urlscan.io logo urlscan.io
SecurityTrails logo

zippyxceltop.top Open in urlscan Pro
172.67.189.43  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://zippyxceltop.top/
Effective URL: https://zippyxceltop.top/
Submission Tags: @phish_report
Submission: On November 17 via api from FI — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 2 countries across 9 domains to perform 47 HTTP transactions. The main IP is 172.67.189.43, located in United States and belongs to CLOUDFLARENET, US. The main domain is zippyxceltop.top.
TLS certificate: Issued by WE1 on November 16th 2024. Valid for: 3 months.
This is the only time zippyxceltop.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

13    172.67.189.43 (United States)

ASN13335 (CLOUDFLARENET, US)
zippyxceltop.top
6    142.250.196.130 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s36-in-f2.1e100.net
securepubads.g.doubleclick.net
3    2404:6800:4004:81e::2008 (Australia)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    2606:4700::6812:d20 (United States)

ASN13335 (CLOUDFLARENET, US)
img.gamescdn.top
2    2404:6800:4004:80c::200e (Australia)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2404:6800:4004:824::200e (Australia)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
2    142.250.198.2 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s58-in-f2.1e100.net
ep1.adtrafficquality.google
pagead2.googlesyndication.com
3    2404:6800:4004:826::2001 (Australia)

ASN15169 (GOOGLE, US)
a13d63d684244d24fff342a6d57656d5.safeframe.googlesyndication.com
ep2.adtrafficquality.google
1    142.251.42.196 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: nrt12s47-in-f4.1e100.net
www.google.com
7    142.250.207.46 (United States)

ASN15169 (GOOGLE, US)
PTR: nrt13s55-in-f14.1e100.net
fundingchoicesmessages.google.com
1    2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
Apex Domain
Subdomains		 Transfer
13 zippyxceltop.top
zippyxceltop.top
77 KB
11 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 695
www.google.com — Cisco Umbrella Rank: 3
73 KB
6 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218
201 KB
5 gamescdn.top
img.gamescdn.top — Cisco Umbrella Rank: 722212
112 KB
3 adtrafficquality.google
ep1.adtrafficquality.google — Cisco Umbrella Rank: 389
ep2.adtrafficquality.google — Cisco Umbrella Rank: 403
19 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
216 KB
2 googlesyndication.com
a13d63d684244d24fff342a6d57656d5.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
26 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
1 gstatic.com
csi.gstatic.com
532 B
47 9
Domain Requested by
13 zippyxceltop.top zippyxceltop.top
10 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
6 securepubads.g.doubleclick.net zippyxceltop.top
securepubads.g.doubleclick.net
5 img.gamescdn.top
3 www.googletagmanager.com zippyxceltop.top
www.googletagmanager.com
2 ep2.adtrafficquality.google securepubads.g.doubleclick.net
ep2.adtrafficquality.google
2 www.google-analytics.com www.googletagmanager.com
1 csi.gstatic.com pagead2.googlesyndication.com
1 pagead2.googlesyndication.com
1 www.google.com ep2.adtrafficquality.google
1 a13d63d684244d24fff342a6d57656d5.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 ep1.adtrafficquality.google securepubads.g.doubleclick.net
47 12

This site contains no links.

Subject Issuer Validity Valid
zippyxceltop.top
WE1		 2024-11-16 -
2025-02-14		 3 months crt.sh
*.g.doubleclick.net
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.google-analytics.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
gamescdn.top
WE1		 2024-11-06 -
2025-02-04		 3 months crt.sh
*.google.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
adtrafficquality.google
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh
*.gstatic.com
WR2		 2024-10-21 -
2025-01-13		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://zippyxceltop.top/
Frame ID: 0C38EA85CD65560D94A87E2CADAF1AA2
Requests: 43 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Frame ID: FCB9CF9A2A5D55108DB758B5395F00BF
Requests: 1 HTTP requests in this frame

Frame: https://a13d63d684244d24fff342a6d57656d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0BAEA160B841D32AAE3E280472B0B99B
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: 6A832E3CF948B2E3717C228E3102D5CC
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1EF0ABEFBF7B5B5F87794AF4285856C1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Mobi Games

Page URL History Show full URLs

  1. http://zippyxceltop.top/ HTTP 307
    https://zippyxceltop.top/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • zepto.*\.js

Page Statistics

47
Requests

98 %
HTTPS

55 %
IPv6

9
Domains

12
Subdomains

12
IPs

2
Countries

724 kB
Transfer

1913 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://zippyxceltop.top/ HTTP 307
    https://zippyxceltop.top/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

47 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
zippyxceltop.top/
Redirect Chain
  • http://zippyxceltop.top/
  • https://zippyxceltop.top/
9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://zippyxceltop.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.189.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
917dee6a71420bc31ce12d352053b84f0a5cf18e465cdc0dbf62925ebb057782

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e3c53ab2f7be7ce-SYD
content-encoding
zstd
content-type
text/html
date
Sun, 17 Nov 2024 02:35:20 GMT
last-modified
Mon, 11 Dec 2023 06:24:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OozMQxeXpS%2Bmr7nFKWndNwjwzUEtXjVvaFwYiyeZDNDg7Sw3N47WmN1tYT%2Fdvc5uwlAP0F74FCHIwoPsublkoFPwqIYoCjWq2objfy9cg6WUAf3PmtagT%2B%2B7pQozTp7I7zRW"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=1674&sent=13&recv=12&lost=0&retrans=0&sent_bytes=4308&recv_bytes=5811&delivery_rate=1054&cwnd=12000&unsent_bytes=0&cid=e7c283bce7b42e50&ts=308&x=1" cfExtPri cfHdrFlush;dur=0
vary
accept-encoding

Redirect headers

Location
https://zippyxceltop.top/
Non-Authoritative-Reason
HttpsUpgrades
common.css
zippyxceltop.top/static/css/ 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://zippyxceltop.top/static/css/common.css?v=20201021
Requested by
Host: zippyxceltop.top
URL: https://zippyxceltop.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.189.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88b0f5c54f22701cf37ae9826bbde359ba8b11a87c603532c16e3a392442a4ea

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://zippyxceltop.top/

Response headers

server
cloudflare
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"6576ab33-294f"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5V0l84cHXAMKLH4iVYbU1Nu9yyw%2FAV97L6onbjMt5fGcPZqUgbfaomwM63gsAeWNCqpVn3FBN4CQ7KSoC5%2Bk%2FVAa01tgXGAHeCkoRoWngUizoE%2BzSQTycgjdAv5iGQ20Cege"}],"group":"cf-nel","max_age":604800}
cf-ray
8e3c53ad1c54e7ce-SYD
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=1701&sent=26&recv=23&lost=0&retrans=0&sent_bytes=16414&recv_bytes=8216&delivery_rate=455576&cwnd=12000&unsent_bytes=0&cid=e7c283bce7b42e50&ts=502&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 02:35:20 GMT
content-type
text/css
last-modified
Mon, 11 Dec 2023 06:24:51 GMT
vary
Accept-Encoding
priority
u=0,i=?0
icon_page_menu.png
zippyxceltop.top/static/images/ 		401 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zippyxceltop.top/static/images/icon_page_menu.png
Requested by
Host: zippyxceltop.top
URL: https://zippyxceltop.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.189.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9187447c077a100fd58dfa43850cb5575a540d69e1ab5b447ccde673b94bc542

