SDxWiujPhuraBNglA0FFGIzp7imGODh9IfZr2YQS1zoVG8CDL1tFl4K5zKQE4mH0Ac
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame 778F
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEKAu7RTJUQZmWrlfQ1q0WA8&google_cver=1&google_push=AXcoOmT-V70gshPKpEy-gAAE3bn16kYnu63kLFpkn4Bft4swVDJV8EIcvrGCExXToWB-3HV93PSnie6lKb6T4dZj7M1Fb1ENsTId-...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKAu7RTJUQZmWrlfQ1q0WA8&google_cver=1&google_push=AXcoOmT-V70gshPKpEy-gAAE3bn16kYnu63kLFpkn4Bft4swVDJV8EIcvrGCExXToWB-3HV93PSnie6lKb6T4dZj7M1Fb1ENsTI...
43 B
424 B
Image
General
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKAu7RTJUQZmWrlfQ1q0WA8&google_cver=1&google_push=AXcoOmT-V70gshPKpEy-gAAE3bn16kYnu63kLFpkn4Bft4swVDJV8EIcvrGCExXToWB-3HV93PSnie6lKb6T4dZj7M1Fb1ENsTId-f1ubK2UzlzL_XRckG-556DJoUaTKMP43vX2ECqSt4vBTkdsbYCg93Qw0A&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmT-V70gshPKpEy-gAAE3bn16kYnu63kLFpkn4Bft4swVDJV8EIcvrGCExXToWB-3HV93PSnie6lKb6T4dZj7M1Fb1ENsTId-f1ubK2UzlzL_XRckG-556DJoUaTKMP43vX2ECqSt4vBTkdsbYCg93Qw0A%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol
H2
Server
2606:4700::6812:18ad -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:31 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
82cfb455cef51865-EWR
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:31 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
231
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKAu7RTJUQZmWrlfQ1q0WA8&google_cver=1&google_push=AXcoOmT-V70gshPKpEy-gAAE3bn16kYnu63kLFpkn4Bft4swVDJV8EIcvrGCExXToWB-3HV93PSnie6lKb6T4dZj7M1Fb1ENsTId-f1ubK2UzlzL_XRckG-556DJoUaTKMP43vX2ECqSt4vBTkdsbYCg93Qw0A&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmT-V70gshPKpEy-gAAE3bn16kYnu63kLFpkn4Bft4swVDJV8EIcvrGCExXToWB-3HV93PSnie6lKb6T4dZj7M1Fb1ENsTId-f1ubK2UzlzL_XRckG-556DJoUaTKMP43vX2ECqSt4vBTkdsbYCg93Qw0A%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
82cfb4550e3d1865-EWR
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 778F
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEAnM8wbwOEyDSR-z46BCCw0&google_cver=1&google_push=AXcoOmRHfCldT_jsgBs0afimf2FKogJJJv2Vw28L09WzXmTO3wewKFKTLenYT9QiNB9zV6jCVsJ3Y3vTOI3OffHkfDZN...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEAnM8wbwOEyDSR-z46BCCw0&google_cver=1&google_push=AXcoOmRHfCldT_jsgBs0afimf2FKogJJJv2Vw28L09WzXmTO3wewKFKTLenYT9QiNB9zV6jCVsJ3Y3vTOI3Off...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmRHfCldT_jsgBs0afimf2FKogJJJv2Vw28L09WzXmTO3wewKFKTLenYT9QiNB9zV6jCVsJ3Y3vTOI3OffHkfDZNtEkNvXJ0MuFz2-wJaXTAihkuie2_cvveBK__T6SL2M...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmRHfCldT_jsgBs0afimf2FKogJJJv2Vw28L09WzXmTO3wewKFKTLenYT9QiNB9zV6jCVsJ3Y3vTOI3OffHkfDZNtEkNvXJ0MuFz2-wJaXTAihkuie2_cvveBK__T6SL2MtPcb3a-fdCz8HY_X-G6y63ekg&google_hm=eEtB35ukS8Ojh6Ofutbo2g==
Protocol
H3
Server
142.250.217.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mia07s62-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AXcoOmRHfCldT_jsgBs0afimf2FKogJJJv2Vw28L09WzXmTO3wewKFKTLenYT9QiNB9zV6jCVsJ3Y3vTOI3OffHkfDZNtEkNvXJ0MuFz2-wJaXTAihkuie2_cvveBK__T6SL2MtPcb3a-fdCz8HY_X-G6y63ekg&google_hm=eEtB35ukS8Ojh6Ofutbo2g==
Date
Tue, 28 Nov 2023 04:00:31 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 778F
Redirect Chain
  • https://sync-dmp.mobtrakk.com/match/google?google_gid=CAESEFHF-P23euaIPn6n0o2eDOo&google_cver=1&google_push=AXcoOmThJ1MJsBsB-fFLnosqY5iTiXhwmCsjjeUyUHpGHbVmgOWot2PJmzUX2KZqOEghYE66gEnjtVhWtuV1tqbiH...
