5alij.com Open in urlscan Pro
104.21.86.241  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 67

• https://bcp.crwdcntrl.net/5/c=3825/tp=DTSC/tpid=51A016736465356BF0D9DFE0B7D4DEB0 HTTP 302
• https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=51A016736465356BF0D9DFE0B7D4DEB0

Request Chain 68

• https://pixel.onaudience.com/?partner=137085098&mapped=51A016736465356BF0D9DFE0B7D4DEB0 HTTP 302
• https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0

Request Chain 79

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM1fqAHeIwgV5QOoF2KErtQ&google_cver=1 HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM1fqAHeIwgV5QOoF2KErtQ&google_cver=1&C=1

Request Chain 80

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y8HRydiKlccIU3ZPMRi2NgAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJxL0rjzj1KmCbAmh3c7nM4&google_cver=1

Request Chain 81

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEE_b-wUiIFGmZ3DxvsPlysY&google_cver=1

Request Chain 82

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njc5NDk1MDIxNTE5NzU4NjQ0MA%3D%3D

Request Chain 89

• https://gcdn.2mdn.net/videoplayback/id/91ff7a5446b11321/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1705182536/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/549552D86EC923C0449342BC2597A7816C669EEE.0D96C7B7C91A01654C92B2DB1BD912585E45419A/key/ck2/file/file.mp4 HTTP 302
• https://r5---sn-ntqe6n7r.c.2mdn.net/videoplayback/id/91ff7a5446b11321/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1705182536/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7273420E607726DC9525CA0FC5DFB579C8C44C6A.66B7577EAF071CF6E7A15243FC547FEEAB5241C2/key/cms1/cms_redirect/yes/mh/BL/mip/116.90.74.209/mm/42/mn/sn-ntqe6n7r/ms/onc/mt/1673646043/mv/m/mvi/5/pl/24/file/file.mp4