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://zippyxceltop.top/

Response headers

cf-cache-status
REVALIDATED
etag
"6576ab33-191"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kpa43dkxuRF%2FUYzJrsLUqrp%2B%2BeZZQ9X4sMPiKo7ROnHK8v9A7V4OuN32H6ahIaKqaGIL9CYcDx49tYEqimhua5OSD358DvZORg51VdK%2B66MmvpuGJbWkolSD3EB4MTAQPtFf"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=1744&sent=23&recv=22&lost=0&retrans=0&sent_bytes=13347&recv_bytes=8173&delivery_rate=300098&cwnd=12000&unsent_bytes=0&cid=e7c283bce7b42e50&ts=493&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 02:35:20 GMT
content-type
image/png
last-modified
Mon, 11 Dec 2023 06:24:51 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e3c53ad1c57e7ce-SYD
accept-ranges
bytes
content-length
401
server
cloudflare
icon_page_share.png
zippyxceltop.top/static/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zippyxceltop.top/static/images/icon_page_share.png
Requested by
Host: zippyxceltop.top
URL: https://zippyxceltop.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.189.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
129d4f5cbd98ba36addf4ed454dba2ac612cc4062fef69bb12bf7e1fb458c60f

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://zippyxceltop.top/

Response headers

cf-cache-status
REVALIDATED
etag
"6576ab33-4fe"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EyaZecxO81NKWiOfkhdAHFRn0z3kVs3RAVS1%2F%2FdtgeNCI%2BH6ifjEIN76GaGehOau%2Bn3mr%2F%2F1sse%2BU7nrsgrqUn5DXbt5FuFj2%2BduBuPpKnVXYembI8fl9D%2BYjcrl2fQUKh4d"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=1744&sent=24&recv=22&lost=0&retrans=0&sent_bytes=14428&recv_bytes=8173&delivery_rate=300098&cwnd=12000&unsent_bytes=0&cid=e7c283bce7b42e50&ts=497&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 02:35:20 GMT
content-type
image/png
last-modified
Mon, 11 Dec 2023 06:24:51 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e3c53ad1c59e7ce-SYD
accept-ranges
bytes
content-length
1278
server
cloudflare
icon_page_close.png
zippyxceltop.top/static/images/ 		723 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zippyxceltop.top/static/images/icon_page_close.png
Requested by
Host: zippyxceltop.top
URL: https://zippyxceltop.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.189.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75c26a19280cc90be079f6d19ab01a02733a6b775da8f57b1dce515f6b3c046f

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://zippyxceltop.top/

Response headers

cf-cache-status
REVALIDATED
etag
"6576ab33-2d3"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4J%2BdXPtJ5asWzKCPu0053pgiAAExzLXdpc79Y5MgB5NCcQ08ichIh9sjWS0dgd8cgd%2BPvM9gHLC318%2BoJa24Phouh%2Bjqeb%2FcQ4o%2Fnk7x9D272O8ZbZvkgjExnxB7zeDIjc%2F3"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=1634&sent=29&recv=25&lost=0&retrans=0&sent_bytes=19459&recv_bytes=8302&delivery_rate=465687&cwnd=12000&unsent_bytes=0&cid=e7c283bce7b42e50&ts=512&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 02:35:20 GMT
content-type
image/png
last-modified
Mon, 11 Dec 2023 06:24:51 GMT
vary
Accept-Encoding
priority
u=2,i
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e3c53ad3c9fe7ce-SYD
accept-ranges
bytes
content-length
723
server
cloudflare
email-decode.min.js
zippyxceltop.top/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zippyxceltop.top/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: zippyxceltop.top
URL: https://zippyxceltop.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.189.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://zippyxceltop.top/

Response headers

x-frame-options
DENY
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=172800, public
content-encoding
gzip
etag
W/"673379cd-4d7"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wPdkI%2Ffb6NSydRmE3MBOCwDyET53AvF5eqpuaEFLu0bEO135ksxHbRl2W1AZ%2F%2B1tVpSM1KopIlhfUnNmqZxF32Ooyx6UxOtangwClPFlYLVoEevUCQiOShYOdGBFrWYl9cSk"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8e3c53ad3ca3e7ce-SYD
expires
Tue, 19 Nov 2024 02:35:20 GMT
date
Sun, 17 Nov 2024 02:35:20 GMT
content-type
application/javascript
last-modified
Tue, 12 Nov 2024 15:52:45 GMT
server
cloudflare
vary
Accept-Encoding
rocket-loader.min.js
zippyxceltop.top/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zippyxceltop.top/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: zippyxceltop.top
URL: https://zippyxceltop.top/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.189.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://zippyxceltop.top/

Response headers

x-frame-options
DENY
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=172800, public
content-encoding
gzip
etag
W/"673379cd-302c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7AXQCn8fSVhriFenpaunb%2FPKKfXQf52e2UY4YaktzagzySCu5OqTHWPxQIr%2FoOCJy%2BIuYwjY65jnBNsbtmLvfTgypVdsPkn%2FM365kli1WUNM1G8bshArQ4CGcmCzhhNIxXQg"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8e3c53ad3ca5e7ce-SYD
expires
Tue, 19 Nov 2024 02:35:20 GMT
date
Sun, 17 Nov 2024 02:35:20 GMT
content-type
application/javascript
last-modified
Tue, 12 Nov 2024 15:52:45 GMT
server
cloudflare
vary
Accept-Encoding
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		108 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: zippyxceltop.top
URL: https://zippyxceltop.top/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
cafe /
Resource Hash
4df52022523f497c82b71f54368ff3b0cd14a94520016be6118e36aebaad0da0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://zippyxceltop.top/

Response headers

content-encoding
br
etag
907 / 20044 / m202411120102 / config-hash: 13223844563403868853
x-content-type-options
nosniff
expires
Sun, 17 Nov 2024 02:35:20 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sun, 17 Nov 2024 02:35:20 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
content-disposition
attachment; filename="f.txt"
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
33483
x-xss-protection
0
server
cafe
js
www.googletagmanager.com/gtag/ 		322 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VVK4F8RBRF
Requested by
Host: zippyxceltop.top
URL: https://zippyxceltop.top/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:81e::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1accf5febea6b260f06fb64f28cc831dea6e1029132186f8c052ee7909725730
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://zippyxceltop.top/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sun, 17 Nov 2024 02:35:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 17 Nov 2024 02:35:21 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109622
x-xss-protection
0
server
Google Tag Manager
gameBox_v5.js
zippyxceltop.top/static/js/ 		121 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zippyxceltop.top/static/js/gameBox_v5.js
Requested by
Host: zippyxceltop.top
URL: https://zippyxceltop.top/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.189.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d1931aead09ff11bd3e28b1414640d443575ba2039941849b3f15c263dbcd47

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://zippyxceltop.top/

Response headers

server
cloudflare
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"6576ab33-1e2af"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cnf1qc51w3UdtEUulnMux7txVEDCQDp%2BII7TL96noORyqdep4FXlz1G%2B%2FKIvS3vhBSdskGv%2BC3N8a0W6Org7hVDLTM3G%2F0olsdnXKZB%2FyRnNVz1hRQuUjyQ8VlWO0Pq3JT%2Be"}],"group":"cf-nel","max_age":604800}
cf-ray
8e3c53ae5f74e7ce-SYD
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=1817&sent=52&recv=40&lost=0&retrans=0&sent_bytes=37733&recv_bytes=10408&delivery_rate=836754&cwnd=15600&unsent_bytes=0&cid=e7c283bce7b42e50&ts=724&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 02:35:20 GMT
content-type
application/javascript
last-modified
Mon, 11 Dec 2023 06:24:51 GMT
vary
Accept-Encoding
priority
u=1,i=?0
common.js
zippyxceltop.top/static/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zippyxceltop.top/static/js/common.js?v=20201021
Requested by
Host: zippyxceltop.top
URL: https://zippyxceltop.top/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.189.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c06c250df5f991860dce095638f6c845f4291a7ee401837f999abd3647fd84b