  • https://sync-dmp.mobtrakk.com/match/google?google_gid=CAESEFHF-P23euaIPn6n0o2eDOo&google_cver=1&google_push=AXcoOmThJ1MJsBsB-fFLnosqY5iTiXhwmCsjjeUyUHpGHbVmgOWot2PJmzUX2KZqOEghYE66gEnjtVhWtuV1tqbiH...
  • https://cm.g.doubleclick.net/pixel?google_nid=992917243&google_hm=MWUxNWMyNTNjYmM2MzUyOA&google_push=AXcoOmThJ1MJsBsB-fFLnosqY5iTiXhwmCsjjeUyUHpGHbVmgOWot2PJmzUX2KZqOEghYE66gEnjtVhWtuV1tqbiHHRjzFvq...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=992917243&google_hm=MWUxNWMyNTNjYmM2MzUyOA&google_push=AXcoOmThJ1MJsBsB-fFLnosqY5iTiXhwmCsjjeUyUHpGHbVmgOWot2PJmzUX2KZqOEghYE66gEnjtVhWtuV1tqbiHHRjzFvqkaaO0s6j4SuKz5fin3OwChC8DHvZRjC4G58yxI0LFHfu9UuaE5ylzp14OXkUcvDq
Protocol
H3
Server
142.250.217.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mia07s62-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=992917243&google_hm=MWUxNWMyNTNjYmM2MzUyOA&google_push=AXcoOmThJ1MJsBsB-fFLnosqY5iTiXhwmCsjjeUyUHpGHbVmgOWot2PJmzUX2KZqOEghYE66gEnjtVhWtuV1tqbiHHRjzFvqkaaO0s6j4SuKz5fin3OwChC8DHvZRjC4G58yxI0LFHfu9UuaE5ylzp14OXkUcvDq
date
Tue, 28 Nov 2023 04:00:31 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
nginx
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame 778F
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ILZSImjgZ1ZFry56uId844MJPTU6brtO_3HRwzZGMp09nfWcCp2vnVraUe
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3130448679272231&output=html&h=250&slotname=6538754230&adk=3030280808&adf=299928974&pi=t.ma~as.6538754230&w=300&lmt=1701143153&format=300x250&url=https%3A%2F%2Fzaly.online%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701144029756&bpp=2&bdt=4376&idt=2&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51474cc3657465e7%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MbhfGLvMgVxjGDwVhkCy0kJo_etKg&gpic=UID%3D00000da452bb580f%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MaW2imH7PGd5p1aCMH2z2qBmuttGQ&prev_fmts=0x0%2C620x280%2C940x280%2C1600x1200%2C160x600%2C160x600%2C1005x124&nras=6&correlator=5891447285237&frm=20&pv=1&ga_vid=1315140130.1701144026&ga_sid=1701144027&ga_hid=1864439633&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1300&ady=944&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079654%2C44807405%2C44807763%2C44808149%2C44808285%2C44809054&oid=2&psts=AOrYGskhb-bZ7MQrozXSy7Ek8nsl5PD-gOgYuW20QgE0XHCEki0MqEZEipt_O9oJN6aeg0_Mbeca7wjj2xirwRKtspJJkg%2CAOrYGskwXkveVVZvs1-wDcxk_-1mgLpzGlIdMHzkEeNJWvkvVOuaBcYqvphc3ol8_lbZBfxcooWbelubZV0QcG2ioe6blruFfBrJbAzQmbHVN-OA77o&pvsid=3510725109261731&tmod=1102444141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&fsb=1&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.217.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mia07s62-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 04:00:31 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
activeview
pagead2.googlesyndication.com/pcs/ Frame 2CE8
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvfa-sIBC1KHbNNdDud7Pgmsydng4IrqRPgDTor8D6hdsESk7IpB5CRIPi2rQuFHh7cSHHghErchCyL_WImYIvJIi6x1Sdbybvz9AQIXRi-P9bLjgMNCnGB_2STKl9ua7cQu04Nh32qvg&sai=AMfl-YQBcsxXrgwSdPkKOJ0BiP9ftNurIunuRQW93JTiWgKPLcfHrdp0201jV1zrrjVe3mZ77X0frU_kUacAd6MiTbUOqVfj5Nchuuq_9vQr4pdRYTGqR7OSK-BXNA9VBcN5kV_a8bQJPH1_wymQhDOI&sig=Cg0ArKJSzA7yg6bbuqdoEAE&cid=CAQSTgDICaaNzGapUP_jDz8i-qY4SI_3oXXYpssJEwCQ5UboSK3hXoOLwhNXrAAo6DffKfnUBolvpa1OAVq_E4ETCqH2y0J80taok7A_blnPQxgB&id=lidar2&mcvt=1038&p=0,0,600,160&mtos=1038,1038,1038,1038,1038&tos=1038,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701144028806&rpt=682&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js
pagead2.googlesyndication.com/bg/ Frame 3F7C