Request Chain 98

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 99

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

111 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request townformat2 Show response 5alij.com/user/	9 KB 3 KB	2654ms 2353ms	Document text/html	104.21.86.241 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://5alij.com/user/townformat2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.86.241 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 57e87e7ae734361b4008b61b57b1dcf40b9c1a44e2d842a07120ff66516300c7 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language en-NZ,en;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control no-store, no-cache, must-revalidate cf-cache-status DYNAMIC cf-ray 789156909ca1aaf9-SYD content-encoding br content-type text/html; charset=utf-8 date Fri, 13 Jan 2023 21:48:50 GMT expires Thu, 19 Nov 1981 08:52:00 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} pragma no-cache report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1xRh%2BOUr4O319FNPLeOE6VdkDKojJm1BWHVQuxWzydrxnA64upfhtaHYcsMPbecXIS8FjqZtSuqcWgzrpX1z3Zro0fEbFaPHzczpjvRxDs6Gz8o2rxXafJJt5tM%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	qa-styles.css 5alij.com/qa-theme/SnowFlatCustom/	71 KB 13 KB	1249ms 1248ms	Stylesheet text/css	104.21.86.241 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://5alij.com/qa-theme/SnowFlatCustom/qa-styles.css?1.8.3 Requested by Host: 5alij.com URL: https://5alij.com/user/townformat2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.86.241 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f5802a6a61b055db582426e1a8d9f9d0a9808480baaffb710e57a8f1fa941830 Request headers accept-language en-NZ,en;q=0.9 Referer https://5alij.com/user/townformat2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Jan 2023 21:48:51 GMT content-encoding br cf-cache-status MISS last-modified Sat, 12 Jan 2019 22:22:42 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"11af1-57f4a40061080-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2FusJiKju18d4s9FpMjMvth70bRR8W4ASnTDQz%2F6hTgbDqAS5ZHbTEgga3KQIJPd36TAU6Hwtzp55WSkBBh9PXY4hREL0rdBzQ6jblWlI2T4zp7hd6RneUThlOI%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7891569f59d4aaf9-SYD alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	qa-styles-rtl.css 5alij.com/qa-theme/SnowFlatCustom/	11 KB 3 KB	1232ms 1230ms	Stylesheet text/css	104.21.86.241 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://5alij.com/qa-theme/SnowFlatCustom/qa-styles-rtl.css?1.8.3 Requested by Host: 5alij.com URL: https://5alij.com/user/townformat2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.86.241 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 806e57f8c7da1780198e2945ab05cab7a252d020bd5049fdc281fa2c62423349 Request headers accept-language en-NZ,en;q=0.9 Referer https://5alij.com/user/townformat2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Jan 2023 21:48:51 GMT content-encoding br cf-cache-status MISS last-modified Wed, 28 Jul 2021 10:23:19 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"2d9a-5c82c600af3c0-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B2ma%2FhCf%2BvyaZErjQ4e8vl%2BFyCnq0j3ZYXrgAmZO51g3n08uJ%2BeoIKzgcq4Sc9hgII%2BeYMcMbEPv6piecq7L6cnDm2vdofgCYOK%2BnPFpyp1RpW5wkvDUAVISU7M%3D"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=14400 cf-ray 7891569f59d5aaf9-SYD alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	css fonts.googleapis.com/	1 KB 955 B	827ms 277ms	Stylesheet text/css	74.125.24.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Cairo&display=swap Requested by Host: 5alij.com URL: https://5alij.com/user/townformat2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.24.95 , United States, ASN15169 (GOOGLE, US), Reverse DNS sf-in-f95.1e100.net Software ESF / Resource Hash 1612e7c684acc35f3e2676ff3795cc610941fbae855be4c0e07461a6b55933e0 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://5alij.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 13 Jan 2023 21:48:51 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 13 Jan 2023 21:48:51 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 13 Jan 2023 21:48:51 GMT
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	144 KB 49 KB	834ms 287ms	Script text/javascript	74.125.68.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: 5alij.com URL: https://5alij.com/user/townformat2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.68.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS sc-in-f156.1e100.net Software cafe / Resource Hash 889b039ee51a5e8bb6cfef40ba609409ba3e6d49a657ed15fe2e519c3f121581 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://5alij.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Jan 2023 21:48:52 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 49587 x-xss-protection 0 server cafe etag 17562499866044279670 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600 timing-allow-origin * expires Fri, 13 Jan 2023 21:48:52 GMT
GET H2	200	jquery-3.3.1.min.js Show response 5alij.com/qa-content/	111 KB 33 KB	1563ms 1562ms	Script application/javascript	104.21.86.241 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://5alij.com/qa-content/jquery-3.3.1.min.js Requested by Host: 5alij.com URL: https://5alij.com/user/townformat2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.86.241 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6002e23815ec42acedba12390950c5e1bb68a864af09bc445d29ebafd955acea Request headers accept-language en-NZ,en;q=0.9 Referer https://5alij.com/user/townformat2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Jan 2023 21:48:51 GMT content-encoding br cf-cache-status MISS last-modified Mon, 11 May 2020 13:00:41 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"1bb29-5a55eef215040-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qgjc%2BhbykU6G%2BHb1%2FcIU0wPpoPeqWlyU7AHJrsQOudYo8L0R%2Fl7woJsVT63q%2BjQAxGeJK%2Bt%2FhZ3H%2BGmXC1KuwZlKRaZOisx%2BSQKaMHlp9dcjenddW9cXtFDiDVc%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 7891569f59d6aaf9-SYD alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	qa-global.js Show response 5alij.com/qa-content/	20 KB 5 KB	1236ms 1235ms	Script application/javascript	104.21.86.241 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://5alij.com/qa-content/qa-global.js?1.8.3 Requested by Host: 5alij.com URL: https://5alij.com/user/townformat2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.86.241 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b79950172d0e6c3091a44a69d615ee5711f57bb59e202b2a383d48e4ca2a4ce3 Request headers accept-language en-NZ,en;q=0.9 Referer https://5alij.com/user/townformat2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Jan 2023 21:48:51 GMT content-encoding br cf-cache-status MISS last-modified Sat, 12 Jan 2019 22:22:42 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"5046-57f4a40061080-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VI6x4eroJFKzNQPn4BEWHehDJpW%2B%2FOf4%2FYX4ODai%2BLV80mqw%2F63IVCTX%2Bf%2BCU1XfwdMG9MtxmTT4btapj7J%2BzU5Z8Na2pZCt%2FgFQPv5Udkfm%2FkynA%2Fw5GJ27li4%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 7891569f59d7aaf9-SYD alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	snow-core.js Show response 5alij.com/qa-theme/SnowFlatCustom/js/	2 KB 1 KB	1234ms 1233ms	Script application/javascript	104.21.86.241 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://5alij.com/qa-theme/SnowFlatCustom/js/snow-core.js?1.8.3 Requested by Host: 5alij.com URL: https://5alij.com/user/townformat2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.21.86.241 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5eecfa645aee35cb0c6820e187451ab14a9df51283635a2117d7ba866a6a74aa Request headers accept-language en-NZ,en;q=0.9 Referer https://5alij.com/user/townformat2 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Jan 2023 21:48:51 GMT content-encoding br cf-cache-status MISS last-modified Sat, 12 Jan 2019 22:22:42 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"94f-57f4a40061080-gzip" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FqxaF5ChVE3fASvzDlqm5FpZPnlLdMmzfONDm938FsV6%2FcqagczvS2IlLU9bC8CHGv3yYxM3tBqS9ejOpn6uEGSbvX5AifOUzysV8Uubmpg9xAzlcYlX7YCpLaw%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=14400 cf-ray 7891569f59d8aaf9-SYD alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	js15_as.js Show response s10.histats.com/	11 KB 4 KB	1187ms 393ms	Script text/javascript	46.105.201.240 OVH
General Check archive.org Show headers Download Go to Full URL https://s10.histats.com/js15_as.js Requested by Host: 5alij.com URL: https://5alij.com/user/townformat2 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.105.201.240 , France, ASN16276 (OVH, FR), Reverse DNS Software / Resource Hash 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede Request headers accept-language en-NZ,en;q=0.9 Referer https://5alij.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Jan 2023 21:43:18 GMT content-encoding br last-modified Thu, 16 Apr 2020 10:44:16 GMT x-cacheable Matched cache x-cdn-pop-ip 51.254.41.128/25 etag "-375139978" content-type text/javascript x-cdn-pop rbx1 accept-ranges bytes content-length 4364 x-request-id 783253881
GET H3	200	spinner-icon-14x14.gif 5alij.com/qa-theme/SnowFlatCustom/images/	8 KB 8 KB	422ms 421ms	Image image/gif	104.21.86.241 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://5alij.com/qa-theme/SnowFlatCustom/images/spinner-icon-14x14.gif?1410117644 Requested by Host: 5alij.com URL: https://5alij.com/qa-theme/SnowFlatCustom/qa-styles.css?1.8.3 Protocol H3 Security QUIC, , AES_128_GCM Server 104.21.86.241 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 07a75636966b34dd8bbafee0ebced659b03bab0e57641e1fa035ca7da0bd39ce Request headers accept-language en-NZ,en;q=0.9 Referer https://5alij.com/qa-theme/SnowFlatCustom/qa-styles.css?1.8.3 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Jan 2023 21:48:52 GMT cf-cache-status MISS last-modified Sat, 12 Jan 2019 22:15:16 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "1e65-57f4a2570a500" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0z4L%2BQLqDop7j928hEspQOXGCTG6NTvwjhj%2Fu2faN2lGuKFNxDFwU32%2FPvl4Sa3JZki2wGABfVVpb39OTV4nHm%2BCqYjR7NiF2MGYv8tFZLmEoK31WLZdGhyrnlA%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control max-age=14400 accept-ranges bytes cf-ray 789156a978eaaac3-SYD alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 7781
GET H2	200	SLXgc1nY6HkvangtZmpQdkhzfH5lkSs2SgRjCAGMQ1z0hOA-a1biLD-H.woff2 fonts.gstatic.com/s/cairo/v22/	11 KB 12 KB	824ms 273ms	Font font/woff2	74.125.24.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/cairo/v22/SLXgc1nY6HkvangtZmpQdkhzfH5lkSs2SgRjCAGMQ1z0hOA-a1biLD-H.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Cairo&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.24.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS sf-in-f94.1e100.net Software sffe / Resource Hash 157025606cebc118ce7bb7a62122058604fb39cbae9ae6bf2e7ad57bf4eb8087 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://5alij.com accept-language en-NZ,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 10 Jan 2023 16:06:16 GMT x-content-type-options nosniff age 279756 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 11760 x-xss-protection 0 last-modified Tue, 08 Nov 2022 19:55:08 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 10 Jan 2024 16:06:16 GMT
GET H2	200	SLXgc1nY6HkvangtZmpQdkhzfH5lkSs2SgRjCAGMQ1z0hOA-a1PiLA.woff2 fonts.gstatic.com/s/cairo/v22/	14 KB 14 KB	865ms 314ms	Font font/woff2	74.125.24.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/cairo/v22/SLXgc1nY6HkvangtZmpQdkhzfH5lkSs2SgRjCAGMQ1z0hOA-a1PiLA.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Cairo&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.24.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS sf-in-f94.1e100.net Software sffe / Resource Hash 91fa743b90662d1247ff2a9e452e5cfa525e0d4a4caa1a29ed9820a74bb0f80c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://5alij.com accept-language en-NZ,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 11 Jan 2023 15:19:20 GMT x-content-type-options nosniff age 196172 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14316 x-xss-protection 0 last-modified Tue, 08 Nov 2022 19:56:04 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 11 Jan 2024 15:19:20 GMT
GET H2	200	show_ads_impl_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/	356 KB 117 KB	305ms 305ms	Script text/javascript	74.125.68.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.68.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS sc-in-f156.1e100.net Software cafe / Resource Hash 20188fd6bd06d3137b26ec7ec20e199dda88a8cada8bf4e60ebeeaf944d0e629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://5alij.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Jan 2023 21:48:53 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 119969 x-xss-protection 0 server cafe etag 4825559607299148555 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Fri, 13 Jan 2023 21:48:53 GMT
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20230111/r20190131/ Frame 608E	10 KB 5 KB	821ms 273ms	Document text/html	74.125.24.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20230111/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.24.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sf-in-f155.1e100.net Software cafe / Resource Hash 9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://5alij.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language en-NZ,en;q=0.9 Response headers age 82268 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=1209600 content-encoding br content-length 4242 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Thu, 12 Jan 2023 22:57:45 GMT etag 10353107486223812946 expires Thu, 26 Jan 2023 22:57:45 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H/1.1	200 OK	0.php Show response s4.histats.com/stats/	381 B 516 B	1029ms 342ms	Script text/html	149.56.240.27 OVH
General Check archive.org Show headers Download Go to Full URL https://s4.histats.com/stats/0.php?4375334&@f16&@g1&@h1&@i1&@j1673646533194&@k0&@l1&@m%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D8%AE%D9%84%D9%8A%D8%AC&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-131637156&@b3:1673646533&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2F5alij.com%2Fuser%2Ftownformat2&@w Requested by Host: s10.histats.com URL: https://s10.histats.com/js15_as.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 149.56.240.27 Montreal, Canada, ASN16276 (OVH, FR), Reverse DNS ns534106.ip-149-56-240.net Software / Resource Hash 666ddee6278d5e99a2082043bd24e3747448facf0ea5c87770ed821c0c49d9e2 Request headers accept-language en-NZ,en;q=0.9 Referer https://5alij.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 13 Jan 2023 21:48:54 GMT Connection close Content-Length 381 Content-Type text/html;charset=UTF-8