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://zippyxceltop.top/

Response headers

server
cloudflare
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"6576ab33-11a3"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZyjJswDGs95oVBnLQ6RtzPz5uEWEggOxGTs4LNDjCFqXPL7LMHVXcvTYtizvzZmB6mv6Rkf8sQ57PeQAzZuClH7ChVqdvqlP3cjygsoiOVKKYPB94amSrB8uDdvkz13xwf3H"}],"group":"cf-nel","max_age":604800}
cf-ray
8e3c53ae5f7be7ce-SYD
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=1624&sent=34&recv=31&lost=0&retrans=0&sent_bytes=20958&recv_bytes=10021&delivery_rate=918819&cwnd=12000&unsent_bytes=0&cid=e7c283bce7b42e50&ts=696&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 02:35:20 GMT
content-type
application/javascript
last-modified
Mon, 11 Dec 2023 06:24:51 GMT
vary
Accept-Encoding
priority
u=1,i=?0
lazyload.min.js
zippyxceltop.top/static/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zippyxceltop.top/static/js/lazyload.min.js
Requested by
Host: zippyxceltop.top
URL: https://zippyxceltop.top/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.189.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b3baa10ac55f4eece0c7e666eaddd51872b8ce9273671626bcccec8f86ead78

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://zippyxceltop.top/

Response headers

server
cloudflare
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"6576ab33-8a2"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p5%2FnA1VIB8YFdRHQB%2F3PR4ogXgDFmfXLkTibVW0eiweRzmSQKyB4aRRlF3Sz5ITu6JoCASEro35Ox3JSZ9E71bIFc97w%2Bef0x0iqNqSgqzUVwOoqR0esCehRMRxFAI5CHFjl"}],"group":"cf-nel","max_age":604800}
cf-ray
8e3c53ae5f7fe7ce-SYD
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=1624&sent=45&recv=31&lost=0&retrans=0&sent_bytes=32958&recv_bytes=10021&delivery_rate=918819&cwnd=12000&unsent_bytes=0&cid=e7c283bce7b42e50&ts=697&x=1", cfExtPri, cfHdrFlush;dur=1
date
Sun, 17 Nov 2024 02:35:20 GMT
content-type
application/javascript
last-modified
Mon, 11 Dec 2023 06:24:51 GMT
vary
Accept-Encoding
priority
u=1,i=?0
zepto.min.js
zippyxceltop.top/static/js/ 		26 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zippyxceltop.top/static/js/zepto.min.js
Requested by
Host: zippyxceltop.top
URL: https://zippyxceltop.top/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.189.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ad129501749dead7a9097a84107daeb166471c193353a77da3608ca76ff4bf8

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://zippyxceltop.top/

Response headers

server
cloudflare
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
gzip
cf-cache-status
REVALIDATED
etag
W/"6576ab33-6713"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0n%2FJr1WJmT53rmNiahEMEI65PhdYpL1K0QfgozdJnC2DT2I7E2M8PVCZJQJx83eEon9xXC4nbYyPAf3dvMRrIEHrHokfNqM1ue71npi5WgWj0PtqzW49bn9BzG544E%2F7Rhup"}],"group":"cf-nel","max_age":604800}
cf-ray
8e3c53ae5f83e7ce-SYD
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=1624&sent=36&recv=31&lost=0&retrans=0&sent_bytes=23219&recv_bytes=10021&delivery_rate=918819&cwnd=12000&unsent_bytes=0&cid=e7c283bce7b42e50&ts=697&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 02:35:20 GMT
content-type
application/javascript
last-modified
Mon, 11 Dec 2023 06:24:51 GMT
vary
Accept-Encoding
priority
u=1,i=?0
favicon.ico
zippyxceltop.top/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://zippyxceltop.top/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.189.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
faf19360296223640864dfa5d5e2ec4cc006badadfeba91e0868a0787aaeab29

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://zippyxceltop.top/

Response headers

server
cloudflare
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
REVALIDATED
etag
W/"6576ab33-47e"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ia6Zs3%2FXWuyQDMesHIWcRoqVG6D5tXKNfyUOM8CwdLUY25JlSz%2ByT8QZ0uBbfMKDpArCDlyeeFrhkFwxmZ6%2BoU84CxY94%2BKBBN%2FsfbJu9Kpxo1oT9HZJYgQ%2BcYlLk9%2BFdPBL"}],"group":"cf-nel","max_age":604800}
cf-ray
8e3c53ae5f89e7ce-SYD
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=1866&sent=50&recv=39&lost=0&retrans=0&sent_bytes=36490&recv_bytes=10365&delivery_rate=60809&cwnd=15600&unsent_bytes=0&cid=e7c283bce7b42e50&ts=704&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 02:35:20 GMT
content-type
image/x-icon
last-modified
Mon, 11 Dec 2023 06:24:51 GMT
vary
Accept-Encoding
priority
u=1,i
loading.png
zippyxceltop.top/static/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zippyxceltop.top/static/images/loading.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.189.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16157f3bf25aa290cac7db83bd00cc7459ce65b752d11cf2eef606a4ecc6374d

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://zippyxceltop.top/

Response headers

cf-cache-status
REVALIDATED
etag
"6576ab33-45e"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8zPNAjoarR1BcFqaHKkC%2FA5QhykKtAe2JnjjbdpHH4rtX%2Bj4OemQbxa63FwPK9Ghum7G8omm1gZLD54HX0ErjSt5YtdP5fitEnerCqszIwrX%2FWR%2BpJum98hu3Leppj17ko7D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=1709&sent=91&recv=60&lost=0&retrans=0&sent_bytes=83257&recv_bytes=11611&delivery_rate=2682955&cwnd=56400&unsent_bytes=0&cid=e7c283bce7b42e50&ts=914&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 17 Nov 2024 02:35:21 GMT
content-type
image/png
last-modified
Mon, 11 Dec 2023 06:24:51 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e3c53afbb64e7ce-SYD
accept-ranges
bytes
content-length
1118
server
cloudflare
ZombieKillers.jpg
img.gamescdn.top/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.gamescdn.top/ZombieKillers.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99ebbc72a2b6e8b052ce8af2ae1f1aff23aa98a4c9f5c62d0493806d1b52ff90

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://zippyxceltop.top/

Response headers

cache-control
public, max-age=31536000
cf-bgj
imgq:100,h2pri
etag
"635ff15f-3b9f"
age
6689
cf-cache-status
HIT
cf-ray
8e3c53afdf3ca7f5-SYD
expires
Mon, 17 Nov 2025 02:35:20 GMT
accept-ranges
bytes
cf-polished
origSize=15263
content-length
15255
date
Sun, 17 Nov 2024 02:35:20 GMT
content-type
image/jpeg
last-modified
Mon, 31 Oct 2022 16:01:35 GMT
vary
Accept-Encoding
server
cloudflare
Ski-Master-3d.png
img.gamescdn.top/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.gamescdn.top/Ski-Master-3d.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97f14758cc954429040be60e52e4b3509af6a38cf11435c7cf87e8d7765e0389