38 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/vzrjyyduFLgmDwpVgabaEshtOWNUmidH4AmaDYU2FBI.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3130448679272231&output=html&h=250&slotname=6538754230&adk=3030280808&adf=299928974&pi=t.ma~as.6538754230&w=300&lmt=1701143153&format=300x250&url=https%3A%2F%2Fzaly.online%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701144029756&bpp=2&bdt=4376&idt=2&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D51474cc3657465e7%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MbhfGLvMgVxjGDwVhkCy0kJo_etKg&gpic=UID%3D00000da452bb580f%3AT%3D1701144026%3ART%3D1701144026%3AS%3DALNI_MaW2imH7PGd5p1aCMH2z2qBmuttGQ&prev_fmts=0x0%2C620x280%2C940x280%2C1600x1200%2C160x600%2C160x600%2C1005x124&nras=6&correlator=5891447285237&frm=20&pv=1&ga_vid=1315140130.1701144026&ga_sid=1701144027&ga_hid=1864439633&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1300&ady=944&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44809315%2C31078297%2C31079654%2C44807405%2C44807763%2C44808149%2C44808285%2C44809054&oid=2&psts=AOrYGskhb-bZ7MQrozXSy7Ek8nsl5PD-gOgYuW20QgE0XHCEki0MqEZEipt_O9oJN6aeg0_Mbeca7wjj2xirwRKtspJJkg%2CAOrYGskwXkveVVZvs1-wDcxk_-1mgLpzGlIdMHzkEeNJWvkvVOuaBcYqvphc3ol8_lbZBfxcooWbelubZV0QcG2ioe6blruFfBrJbAzQmbHVN-OA77o&pvsid=3510725109261731&tmod=1102444141&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=8&uci=a!8&fsb=1&dtd=8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf3ae3cb276e14b8260f0a5581a6da12c86d3963549a2747e0099a0d85361412
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 06:56:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
248665
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14894
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 24 Nov 2024 06:56:06 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame
0
0
Preflight
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x226d16466797ae030000000000000000%22,%222%22:%220xee2ea3547fed90660000000000000000%22,%223%22:%220xb108c9535706f17e0000000000000000%22,%224%22:%220xc18682bca3a379ee0000000000000000%22,%225%22:%220x49aa1e69dc9a8ae10000000000000000%22},%22debug_key%22:%225223034509681765110%22,%22debug_reporting%22:true,%22destination%22:%22https://villa.edu%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22977811239%22],%224%22:[%2211-28%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%227592563383330705489%22}&andc=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.176.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s37-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 28 Nov 2023 04:00:31 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pixel.gif
px.moatads.com/ Frame 201E
43 B
251 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=CROSSMEDIA_DCM1A&ol=972795819&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BY%24%3D!%5Dx%24P%5Bh3MrI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-eqhQdUIJ33QxUrdGk7NYu%2BFfHV3eib89DkRB2436S0SxzRtAIyeo1MnKlpdMQlJdIBr9&rs=1-znSbt24580cdYQ%3D%3D&sc=1&os=1-Sg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=160&qe=600&qh=1600&qg=1200&qm=600&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=2&h=600&w=160&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fzaly.online%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fzaly.online&lp=https%3A%2F%2Fzaly.online&t=1701144029991&de=806735796172&cu=1701144029991&m=1668&ar=51bd715ca6c-clean&iw=4a0122c&cb=0&ym=0&ll=2&lm=2&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=600&le=1&lf=297&lg=1&lh=30&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A-%3A-%3A1680%3A222&aa=1&ad=1050&cn=30&gn=1&gk=1050&gl=30&ik=1050&ic=1050&ez=1&co=1050&cp=1022&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1022&cd=144&ah=1022&am=144&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=6219544%3A28975896%3A352599115%3A183441212&bo=3330315&bd=zaly.online&gw=crossmediaadvdcm491634115592&zMoatOrigSlicer1=3330315&zMoatOrigSlicer2=N%2FA&zMoatAmobeeIO=-&zMoatAmobeeLI=-&zMoatAmobeePKG=-&zMoatDV360LI=-&zMoatDV360EXCH=-&zMoatTTD_SSP=-&zMoatTTD_ADV=-&zMoatTTD_CP=-&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jm=-1&tc=0&fs=205853&na=1086580218&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.51.58.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-51-58-26.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:31 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 28 Nov 2023 04:00:31 GMT
pixel.gif
px.moatads.com/ Frame 201E
43 B