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/	385 B 695 B	830ms 274ms	Script text/javascript	172.217.194.154 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=5alij.com&callback=_gfp_s_&client=ca-pub-8343227950611411&gpid_exp=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.194.154 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f154.1e100.net Software cafe / Resource Hash f7fa897f461d9bb981500e47af6e3a32bcbbf7fe3775a19556038ece3a700c12 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://5alij.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Jan 2023 21:48:54 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 251 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.co.nz/adsid/	107 B 792 B	825ms 275ms	Script application/javascript	172.253.118.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.co.nz/adsid/integrator.js?domain=5alij.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.118.157 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f157.1e100.net Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://5alij.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Jan 2023 21:48:54 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 549 B	825ms 275ms	Script application/javascript	172.253.118.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=5alij.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.118.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f155.1e100.net Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://5alij.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Jan 2023 21:48:54 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame D5BE	348 KB 83 KB	759ms 759ms	Document text/html	74.125.24.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&adk=1812271804&adf=3025194257&lmt=1673646533&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=500x540_l%7C500x540_r&format=0x0&url=https%3A%2F%2F5alij.com%2Fuser%2Ftownformat2&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673646532886&bpp=6&bdt=2510&idt=725&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5216217645460&frm=20&pv=2&ga_vid=712609666.1673646534&ga_sid=1673646534&ga_hid=1318813775&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842&oid=2&pvsid=3603966157680979&tmod=1556269321&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=744 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.24.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sf-in-f155.1e100.net Software cafe / Resource Hash 1aea88a6ea7cecd17ad28c7a45fbca881769ede0abcb2aa3a0dbf465701ed72d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://5alij.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language en-NZ,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-encoding br content-length 84920 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 13 Jan 2023 21:48:54 GMT expires Fri, 13 Jan 2023 21:48:54 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 9B6D	66 KB 22 KB	639ms 638ms	Document text/html	74.125.24.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=280&slotname=6360763485&adk=3572022879&adf=943920009&pi=t.ma~as.6360763485&w=1004&fwrn=4&fwrnh=100&lmt=1673646533&rafmt=1&format=1004x280&url=https%3A%2F%2F5alij.com%2Fuser%2Ftownformat2&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673646532892&bpp=2&bdt=2517&idt=746&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5216217645460&frm=20&pv=1&ga_vid=712609666.1673646534&ga_sid=1673646534&ga_hid=1318813775&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842&oid=2&pvsid=3603966157680979&tmod=1556269321&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=r66e3oM595&p=https%3A//5alij.com&dtd=751 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.24.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sf-in-f155.1e100.net Software cafe / Resource Hash 03d4538ad8d103ceb67f25d578e5b1957393a6e61808cf491da82392d10917a3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://5alij.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language en-NZ,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-encoding br content-length 21932 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 13 Jan 2023 21:48:54 GMT expires Fri, 13 Jan 2023 21:48:54 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	/ Show response e.dtscout.com/e/	7 KB 4 KB	994ms 752ms	Script application/javascript	141.101.120.10 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F5alij.com%2Fuser%2Ftownformat2&j= Requested by Host: s4.histats.com URL: https://s4.histats.com/stats/0.php?4375334&@f16&@g1&@h1&@i1&@j1673646533194&@k0&@l1&@m%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D8%AE%D9%84%D9%8A%D8%AC&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-131637156&@b3:1673646533&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2F5alij.com%2Fuser%2Ftownformat2&@w Protocol H2 Security TLS 1.3, , AES_128_GCM Server 141.101.120.10 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5c6e11ff39cd636082e32d93276a79a8fae21950031a984695196879e4e0e563 Request headers accept-language en-NZ,en;q=0.9 Referer https://5alij.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Jan 2023 21:48:55 GMT x-t 0.458 content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ztxDdoCTyo%2BUlE%2Blt4m8V6y%2B1CP0OxRs5rY%2BRpzGcYmNgw0N7FxNN3sQ9YQbYAnMIjkH9UGvW1Jyu8KyVJpKKNKqwm6Eo0J7JTug82sw%2BVM9ONFSMw0%2FlXXSgLRcubo%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control no-cache x-s ger1 cf-ray 789156b8dc0f1c53-AKL expires Fri, 13 Jan 2023 21:48:54 GMT
GET H2	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230111/r20110914/ Frame 9B6D	22 KB 9 KB	825ms 273ms	Script text/javascript	172.253.118.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=280&slotname=6360763485&adk=3572022879&adf=943920009&pi=t.ma~as.6360763485&w=1004&fwrn=4&fwrnh=100&lmt=1673646533&rafmt=1&format=1004x280&url=https%3A%2F%2F5alij.com%2Fuser%2Ftownformat2&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673646532892&bpp=2&bdt=2517&idt=746&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5216217645460&frm=20&pv=1&ga_vid=712609666.1673646534&ga_sid=1673646534&ga_hid=1318813775&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842&oid=2&pvsid=3603966157680979&tmod=1556269321&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=r66e3oM595&p=https%3A//5alij.com&dtd=751 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.118.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f132.1e100.net Software cafe / Resource Hash c5418bee2b5eb509379e5146161267420c90f21ef5824f64ca9f7396a8f51dba Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Jan 2023 19:42:43 GMT content-encoding br x-content-type-options nosniff age 7571 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8889 x-xss-protection 0 server cafe etag 3049769697470197148 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 27 Jan 2023 19:42:43 GMT
GET H2	200	css fonts.googleapis.com/ Frame 9B6D	8 KB 812 B	279ms 277ms	Stylesheet text/css	74.125.24.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:700,500,400,300 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=280&slotname=6360763485&adk=3572022879&adf=943920009&pi=t.ma~as.6360763485&w=1004&fwrn=4&fwrnh=100&lmt=1673646533&rafmt=1&format=1004x280&url=https%3A%2F%2F5alij.com%2Fuser%2Ftownformat2&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673646532892&bpp=2&bdt=2517&idt=746&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5216217645460&frm=20&pv=1&ga_vid=712609666.1673646534&ga_sid=1673646534&ga_hid=1318813775&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842&oid=2&pvsid=3603966157680979&tmod=1556269321&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=r66e3oM595&p=https%3A//5alij.com&dtd=751 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.24.95 , United States, ASN15169 (GOOGLE, US), Reverse DNS sf-in-f95.1e100.net Software ESF / Resource Hash 684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 13 Jan 2023 21:48:54 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 13 Jan 2023 20:22:59 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 13 Jan 2023 21:48:54 GMT
GET H2	200	outstream.min.css imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230111_RC00/ Frame 9B6D	14 KB 3 KB	823ms 272ms	Stylesheet text/css	172.217.194.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230111_RC00/outstream.min.css Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=280&slotname=6360763485&adk=3572022879&adf=943920009&pi=t.ma~as.6360763485&w=1004&fwrn=4&fwrnh=100&lmt=1673646533&rafmt=1&format=1004x280&url=https%3A%2F%2F5alij.com%2Fuser%2Ftownformat2&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673646532892&bpp=2&bdt=2517&idt=746&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5216217645460&frm=20&pv=1&ga_vid=712609666.1673646534&ga_sid=1673646534&ga_hid=1318813775&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842&oid=2&pvsid=3603966157680979&tmod=1556269321&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=r66e3oM595&p=https%3A//5alij.com&dtd=751 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.194.95 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f95.1e100.net Software sffe / Resource Hash 48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Jan 2023 01:14:15 GMT content-encoding gzip x-content-type-options nosniff age 74079 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2798 x-xss-protection 0 last-modified Wed, 11 Jan 2023 11:45:15 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" vary Accept-Encoding report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 13 Jan 2024 01:14:15 GMT
GET H2	200	outstream.min.js Show response imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230111_RC00/ Frame 9B6D	391 KB 132 KB	824ms 274ms	Script text/javascript	172.217.194.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230111_RC00/outstream.min.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=280&slotname=6360763485&adk=3572022879&adf=943920009&pi=t.ma~as.6360763485&w=1004&fwrn=4&fwrnh=100&lmt=1673646533&rafmt=1&format=1004x280&url=https%3A%2F%2F5alij.com%2Fuser%2Ftownformat2&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673646532892&bpp=2&bdt=2517&idt=746&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5216217645460&frm=20&pv=1&ga_vid=712609666.1673646534&ga_sid=1673646534&ga_hid=1318813775&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842&oid=2&pvsid=3603966157680979&tmod=1556269321&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=r66e3oM595&p=https%3A//5alij.com&dtd=751 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.194.95 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f95.1e100.net Software sffe / Resource Hash 5ba3de99116648e15b945f844918e44b4c409a558d28e20119538bea2eab41c5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 11 Jan 2023 13:36:57 GMT content-encoding gzip x-content-type-options nosniff age 202317 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 135245 x-xss-protection 0 last-modified Wed, 11 Jan 2023 11:45:15 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" vary Accept-Encoding report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 11 Jan 2024 13:36:57 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame 9B6D	18 KB 7 KB	792ms 307ms	Script text/javascript	172.253.118.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=280&slotname=6360763485&adk=3572022879&adf=943920009&pi=t.ma~as.6360763485&w=1004&fwrn=4&fwrnh=100&lmt=1673646533&rafmt=1&format=1004x280&url=https%3A%2F%2F5alij.com%2Fuser%2Ftownformat2&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673646532892&bpp=2&bdt=2517&idt=746&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5216217645460&frm=20&pv=1&ga_vid=712609666.1673646534&ga_sid=1673646534&ga_hid=1318813775&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842&oid=2&pvsid=3603966157680979&tmod=1556269321&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=r66e3oM595&p=https%3A//5alij.com&dtd=751 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.118.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f132.1e100.net Software cafe / Resource Hash d6e49f1d85f57c06002816ffafcb8bfa08d8850c7358cb45b26b7a4f78f73fc4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Jan 2023 19:15:50 GMT content-encoding br x-content-type-options nosniff age 9184 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7538 x-xss-protection 0 server cafe etag 18140588555649875417 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 27 Jan 2023 19:15:50 GMT
GET H3	200	reactive_library_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/	150 KB 51 KB	292ms 291ms	Script text/javascript	74.125.68.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/reactive_library_fy2021.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js Protocol H3 Security QUIC, , AES_128_GCM Server 74.125.68.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS sc-in-f156.1e100.net Software cafe / Resource Hash d9b6cafba91a036a3028964e4622968535048ef034a34500a0847339371b2438 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://5alij.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Jan 2023 21:48:55 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 52347 x-xss-protection 0 server cafe etag 3048383940813424481 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Fri, 13 Jan 2023 21:48:55 GMT
GET H2	200	/ Show response t.dtscout.com/idg/ Frame D93A	1 KB 721 B	751ms 749ms	Document text/html	141.101.120.10 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://t.dtscout.com/idg/?su=51A016736465356BF0D9DFE0B7D4DEB0 Requested by Host: e.dtscout.com URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F5alij.com%2Fuser%2Ftownformat2&j= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 141.101.120.10 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 539f4dadc2dab748bba7368ea885f83ddc07314784be94cfbf74471e86bbaba5 Request headers Referer https://5alij.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language en-NZ,en;q=0.9 Response headers cache-control no-cache cf-cache-status DYNAMIC cf-ray 789156bd9abd1c53-AKL content-encoding br content-type text/html; charset=UTF-8 date Fri, 13 Jan 2023 21:48:55 GMT expires Fri, 13 Jan 2023 21:48:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sat%2B8zrVX75%2Fz5KUQUvaFpWT%2BnwRW3hYX2o77aD3tos4KYI9iBKKsgPDOo3O3tb8gVXneKcBR31UfkBWTXDMEcPdreLdH20E1xqdiDDeYqwH5aNLKV12JB4g59FKQfs%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H2	200	tag.min.js Show response get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/	30 KB 10 KB	727ms 248ms	Script text/javascript	13.33.33.93 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js Requested by Host: e.dtscout.com URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F5alij.com%2Fuser%2Ftownformat2&j= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.33.93 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-33-93.sin2.r.cloudfront.net Software AmazonS3 / Resource Hash caf00dccdfb24b237c2e763929bbdbf10d64d66606688390a39c6456fbddb409 Request headers accept-language en-NZ,en;q=0.9 Referer https://5alij.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id ePoTNcv0DaSHt0vz0AKUJEI0tBAExaJ3 content-encoding gzip via 1.1 9e7574adb9a113dab92737ea901376d8.cloudfront.net (CloudFront) date Fri, 13 Jan 2023 19:10:29 GMT last-modified Thu, 25 Aug 2022 14:07:06 GMT server AmazonS3 x-amz-cf-pop SIN2-P1 age 9507 etag W/"c722c8e06c3a9be75b009576c49f7792" vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript cache-control max-age=86400 x-amz-cf-id UggS2O5hJgq0OVdbLtYD8e6ttpm-ko14jAmTznpRsBl8W_iTMdjItA==
GET H2	200	/ Show response t.dtscout.com/pv/	50 B 332 B	749ms 748ms	Script application/javascript	141.101.120.10 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://t.dtscout.com/pv/?_a=v&_h=5alij.com&_ss=73o39x9dd9&_pv=1&_ls=0&_u1=1&_u3=1&_cc=nz&_pl=d&_cbid=rhan&_cb=_dtspv.c Requested by Host: e.dtscout.com URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F5alij.com%2Fuser%2Ftownformat2&j= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 141.101.120.10 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ea3a6dc2043cdcf640249db59737d3a064604ccbedd9fe8940d0bc0240851276 Request headers accept-language en-NZ,en;q=0.9 Referer https://5alij.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Jan 2023 21:48:55 GMT x-t 0.139 content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vf8HEmnuLt33uOhLrr2tHVsArF5swtKdvYzxLS1NVX%2BwHz8WYqot5ByJv19iAVYylxbgfoFW3hWQ%2F6gYB4v%2BQwqasmEJlkLN%2B3LpRi2SRDc31XlYFOdI%2B%2FWC3enp8QY%3D"}],"group":"cf-nel","max_age":604800} x-c 0 content-type application/javascript cache-control no-cache cf-ray 789156bd9abe1c53-AKL expires Fri, 13 Jan 2023 21:48:54 GMT
GET H2	200	integrator.js Show response adservice.google.co.nz/adsid/	107 B 165 B	278ms 276ms	Script application/javascript	172.253.118.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.co.nz/adsid/integrator.js?domain=5alij.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.118.157 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f157.1e100.net Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://5alij.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Jan 2023 21:48:55 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 165 B	276ms 275ms	Script application/javascript	172.253.118.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=5alij.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.118.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f155.1e100.net Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://5alij.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Jan 2023 21:48:55 GMT content-encoding gzip x-content-type-options nosniff server cafe content-type application/javascript; charset=UTF-8 p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/ Frame 6006	10 KB 4 KB	274ms 273ms	Document text/html	74.125.24.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.24.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sf-in-f155.1e100.net Software cafe / Resource Hash 9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://5alij.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language en-NZ,en;q=0.9 Response headers age 12848 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=1209600 content-encoding br content-length 4242 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 13 Jan 2023 18:14:47 GMT etag 10353107486223812946 expires Fri, 27 Jan 2023 18:14:47 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/ Frame 3576	10 KB 4 KB	275ms 274ms	Document text/html	74.125.24.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.24.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sf-in-f155.1e100.net Software cafe / Resource Hash 9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://5alij.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language en-NZ,en;q=0.9 Response headers age 12848 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=1209600 content-encoding br content-length 4242 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 13 Jan 2023 18:14:47 GMT etag 10353107486223812946 expires Fri, 27 Jan 2023 18:14:47 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/ Frame 5C2B	10 KB 4 KB	279ms 278ms	Document text/html	74.125.24.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.24.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sf-in-f155.1e100.net Software cafe / Resource Hash 9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://5alij.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language en-NZ,en;q=0.9 Response headers age 12848 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=1209600 content-encoding br content-length 4242 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 13 Jan 2023 18:14:47 GMT etag 10353107486223812946 expires Fri, 27 Jan 2023 18:14:47 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	css2 fonts.googleapis.com/ Frame 6006	4 KB 636 B	275ms 275ms	Stylesheet text/css	74.125.24.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 74.125.24.95 , United States, ASN15169 (GOOGLE, US), Reverse DNS sf-in-f95.1e100.net Software ESF / Resource Hash c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 13 Jan 2023 21:48:55 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 13 Jan 2023 21:05:38 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 13 Jan 2023 21:48:55 GMT