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://zippyxceltop.top/

Response headers

cf-bgj
imgq:100,h2pri
etag
"635ff15f-89b9"
age
989
cf-cache-status
HIT
expires
Mon, 17 Nov 2025 02:35:20 GMT
cf-polished
origFmt=png, origSize=35257
date
Sun, 17 Nov 2024 02:35:20 GMT
content-type
image/webp
content-disposition
inline; filename="Ski-Master-3d.webp"
vary
Accept
last-modified
Mon, 31 Oct 2022 16:01:35 GMT
cache-control
public, max-age=31536000
cf-ray
8e3c53afdf3fa7f5-SYD
accept-ranges
bytes
content-length
33322
server
cloudflare
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411120102/ 		489 KB
152 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411120102/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
cafe /
Resource Hash
183a79c135d08ca92841172975467ff9b6c24db28967e0e147c1a328f3198d83
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://zippyxceltop.top/

Response headers

content-encoding
br
etag
17605025942849661478
age
35464
x-content-type-options
nosniff
expires
Sun, 16 Nov 2025 16:44:17 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sat, 16 Nov 2024 16:44:17 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
155155
x-xss-protection
0
server
cafe
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-VVK4F8RBRF&gtm=45je4bc0v9172918254za200&_p=1731810920906&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855&cid=405530877.1731810921&ul=en-au&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1731810921&sct=1&seg=0&dl=https%3A%2F%2Fzippyxceltop.top%2F&dt=Mobi%20Games&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1513
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VVK4F8RBRF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80c::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://zippyxceltop.top/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://zippyxceltop.top
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 17 Nov 2024 02:35:21 GMT
content-type
text/plain
server
Golfe2
js
www.googletagmanager.com/gtag/ 		324 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DWX6Q6TDMK&l=dataLayer&cx=c&gtm=45je4bc0v9172918254za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VVK4F8RBRF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:81e::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8540cd53c660a5a6ce7db9aab69095eafc580501e7a59ec8da12b001c750b8fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://zippyxceltop.top/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Sun, 17 Nov 2024 02:35:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 17 Nov 2024 02:35:21 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
110177
x-xss-protection
0
server
Google Tag Manager
td
www.googletagmanager.com/ 		0
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/td?id=G-VVK4F8RBRF&v=3&t=t&pid=2139260815&dl=zippyxceltop.top%2F&tdp=G-VVK4F8RBRF;172918254;0;0;0&frm=0&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:81e::2008 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://zippyxceltop.top/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgtc:59:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgtc:59:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
date
Sun, 17 Nov 2024 02:35:21 GMT
content-type
text/plain
server
Golfe2
22839306403
fundingchoicesmessages.google.com/i/ 		195 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/22839306403?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411120102/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d3213cf464174bf3160532b123f8c962e1091b5552957a8c59edddd43b08feaf
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'nonce-LkjxA1u_f07uhO-o3flkew' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://zippyxceltop.top/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 17 Nov 2024 02:35:21 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjqtDikmJw0pBiOHnrNtNFIJb4-pJJDYid0mewBgBx681zrJOBOOnfedYCIHbXusjqD8SGCpdY7YHYsegSqycQq_ZcYjUG4vvrLrE-B-KZ5y-zLgTiIokrrA1AfLvpCutjIGb4eoWVA4iFeDhernm6k03gw4qXK5iVNJLyC-OT8_NKijKTSkvyi9KS01KLU4vKUovijQyMTAwNDU30DAzjCwwAdPdKNQ"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'nonce-LkjxA1u_f07uhO-o3flkew' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
collect
www.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-DWX6Q6TDMK&gtm=45je4bc0v9117603054za200zb9172918254&_p=1731810920906&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067554~102067808~102077855&cid=405530877.1731810921&ul=en-au&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1731810921&sct=1&seg=0&dl=https%3A%2F%2Fzippyxceltop.top%2F&dt=Mobi%20Games&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1796
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DWX6Q6TDMK&l=dataLayer&cx=c&gtm=45je4bc0v9172918254za200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:80c::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://zippyxceltop.top/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://zippyxceltop.top
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 17 Nov 2024 02:35:21 GMT
content-type
text/plain
server
Golfe2
AGSKWxX_XWcRq3scZBTgEfjCON3d-IoMbOtjkZiRMAGQhxh84BojCmD73p-95qU96nBK8wfTnxRxgxXuwCJZWAloKIRUFXPVqSiMHYgm4NorqKUUa7wJqVf5cGCyuoaWXPQqgsNrPpk2lA==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxX_XWcRq3scZBTgEfjCON3d-IoMbOtjkZiRMAGQhxh84BojCmD73p-95qU96nBK8wfTnxRxgxXuwCJZWAloKIRUFXPVqSiMHYgm4NorqKUUa7wJqVf5cGCyuoaWXPQqgsNrPpk2lA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMxODEwOTIyLDE5OTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly96aXBweXhjZWx0b3AudG9wLyIsbnVsbCxbWzgsImVzeXY0NU02YnQwIl0sWzksImVuLUdCIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.esyv45M6bt0.es5.O/am=DAY/d=1/rs=AJlcJMyyDb4YPYKv8yyP_FTBDVhwFHH3oA/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
34203c4a794d6df6334714cc2e0d7cc17d0e464485c16c69c79fdc388f3c7828
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'nonce-rIOouzz5P6LROZO6tBB4Tw' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://zippyxceltop.top/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 17 Nov 2024 02:35:22 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw0pBikPj6kkkNiJ3SZ7AGAHHrzXOsk4E46d951gIgdte6yOoPxIYKl1jtgdix6BKrJxCr9lxiNQbi--susT4H4iKJK6wNQHy76QrrYyBm-HqFlQOIhXg4Xq15upNNoOPh5B5GJY2k_ML45Py8kqLMpNKS_KK05LTU4tSistSieCMDIxNDQ0MTPQPD-AIDAILIP_s"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'nonce-rIOouzz5P6LROZO6tBB4Tw' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
topics_frame.html
securepubads.g.doubleclick.net/static/topics/ Frame FCB9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/static/topics/topics_frame.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411120102/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zippyxceltop.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

accept-ranges
bytes
age
1735
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000, stale-while-revalidate=3600
content-encoding
br
content-length
29121
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 17 Nov 2024 02:06:27 GMT
expires
Sun, 17 Nov 2024 02:56:27 GMT
last-modified
Mon, 11 Nov 2024 20:42:41 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
ep1.adtrafficquality.google/getconfig/ 		17 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gpt&tv=m202411120102&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411120102/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.198.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s58-in-f2.1e100.net
Software
cafe /
Resource Hash
2a95d668662429e4eedfc2ec0c37e0f86c669afe0a87afd6f0da5d44a44876f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://zippyxceltop.top/

Response headers

timing-allow-origin
*
content-encoding
br
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
12948
date
Sun, 17 Nov 2024 02:35:22 GMT
x-xss-protection
0
content-type
application/json; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
663 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2525521569950413&correlator=2547461614567469&eid=31088950%2C31088968%2C95344207&output=ldjh&gdfp_req=1&vrg=202411120102&ptt=17&impl=fif&gdpr=0&iu_parts=22839306403%2Czippyxceltop.top-B%2Czippyxceltop.top-inter-01&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&ists=1&fas=8&fsapi=1&sc=1&cookie_enabled=1&abxe=1&dt=1731810922216&lmt=1702275891&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fzippyxceltop.top%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&td=1&egid=25651&tdf=2&topics=9&tps=9&htps=10&nt=1&dlt=1731810920492&idt=993&adks=2556601283&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411120102/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
cafe /
Resource Hash
7433274c1e1ceef7993cc679ef6f71ff769a834aa3e6e0562fdb7df90243100c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://zippyxceltop.top/