251 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=CROSSMEDIA_DCM1A&ol=972795819&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BY%24%3D!%5Dx%24P%5Bh3MrI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-eqhQdUIJ33QxUrdGk7NYu%2BFfHV3eib89DkRB2436S0SxzRtAIyeo1MnKlpdMQlJdIBr9&rs=1-znSbt24580cdYQ%3D%3D&sc=1&os=1-Sg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=160&qe=600&qh=1600&qg=1200&qm=600&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=3&h=600&w=160&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fzaly.online%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fzaly.online&lp=https%3A%2F%2Fzaly.online&t=1701144029991&de=806735796172&cu=1701144029991&m=1669&ar=51bd715ca6c-clean&iw=4a0122c&cb=0&ym=0&ll=2&lm=2&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=600&le=1&lf=297&lg=1&lh=30&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A-%3A-%3A1680%3A222&aa=1&ad=1050&cn=1050&gn=1&gk=1050&gl=1050&ik=1050&ic=1050&ez=1&co=1050&cp=1022&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1022&cd=1022&ah=1022&am=1022&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=6219544%3A28975896%3A352599115%3A183441212&bo=3330315&bd=zaly.online&gw=crossmediaadvdcm491634115592&zMoatOrigSlicer1=3330315&zMoatOrigSlicer2=N%2FA&zMoatAmobeeIO=-&zMoatAmobeeLI=-&zMoatAmobeePKG=-&zMoatDV360LI=-&zMoatDV360EXCH=-&zMoatTTD_SSP=-&zMoatTTD_ADV=-&zMoatTTD_CP=-&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jm=-1&tc=0&fs=205853&na=998004390&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.51.58.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-51-58-26.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:31 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 28 Nov 2023 04:00:31 GMT
pixel.gif
px.moatads.com/ Frame 201E
43 B
251 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=37&q=2&hp=1&ra=1&pxm=3&sgs=3&vb=-1&kq=1&lo=1&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=CROSSMEDIA_DCM1A&ol=972795819&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BY%24%3D!%5Dx%24P%5Bh3MrI1%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-eqhQdUIJ33QxUrdGk7NYu%2BFfHV3eib89DkRB2436S0SxzRtAIyeo1MnKlpdMQlJdIBr9&rs=1-znSbt24580cdYQ%3D%3D&sc=1&os=1-Sg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=160&qe=600&qh=1600&qg=1200&qm=600&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=4&h=600&w=160&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fzaly.online%2F&id=0&ii=3&f=1&j=https%3A%2F%2Fzaly.online&lp=https%3A%2F%2Fzaly.online&t=1701144029991&de=806735796172&cu=1701144029991&m=1670&ar=51bd715ca6c-clean&iw=4a0122c&cb=0&ym=0&ll=2&lm=2&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=600&le=1&lf=297&lg=1&lh=30&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A-%3A-%3A1680%3A222&aa=1&ad=1050&cn=1050&gn=1&gk=1050&gl=1050&ik=1050&ic=1050&ez=1&co=1050&cp=1022&cq=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1022&cd=1022&ah=1022&am=1022&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=6219544%3A28975896%3A352599115%3A183441212&bo=3330315&bd=zaly.online&gw=crossmediaadvdcm491634115592&zMoatOrigSlicer1=3330315&zMoatOrigSlicer2=N%2FA&zMoatAmobeeIO=-&zMoatAmobeeLI=-&zMoatAmobeePKG=-&zMoatDV360LI=-&zMoatDV360EXCH=-&zMoatTTD_SSP=-&zMoatTTD_ADV=-&zMoatTTD_CP=-&hv=findIframeAds&ab=2&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=2&jm=-1&tc=0&fs=205853&na=542815314&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.51.58.26 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-51-58-26.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:31 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Tue, 28 Nov 2023 04:00:31 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 45DA
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstOeeP1vc4dDXrgLFjF-wBJ9OK2khgsyPpwV0n4mh6ITYnfNWhaBskLz2wCTo3Kkx0_1i62s7qJpli9E7MkwUhjUT-nsTyTzcEhwqQePSDVmHDjYoQGpwKVRFuDyJwBM8msb10Ws_zirQ&sai=AMfl-YS0y2iNHKMzaWYIHwmtrb_bfTOjrwznjyEZoSXPMp69astCYNAzdvP24_b-2ai3xxWaRbmv463yJdHv2HJv5fcHBMBa7Ks71qDd9LR85u7kR6UzT5LqDX44q20&sig=Cg0ArKJSzBfo-Zao6zx2EAE&cid=CAQSOwDICaaNFI68SIfABHtLH84t-WsPnDZlBdIrr5Ozru5Z4ok2EbuuHCdWgeFL1hwdLAYudfLW-Q1o1kHvGAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=3030280808&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701144029765&rpt=1596&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4008:813::2002 Bradenton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 2CE8