GET H2	200	feedback_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame 6006	205 B 519 B	1092ms 543ms	Image image/png	74.125.24.94 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.24.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS sf-in-f94.1e100.net Software sffe / Resource Hash 4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Jan 2023 18:23:01 GMT x-content-type-options nosniff age 12355 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 205 x-xss-protection 0 last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Sat, 13 Jan 2024 18:23:01 GMT
GET H2	200	settings_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame 6006	604 B 696 B	1153ms 605ms	Image image/png	74.125.24.94 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.24.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS sf-in-f94.1e100.net Software sffe / Resource Hash 5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 10 Jan 2023 00:13:33 GMT x-content-type-options nosniff age 336923 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 604 x-xss-protection 0 last-modified Tue, 22 Oct 2019 18:15:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Wed, 10 Jan 2024 00:13:33 GMT
GET H2	200	interstitial_ad_frame_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230111/r20110914/elements/html/ Frame 6006	19 KB 8 KB	274ms 273ms	Script text/javascript	172.253.118.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/elements/html/interstitial_ad_frame_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.118.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f132.1e100.net Software cafe / Resource Hash daf99211008f6684b4aaa4daafa6832cf05ccd99f5910f48f6467a5c1ea08197 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Jan 2023 19:48:04 GMT content-encoding br x-content-type-options nosniff age 7251 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8191 x-xss-protection 0 server cafe etag 7335088802737092762 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 27 Jan 2023 19:48:04 GMT
GET H2	200	1fa652aa70ababc78244f8b54c5f124c.js Show response www.gstatic.com/mysidia/ Frame 3576	9 KB 4 KB	822ms 283ms	Script text/javascript	74.125.24.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/1fa652aa70ababc78244f8b54c5f124c.js?tag=client_fast_engine_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.24.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS sf-in-f94.1e100.net Software sffe / Resource Hash efaee115f8c9c7c11e2e17bd4d580db1136571500686a8f68cdba7a5117576a6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 12 Jan 2023 09:52:14 GMT content-encoding gzip x-content-type-options nosniff age 129402 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4234 x-xss-protection 0 last-modified Wed, 11 Jan 2023 00:07:05 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Wed, 12 Apr 2023 09:52:14 GMT
GET H2	200	53fc7b95e2e7da56f9754d97b9eef8af.js Show response www.gstatic.com/mysidia/ Frame 3576	10 KB 5 KB	836ms 297ms	Script text/javascript	74.125.24.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/53fc7b95e2e7da56f9754d97b9eef8af.js?tag=text/vanilla_highlight_ms Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.24.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS sf-in-f94.1e100.net Software sffe / Resource Hash ee4faaed51a230b371a20f4dbe1551889b4eb9636f0a72e03332f4af24834be7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 11 Jan 2023 01:55:53 GMT content-encoding gzip x-content-type-options nosniff age 244383 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4647 x-xss-protection 0 last-modified Wed, 11 Jan 2023 00:07:05 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Tue, 11 Apr 2023 01:55:53 GMT
GET H2	200	4a930f1d12175de7517f8d15f69bdfbf.js Show response www.gstatic.com/mysidia/ Frame 3576	19 KB 8 KB	1088ms 550ms	Script text/javascript	74.125.24.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/4a930f1d12175de7517f8d15f69bdfbf.js?tag=pingback Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.24.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS sf-in-f94.1e100.net Software sffe / Resource Hash d8701138e15ab5c3379f8327d91cd2ed9524c961ca7f0bd3b91677e7f894c29e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 11 Jan 2023 01:15:03 GMT content-encoding gzip x-content-type-options nosniff age 246833 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8006 x-xss-protection 0 last-modified Wed, 11 Jan 2023 00:07:05 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Tue, 11 Apr 2023 01:15:03 GMT
GET H3	200	css fonts.googleapis.com/ Frame 3576	8 KB 895 B	276ms 275ms	Stylesheet text/css	74.125.24.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 74.125.24.95 , United States, ASN15169 (GOOGLE, US), Reverse DNS sf-in-f95.1e100.net Software ESF / Resource Hash a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 13 Jan 2023 21:48:55 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 13 Jan 2023 20:25:52 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 13 Jan 2023 21:48:55 GMT
GET H3	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame 3576	2 KB 765 B	357ms 357ms	Script text/javascript	172.253.118.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.118.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f132.1e100.net Software cafe / Resource Hash f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Jan 2023 19:48:04 GMT content-encoding br x-content-type-options nosniff age 7253 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 738 x-xss-protection 0 server cafe etag 1394486882873449110 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 27 Jan 2023 19:48:04 GMT
GET H2	200	2c96be29c806e6a30d72c34b34031cd2.js Show response www.gstatic.com/mysidia/ Frame 3576	5 KB 2 KB	1128ms 591ms	Script text/javascript	74.125.24.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/2c96be29c806e6a30d72c34b34031cd2.js?tag=analytics_pingback_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.24.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS sf-in-f94.1e100.net Software sffe / Resource Hash 909e4f36928b8676e7947d125e90b8c2baee1afc6c0dead2ddc05a665811470a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 10 Jan 2023 23:15:45 GMT content-encoding gzip x-content-type-options nosniff age 253991 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2003 x-xss-protection 0 last-modified Thu, 05 Jan 2023 01:26:36 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Mon, 10 Apr 2023 23:15:45 GMT
GET H2	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230111/r20110914/ Frame 3576	22 KB 9 KB	304ms 302ms	Script text/javascript	172.253.118.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.118.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f132.1e100.net Software cafe / Resource Hash c5418bee2b5eb509379e5146161267420c90f21ef5824f64ca9f7396a8f51dba Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Jan 2023 19:42:43 GMT content-encoding br x-content-type-options nosniff age 7572 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8889 x-xss-protection 0 server cafe etag 3049769697470197148 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 27 Jan 2023 19:42:43 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame 3576	3 KB 1 KB	363ms 363ms	Script text/javascript	172.253.118.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.118.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f132.1e100.net Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Jan 2023 19:00:46 GMT content-encoding br x-content-type-options nosniff age 10091 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 27 Jan 2023 19:00:46 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame 3576	18 KB 7 KB	345ms 343ms	Script text/javascript	172.253.118.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.118.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f132.1e100.net Software cafe / Resource Hash d6e49f1d85f57c06002816ffafcb8bfa08d8850c7358cb45b26b7a4f78f73fc4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Jan 2023 19:15:50 GMT content-encoding br x-content-type-options nosniff age 9185 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7538 x-xss-protection 0 server cafe etag 18140588555649875417 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 27 Jan 2023 19:15:50 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 3576	157 KB 49 KB	824ms 275ms	Script text/javascript	142.250.4.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.4.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f156.1e100.net Software sffe / Resource Hash cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Jan 2023 21:48:56 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 49309 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1673441803913192" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Fri, 13 Jan 2023 21:48:56 GMT
GET H2	200	3dc49c9b9e6a6b78323daad710439309.js Show response www.gstatic.com/mysidia/ Frame 3576	33 KB 14 KB	273ms 273ms	Script text/javascript	74.125.24.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/3dc49c9b9e6a6b78323daad710439309.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.24.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS sf-in-f94.1e100.net Software sffe / Resource Hash a2703ca1e7c3daeb0bf2ca00dca14c62a2f5af4977442edb034a796c74c8f3c1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 11 Jan 2023 01:13:48 GMT content-encoding gzip x-content-type-options nosniff age 246909 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14046 x-xss-protection 0 last-modified Wed, 11 Jan 2023 00:07:05 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Tue, 11 Apr 2023 01:13:48 GMT
GET H2	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 4F97	624 B 531 B	277ms 276ms	Document text/html	74.125.24.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CNLxvegCEKyFyakDGP6s3MoBMAE&v=APEucNXV2jWMkTNpMB-J6jzjYa_F9v771BiLba7qXrOl8AMbU_5zRl67xXyLPyZ1_Ic6tfuKC8VgT9-_jV7U63jh8ECcX4qy1A Requested by Host: 5alij.com URL: https://5alij.com/user/townformat2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.24.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sf-in-f155.1e100.net Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language en-NZ,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-encoding br content-length 222 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 13 Jan 2023 21:48:55 GMT expires Fri, 13 Jan 2023 21:48:55 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	express_html_inpage_rendering_lib_200_276.js Show response s0.2mdn.net/879366/ Frame AC6A	106 KB 38 KB	820ms 273ms	Script text/javascript	142.250.4.149 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js Requested by Host: 5alij.com URL: https://5alij.com/user/townformat2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.4.149 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f149.1e100.net Software sffe / Resource Hash e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Origin https://googleads.g.doubleclick.net accept-language en-NZ,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Jan 2023 00:54:46 GMT content-encoding gzip x-content-type-options nosniff age 75250 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 37872 x-xss-protection 0 last-modified Wed, 02 Mar 2022 23:07:26 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 14 Jan 2023 00:54:46 GMT
GET H3	200	omrhp_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20230111/r20110914/elements/html/ Frame AC6A	6 KB 2 KB	273ms 273ms	Script text/javascript	74.125.68.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20230111/r20110914/elements/html/omrhp_fy2021.js Requested by Host: 5alij.com URL: https://5alij.com/user/townformat2 Protocol H3 Security QUIC, , AES_128_GCM Server 74.125.68.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS sc-in-f156.1e100.net Software cafe / Resource Hash c0f9a96a8b15dfa0bd82a9b0c4f7d31927c96784bb62af0a94fbaa78cde5e2fa Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Jan 2023 20:11:25 GMT content-encoding br x-content-type-options nosniff age 5850 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2477 x-xss-protection 0 server cafe etag 8436122973860808490 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 27 Jan 2023 20:11:25 GMT
GET H3	200	abg_lite_fy2021.js Show response pagead2.googlesyndication.com/pagead/js/r20230111/r20110914/ Frame AC6A	22 KB 9 KB	273ms 273ms	Script text/javascript	74.125.68.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20230111/r20110914/abg_lite_fy2021.js Requested by Host: 5alij.com URL: https://5alij.com/user/townformat2 Protocol H3 Security QUIC, , AES_128_GCM Server 74.125.68.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS sc-in-f156.1e100.net Software cafe / Resource Hash c5418bee2b5eb509379e5146161267420c90f21ef5824f64ca9f7396a8f51dba Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Jan 2023 20:11:20 GMT content-encoding br x-content-type-options nosniff age 5855 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8889 x-xss-protection 0 server cafe etag 3049769697470197148 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 27 Jan 2023 20:11:20 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame AC6A	3 KB 1 KB	403ms 401ms	Script text/javascript	172.253.118.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/window_focus_fy2021.js Requested by Host: 5alij.com URL: https://5alij.com/user/townformat2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.118.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f132.1e100.net Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Jan 2023 19:00:46 GMT content-encoding br x-content-type-options nosniff age 10089 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 27 Jan 2023 19:00:46 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame AC6A	18 KB 7 KB	360ms 359ms	Script text/javascript	172.253.118.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/qs_click_protection_fy2021.js Requested by Host: 5alij.com URL: https://5alij.com/user/townformat2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.118.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f132.1e100.net Software cafe / Resource Hash d6e49f1d85f57c06002816ffafcb8bfa08d8850c7358cb45b26b7a4f78f73fc4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Jan 2023 19:15:50 GMT content-encoding br x-content-type-options nosniff age 9185 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7538 x-xss-protection 0 server cafe etag 18140588555649875417 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 27 Jan 2023 19:15:50 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame AC6A	157 KB 48 KB	1433ms 910ms	Script text/javascript	142.250.4.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: 5alij.com URL: https://5alij.com/user/townformat2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.4.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f156.1e100.net Software sffe / Resource Hash cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Jan 2023 21:48:56 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 49309 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1673441803913192" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Fri, 13 Jan 2023 21:48:56 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame AC6A	42 B 63 B	274ms 274ms	Image image/gif	74.125.68.156 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CDHC-irbjHbBiIk2-oxDE1jQ0_OKCu0lLfXT5F8P3VrKvUuZ76I_bgyXNsSP3l8I2pe6Gmnj1JQnRlFINZtoObDZsSzUXaB7FwgMUgt0VxuNmBkfU Requested by Host: 5alij.com URL: https://5alij.com/user/townformat2 Protocol H3 Security QUIC, , AES_128_GCM Server 74.125.68.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS sc-in-f156.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 13 Jan 2023 21:48:56 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	csi csi.gstatic.com/ Frame 9B6D	0 318 B	820ms 272ms	Ping image/gif	74.125.200.120 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lcv1xo1v&c=1966049173218&slotId=983024586609&qqid=CImWgJnDxfwCFQo3aAoddHcO_Q&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230111_RC00/outstream.