Response headers

content-encoding
br
google-lineitem-id
-2
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sun, 17 Nov 2024 02:35:22 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-2
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://zippyxceltop.top
content-length
633
x-xss-protection
0
server
cafe
ads
securepubads.g.doubleclick.net/gampad/ 		803 B
366 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2525521569950413&correlator=2547461614567469&eid=31088950%2C31088968%2C95344207&output=ldjh&gdfp_req=1&vrg=202411120102&ptt=17&impl=fif&gdpr=0&iu_parts=22839306403%2Czippyxceltop.top-B%2Czippyxceltop.top-300x250-01&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=2&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1731810922226&lmt=1702275891&adxs=650&adys=923&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=1&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fzippyxceltop.top%2F&vis=1&psz=1600x280&msz=1600x250&fws=0&ohw=0&td=1&egid=25651&tdf=2&topics=9&tps=9&htps=10&nt=1&dlt=1731810920492&idt=993&adks=3285772675&frm=20&eoidce=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411120102/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
cafe /
Resource Hash
1944f65fb833fc44e097bcd6bb9a9cfadd87420cb0c8ad786769f9abdfc58ef5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://zippyxceltop.top/

Response headers

content-encoding
br
google-lineitem-id
-2
x-content-type-options
nosniff
google-mediationtag-id
-2
google-mediationgroup-id
-2
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sun, 17 Nov 2024 02:35:22 GMT
content-type
text/plain; charset=UTF-8
google-creative-id
-2
cache-control
no-cache, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://zippyxceltop.top
content-length
336
x-xss-protection
0
server
cafe
container.html
a13d63d684244d24fff342a6d57656d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0BAE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://a13d63d684244d24fff342a6d57656d5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411120102/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zippyxceltop.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 17 Nov 2024 02:35:22 GMT
expires
Sun, 17 Nov 2024 02:35:22 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411120102/ 		49 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411120102/pubads_impl_page_level_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411120102/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.196.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s36-in-f2.1e100.net
Software
cafe /
Resource Hash
5cbcb80d9bef8096e36bee076da0a2a09bd800000349cee22b9e67d586497b3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://zippyxceltop.top/

Response headers

content-encoding
br
etag
1224917422621244473
age
32872
x-content-type-options
nosniff
expires
Sun, 16 Nov 2025 17:27:30 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Sat, 16 Nov 2024 17:27:30 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
content-length
15818
x-xss-protection
0
server
cafe
AGSKWxX_d3hFd3YXIUg3de4V-iueei3QN28_45jl9nNRuQbSvG1jKaCU6JDTz5JCrJOeN7eeZWPTMkhHHBmE5q3rbQR1qBOlQY8UKVvl7q4RIAiqOeSsS6aKi7FrN5luO2BK7a8YOvjPVg==
fundingchoicesmessages.google.com/f/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxX_d3hFd3YXIUg3de4V-iueei3QN28_45jl9nNRuQbSvG1jKaCU6JDTz5JCrJOeN7eeZWPTMkhHHBmE5q3rbQR1qBOlQY8UKVvl7q4RIAiqOeSsS6aKi7FrN5luO2BK7a8YOvjPVg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMxODEwOTIyLDM3NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuLUdCIl0sImh0dHBzOi8vemlwcHl4Y2VsdG9wLnRvcC8iLG51bGwsW1s4LCJlc3l2NDVNNmJ0MCJdLFs5LCJlbi1HQiJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.esyv45M6bt0.es5.O/am=DAY/d=1/rs=AJlcJMyyDb4YPYKv8yyP_FTBDVhwFHH3oA/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:824::200e , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1b8868527a5b945c96de812b94806356dd200bb66b5f6d74de9f4056448123fc
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'nonce-WRgnCMKhPwdyZdNkv9nouA' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://zippyxceltop.top/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 17 Nov 2024 02:35:22 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmLw15BiOHHrNtMFIJb4-pJJDYid0mewBgBx681zrJOBOOnfedYCIHbXusjqD8SGCpdY7YHYsegSqycQq_ZcYjUG4vvrLrE-B-IiiSusDUB8u-kK62MgZvh6hZUDiIV4OF6tebqTTeDG9fN3GJU0kvIL45Pz80qKMpNKS_KL0pLTUotTi8pSi-KNDIxMDA0NTfQMDOMLDADPgUXg"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'nonce-WRgnCMKhPwdyZdNkv9nouA' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
Sort_Hoop.jpg
img.gamescdn.top/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.gamescdn.top/Sort_Hoop.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ebd3ac7cd392e4c07b04b2acc0d85766f335ebc6d92146f0bac31cffaf77a9b

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://zippyxceltop.top/

Response headers

cache-control
public, max-age=31536000
cf-bgj
imgq:100,h2pri
etag
"632c0705-3214"
age
1180
cf-cache-status
HIT
cf-ray
8e3c53b9388ea7f5-SYD
expires
Mon, 17 Nov 2025 02:35:22 GMT
accept-ranges
bytes
cf-polished
origSize=12820
content-length
12568
date
Sun, 17 Nov 2024 02:35:22 GMT
content-type
image/jpeg
last-modified
Thu, 22 Sep 2022 06:56:05 GMT
vary
Accept-Encoding
server
cloudflare
Sky_Roller_Online.jpg
img.gamescdn.top/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.gamescdn.top/Sky_Roller_Online.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3746433eb686520a41639797fb610adef90ba04c786804dd46c1b8ccbebd2eb2

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://zippyxceltop.top/

Response headers

cache-control
public, max-age=31536000
cf-bgj
imgq:100,h2pri
etag
"64d89230-8412"
age
6380
cf-cache-status
HIT
cf-ray
8e3c53b93890a7f5-SYD
expires
Mon, 17 Nov 2025 02:35:22 GMT
accept-ranges
bytes
cf-polished
origSize=33810
content-length
33802
date
Sun, 17 Nov 2024 02:35:22 GMT
content-type
image/jpeg
last-modified
Sun, 13 Aug 2023 08:20:00 GMT
vary
Accept-Encoding
server
cloudflare
Block_Hexa_Merge_2048.jpg
img.gamescdn.top/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.gamescdn.top/Block_Hexa_Merge_2048.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:d20 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3534050a653b618555308441a548f18ea7d6bce65362b2003985520d34eb92b3

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://zippyxceltop.top/

Response headers

cache-control
public, max-age=31536000
cf-bgj
imgq:100,h2pri
etag
"635ff15f-4a1d"
age
1789
cf-cache-status
HIT
cf-ray
8e3c53b93892a7f5-SYD
expires
Mon, 17 Nov 2025 02:35:22 GMT
accept-ranges
bytes
cf-polished
origSize=18973
content-length
18965
date
Sun, 17 Nov 2024 02:35:22 GMT
content-type
image/jpeg
last-modified
Mon, 31 Oct 2022 16:01:35 GMT
vary
Accept-Encoding
server
cloudflare
sodar2.js
ep2.adtrafficquality.google/sodar/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202411120102/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://zippyxceltop.top/