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1841082&asId=14e4b36e-f3a4-104d-4aa0-1866a36b0755&tv=%7Bc:vbXtxB,pingTime:1,time:2930,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:0,h:0,t:715%7D,%7Bw:160,h:600,t:910%7D,%7Bpiv:100,vs:i,r:,t:1929%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:1001,o:1929,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:715,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1231~0,1~100%5D,as:%5B212~0.0,1020~160.600%5D%7D%7D,%7Bsl:i,t:1929,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~100%5D,as:%5B1000~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:44,fm:tWSeZ0V+11%7C12%7C131%7C132%7C14%7C151%7C152%7C1611%7C171*.1841082-76634004%7C1711%7C1712%7C17131%7C1714%7C1811%7C1812%7C191%7C192%7C1a,idMap:171*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:717,sis:881%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:bd8:1771:243e:3319 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:32 GMT
server
nginx
x-server-name
dt06.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 2CE8
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1841082&asId=14e4b36e-f3a4-104d-4aa0-1866a36b0755&tv=%7Bc:vbXtxC,pingTime:1,time:2931,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:0,h:0,t:715%7D,%7Bw:160,h:600,t:910%7D,%7Bpiv:100,vs:i,r:,t:1929%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:1,cnod:1,gm:0,slTimes:%7Bi:1002,o:1929,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:715,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1231~0,1~100%5D,as:%5B212~0.0,1020~160.600%5D%7D%7D,%7Bsl:i,t:1929,wc:0.0.1600.1200,ac:NaN.NaN.160.600,am:i,cc:NaN.NaN.160.600,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~160.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:44,fm:tWSeZ0V+11%7C12%7C131%7C132%7C14%7C151%7C152%7C1611%7C171*.1841082-76634004%7C1711%7C1712%7C17131%7C1714%7C1811%7C1812%7C191%7C192%7C1a,idMap:171*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:717,sis:881%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:1aca:4280:bd8:1771:243e:3319 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Nov 2023 04:00:32 GMT
server
nginx
x-server-name
dt03.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
aj1559.online
URL
https://aj1559.online/ba298f04.js
Domain
sync.extend.tv
URL
https://sync.extend.tv/r.gif?exchange=googleadx&google_gid=CAESECtr-h0Xznwejj9FwmJhrxM&google_cver=1&google_push=AXcoOmRl2OGB1lyLcGnqdF0up7RuuTsPkDXmvQM1zpDMTyNuQrAJNma-SWOLs9VpOm3jgvrjrZ84h2Fys41z4U9IjGxXytBTHG0Mdg

Verdicts & Comments Add Verdict or Comment

128 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| documentPictureInPicture object| __cfQR undefined| $ function| jQuery function| gtag object| dataLayer object| html5 object| enjoymini function| enjoyminiDomReady function| enjoyminiToggleAttribute function| enjoyminiMenuToggle function| enjoyminiFindParents function| b2a function| a2b function| ai_run_scripts function| ai_wait_for_jquery function| b64e function| b64d object| ai_front number| ai_jquery_waiting_counter undefined| Cookies function| AiCookies function| ai_check_block function| ai_check_and_insert_block function| ai_load_cookie function| ai_set_cookie function| ai_get_cookie_text function| ai_insert function| ai_insert_code function| ai_insert_list_code function| ai_insert_viewport_code function| ai_insert_adsense_fallback_codes function| ai_insert_code_by_class function| ai_insert_client_code boolean| ai_process_elements_active function| MobileDetect boolean| ai_tracking_finished object| ai_viewport_names boolean| ai_js_code boolean| __cfRLUnblockHandlers function| plausible function| ai_process_lists function| ai_process_ip_addresses function| ai_install_standard_click_trackers function| ai_install_click_trackers function| ai_process_impressions object| regeneratorRuntime object| totm object| unibots object| mvPlayer boolean| UBP_DEBUG function| reactSiteCheck boolean| mobileCheck string| clientDomain string| clientActualDomain boolean| playerRun boolean| reactSite string| previousUrl function| runCMD function| unibotsLog function| insertRequriredJsToDom