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.200.120 , United States, ASN15169 (GOOGLE, US), Reverse DNS sa-in-f120.1e100.net Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-NZ,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 13 Jan 2023 21:48:56 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 9B6D	15 KB 16 KB	274ms 273ms	Font font/woff2	74.125.24.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.24.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS sf-in-f94.1e100.net Software sffe / Resource Hash f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language en-NZ,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Jan 2023 20:47:35 GMT x-content-type-options nosniff age 3681 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15860 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 13 Jan 2024 20:47:35 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 9B6D	15 KB 15 KB	326ms 325ms	Font font/woff2	74.125.24.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.24.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS sf-in-f94.1e100.net Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language en-NZ,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Jan 2023 12:04:41 GMT x-content-type-options nosniff age 35055 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 13 Jan 2024 12:04:41 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 9B6D	0 20 B	275ms 275ms	Image image/gif	74.125.68.156 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=C2o-XxdHBY8mfL4ruoAP07rnoD9vbiJlu7sebgeAQq_2Fy8IBEAEg5-e5HmCr7LGF4BigAfe19rooyAEFqQLfNFh2TmOlPqgDAcgDmwSqBOQBT9DF_tabRE69rFoNgsRkJH3wYy3d7P5xeEH_WmVgFGm7Kf3sL9AhUkQJ_BxqzsQ187g1d1uGHaAeYe8P2Gq_KO5ZC2AvCioT-Kk0kDjfupirv9pieSsQgEHRIWmfx9ttPXQhlaEgPNZyvaq7oM6z9EFM6rlocae-qoU5odaYV2t0-MgoPtgNTzdVYbIr30DlNo6CDTdz0rqxEu34SUveamCmfkGfDzGFHWteDNSzgLG_W2gDTnd49aQL9_vThuQGL9GGa5Lrv4n7feu37qcLynCu86YM9E-XQQBM47vPaoHS2vuuwATJ6vnroATgBAOQBgGgBnaAB_ftxpoDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiAYRABGB8yAooCOgKAQIAKAcgLAeALAYAMAbATrs3bEcgTzYbW4QPYEwqIFAbYFAHQFQH4FgGAFwE&eventType=clickstring&clientTime=1673646535952&ai=C2o-XxdHBY8mfL4ruoAP07rnoD9vbiJlu7sebgeAQq_2Fy8IBEAEg5-e5HmCr7LGF4BigAfe19rooyAEFqQLfNFh2TmOlPqgDAcgDmwSqBOQBT9DF_tabRE69rFoNgsRkJH3wYy3d7P5xeEH_WmVgFGm7Kf3sL9AhUkQJ_BxqzsQ187g1d1uGHaAeYe8P2Gq_KO5ZC2AvCioT-Kk0kDjfupirv9pieSsQgEHRIWmfx9ttPXQhlaEgPNZyvaq7oM6z9EFM6rlocae-qoU5odaYV2t0-MgoPtgNTzdVYbIr30DlNo6CDTdz0rqxEu34SUveamCmfkGfDzGFHWteDNSzgLG_W2gDTnd49aQL9_vThuQGL9GGa5Lrv4n7feu37qcLynCu86YM9E-XQQBM47vPaoHS2vuuwATJ6vnroATgBAOQBgGgBnaAB_ftxpoDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiAYRABGB8yAooCOgKAQIAKAcgLAeALAYAMAbATrs3bEcgTzYbW4QPYEwqIFAbYFAHQFQH4FgGAFwE Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=280&slotname=6360763485&adk=3572022879&adf=943920009&pi=t.ma~as.6360763485&w=1004&fwrn=4&fwrnh=100&lmt=1673646533&rafmt=1&format=1004x280&url=https%3A%2F%2F5alij.com%2Fuser%2Ftownformat2&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673646532892&bpp=2&bdt=2517&idt=746&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5216217645460&frm=20&pv=1&ga_vid=712609666.1673646534&ga_sid=1673646534&ga_hid=1318813775&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842&oid=2&pvsid=3603966157680979&tmod=1556269321&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=r66e3oM595&p=https%3A//5alij.com&dtd=751 Protocol H3 Security QUIC, , AES_128_GCM Server 74.125.68.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS sc-in-f156.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 13 Jan 2023 21:48:56 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	vast Show response bid.g.doubleclick.net/dbm/ Frame 9B6D	29 KB 16 KB	861ms 311ms	XHR text/xml	172.217.194.157 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BhuhvUq8zz-kmWBYG4gzw5gXG-iPeWs-uUz0R7b2e8i8f-g_AR3NRZTBcUHU_3ihSV0sgPdGTToIi-xRGWfwxRpgy-nQ&cry=1&dbm_d=AKAmf-AuIdcfEb3rZlq3cWtN_GWxpDBtXf_zMP6QQNsQkHzscYO6Pvo3h4-ab9c6S2Y03gs0EfbfOXAy46ib1EVJC8OtfI3HmNaQ1PEDc-nGGfohdirXy2Lx55GBCEuvHRyTK5WaIXxoqJQWxVYSIBX0-E6irP1MJ1EeXHHoxbn-58Tiw9CV8jIPmlNlrallqDyrfSJgSqzEpsVfU6NmbgvK4RL_R2jY1oFTuVGbRfO2mvplXzNWS74VXRdmBwKhbk31BnRFJWWRXy432VFaK9_AsNmAkr3uIFkzNdp-n5B4pzRbdRx3tXNIaB2hM8SoorQILVngx7QLXFq8Z3o87FAB8FvonhNqCXY7Po2oL-YElR7Kd0sSBbLcgKf3eQK2qDoy-rMn6dxvc06wjXdXEJb0jcMYXpRQdxgk7AYqpJCoLfHZV4Q6KLnyE46GxoiFyKAHg7g1l9rvf2YakVrr0iMj80LIaYse3qN5b-cxRno8hMJtjyGOMppLph2auGVwxjjHmEOdNDgXdFmEfoMcrDRIOP5iVDfDYK9juy3-La97UnDeusy3i513Rpw_yjtOHQHxFv8t-_d2fbyt7qOSsmXs6zKbLLVauAmPzL0ezS219lw1igNlv1H9fG3bs64M4cs0w9TcTX7UDyqUudmDpHxudq2IX_B1ksJdIs-nT-Gu6uoBcYBEIaIE6XwB25R33j7SYLMeylqJapAZGPiQe0ZdErNOSWGAFBm6qd_8_roVgflGig2rBY1yHG0zf9f7vMqSZRSZE5uLlYimSaoTa3rIqFuNVKl84tgQY6NuvDgfIndquro4vk6KZf7F1F9Dvk3MM6REiE_jr9jnJEl5TiBmHUzuMecJFclUtejbmy3RR0Q7E93xem4ZK5lGbHS6rVnjNzR-wHMECGR50MrLpt46c-DTis5g8a5uuTDDbJHykftWd_swBMBbKFCvUiiZihWVIEB-Ii6U3IqEVFTwRzVsVY-mzSMXGErRzHHQHlg6OfCW4mC0ORSP0mlgj33biwLXx69iy_TJrbukeAHGyWANyuCHelaqdyczgzDAxjHaTehFPhj6AeMyip0jIjwBTxDvAdZoc-Td28hPLGcMhSVupQtUphYcWNI2aH4gePpKYoeLTLpMxYUn8ymqGcCRldU9pXxL23Z8MiWptoa2a5S10y9nMpsP_IbEeD9uE67FJhv-8ol2eV307i_HgPnFe7W0j3yOwRAW9sGYySYwviv52Iq0VkjtH-jIFcKbZSg95XCwP9aC7eIacIH7-BI56MiIoxOlp1M9Z3tMePha4ASVTyL11Z5xU01kb-kiqYjYotJkZYJKpMimvDwDFFomRjQ7cVOwil_VX3SFFylv0GFFho_XWBaIWAr8d4slIzyHu6prtPJQRhtatRNkbAvgl1lgPM4Ag6z4HGmSS86gDmIbrdqjh4QsuprgkuE485w3E9AnqRdU6R_K7FMER8zyZtYJasCWTdQg1NVeIj8-bn2-8v3mojdN8pfptskByNHp1--szVGrKDRHjIMkQC2CubJceej30nlVobLDKCFXISV-ZhSb9s_8eQTNPWluo8UJpqv1ap2Xq7j2iYTCv39YbthsbfH8GbtdV35MG-jpisD7U7wbp2-Hl_4V2LpzEKIIlWv0YuY39httuJ7VXuSOdL2Fh_PaNxg12vGeIWhKi3Rbx2kZN-N05G7OykgnrqGQkARU5bDtwZSSHDJ_FcUYDSAJQcxql8fNnLrpSk-4BhrmkxpGXiK0hJ7SO6qeYw-yUbjDNyAfT9iYj4SPagp8thnX4aoEX-Lg0_zf3i2zZ7obn7GKGqQUXMHe3Czx4HRSe-US02HchEyUUushPjRmFeTLFUTfnB9oSwcr5Q4gEN6gJeioTBqI_KpDpNIXsnYTh4gxezFXnX8uWa4xqQGxstnTcvfKmep-H_LTgdaf4DbsEfNt2izM_Mvd5ljOl-wvM5XtGcfS3QXI79mipfCM4De4Dm1ZilhvZnQ8cbLOrJwducbn7NN1lOGEQiGX0MI-zOTW0jbCBt17qQAXXUtxWkURwloaLeFFmNfCDRJURPJ0wgwow0fAKgqkhQ57eHrIeqmHPi4PwIgGaYF4GwsrDuUteYtilcUvMMLqeIqLF4D8OBJxSelNIeVCtwSWulVl6KBABvD6RLTBmb38ioWReu12ZzPrCPHUpqHZJ5j7rXyUAokb3sXeQNyG5QTz5-9B3CCcXPpeRUMHx39C3luvb2nqWkg-hLlPLvqJhaiaBFfiJRmwUr_vMpQZVZOAO29AOlYnr_MeBszBouAtA_uHhw5lGX5HHb379obvutlJPDUhWszP2-4iYOvoMlDnlhNMtg-esDPHQiFTAAavGq9ZJ6Nka45i974Xevy5tx2X55BJUiBINgr1rX8nGpMsP_GjbzMqHF1kD5PNotl_B5btkj7T0MRu1gmL0J4BVCptXn69i9jlCKZ4Fi-Tboda_MssXIoYfgd_R39_cK_1fiaW2IKjPHFBHocEQzk4qqjmPwhG2uErZYyCs4v305yplKhkqAGZpqe5fzam8EZkUwvrIG0uIB6RxPJcUe5dG2xZcdh5VPcJuXl_fjGJ3mybAzWr7nhDrxguwFf3NL3DgdbbFHN7_uS8Np9kDMuPig5hz2v6A7q6f7UQ0Wbb6KCnyBuhskvL19Hd-BYxxf-L7XwxLamZp7vz6k4fFGjhUf8LaUnZu6LXuoPUUt-EHrlYkWZrphIT5rAaX4t77XyrTfpFIX3vzfrrjzbaRNzPK7wHAYVhsbuvV0o0MIndCLTONpA6KQe-ThEX-OnyDManOuq9bcifKpvWBrUwx_aVvuk4tYR4opC4pJCjCbjWFoMH7AocYPh8lhXsafX5HPLzLf1qAuyXGklmeTN8GOR4TRPwwq6k2MTw-JnYGdZuLM9xAuX82rwPslZln-zzMr0p1MMtaop5wiTmk4fhtE8fhEAeB8OWtrfs9K5EiiNYIr0aginGHQk_M3y_UXsv0jlNDuKBvwS_eSUufjeanz1l5rfQZf6Y1dnnucgPZnB-zuUYsA6gXmtpuCCNZsko4f7bguBbr23Mr1Lk4f46akfu-FJtpncXYobKsca8Sa8Ac_DKv285ZaIgxom329Kcqojns-s3j-aOe4drL0NMkn4XyUW-wezsF8oR8MFXngTFZEwqJhk8zK0qSKxu0Xlm1yYxO0MCNwDK3ftWZo7mNNfYApb85glL123rhAj33yTxN-LTMVEYNdtWQcsjj6Jzs9aCLcqL1yAhgwcctvCAMypeD780tur0a6ovTaie9C0avP831MyNvII83hbT8n0VmEJ-dPpZxNUg5Ekuzk3ZK41Y-WnTzWTiOXDs5K68Ap-bpz8HMTbgbg2eQfHZQD6mcQXvcxplU7dsyVLGWotgRxHw6x32AtwGNYr8afHFC88oq3DR0mA5LAp5wRj7tWXdp15ywZY6tj6Ixmw9vSOgIYnJG34mr15po_3Cn__AwzCaY72fDiXcd6UEJnkC80Zj7QWjeMnqnA90lI1f2uSup4ApHobm52JrwztyLiEHF5Y9scVrv04OFaSpd8U5GXY&cid=CAQSGwDq26N9mQmKMZA5iEaT5NGHLCVk_zWn8YWdbRgBIBM&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230111_RC00/outstream.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.194.157 , United States, ASN15169 (GOOGLE, US), Reverse DNS si-in-f157.1e100.net Software cafe / Resource Hash b46f98c3a83c2600b74dbedec3b05cf2ec58ce0e538cb9a6fb428e667ca09a3e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Jan 2023 21:48:56 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16019 x-xss-protection 0 pragma no-cache server cafe content-type text/xml; charset=UTF-8 access-control-allow-origin https://googleads.g.doubleclick.net cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	adview googleads.g.doubleclick.net/pagead/ Frame 9B6D	0 0	277ms 277ms	Fetch text/html	74.125.24.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=Cez-exdHBY8mfL4ruoAP07rnoD9vbiJlu7sebgeAQq_2Fy8IBEAEg5-e5HmCr7LGF4BigAfe19rooyAEFqQLfNFh2TmOlPqgDAaoE4QFP0MX-1ptETr2sWg2CxGQkffBjLd3s_nF4Qf9aZWAUabsp_ewv0CFSRAn8HGrOxDXzuDV3W4YdoB5h7w_Yar8o7lkLYC8KKhP4qTSQON-6mKu_2mJ5KxCAQdEhaZ_H2209dCGVoSA81nK9qrugzrP0QUzquWhxp76qhTmh1phXa3T4yCg-2A1PN1VhsivfQOU2joINN3PSurES7fhJS95qYKZ-QZ8PMd0c8aufRvUSCQnJWpjcPLlPvPVN9B567Mv75aVheuGWkTihSa8QP9DjXrYnTuj8gkmdKWD7AUzgs0nABMnq-eugBOAEA4gF1NflsEiSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBnaAB_ftxpoDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwoQipUDGPH-ut0B0ggPCIBhEAEYHzICigI6AoBAgAoByAsBsBOuzdsRyBPNhtbhA9gTCogUBtgUAdAVAYAXAbIXHAoaCAASFHB1Yi04MzQzMjI3OTUwNjExNDExGAA&sigh=lENSvNAvzIk&uach_m=[UACH]&cid=CAQSGwDq26N9mQmKMZA5iEaT5NGHLCVk_zWn8YWdbRgBIBM&vt=10 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=280&slotname=6360763485&adk=3572022879&adf=943920009&pi=t.ma~as.6360763485&w=1004&fwrn=4&fwrnh=100&lmt=1673646533&rafmt=1&format=1004x280&url=https%3A%2F%2F5alij.com%2Fuser%2Ftownformat2&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673646532892&bpp=2&bdt=2517&idt=746&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5216217645460&frm=20&pv=1&ga_vid=712609666.1673646534&ga_sid=1673646534&ga_hid=1318813775&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842&oid=2&pvsid=3603966157680979&tmod=1556269321&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=r66e3oM595&p=https%3A//5alij.com&dtd=751 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.24.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sf-in-f155.1e100.net Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=280&slotname=6360763485&adk=3572022879&adf=943920009&pi=t.ma~as.6360763485&w=1004&fwrn=4&fwrnh=100&lmt=1673646533&rafmt=1&format=1004x280&url=https%3A%2F%2F5alij.com%2Fuser%2Ftownformat2&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1673646532892&bpp=2&bdt=2517&idt=746&shv=r20230111&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5216217645460&frm=20&pv=1&ga_vid=712609666.1673646534&ga_sid=1673646534&ga_hid=1318813775&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842&oid=2&pvsid=3603966157680979&tmod=1556269321&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=r66e3oM595&p=https%3A//5alij.com&dtd=751 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Fri, 13 Jan 2023 21:48:56 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 13 Jan 2023 21:48:56 GMT
GET DATA	200 OK	truncated / Frame 9B6D	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ceb128f1d4ddc0fb4ffcf811e167edc3c7618e83175d6a089ca0e48337128a8b Request headers accept-language en-NZ,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H2	200	/ Show response onetag-geo.s-onetag.com/	535 B 949 B	713ms 236ms	Fetch application/json	13.33.33.57 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://onetag-geo.s-onetag.com/ Requested by Host: get.s-onetag.com URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.33.57 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-33-57.sin2.r.cloudfront.net Software / Resource Hash a0ef9664ce4745a7141cfee9be2ff66c682596db11fde27129c25e5120b5b490 Request headers accept-language en-NZ,en;q=0.9 Referer https://5alij.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Jan 2023 13:23:28 GMT via 1.1 32b95ef5feec0715f987a398c50c07d0.cloudfront.net (CloudFront), 1.1 e5793992853fceac3581bde796b6f5ba.cloudfront.net (CloudFront) x-amz-cf-pop SIN2-P1, SIN2-P1 age 30328 x-amzn-requestid 19f30e17-66b4-4422-88be-99971028ed6f x-cache Hit from cloudfront content-type application/json access-control-allow-origin * cache-control max-age=86400 x-amz-apigw-id ers0mEJOCYcFijA= content-length 535 x-amz-cf-id VMTT4qULj3dVWb92fPYXelXPzljj9ysnATYKh3nb60kYgTjOUgFjZQ==
GET H2	200	/ Show response t.dtscdn.com/widget/	0 585 B	673ms 385ms	Script application/javascript	104.26.13.60 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://t.dtscdn.com/widget/?d=51A016736465356BF0D9DFE0B7D4DEB0&nid=300&p=836148727&t=0&s=1600x1200x24&u=https%3A%2F%2F5alij.com%2Fuser%2Ftownformat2&r= Requested by Host: e.dtscout.com URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F5alij.com%2Fuser%2Ftownformat2&j= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.26.13.60 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-NZ,en;q=0.9 Referer https://5alij.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Jan 2023 21:48:56 GMT x-t 1.01 content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gHlM757Rfy6IcI3z%2BJIAZ0knDPgHQqp9Kyy8HzMyQFx%2BoqSIUV84OZLRdH5BU0hJaL1igP2BDF9enqIauNECGoUOKa1fBuNUrNPYDP4pednl2BHbfFhicyJhlXfCSA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control no-cache x-server web15.ny1.dtscdn.com cf-ray 789156c44c81a814-SYD expires Fri, 13 Jan 2023 21:57:50 GMT
GET H2	200	e Show response a.dtssrv.com/	21 B 584 B	774ms 459ms	XHR application/json	172.64.107.25 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://a.dtssrv.com/e?i=51A016736465356BF0D9DFE0B7D4DEB0 Requested by Host: e.dtscout.com URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F5alij.com%2Fuser%2Ftownformat2&j= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.64.107.25 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 14f1c3fd5f71e508354ab8ba8f9d7f020fbd485d710538d75bb1bfdfd7f489f9 Request headers accept-language en-NZ,en;q=0.9 Referer https://5alij.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma cache date Fri, 13 Jan 2023 21:48:56 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare access-control-max-age 86400 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xwO2KWHedgAQ0otd2OATpZ7Gpige%2BWhJa5LltYKJSGrj4Gmqkk2N%2BrJr4plf5%2BzJHiqvvXWtZEQ%2Bzp24vgNUsJzCRVGjUHDFf8GcgPYZD0epZIbX%2FgNL5oAfjLJSuKI%3D"}],"group":"cf-nel","max_age":604800} content-type application/json access-control-allow-origin https://5alij.com cache-control s-maxage=0 access-control-allow-credentials true cf-ray 789156c47ce829ae-MEL alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Fri, 13 Jan 2023 23:48:56 GMT
GET H2	200	tpid=51A016736465356BF0D9DFE0B7D4DEB0 bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/ Redirect Chain https://bcp.crwdcntrl.net/5/c=3825/tp=DTSC/tpid=51A016736465356BF0D9DFE0B7D4DEB0 https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=51A016736465356BF0D9DFE0B7D4DEB0	49 B 543 B	270ms 269ms	Image image/gif	54.169.2.85 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=51A016736465356BF0D9DFE0B7D4DEB0 Requested by Host: 5alij.com URL: https://5alij.com/user/townformat2 Protocol H2 Server 54.169.2.85 , Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-54-169-2-85.ap-southeast-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers accept-language en-NZ,en;q=0.9 Referer https://5alij.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 13 Jan 2023 21:48:56 GMT server Jetty(9.4.38.v20210224) content-type image/gif p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.42.20.88 content-length 49 expires 0 Redirect headers pragma no-cache date Fri, 13 Jan 2023 21:48:56 GMT server Jetty(9.4.38.v20210224) p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV location https://bcp.crwdcntrl.net/5/ct=y/c=3825/tp=DTSC/tpid=51A016736465356BF0D9DFE0B7D4DEB0 cache-control no-cache x-server 10.42.27.161 content-length 0 expires 0
GET		/ loada.exelator.com/load/ Redirect Chain https://pixel.onaudience.com/?partner=137085098&mapped=51A016736465356BF0D9DFE0B7D4DEB0 https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0	0 0
GET H2	200	1fa652aa70ababc78244f8b54c5f124c.js Show response www.gstatic.com/mysidia/ Frame C876	9 KB 5 KB	534ms 273ms	Script text/javascript	74.125.24.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/1fa652aa70ababc78244f8b54c5f124c.js?tag=client_fast_engine_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.24.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS sf-in-f94.1e100.net Software sffe / Resource Hash efaee115f8c9c7c11e2e17bd4d580db1136571500686a8f68cdba7a5117576a6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 12 Jan 2023 09:52:14 GMT content-encoding gzip x-content-type-options nosniff age 129402 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4234 x-xss-protection 0 last-modified Wed, 11 Jan 2023 00:07:05 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Wed, 12 Apr 2023 09:52:14 GMT