Response headers

content-encoding
gzip
etag
"1727224258380615"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options
nosniff
expires
Sun, 17 Nov 2024 02:35:23 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 17 Nov 2024 02:35:23 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
private, max-age=3000
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
6445
x-xss-protection
0
server
sffe
runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame 6A83 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4004:826::2001 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zippyxceltop.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

accept-ranges
bytes
age
1347
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3000
content-encoding
gzip
content-length
5005
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 17 Nov 2024 02:12:56 GMT
expires
Sun, 17 Nov 2024 03:02:56 GMT
last-modified
Mon, 23 Sep 2024 18:12:21 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 1EF0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.42.196 Queens, United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s47-in-f4.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-khv-5Dkq1usbThchvAndVw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://zippyxceltop.top/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'nonce-khv-5Dkq1usbThchvAndVw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'self';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 17 Nov 2024 02:35:23 GMT
expires
Sun, 17 Nov 2024 02:35:23 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
ads.pbs
fundingchoicesmessages.google.com/f/AGSKWxU44Lxro6SAFaF-FFYyzHaG0GwG5BYK3wiV9iiH78dfFp9899OkMILGAROp7AiySFc9UuTIN6821VUvLp_6gQ7YI6z0trBdCSVowzm5k89O4GP7O60hKycMu3lG1KitTJIJ3mtOSyoXKxLSivjNUA7OccV4V... 		54 B
107 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxU44Lxro6SAFaF-FFYyzHaG0GwG5BYK3wiV9iiH78dfFp9899OkMILGAROp7AiySFc9UuTIN6821VUvLp_6gQ7YI6z0trBdCSVowzm5k89O4GP7O60hKycMu3lG1KitTJIJ3mtOSyoXKxLSivjNUA7OccV4VJPWQ16d9MYj5BU67NyyVDMDeu2x4GWA/_/textads./lijit-ad-/ads/rotate_/adcall./ads.pbs
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.esyv45M6bt0.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMyl9gJH_M2s-X8Zc6dmzXvUTBL6vw/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.207.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f14.1e100.net
Software
ESF /
Resource Hash
ecbe710641c7813a5776c14879eef4671f78f5f54498b5e00aec08a35c93965c
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-bAyvjZrGQrMwXZ82bX-B2w' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://zippyxceltop.top/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 17 Nov 2024 02:35:23 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjKtDikmLw1ZBiOHnrNtNFIJb4-pJJDYid0mewBgBx681zrJOBOOnfedYCIHbXusjqD8SGCpdY7YHYsegSqycQq_ZcYjUG4vvrLrE-B-IiiSusDUB8u-kK62MgZvh6hZUDiIW4OV6vebqTTeDG7nvZShpJ-YXxyfl5JUWZSaUl-UVpyWmpxalFZalF8UYGRiaGhoYmegaG8QUGAIJjRWE"
content-security-policy
script-src 'nonce-bAyvjZrGQrMwXZ82bX-B2w' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
rum.js
pagead2.googlesyndication.com/pagead/js/ 		71 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.esyv45M6bt0.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMyl9gJH_M2s-X8Zc6dmzXvUTBL6vw/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.198.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt12s58-in-f2.1e100.net
Software
cafe /
Resource Hash
b981b475a7bb24086b9b0873f80d26ed024dcabd5664872ea4adddb5feb4dfe5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://zippyxceltop.top/