function| injectCustomJs function| checkBlocked function| getGeoInfo function| fetchJsonData function| fetchJsonData_new function| unibotsPlayer function| initMVPlayer function| addPlayerCssonMainWindow function| checkIframe function| generateIframe function| startFunc function| injectAdditionScriptTagsOnDOM function| movedivtotargetLocation function| checkPlDivs object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| gaGlobal string| txt function| postscribe object| gaplugins object| gaData object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| sp_passback_Balloon_config object| sp_passback_pto_config function| google_sa_impl object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| googletag object| google_llp function| arrive function| unbindArrive function| leave function| unbindLeave

31 Cookies

Domain/Path Name / Value
.zaly.online/ Name: _ga_PX3PZ6Q9RG
Value: GS1.1.1701144025.1.0.1701144025.60.0.0
.aj1559.online/ Name: UUID
Value: 66a53f05-6d99-5330-af7e-1ee74ec0d62c
.zaly.online/ Name: _ga
Value: GA1.2.1315140130.1701144026
.zaly.online/ Name: _gid
Value: GA1.2.1991288284.1701144026
.zaly.online/ Name: _gat_gtag_UA_189072159_22
Value: 1
.aj1559.online/ Name: ucv
Value: 667-US-1701230426811-24--
.zaly.online/ Name: __gads
Value: ID=51474cc3657465e7:T=1701144026:RT=1701144026:S=ALNI_MbhfGLvMgVxjGDwVhkCy0kJo_etKg
.zaly.online/ Name: __gpi
Value: UID=00000da452bb580f:T=1701144026:RT=1701144026:S=ALNI_MaW2imH7PGd5p1aCMH2z2qBmuttGQ
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: APC
Value: AfxxVi5uDkUZKzhmn54pzHtX88LFZlJ7hukJMIkc9E3w-ZOYyV2_uw
.adnxs.com/ Name: uuid2
Value: 5817971508819922717
.casalemedia.com/ Name: CMID
Value: ZWVl3RPlwzLHUoESsLJE9QAA
.casalemedia.com/ Name: CMPS
Value: 032
.casalemedia.com/ Name: CMPRO
Value: 032
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GU$v[dn^!]tbPl1M>e)ZlrFUfJ+tGXxo7P:-Y#9v[=8U]f0hN$=ymMb0g#[819@?hl>x3If)y3KL9D3I?+#-^q0f
.doubleclick.net/ Name: ar_debug
Value: 1
.googleadservices.com/ Name: ar_debug
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUk-5Y9_352rKg1QWz2Lk61g836jjtK6ZOSBICWWXcKoxluFEv5S0O6rF6b0yaw
.zaly.online/ Name: _gat_Balloon
Value: 1
.agkn.com/ Name: ab
Value: 0001%3Af%2FCICbBfn9nQ4w00kjo5JStWHTkpXdU%2B
.agkn.com/ Name: u
Value: C|0EAAs-CJdLPgiXQAAAAAAAQAHAAAAAAG6Ixj__x4AAAAAADLRCwAAAAAVBDxLAAAAAArvFzwAAAAAIIGaNwA
.demdex.net/ Name: demdex
Value: 58487999888341268790050495534384543439
.usbank.com/ Name: _acxmetrics
Value: FyzLDVZWXdaq0AEM
.acuityplatform.com/ Name: auid
Value: 857704199194
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqANPqNdXNlck1hdGNoaW5nSWTIkWxhc3REcm9wVGltZU1pbGxpcyUBRgUCXleAmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUYFAl5XgI90aGlyZFBhcnR5VXNlcklkWkNBRVNFT2NwT3ctLUxTWERMZGFWVk14cV84Ufv7hnZlcnNpb27C+w=="
.yahoo.com/ Name: A3
Value: d=AQABBN1lZWUCEPvY9t58vOG-hybywMlRkK8FEgEBAQG3ZmVvZQAAAAAA_eMAAA&S=AQAAAtz4gWdS4-5_CCX8gj7W0Nk
.usbank.demdex.net/ Name: usbank
Value: 58487999888341268790050495534384543439
.dotomi.com/ Name: DotomiTest
Value: 5ae7fbf93c4f0fbd
.yandex.ru/ Name: yuidss
Value: 858692251701144030
.yandex.ru/ Name: yandexuid
Value: 858692251701144030
.zaly.online/ Name: _ga_DBFL1E2103
Value: GS1.1.1701144026.1.0.1701144030.0.0.0

5 Console Messages

Source Level URL
Text
other warning URL: https://www.googletagservices.com/dcm/impl_v99.js(Line 92)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://server.zmedia.vn/static/template-v2/passback_ptopc/select%20site-passback-ptopc.min.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync.extend.tv/r.gif?exchange=googleadx&google_gid=CAESECtr-h0Xznwejj9FwmJhrxM&google_cver=1&google_push=AXcoOmRl2OGB1lyLcGnqdF0up7RuuTsPkDXmvQM1zpDMTyNuQrAJNma-SWOLs9VpOm3jgvrjrZ84h2Fys41z4U9IjGxXytBTHG0Mdg
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
security error URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Message:
Refused to execute script from 'https://usbank.demdex.net/firstevent?d_event=imp&d_src=181138&d_creative=183441212&d_campaign=28975896&d_placement=352599115&d_site=3330315&d_bust=2877588321' because its MIME type ('image/gif') is not executable, and strict MIME type checking is enabled.