GET H2	200	4a930f1d12175de7517f8d15f69bdfbf.js Show response www.gstatic.com/mysidia/ Frame C876	19 KB 8 KB	584ms 324ms	Script text/javascript	74.125.24.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/4a930f1d12175de7517f8d15f69bdfbf.js?tag=pingback Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.24.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS sf-in-f94.1e100.net Software sffe / Resource Hash d8701138e15ab5c3379f8327d91cd2ed9524c961ca7f0bd3b91677e7f894c29e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 11 Jan 2023 01:15:03 GMT content-encoding gzip x-content-type-options nosniff age 246833 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8006 x-xss-protection 0 last-modified Wed, 11 Jan 2023 00:07:05 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Tue, 11 Apr 2023 01:15:03 GMT
GET H3	200	css fonts.googleapis.com/ Frame C876	8 KB 895 B	277ms 275ms	Stylesheet text/css	74.125.24.95 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 74.125.24.95 , United States, ASN15169 (GOOGLE, US), Reverse DNS sf-in-f95.1e100.net Software ESF / Resource Hash a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 13 Jan 2023 21:48:56 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Fri, 13 Jan 2023 20:33:31 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 13 Jan 2023 21:48:56 GMT
GET H3	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame C876	2 KB 765 B	273ms 273ms	Script text/javascript	172.253.118.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.118.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f132.1e100.net Software cafe / Resource Hash f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Jan 2023 19:48:04 GMT content-encoding br x-content-type-options nosniff age 7252 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 738 x-xss-protection 0 server cafe etag 1394486882873449110 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 27 Jan 2023 19:48:04 GMT
GET H2	200	2c96be29c806e6a30d72c34b34031cd2.js Show response www.gstatic.com/mysidia/ Frame C876	5 KB 2 KB	863ms 604ms	Script text/javascript	74.125.24.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/2c96be29c806e6a30d72c34b34031cd2.js?tag=analytics_pingback_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.24.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS sf-in-f94.1e100.net Software sffe / Resource Hash 909e4f36928b8676e7947d125e90b8c2baee1afc6c0dead2ddc05a665811470a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Tue, 10 Jan 2023 23:15:45 GMT content-encoding gzip x-content-type-options nosniff age 253991 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2003 x-xss-protection 0 last-modified Thu, 05 Jan 2023 01:26:36 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Mon, 10 Apr 2023 23:15:45 GMT
GET H2	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230111/r20110914/ Frame C876	22 KB 9 KB	274ms 273ms	Script text/javascript	172.253.118.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.118.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f132.1e100.net Software cafe / Resource Hash c5418bee2b5eb509379e5146161267420c90f21ef5824f64ca9f7396a8f51dba Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Jan 2023 19:42:43 GMT content-encoding br x-content-type-options nosniff age 7573 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8889 x-xss-protection 0 server cafe etag 3049769697470197148 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 27 Jan 2023 19:42:43 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame C876	3 KB 1 KB	357ms 357ms	Script text/javascript	172.253.118.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.118.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f132.1e100.net Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Jan 2023 19:00:46 GMT content-encoding br x-content-type-options nosniff age 10091 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 27 Jan 2023 19:00:46 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/ Frame C876	18 KB 7 KB	316ms 315ms	Script text/javascript	172.253.118.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20230111/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.118.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f132.1e100.net Software cafe / Resource Hash d6e49f1d85f57c06002816ffafcb8bfa08d8850c7358cb45b26b7a4f78f73fc4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Jan 2023 19:15:50 GMT content-encoding br x-content-type-options nosniff age 9186 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7538 x-xss-protection 0 server cafe etag 18140588555649875417 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 27 Jan 2023 19:15:50 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame C876	157 KB 48 KB	951ms 680ms	Script text/javascript	142.250.4.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.4.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f156.1e100.net Software sffe / Resource Hash cff8c5b798dd1a69ce9460a203c10be59613887e25245f5c64916a51a1055d4c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Jan 2023 21:48:56 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 49309 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1673441803913192" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Fri, 13 Jan 2023 21:48:56 GMT
GET H2	200	3dc49c9b9e6a6b78323daad710439309.js Show response www.gstatic.com/mysidia/ Frame C876	33 KB 14 KB	319ms 318ms	Script text/javascript	74.125.24.94 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/3dc49c9b9e6a6b78323daad710439309.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.24.94 , United States, ASN15169 (GOOGLE, US), Reverse DNS sf-in-f94.1e100.net Software sffe / Resource Hash a2703ca1e7c3daeb0bf2ca00dca14c62a2f5af4977442edb034a796c74c8f3c1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 11 Jan 2023 01:13:48 GMT content-encoding gzip x-content-type-options nosniff age 246909 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 14046 x-xss-protection 0 last-modified Wed, 11 Jan 2023 00:07:05 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Tue, 11 Apr 2023 01:13:48 GMT
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 4F97 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM1fqAHeIwgV5QOoF2KErtQ&google_cver=1 https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM1fqAHeIwgV5QOoF2KErtQ&google_cver=1&C=1	43 B 766 B	352ms 352ms	Image image/gif	139.5.84.243 CASALE-MEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEM1fqAHeIwgV5QOoF2KErtQ&google_cver=1&C=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNLxvegCEKyFyakDGP6s3MoBMAE&v=APEucNXV2jWMkTNpMB-J6jzjYa_F9v771BiLba7qXrOl8AMbU_5zRl67xXyLPyZ1_Ic6tfuKC8VgT9-_jV7U63jh8ECcX4qy1A Protocol HTTP/1.1 Server 139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-NZ,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Fri, 13 Jan 2023 21:48:57 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type image/gif Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=499 Content-Length 43 Expires 0 Redirect headers Pragma no-cache Date Fri, 13 Jan 2023 21:48:57 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Location /rum?cm_dsp_id=45&external_user_id=CAESEM1fqAHeIwgV5QOoF2KErtQ&google_cver=1&C=1 Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=500 Content-Length 0 Expires 0
GET H/1.1	200 OK	rum dsum-sec.casalemedia.com/ Frame 4F97 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y8HRydiKlccIU3ZPMRi2NgAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJxL0rjzj1KmCbAmh3c7nM4&google_cver=1	43 B 766 B	352ms 352ms	Image image/gif	139.5.84.243 CASALE-MEDIA
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJxL0rjzj1KmCbAmh3c7nM4&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNLxvegCEKyFyakDGP6s3MoBMAE&v=APEucNXV2jWMkTNpMB-J6jzjYa_F9v771BiLba7qXrOl8AMbU_5zRl67xXyLPyZ1_Ic6tfuKC8VgT9-_jV7U63jh8ECcX4qy1A Protocol HTTP/1.1 Server 139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA), Reverse DNS Software Apache / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-NZ,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Fri, 13 Jan 2023 21:48:58 GMT Server Apache P3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" Content-Type image/gif Cache-Control no-cache Connection Keep-Alive Keep-Alive timeout=1, max=498 Content-Length 43 Expires 0 Redirect headers pragma no-cache date Fri, 13 Jan 2023 21:48:57 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJxL0rjzj1KmCbAmh3c7nM4&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	setuid ib.adnxs.com/ Frame 4F97 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEE_b-wUiIFGmZ3DxvsPlysY&google_cver=1	43 B 1 KB	364ms 364ms	Image image/gif	104.254.151.68 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESEE_b-wUiIFGmZ3DxvsPlysY&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNLxvegCEKyFyakDGP6s3MoBMAE&v=APEucNXV2jWMkTNpMB-J6jzjYa_F9v771BiLba7qXrOl8AMbU_5zRl67xXyLPyZ1_Ic6tfuKC8VgT9-_jV7U63jh8ECcX4qy1A Protocol HTTP/1.1 Server 104.254.151.68 Los Angeles, United States, ASN29990 (ASN-APPNEX, US), Reverse DNS 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Fri, 13 Jan 2023 21:48:57 GMT AN-X-Request-Uuid a8cffe70-01f6-4b1c-b6e9-43caf4990d92 Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type image/gif P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Cache-Control no-store, no-cache, private Connection keep-alive X-Proxy-Origin 116.90.74.209; 116.90.74.209; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com Content-Length 43 X-XSS-Protection 0 Expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Fri, 13 Jan 2023 21:48:56 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://ib.adnxs.com/setuid?entity=101&code=CAESEE_b-wUiIFGmZ3DxvsPlysY&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame 4F97 Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njc5NDk1MDIxNTE5NzU4NjQ0MA%3D%3D	170 B 243 B	278ms 277ms	Image image/png	142.251.12.156 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njc5NDk1MDIxNTE5NzU4NjQ0MA%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNLxvegCEKyFyakDGP6s3MoBMAE&v=APEucNXV2jWMkTNpMB-J6jzjYa_F9v771BiLba7qXrOl8AMbU_5zRl67xXyLPyZ1_Ic6tfuKC8VgT9-_jV7U63jh8ECcX4qy1A Protocol H2 Server 142.251.12.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS se-in-f156.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 13 Jan 2023 21:48:57 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Date Fri, 13 Jan 2023 21:48:57 GMT P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Connection keep-alive X-Proxy-Origin 116.90.74.209; 116.90.74.209; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com Content-Length 0 X-XSS-Protection 0 Pragma no-cache AN-X-Request-Uuid 7999064b-4e2e-4708-ae3f-872a62c62c3f Server nginx/1.21.3 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type text/html; charset=utf-8 Access-Control-Allow-Origin * Location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Njc5NDk1MDIxNTE5NzU4NjQ0MA%3D%3D Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame AC6A	41 KB 15 KB	275ms 274ms	Script text/javascript	172.253.118.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.253.118.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f132.1e100.net Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 11 Jan 2023 08:16:04 GMT content-encoding gzip x-content-type-options nosniff age 221572 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15207 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 11 Jan 2024 08:16:04 GMT
GET DATA	200 OK	truncated / Frame AC6A	213 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a76d3fcd29405e41761c0468b25b14ee63eaa432baff1cac846f3ad95aac6220 Request headers accept-language en-NZ,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 13B7	22 KB 8 KB	273ms 273ms	Document text/html	172.253.118.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.118.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f132.1e100.net Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language en-NZ,en;q=0.9 Response headers accept-ranges bytes age 221572 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=31536000 content-encoding gzip content-length 8395 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Wed, 11 Jan 2023 08:16:04 GMT expires Thu, 11 Jan 2024 08:16:04 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	dataBeacons.min.js Show response data-beacons.s-onetag.com/	6 KB 2 KB	726ms 235ms	Script text/javascript	13.33.88.100 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://data-beacons.s-onetag.com/dataBeacons.min.js Requested by Host: get.s-onetag.com URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.88.100 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-88-100.sin2.r.cloudfront.net Software AmazonS3 / Resource Hash 78009d649db9f062dc6e568dd4f35e634440b36534d063f788f465af1f3397d9 Request headers accept-language en-NZ,en;q=0.9 Referer https://5alij.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id qV9NCsYZSqBrcH4UHbD8Pmp65zU2fPAA content-encoding gzip via 1.1 2a08551383b826c5272c6d3873169312.cloudfront.net (CloudFront) date Fri, 13 Jan 2023 21:20:10 GMT last-modified Thu, 25 Aug 2022 05:23:07 GMT server AmazonS3 x-amz-cf-pop SIN2-P2 age 1728 etag W/"c0cf56fa6d8f9665d6e8f16542e3ba9e" vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript cache-control max-age=3600 x-amz-cf-id i8Ocir1SaAmUPlQr0wtmsJRZ8q66oC0kSO3-Ny7N98RBztY0-nwRNQ==
GET H3	200	sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js Show response pagead2.googlesyndication.com/bg/ Frame 13B7	36 KB 16 KB	274ms 274ms	Script text/javascript	74.125.68.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 74.125.68.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS sc-in-f156.1e100.net Software sffe / Resource Hash b14e828cf0e3d31af68db645e32ec8c04a113529f475d9d04bc9d1bafc67c626 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 11 Jan 2023 01:21:37 GMT content-encoding gzip x-content-type-options nosniff age 246439 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16096 x-xss-protection 0 last-modified Tue, 03 Jan 2023 14:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 11 Jan 2024 01:21:37 GMT
GET H3	200	HdsydzJK.js Show response tpc.googlesyndication.com/sodar/ Frame 9B6D	41 KB 15 KB	273ms 272ms	Script text/javascript	172.253.118.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/HdsydzJK.js Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230111_RC00/outstream.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.118.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f132.1e100.net Software sffe / Resource Hash 1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 12 Jan 2023 04:40:39 GMT content-encoding gzip x-content-type-options nosniff age 148098 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15407 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 12 Jan 2024 04:40:39 GMT
HEAD H/1.1	200 OK	file.mp4 r5---sn-ntqe6n7r.c.2mdn.net/videoplayback/id/91ff7a5446b11321/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1705182536/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 9B6D Redirect Chain https://gcdn.2mdn.net/videoplayback/id/91ff7a5446b11321/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1705182536/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa... https://r5---sn-ntqe6n7r.c.2mdn.net/videoplayback/id/91ff7a5446b11321/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1705182536/sparams/acao,ctier,expire,id,ip,ipbits,ita...	0 0	432ms 141ms	Fetch video/mp4	74.125.109.10