Response headers

content-encoding
br
etag
3687360622562395515
age
402
x-content-type-options
nosniff
expires
Sun, 17 Nov 2024 03:28:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date
Sun, 17 Nov 2024 02:28:41 GMT
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=3600
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
26353
x-xss-protection
0
server
cafe
AGSKWxUNx6YvhV2D6oSd3jzQtwlM4nbWnb4LfpOcla2Wo-Arh005Ftg_twW46op0OIPbHYrSe_kv9YLYwYDVDLgcRgotDnAeuF_cwC0SMhb6n3alLoj2Z1Y6fa-WbrBMy2fREo68F-81mQ==
fundingchoicesmessages.google.com/el/ 		0
27 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUNx6YvhV2D6oSd3jzQtwlM4nbWnb4LfpOcla2Wo-Arh005Ftg_twW46op0OIPbHYrSe_kv9YLYwYDVDLgcRgotDnAeuF_cwC0SMhb6n3alLoj2Z1Y6fa-WbrBMy2fREo68F-81mQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.esyv45M6bt0.es5.O/am=DAY/d=1/rs=AJlcJMyyDb4YPYKv8yyP_FTBDVhwFHH3oA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.207.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-T4HI7my2XUDelf8tVupZAg' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type
text/plain
Referer
https://zippyxceltop.top/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 17 Nov 2024 02:35:23 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw05BicEqfwRoAxO5aF1n9gZjh6xVWDiAW4uF4vebpTjaBA09PbGFUcknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiaGhoYmegam8QUGAGgxKYI"
content-security-policy
script-src 'nonce-T4HI7my2XUDelf8tVupZAg' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://zippyxceltop.top
content-length
0
x-xss-protection
0
server
ESF
AGSKWxUNx6YvhV2D6oSd3jzQtwlM4nbWnb4LfpOcla2Wo-Arh005Ftg_twW46op0OIPbHYrSe_kv9YLYwYDVDLgcRgotDnAeuF_cwC0SMhb6n3alLoj2Z1Y6fa-WbrBMy2fREo68F-81mQ==
fundingchoicesmessages.google.com/el/ 		0
27 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUNx6YvhV2D6oSd3jzQtwlM4nbWnb4LfpOcla2Wo-Arh005Ftg_twW46op0OIPbHYrSe_kv9YLYwYDVDLgcRgotDnAeuF_cwC0SMhb6n3alLoj2Z1Y6fa-WbrBMy2fREo68F-81mQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.esyv45M6bt0.es5.O/am=DAY/d=1/rs=AJlcJMyyDb4YPYKv8yyP_FTBDVhwFHH3oA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.207.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'nonce-EkuVuHC_A0B2650M_Bne5Q' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type
text/plain
Referer
https://zippyxceltop.top/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 17 Nov 2024 02:35:23 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw0gDi9BmsAUDsrnWR1R-IGb5eYeUAYiEejtdrnu5kE2hoPr2dUcklKb8wPjk_ryQ1r0Q3MaVYF8QuykwqLckvQmGnloFU5OSnp2fmpccbGRiZGBoamugZmMYXGAAAORAo4g"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'nonce-EkuVuHC_A0B2650M_Bne5Q' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://zippyxceltop.top
content-length
0
x-xss-protection
0
server
ESF
AGSKWxUNx6YvhV2D6oSd3jzQtwlM4nbWnb4LfpOcla2Wo-Arh005Ftg_twW46op0OIPbHYrSe_kv9YLYwYDVDLgcRgotDnAeuF_cwC0SMhb6n3alLoj2Z1Y6fa-WbrBMy2fREo68F-81mQ==
fundingchoicesmessages.google.com/el/ 		0
27 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUNx6YvhV2D6oSd3jzQtwlM4nbWnb4LfpOcla2Wo-Arh005Ftg_twW46op0OIPbHYrSe_kv9YLYwYDVDLgcRgotDnAeuF_cwC0SMhb6n3alLoj2Z1Y6fa-WbrBMy2fREo68F-81mQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.esyv45M6bt0.es5.O/am=DAY/d=1/rs=AJlcJMyyDb4YPYKv8yyP_FTBDVhwFHH3oA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.207.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'nonce-Er-Rbni4i1Ja4unfHVgNUA' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type
text/plain
Referer
https://zippyxceltop.top/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 17 Nov 2024 02:35:23 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw1ZBicEqfwRoAxO5aF1n9gZjh6xVWDiAW4uF4vebpTjaBE_M3rmRScknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiaGhoYmegam8QUGAE_9KSo"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'nonce-Er-Rbni4i1Ja4unfHVgNUA' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://zippyxceltop.top
content-length
0
x-xss-protection
0
server
ESF
AGSKWxUNx6YvhV2D6oSd3jzQtwlM4nbWnb4LfpOcla2Wo-Arh005Ftg_twW46op0OIPbHYrSe_kv9YLYwYDVDLgcRgotDnAeuF_cwC0SMhb6n3alLoj2Z1Y6fa-WbrBMy2fREo68F-81mQ==
fundingchoicesmessages.google.com/el/ 		0
27 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUNx6YvhV2D6oSd3jzQtwlM4nbWnb4LfpOcla2Wo-Arh005Ftg_twW46op0OIPbHYrSe_kv9YLYwYDVDLgcRgotDnAeuF_cwC0SMhb6n3alLoj2Z1Y6fa-WbrBMy2fREo68F-81mQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.esyv45M6bt0.es5.O/am=DAY/d=1/rs=AJlcJMyyDb4YPYKv8yyP_FTBDVhwFHH3oA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.207.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'nonce-Nnsp9BVzHEuvabtvHjc9VQ' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type
text/plain
Referer
https://zippyxceltop.top/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 17 Nov 2024 02:35:23 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII0JBicEqfwRoAxO5aF1n9gZjh6xVWDiAW4uF4vebpTjaBD-s-rGBScknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiaGhoYmegam8QUGAHMKKaI"
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'nonce-Nnsp9BVzHEuvabtvHjc9VQ' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://zippyxceltop.top
content-length
0
x-xss-protection
0
server
ESF
AGSKWxWn2SIKKoCwNoBq31gAdVCqm-mtufGUmO4MK06G6MRpZUCMs45yEUQj0TWzjAcGl4XvsZJ28l86ZfAAhjy2vG22koSadkByCtpWMnqkSx6jXD9XJtJin8IdPVlhO2SNrasPU6AmOw==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWn2SIKKoCwNoBq31gAdVCqm-mtufGUmO4MK06G6MRpZUCMs45yEUQj0TWzjAcGl4XvsZJ28l86ZfAAhjy2vG22koSadkByCtpWMnqkSx6jXD9XJtJin8IdPVlhO2SNrasPU6AmOw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMxODEwOTIzLDU0NzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4tR0IiLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly96aXBweXhjZWx0b3AudG9wLyIsbnVsbCxbWzgsImVzeXY0NU02YnQwIl0sWzksImVuLUdCIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.esyv45M6bt0.es5.O/am=DAY/d=1/rs=AJlcJMyyDb4YPYKv8yyP_FTBDVhwFHH3oA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.207.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f14.1e100.net
Software
ESF /
Resource Hash
8250a0e861abedd254cb95d2997f025063b240734c5a73b7ef7d67230625d739
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-6Q7XFntROqsyhcUCPRKtBA' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://zippyxceltop.top/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 17 Nov 2024 02:35:23 GMT
content-type
application/javascript; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmII1pBikPj6kkkNiJ3SZ7AGAHHrzXOsk4E46d951gIgdte6yOoPxIYKl1jtgdix6BKrJxCr9lxiNQbi--susT4H4iKJK6wNQHy76QrrYyBm-HqFlQOIhXg4Xq95upNNYMObjvVMShpJ-YXxyfl5JUWZSaUl-UVpyWmpxalFZalF8UYGRiaGhoYmegaG8QUGAJYLQFE"
content-security-policy
script-src 'nonce-6Q7XFntROqsyhcUCPRKtBA' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin
*
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
csi
csi.gstatic.com/ 		0
532 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~m3kzicrd&ctx=0&met.9=1.zc~2.184
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Referer
https://zippyxceltop.top/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgcc:41:0"}],}
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgcc:41:0
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 17 Nov 2024 02:35:23 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
content-type
image/gif
server
Golfe2
AGSKWxXwY3RGgLUDoaarryu3Toi8OUq9kxYXIF7921x_EYQMrEQY18gwBBBe_ptcqMYweah9V0SQqu8BeKd5UZFNVwEzhqRSsBxzBOs6nEwk-lZeUMxygWTKqGSMJr6UMkiTYQLIx8HTkg==
fundingchoicesmessages.google.com/el/ 		0
27 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxXwY3RGgLUDoaarryu3Toi8OUq9kxYXIF7921x_EYQMrEQY18gwBBBe_ptcqMYweah9V0SQqu8BeKd5UZFNVwEzhqRSsBxzBOs6nEwk-lZeUMxygWTKqGSMJr6UMkiTYQLIx8HTkg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.esyv45M6bt0.es5.O/am=DAY/d=1/rs=AJlcJMyyDb4YPYKv8yyP_FTBDVhwFHH3oA/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.207.46 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
nrt13s55-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'nonce-MP7qQEwJAbEH-bwscoRp6w' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type
text/plain
Referer
https://zippyxceltop.top/

Response headers

access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sun, 17 Nov 2024 02:35:23 GMT
content-type
text/html; charset=utf-8
x-frame-options
SAMEORIGIN
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw05BicEqfwRoAxO5aF1n9gZjh6xVWDiAW4uF4vebpTjaBCfu__WZScknKL4xPzs8rSc0r0U1MKdYFsYsyk0pL8otQ2KllIBU5-enpmXnp8UYGRiaGhoYmegam8QUGAHCCKaI"
content-security-policy
script-src 'nonce-MP7qQEwJAbEH-bwscoRp6w' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin
https://zippyxceltop.top
content-length
0
x-xss-protection
0
server
ESF
sodar
ep1.adtrafficquality.google/pagead/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ep1.adtrafficquality.google
URL
https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gpt_m202411120102&jk=2525521569950413&bg=!HxylHFPNAAY7_TBtG_07ADQBe5WfOBoVUbjmNJAX5As_zKXJb8TZUyzj3pRB9L_1AbS6etQ8Np5PjpUhOFNx-8oH5K6dAgAAADxSAAAAAmgBB34ANeBvXUlqcm8n1QAOsB3zi4USUpk9S9wlSITJYQoSgizIztIgiUb3AikNNCku8tuoXES68X9yCgBOKhRsuZ_88N1UTIGknLbVboGI_VhYKJd76y9PLqB4wRZrgEWWD2-JB7rZBZvhqaavOjZciPA5xiRR19Zxrmf0wOhkuafF-Zh-Dj0WE7vEmQKf-v3MMShvhVpF2I4RLwwiFvIjcEJqKiEu_et8uPuZcgulKD_8sIPnKGznkrWsu7t_tHqbwq0KgnEx5a47vRHpURy_qngEe3eSGjlGKSbgvC6NHDsSUdMPIhjiGjdxTj311vTG_GuCoiOTQpGc0EJUDkSIND9SJ74mED8qY6iXqW6U7IXfAl-goUspddZ-NMtyQ9ajGROhuy-4s3uRKFGauK7v84JxvMKxKCwyThCcECPdjmMAsViJ5RqjX39zMLjfmFm8NYbuu3JIeeFlnVkcbu7lml2Sc5RXTeI_gwP3Pob9DEb1y3BEW-e_kw7KiJT2p61pZHq6biR1HkeXiV6GW4ZKLfZ6K6gvHtEw3aCejA5H2-z4Rl4v6eWwLcEFYGQeoUCLF4a41ZrjZKC4nRuzzU_AQ8X78o4p2VMwGh2mQvAlwx-dgh32EHzJu12_8e7TlbWK5VCblcoSYUvfp_78SHkYeLOEvFjessAFG_HkJVgq76afNDUNjP95ov4m7koAMDGALFEH3Ex41RdDBKGmiL5FX-69_bbotVxCCKUR9N6PTPm9zGfCiS6RYoZ_gCrMEaJiEVfSNNdkEr0rqincVLAmMeLorz7j5qz5AqNZiLRGTbAjPMYQ8ACAXUDPTm_YxKnjkiu92KhV0J9AVW-Zds8o5Rq75u2CEVrrQmlnCD0P09d-Rx7WM7osoAEnnqtZfHnST1PrG4fAXGM2X3EG_swiIQNa-i_PWnXGXRs0kEylzSbiFNla4-lL534Y7A8ebi15CAVoz5xtfgxphjr5L_J27qzOGqDUK81exTWI9qjD0cv6E9yixj0BjF-pjHVeQzD80wMFDE87WpGUVkRHgVMV8sJjGZiH98EuGjpzcz9nx71iNpLioxKF7DCMXsQ