javascript warning (Line 3)
Message:
The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
acxmetrics.usbank.com
ad.doubleclick.net
aj1559.online
ajax.googleapis.com
an.yandex.ru
analytics.google.com
analytics.pangle-ads.com
cdn.unibotscdn.com
cm.g.doubleclick.net
d.agkn.com
dclk-match.dotomi.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
mb.moatads.com
onetag-sys.com
pagead2.googlesyndication.com
pixel.adsafeprotected.com
plausible.io
pm.w55c.net
pr-bh.ybp.yahoo.com
px.moatads.com
s.tribalfusion.com
s0.2mdn.net
server.zmedia.vn
static.adsafeprotected.com
stats.g.doubleclick.net
sync-dmp.mobtrakk.com
sync.extend.tv
tpc.googlesyndication.com
ums.acuityplatform.com
usbank.demdex.net
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
z.moatads.com
zaly.online
aj1559.online
sync.extend.tv
142.250.176.194
142.250.217.226
142.250.81.230
143.47.125.171
171.244.164.171
172.217.3.66
172.64.151.101
2001:4860:4802:36::181
212.124.124.115
23.44.203.13
23.51.58.26
23.55.235.224
2400:52e0:1a00::1069:1
2600:1f18:1aca:4280:bd8:1771:243e:3319
2600:1f18:4e9:5a07:d3af:beee:a4a3:137e
2600:9000:2137:3400:8:48e:53c0:93a1
2600:9000:21da:8800:19:fc2c:a140:93a1
2606:4700:3033::6815:3c43
2606:4700::6812:18ad
2606:ae80:1451:21::440
2607:f8b0:4006:80f::2008
2607:f8b0:4006:816::2002
2607:f8b0:4008:800::2001
2607:f8b0:4008:801::2006
2607:f8b0:4008:804::200a
2607:f8b0:4008:805::2004
2607:f8b0:4008:806::2002
2607:f8b0:4008:806::2003
2607:f8b0:4008:809::200a
2607:f8b0:4008:813::2002
2607:f8b0:4008:815::2003
2607:f8b0:4008:815::200e
2607:f8b0:400c:c05::9c
2a02:6b8::90
2a02:6ea0:c454::1
34.237.166.117
35.211.178.172
5.161.204.250
51.222.39.186
52.45.157.3
54.165.156.137
68.67.179.155
69.90.254.78
001809079c0839eb4f835581971320de66ca5291c8b3c16c9bb799e62b71077a
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
021f0fd27042b279a49e982215c6dc3c3ab84e95b35553a119dfdbd50af6be94
0364d368abf457d4e70dbc7a7a360f3486eaea2837b194915b23d4398bee91ac
0937756972fc004db913d555fb16863c098a978d8b7202e248b8401bec107609
0a0610548e89956b26496552978f70638cbbba6f7d3fc204e137457a52d53f8d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0f3df960ae417c51a3ae981e07fe06448835f98f7a58f53209f0d39042d3b2da
115e7ac5cc32bc21997e9159bf8758fede10efa2bc3839ca36160b8f83d65bf9
124c62cfd395550a54fc8c6a8091a4cdb544c03232556dc9c4636eafa4a4ac1a
14614a5e76b685075a852b60e7f4242bb6fac8bb71af11eedadad1521c918c7e
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1b267a683e31c4faf2cdee41bd70aa93fb8bd87b37358b243f3abae5c56ce5a3
1c3f4135ae3d85f96b87f9ecaab5099b1e9249a778b10114f3e53307e25b7a54
1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1db9c8447699b34c4433d48a6b3a1fc1df74f4258935953c377bda8267144918
1e1078d97060cccda073393cca614c7aef5b94f3dce291fc0c075fd9a817145a
1e4af82b925da82db3129437cdbe8463f333cfd8af5c6a4bb3daa46df1a4ad6e
1ffd83d094e6b3078255ba6f5df8fa60f2716b5cf558916a9ff30dca79631159
230d5095dbd1dabfff7ef55aad99c662f57cd847bd3a5c9befd320551027045b
25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2881d8eadc298102d2462e8d32e40792adce37b6cd89d99045f574eb3ecbb748
2a0f9051abeef67004195f8c483d5a956303a090e656d957ed34ba48081c665d
2c48b867bef0ad9445c7fec13b7fb379804641bbe9c4b1231fad7f42502a150e
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b3b1992c9f0e0bd97370df1a975fce340e5cc99a75db06f0fc45efda7d43b0
35ef325738aec617e593976f23534b7d5b159f4642f24bc7c1bbbb40a7dc181f
389090922185d81fe757eb0e033fccb17583e98a7dc5b9900a1dbd7bb49aafa5
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
39473f41f6492001648e93d50aa18f14ae5e917cd9c93da48ec2dd50ca1f364b
3ab604b93177ff826952980a53cf8ddcaf06aa7df8fa00e79916786a26af5f1c
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
3df5746a25ab4dc32517df57deca8ecc5c425a2abd15c6d6f5fc817472e4d632
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
438eac9d3f8eabcd1fc9585819263fc5b6e393e9772ca54266c435b5ed287306
44e77b4ab0368538b8c5a3fbcb36c31bc07d2798a8bc2fceeea6feaf8cbec859
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e1fa87002cee040f474ff1646ed1cd7d79f689b957f0850b877a7679685e824
53e453cfe0cf6561aa801cea98523338152bc6fa64ac53a695a4548016a1f824