General Check archive.org Show headers Download Go to Full URL https://r5---sn-ntqe6n7r.c.2mdn.net/videoplayback/id/91ff7a5446b11321/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1705182536/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7273420E607726DC9525CA0FC5DFB579C8C44C6A.66B7577EAF071CF6E7A15243FC547FEEAB5241C2/key/cms1/cms_redirect/yes/mh/BL/mip/116.90.74.209/mm/42/mn/sn-ntqe6n7r/ms/onc/mt/1673646043/mv/m/mvi/5/pl/24/file/file.mp4 Requested by Host: 5alij.com URL: https://5alij.com/user/townformat2 Protocol HTTP/1.1 Server 74.125.109.10 -, , ASN (), Reverse DNS Software gvs 1.0 / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language en-NZ,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Fri, 13 Jan 2023 21:48:58 GMT X-Content-Type-Options nosniff Connection close Alt-Svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" Content-Length 2208238 Last-Modified Wed, 28 Dec 2022 17:37:59 GMT Server gvs 1.0 Vary Origin Content-Type video/mp4 Access-Control-Allow-Origin null Access-Control-Expose-Headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms Cache-Control private, max-age=86400 Access-Control-Allow-Credentials true Accept-Ranges bytes Timing-Allow-Origin null Expires Fri, 13 Jan 2023 21:48:58 GMT Redirect headers date Fri, 13 Jan 2023 21:48:57 GMT x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 643 x-xss-protection 0 pragma no-cache server ClientMapServer x-frame-options SAMEORIGIN content-type text/html; charset=UTF-8 access-control-allow-origin https://googleads.g.doubleclick.net location https://r5---sn-ntqe6n7r.c.2mdn.net/videoplayback/id/91ff7a5446b11321/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1705182536/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7273420E607726DC9525CA0FC5DFB579C8C44C6A.66B7577EAF071CF6E7A15243FC547FEEAB5241C2/key/cms1/cms_redirect/yes/mh/BL/mip/116.90.74.209/mm/42/mn/sn-ntqe6n7r/ms/onc/mt/1673646043/mv/m/mvi/5/pl/24/file/file.mp4 access-control-expose-headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin https://googleads.g.doubleclick.net expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	csi csi.gstatic.com/ Frame 9B6D	0 45 B	273ms 272ms	Ping image/gif	74.125.200.120 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lcv1xo2a&c=1966049173218&slotId=983024586609&qqid=CImWgJnDxfwCFQo3aAoddHcO_Q&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=979&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vast_v=2.0&vmfc=12&vhc=0&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&met.4=videopreviewvisible.2iu Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230111_RC00/outstream.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.200.120 , United States, ASN15169 (GOOGLE, US), Reverse DNS sa-in-f120.1e100.net Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-NZ,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 13 Jan 2023 21:48:57 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 3576	0 20 B	274ms 274ms	Ping image/gif	74.125.68.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgobCAEqF3NreXNjcmFwZXItbG9nby12YW5pbGxhCgoIAioGc2VydmVyChoIBCoWbXlzaWRpYV9hbmFseXRpY3NfZXhwMwoNECshAAAAAAAAJEAwBAoNECshAAAAAAAAJkAwAQoNEAMhAAAAAACmlkAwBBIaQ0xERl81akR4ZndDRlVxSnJBSWRSUkFEQ1EiGXRleHQvdmFuaWxsYV9oaWdobGlnaHRfbXMoFQ== Requested by Host: www.gstatic.com URL: https://www.gstatic.com/mysidia/4a930f1d12175de7517f8d15f69bdfbf.js?tag=pingback Protocol H3 Security QUIC, , AES_128_GCM Server 74.125.68.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS sc-in-f156.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 13 Jan 2023 21:48:57 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame 596D	143 B 166 B	273ms 273ms	Document text/html	74.125.24.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 74.125.24.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sf-in-f155.1e100.net Software cafe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language en-NZ,en;q=0.9 Response headers age 2028 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=3600 content-encoding gzip content-length 145 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 13 Jan 2023 21:15:09 GMT server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame 6FBC	143 B 166 B	273ms 273ms	Document text/html	74.125.24.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 74.125.24.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sf-in-f155.1e100.net Software cafe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language en-NZ,en;q=0.9 Response headers age 2028 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=3600 content-encoding gzip content-length 145 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 13 Jan 2023 21:15:09 GMT server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	view googleads4.g.doubleclick.net/pcs/ Frame AC6A	0 0	832ms 277ms	Fetch image/gif	142.250.4.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvC7gDBSKMITKKNxDvGc_wZGaB0uEbEQ-hSpZR0sAmwD_gZMO_zQRKLno-5Qr2QJuKuym-0m8Mt-CDHJeenZYiWAjfMFqD4LlM7xJyp0GJUBY03DZ8ICeA8UmkKSPiplC7gwQWKzOLHAcNQVSvaoQTekoSD86tfD-p0nfLKr7FZfdM7TZ-0MBhcRLvY4xeM2BQ3aGB5yFmEhzEK3JnrYki5RDdmS35Wh7W56nxe1VcpoK5lmDjFnhMsMdYScdJYa-OCoi1PgagPvBiTMPhD3h5cmGZsGYUtlpXT1inUThZaJdp3Gz5TtLyp_Tdwnw_YaBjYXp-E-A1oatLWhvud5-qhDuc1MKS6oCl024hw8VkxaJYY4P_-I5XukKV-bEp9J3z6hVaw_vJXfhEDIDr-4WrDHAWnCCvvqAgD55vpK2hLKeRYb4OgxuQYdnixTfRmLSEjWeRiDm9KB6lIz3Z8PHBlcWV-aHYHgXAs4LZAKrOESg7Emr5e8CFWwX_GjQm3kiQWI9H6XqQwOrr4ljWNcbtuPXCDBKSG5_whxg1liGPhTAfxik3YP1DcPw99-uZtueoMJzesT7O_21Gj7Ps2fFbXQJY5NFPKq_BUTDUBM15bay9GTPxl2P2FMP_HLuCia5dx5dtUOZFhBaPnpdYfodL5Ka0gemWS9T6mv24QIotd6eJvrdvl_O3lA-gZTef_6Xq5xJeFH2RIq_yOb1t_sQampttgmAPNHFeE1cmtJZ2oMOdbS0jM8ITzH7GydbwwQdOW81bFgV3p9KNOGLGJhFW1ivpERAVCE32DhHbh5c7ZP4L3Tj6eZdkB4vls2VXNGNkOFi2rQyLz4cXuphydbD6zbHxaYL3DcFYT51YT-VdthgL1AVJbOhL7M9KpaDPa3MMkroxfncl3rMvhh_m0kdm-H0kdMn1GFUq2Lx_eA-16870g5uwzIWV04f9rHiwCLIryoywtnJ_8fTQADNaMbhqtpL0P9OZnCpfIfesO3k9rEQeu94U96S4K8ksa6If5BnAmsF5-cFuijV88PJYPGLYySdZ64kYYleQK--HPXoURH9su2TxOH8J8v8p_Cn2-Y9pjBQalkbAWdQD4qFwrwm8CzSIPhTjBcDi1EprdQkp5fpwkmOW8Woo&sai=AMfl-YT8CSwyhfBOmgYbikGaXW_IIUA07bBR7mtOF69zswjffiXYKcEzMA6-Z4Hvqac-jTH6Y6YPmWxnwqM4V9wmnVNxCoTZM2gtu0SuITLM0lHNfu9hlrKoykiLEJ1JRAP1coPa4CCj39GWRAPMhpSMPM744aV5qGd6TUPBNDiqb0gJa6fgisgD_xosfQ3ZSydR3CWBt2ykYzU2GswDWUdKJsHNDdgQSPJshbxPRwGuaWR05q-O1-59Dw&sig=Cg0ArKJSzDv29iIHeywBEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1172&cbvp=1&cisv=r20230111.04806&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl= Requested by Host: 5alij.com URL: https://5alij.com/user/townformat2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.4.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f155.1e100.net Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Fri, 13 Jan 2023 21:48:57 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 13 Jan 2023 21:48:57 GMT
GET H3	200	14539342348947073895 s0.2mdn.net/simgad/ Frame AC6A	30 KB 30 KB	883ms 330ms	Image image/jpeg	142.250.4.149 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/simgad/14539342348947073895 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.4.149 , United States, ASN15169 (GOOGLE, US), Reverse DNS sm-in-f149.1e100.net Software sffe / Resource Hash 403e1a6b894c5bcab8459c1b381ec08d9367013416b12967c9eee03bc30f72a4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 13 Jan 2023 21:48:57 GMT x-content-type-options nosniff x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 30412 x-xss-protection 0 last-modified Mon, 16 May 2022 02:35:17 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 13 Jan 2024 21:48:57 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 3576	0 20 B	275ms 274ms	Ping image/gif	74.125.68.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgobCAEqF3NreXNjcmFwZXItbG9nby12YW5pbGxhCgoIAioGc2VydmVyChoIBCoWbXlzaWRpYV9hbmFseXRpY3NfZXhwMwoNEA0hAAAAAKCZuT8wBAoJEB4qAzB4MDAECgkQGSoDMHgwMAQKDRArIQAAAAAAADBAMAQKDRAQIQAAAAAAvrFAMAQKDRARIQAAAADAoNBAMAQKDRASIQAAAAAAABRAMAQKDRATIQAAAAAAAAhAMAQKDRAXIQAAAAAAjJhAMAQSGkNMREZfNWpEeGZ3Q0ZVcUpyQUlkUlJBRENRIhl0ZXh0L3ZhbmlsbGFfaGlnaGxpZ2h0X21zKBU= Requested by Host: www.gstatic.com URL: https://www.gstatic.com/mysidia/4a930f1d12175de7517f8d15f69bdfbf.js?tag=pingback Protocol H3 Security QUIC, , AES_128_GCM Server 74.125.68.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS sc-in-f156.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 13 Jan 2023 21:48:57 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame C876	0 20 B	275ms 275ms	Ping image/gif	74.125.68.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA3J0bAohCAEqHWxhcmdlLWJhbm5lci1yZGEtbG9nby12YW5pbGxhCgoIAioGc2VydmVyChoIBCoWbXlzaWRpYV9hbmFseXRpY3NfZXhwMwoNECshAAAAAACAUkAwBAoNEAMhAAAAZmbai0AwBAoNEA0hAAAAAAAAAAAwBAoJEB4qAzB4MDAECgkQGSoDMHgwMAQKDRArIQAAAAAAwFJAMAQSGkNLX0ZfNWpEeGZ3Q0ZVcUpyQUlkUlJBRENRIhp0ZXh0L3ZhbmlsbGFfdGV4dF9jbG9zZV92MigD Requested by Host: www.gstatic.com URL: https://www.gstatic.com/mysidia/4a930f1d12175de7517f8d15f69bdfbf.js?tag=pingback Protocol H3 Security QUIC, , AES_128_GCM Server 74.125.68.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS sc-in-f156.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 13 Jan 2023 21:48:57 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame 596D Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 17 B	274ms 274ms	Document text/html	74.125.24.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 74.125.24.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sf-in-f155.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language en-NZ,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 13 Jan 2023 21:48:58 GMT expires Fri, 13 Jan 2023 21:48:58 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 13 Jan 2023 21:48:57 GMT location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame 6FBC Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 17 B	275ms 275ms	Document text/html	74.125.24.155 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 74.125.24.155 , United States, ASN15169 (GOOGLE, US), Reverse DNS sf-in-f155.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language en-NZ,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 13 Jan 2023 21:48:58 GMT expires Fri, 13 Jan 2023 21:48:58 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 13 Jan 2023 21:48:57 GMT location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	H0ZEmIz7.html Show response tpc.googlesyndication.com/sodar/ Frame A5F4	23 KB 9 KB	274ms 274ms	Document text/html	172.253.118.132 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.118.132 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f132.1e100.net Software sffe / Resource Hash 1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language en-NZ,en;q=0.9 Response headers accept-ranges bytes age 5330 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=31536000 content-encoding gzip content-length 8727 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Fri, 13 Jan 2023 20:20:07 GMT expires Sat, 13 Jan 2024 20:20:07 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 13B7	0 20 B	276ms 275ms	Image image/gif	74.125.68.156 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BdCD1xdHBY_LOLsqSssUPxaCMSAAAAAA4AeAEAg&bg=!DQ6lDkrNAAYDMoyoIzI7ACkAdvg8Wmqp5GEuO3klAmPZZmsZnfAaBcN6fwn_n54sXnW0Pb8vTq8xuwIAAACqUgAAAANoAQeZAuz0d4rUBxRsJQ1kZYqLIcLFKo0wdVq80p30_hSuetULGvL9qSpsm_oYTnYIJ655qm_cfdjb5c_N-BQJYYJG-GM0n3ksQfMojEsMrsBvWw0NPgWHi8VdY6wS44sUuofLz5uUi3z2LBDAiW-hGdSE8G75uh_l6aLUWwQ2g7GQOLSveFc7Dw_H9sy5l6lnbDMY5t7zM7qDjBhJqUaaZ412sdbV8eMb_q-8othm97teiA4TSJYfnMnWOXCLoLbgiv7iFFrRgYoIrdQZtmimToGwsVsEZsiNY-6c-uUcK7ov9METZiPZZ-sC_J78zlDy6gV7eiwUrF8GS7HcbauzUAk20lAwUfgg2b52Vbu9Vo0pcQOLtuXGs9JQSrq_Ad3FxdwPKFKIz12bQNyCq-XwQtOFFZjrSp7mbJyVssdJckGm5dwSn6Lm_a3yYkmYuE3qbYiiT305RR0g81LIs8gOswjoOtIiC047OPW_vjFnrHA1aM6gI_2JtkzVjf98rgU9JvuQegiS-9vLoyAjLC5d4wkBhpAe73lZRHunfilMeooWLPTRVPE5XS4yr9r4m4rFWBAi24Zuj_muxxNKaSK8rCFSW6I23khBm3n0yO7qF6WjZNRu69WG4hN_ZxKAg2JX34ae0uWYWQkc3xrxdU2i8vj8XqHhwcrMtVINeWq1NgMaWzgB5Ci7F4XI_1dLope2U7vq8v0cnmII8J1i3uLrGdtKnOdTVg3axUt4paP2tQJ_TeTw_0lXooSChpOQJoHuJMxQwD_a4fi4DgX2OsYi46Dn8nuj7oBzg_P2c-jiC7AOQDpNa99ij9-ESnQAv25_45twviMitQeGpv82Y34eJtuEu0CB49I3f5TyYKLI7FWeBI42dY74-KXFKVA13dnx88B5KxBKF_XJl0vf1AECYlcVK9h9ppZ6KfqF5BCNQ3Dfk-n2CFbzXYDxwyUciAXHz6fjcB8wmgYQndSQLPTljA7o81C0R9OmBaej2iVMvcUj Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20230111/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 74.125.68.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS sc-in-f156.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 13 Jan 2023 21:48:57 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	204	csi csi.gstatic.com/ Frame 9B6D	0 54 B	273ms 272ms	Ping image/gif	74.125.200.120 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lcv1xosx&c=1966049173218&slotId=983024586609&qqid=CImWgJnDxfwCFQo3aAoddHcO_Q&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=979&mt=video%2Fmp4&vs=640x360&ple=1 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230111_RC00/outstream.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 74.125.200.120 , United States, ASN15169 (GOOGLE, US), Reverse DNS sa-in-f120.1e100.net Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-NZ,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 13 Jan 2023 21:48:57 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame C876	0 20 B	276ms 275ms	Ping image/gif	74.125.68.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=ChQIByoQd2ViX2ludGVyc3RpdGlhbAoHCAgqA3J0bAohCAEqHWxhcmdlLWJhbm5lci1yZGEtbG9nby12YW5pbGxhCgoIAioGc2VydmVyChoIBCoWbXlzaWRpYV9hbmFseXRpY3NfZXhwMwoNEBAhAAAAAAAAAAAwBAoNEBEhAAAAAECk0UAwBAoNEBIhAAAAAAAAGEAwBAoNEBMhAAAAAAAACEAwBAoNEBchAACAZmZKk0AwBBIaQ0tfRl81akR4ZndDRlVxSnJBSWRSUkFEQ1EiGnRleHQvdmFuaWxsYV90ZXh0X2Nsb3NlX3YyKAM= Requested by Host: www.gstatic.com URL: https://www.gstatic.com/mysidia/4a930f1d12175de7517f8d15f69bdfbf.js?tag=pingback Protocol H3 Security QUIC, , AES_128_GCM Server 74.125.68.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS sc-in-f156.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 13 Jan 2023 21:48:57 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET		v2 ap.lijit.com/readerinfo/	0 0
GET H3	200	sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js Show response pagead2.googlesyndication.com/bg/ Frame A5F4	36 KB 16 KB	273ms 273ms	Script text/javascript	74.125.68.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html Protocol H3 Security QUIC, , AES_128_GCM Server 74.125.68.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS sc-in-f156.1e100.net Software sffe / Resource Hash b14e828cf0e3d31af68db645e32ec8c04a113529f475d9d04bc9d1bafc67c626 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Wed, 11 Jan 2023 01:21:37 GMT content-encoding gzip x-content-type-options nosniff age 246440 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16096 x-xss-protection 0 last-modified Tue, 03 Jan 2023 14:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Thu, 11 Jan 2024 01:21:37 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame A5F4	0 20 B	278ms 277ms	Image image/gif	74.125.68.156 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BlQSfyNHBY5jzJ9W9rAGb9J7IAgAAAAA4AeAEAg&bg=!iYqlis7NAAYDMoyoIzI7ACkAdvg8WnxnsB0TEKxVToNWPFvbpr_aVUpZbQyFjKBHTyUxkym41EMiBQIAAABpUgAAAAJoAQcKAFoftEnskH3PSf6tio1w3AgC4iBRfUUja2-QMC7oD2FTfmtvFRXF3_h63sAjnQLFmRbUIXsqWHVuRcrimAI12sazi-eZh9nZuKNkJWLFsNAIyUFjyLrR0phfw_WZAsRMqY05hi-6tYyXU2Rx1KfHudsIR12iKvX-Qwdo4kOANfu6BgB5-c2S_BvEIwLMwL-nwx01oVVt4AOYLAb4ydGww8DfuZ5HYK8IbxiSW0mhq-lZ67lDNKRk_MOKgaFJZBHZzNRGc75yvblbb121Udc9fQUxz5ZzgYjHa5GLkFr5Sdjpjlkx_rX0zSF8iNxxjqtVosC3PyvKra5cEWIB-_FYcPUxTX8xS1Nf64faNl1Lv48FuUOgrUOWhd2vp0njJ8xyPAyJ9n2Zm30sQ7cZlwYLYepnPZpnzAtXxd-SWh0A0S1pZMV3ldPp4MN3C0RB_oradxDbl-QjksupJz8wmSuMX6kCrsIK3TR0kcoFpcg5MUlXXH44qxlLjd5hD71modFz5WKz-n8unODes8bUtaFRe2SPZdPSMgNpBW5_9SQHqS9JZyjeW8NrQF-0ZEtjBfgqkQoPNAOp-erFz4Lk8EtVBlpSqHoWDREmX2cTXq8oY_nsbF7B1OmpuoNCCUfHxDXLwhQJmPQts1IcWCSBViX7GghY835fWyrvc8JTs5L_BPmfLRNAMsOPVJLicCVe1qmvbqCZ3OkfaYWHZSISVuDctq2esgwt4rNaxes89o0PFp8M-VLiB2nFJnl2x6Z4qCy2mS0YcqWy3Joy-X0Lenl_b_8bc6UiYr2jUd-BEDmodZyggrkfGHBXX_ATjL8o0p4Y3PAFyUDUc1DKR8aJEOvaYPfOa2eDZLlP4fZSvmTTy6UvKBV1q5Z-Rf6dZlrk1Jn0qNeC4-zFugjsplK71rjC8CZUJ_QEtIdRhQR8PY2-gqtOfHgijke0GtVUNyAbKLTIMwQxPsRzhYxeqsCnySrDultN4lkSEk0nepU8PakeFxZ7xiA2ECnpyizwXPY-GwtibwiElbMDYKY8ULsm3_uJqcrhJqrKZveHYtco9ZVpIea2lIU Requested by Host: 5alij.com URL: https://5alij.com/user/townformat2 Protocol H3 Security QUIC, , AES_128_GCM Server 74.125.68.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS sc-in-f156.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-NZ,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 13 Jan 2023 21:48:58 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	206	file.mp4 r5---sn-ntqe6n7r.c.2mdn.net/videoplayback/id/91ff7a5446b11321/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1705182536/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 9B6D	19 KB 0	287ms 142ms	Media video/mp4	74.125.109.10
General Check archive.org Show headers Download Go to Full URL https://r5---sn-ntqe6n7r.c.2mdn.net/videoplayback/id/91ff7a5446b11321/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1705182536/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7273420E607726DC9525CA0FC5DFB579C8C44C6A.66B7577EAF071CF6E7A15243FC547FEEAB5241C2/key/cms1/cms_redirect/yes/mh/BL/mip/116.90.74.209/mm/42/mn/sn-ntqe6n7r/ms/onc/mt/1673646043/mv/m/mvi/5/pl/24/file/file.mp4 Requested by Host: 5alij.com URL: https://5alij.com/user/townformat2 Protocol H3 Security QUIC, , AES_128_GCM Server 74.125.109.10 -, , ASN (), Reverse DNS Software gvs 1.0 / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://googleads.g.doubleclick.net/ Accept-Encoding identity;q=1, *;q=0 accept-language en-NZ,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Range bytes=0- Response headers expires Fri, 13 Jan 2023 21:48:58 GMT date Fri, 13 Jan 2023 21:48:58 GMT x-content-type-options nosniff Content-Range bytes 0-2208237/2208238 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" Content-Length 2208238 last-modified Wed, 28 Dec 2022 17:37:59 GMT server gvs 1.0 vary Origin content-type video/mp4 access-control-allow-origin https://googleads.g.doubleclick.net access-control-expose-headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms cache-control private, max-age=86400 access-control-allow-credentials true accept-ranges bytes timing-allow-origin https://googleads.g.doubleclick.net client-protocol quic
GET		view googleads4.g.doubleclick.net/pcs/ Frame AC6A	0 0
GET		index.html s0.2mdn.net/sadbundle/2028957324518544481/ Frame FE34	0 0
GET		10929801463330391983 tpc.googlesyndication.com/simgad/ Frame 3576	0 0
GET DATA	200 OK	truncated / Frame 3576	213 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash dfc650f4c680f94145e9445b487a321782c5d585e2c3db1d3f18b08ee65df7d7 Request headers accept-language en-NZ,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/png
GET		adview googleads.g.doubleclick.net/pagead/ Frame 3576	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