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| __cfQR function| Zepto function| $ function| lazyload function| LazyLoad number| currClientWidth string| fontValue number| originWidth function| __resize function| copyContentH5 function| showToast function| initPageList object| gameJson function| gtag object| dataLayer object| googletag function| initMenu function| getRandomArrayElements function| createGame object| _taboola boolean| __cfRLUnblockHandlers object| ggeac object| google_tag_data object| google_js_reporting_queue object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal object| google_reactive_ads_global_state object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| YmM4N2FlZDIyNjVhZTUzNWxvYWRlcl9qcw== string| YmM4N2FlZDIyNjVhZTUzNWNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| google_tag_topics_state number| google_unique_id object| GoogleGcLKhOms boolean| 2c17947d-5615-4d80-b67d-039bb5d86473 number| google_srt object| _google_rum_ns_ object| google_image_requests

8 Cookies

Domain/Path Name / Value
.zippyxceltop.top/ Name: _ga_VVK4F8RBRF
Value: GS1.1.1731810921.1.0.1731810921.0.0.0
.zippyxceltop.top/ Name: _ga
Value: GA1.1.405530877.1731810921
.zippyxceltop.top/ Name: _ga_DWX6Q6TDMK
Value: GS1.1.1731810921.1.0.1731810921.0.0.0
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.zippyxceltop.top/ Name: __gads
Value: ID=564f4dc7cf91f099:T=1731810922:RT=1731810922:S=ALNI_MZHugitqs2gUirq5JEfDiHbBv4Dng
.zippyxceltop.top/ Name: __gpi
Value: UID=00000f96ff00fd4e:T=1731810922:RT=1731810922:S=ALNI_MaNROOo280v-D8oDAup15f3FzCWdw
.zippyxceltop.top/ Name: __eoi
Value: ID=1a12d4bdf3bb3056:T=1731810922:RT=1731810922:S=AA-AfjbufvWjoZe-dUksXP3yVeTU
.zippyxceltop.top/ Name: FCNEC
Value: %5B%5B%22AKsRol_1awqqSj4GWZNboNQEnQt58RlMAixDsvp0j90XsyHPFIKNrebQDh62J7mDlPqm-uA4l7l5nsQ5WaQCdQxm_h8oVVttaOlfykphQ5fSu52BAAjzy3DEGOwleHrhMghGLWtSK-bcPVSsriYKY7k6B8Ncvp0Lvw%3D%3D%22%5D%5D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a13d63d684244d24fff342a6d57656d5.safeframe.googlesyndication.com
csi.gstatic.com
ep1.adtrafficquality.google
ep2.adtrafficquality.google
fundingchoicesmessages.google.com
img.gamescdn.top
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
zippyxceltop.top
ep1.adtrafficquality.google
142.250.196.130
142.250.198.2
142.250.207.46
142.251.42.196
172.67.189.43
2001:4860:4802:32::3
2404:6800:4004:80c::200e
2404:6800:4004:81e::2008
2404:6800:4004:824::200e
2404:6800:4004:826::2001
2606:4700::6812:d20
129d4f5cbd98ba36addf4ed454dba2ac612cc4062fef69bb12bf7e1fb458c60f
16157f3bf25aa290cac7db83bd00cc7459ce65b752d11cf2eef606a4ecc6374d
183a79c135d08ca92841172975467ff9b6c24db28967e0e147c1a328f3198d83
1944f65fb833fc44e097bcd6bb9a9cfadd87420cb0c8ad786769f9abdfc58ef5
1accf5febea6b260f06fb64f28cc831dea6e1029132186f8c052ee7909725730
1b8868527a5b945c96de812b94806356dd200bb66b5f6d74de9f4056448123fc
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2a95d668662429e4eedfc2ec0c37e0f86c669afe0a87afd6f0da5d44a44876f5
2d1931aead09ff11bd3e28b1414640d443575ba2039941849b3f15c263dbcd47
34203c4a794d6df6334714cc2e0d7cc17d0e464485c16c69c79fdc388f3c7828
3534050a653b618555308441a548f18ea7d6bce65362b2003985520d34eb92b3
3746433eb686520a41639797fb610adef90ba04c786804dd46c1b8ccbebd2eb2
4df52022523f497c82b71f54368ff3b0cd14a94520016be6118e36aebaad0da0
5ad129501749dead7a9097a84107daeb166471c193353a77da3608ca76ff4bf8
5b3baa10ac55f4eece0c7e666eaddd51872b8ce9273671626bcccec8f86ead78
5cbcb80d9bef8096e36bee076da0a2a09bd800000349cee22b9e67d586497b3c
7433274c1e1ceef7993cc679ef6f71ff769a834aa3e6e0562fdb7df90243100c
75c26a19280cc90be079f6d19ab01a02733a6b775da8f57b1dce515f6b3c046f
7ebd3ac7cd392e4c07b04b2acc0d85766f335ebc6d92146f0bac31cffaf77a9b
8250a0e861abedd254cb95d2997f025063b240734c5a73b7ef7d67230625d739
8540cd53c660a5a6ce7db9aab69095eafc580501e7a59ec8da12b001c750b8fb
88b0f5c54f22701cf37ae9826bbde359ba8b11a87c603532c16e3a392442a4ea
917dee6a71420bc31ce12d352053b84f0a5cf18e465cdc0dbf62925ebb057782
9187447c077a100fd58dfa43850cb5575a540d69e1ab5b447ccde673b94bc542
97f14758cc954429040be60e52e4b3509af6a38cf11435c7cf87e8d7765e0389
99ebbc72a2b6e8b052ce8af2ae1f1aff23aa98a4c9f5c62d0493806d1b52ff90
9c06c250df5f991860dce095638f6c845f4291a7ee401837f999abd3647fd84b
b981b475a7bb24086b9b0873f80d26ed024dcabd5664872ea4adddb5feb4dfe5
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d3213cf464174bf3160532b123f8c962e1091b5552957a8c59edddd43b08feaf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecbe710641c7813a5776c14879eef4671f78f5f54498b5e00aec08a35c93965c
faf19360296223640864dfa5d5e2ec4cc006badadfeba91e0868a0787aaeab29
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99