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54efe90d6d9fce78a85ba8eebcec5beb03fae2b674aadf5cc87f2b1065c80280
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
562cf20209bc574fcf9d8997d26f52cfd961eb7b5edcbdabdd6fc8a19ece753e
5aa849bc469c6d7b20bddd54a6ab9c01686f0916ce64d8074e646adbdd19e737
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d60c053b0001fc62bddd8d273be2d45bd62085f6179c57e1d2ae8fc6be54819
5fb44f5faa5569cf002f97433c48ff5f53a0c6a181d3f67858c93a8379dbde0d
610d24f5996131b3ab98f18e05441cc246aa8674c3842df0df2b40b57ac9fd0c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
62cf47440cbf69b9d0a37c238c923e6544394913a5e5e615d017b1537aa06ec2
68306ebb67e2ed518aed44cad59d49b381ad16d42cc9555e73cd27fdac6e1a4a
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
6afd72df7a313f4c7f2526f95b4d10012d1029d80c2f7397512e94539d1f9334
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4
74104393ff5df076b720705b4c4bab255e9c7c4343346113043b4e601df86cce
7f9694a5641741d04e1c98eb1011059826aa5feb34e47d2b2f95bdb47cb0c2f5
7fbee0019a70035aab059c0f41765ddadacd3b39cd66de6d3c5e86ac45783e2b
82555e78137699464bd690f1e6f4ae38f441073926244ff635b0a920ce18cfb3
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
842168fa3f7147fa8d30182b9b15f5a0fe207d9acc2687a8fdec6a524a61d1f4
856b7a3a9f9fbde659dcd1c988106a7cc4c3e0d820c8a0478c4136c8f4d33c9f
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8b61c2b918d0adfa52912529724558567924bbb3e960ff21181ffaccae99aa87
8b8dbe372d55aac61751e3c8aa96d3ba9c73ca7c02cf85ab0499886137b5fbae
8e6754a3cc44196dd0d960f5499ab1b02ddd0143dbedd9d7823defe3fdab7aea
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
912a9416c7ad44940eff4598d9e8331d082945a877e71068f739d28d8f3658bc
9a70e6e451f64209e84626740cf9374e76dd5963e1130c454e9e3356954853bc
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9da9ab666e107cd56f25b3c8a97e089ef49cc8d7436ef18889751e9b856601a8
9f3a91ccfb5f72ee6d100fb62b9cbf5b2541dcc60db55bf05ebf80ffb1e6e1d3
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a3e5c486ca9cab98b690f2f3fcc83c73141a667293c8a8236bb1e376313f0e36
a52e42906b88f45aa3d22f22cc7a0072454af23e67af7580c8dbca7838f32b9c
ac979153353d406bad08c264561bd8a33c4e7b5444dbf23826b4f7f674ff932d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3e101d58c2711a8fd5c6f47f40e6b2ff8e3ec41c8f0495b0f0b56b2ea44e760
b5737b0c371611ffbda25040aefb4a72202b3f4f4223da5802f9841823f125ec
bbd11d287d579b875f5ba1e88c62f56834dd8d925d7776fdc4eb201cf9aa5192
bc4a1afb694e93410712d128ca7405dec5afb5561b347fa34f4da39ae17ad1f9
bc683e932f79a2eec11f258cb15966aab5abd7269f7fed443bc8a0bca5fdb046
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bea053080bba70f6033acc67da70d1caf12a87f99750a472b00b2d53138cf2c8
bf3ae3cb276e14b8260f0a5581a6da12c86d3963549a2747e0099a0d85361412
c3cb5d96dd83517f2586ecce90fa45ea2781cd63dc89bbceaae49319098deb7c
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c7bb9105c52eb1bb223e5b1aac3162ea5b4144d4b9475ff8d0e8bdc0ec4accf2
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ced2d8e02e2fbf08d2edec9b5f13648ed8348588a05f7181632f3c1dd6e1f5c3
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf9705cee9e8605ddf1754df3f792a5de8f5da41f7d704a0e29d013e5f3302e8
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
d0665e41f3c6d478e2d7bf31dce68ca102e14510cfa6cc39447dcae70b38b2ec
d9ecc05c7a6ae6794d682b669ae960b83822e8b57e1a5e675ca8022f366ea0f0
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c4a4057f02182efe3e8959561124f215a4a8e50e03257b71d550cbf74ecc4f
e47fae1dd3f30cd0e70b4783ebfc6bdc0769c2fe2798843b8dd2c5be0d014093
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e7fdf2a3ed48374d880561e4061612e2736284d20a4460a50fbff88d05631696
eb38f233bc7939270157bebe271e65ad164732ab9e285c4569358a48605955dc
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ebc94cc158b409fd54e12310afd7c12d0022544d0b64c659b9c1ecbf433a6a2f
ef166db27f017c2cd97526363d1fba36f9cc2f649760a5bab0d88a9ccbcc4606
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f61ce0d0d062c15912a8fd7067d050eb058a4947d7d516ffa6efc31fd32ea731
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
fd543b21d162ee922201fe54b79778548f8102ea91376960e856c069a135cb76