loada.exelator.com

URL

https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0

Domain

ap.lijit.com

URL

https://ap.lijit.com/readerinfo/v2

Domain

googleads4.g.doubleclick.net

URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvC7gDBSKMITKKNxDvGc_wZGaB0uEbEQ-hSpZR0sAmwD_gZMO_zQRKLno-5Qr2QJuKuym-0m8Mt-CDHJeenZYiWAjfMFqD4LlM7xJyp0GJUBY03DZ8ICeA8UmkKSPiplC7gwQWKzOLHAcNQVSvaoQTekoSD86tfD-p0nfLKr7FZfdM7TZ-0MBhcRLvY4xeM2BQ3aGB5yFmEhzEK3JnrYki5RDdmS35Wh7W56nxe1VcpoK5lmDjFnhMsMdYScdJYa-OCoi1PgagPvBiTMPhD3h5cmGZsGYUtlpXT1inUThZaJdp3Gz5TtLyp_Tdwnw_YaBjYXp-E-A1oatLWhvud5-qhDuc1MKS6oCl024hw8VkxaJYY4P_-I5XukKV-bEp9J3z6hVaw_vJXfhEDIDr-4WrDHAWnCCvvqAgD55vpK2hLKeRYb4OgxuQYdnixTfRmLSEjWeRiDm9KB6lIz3Z8PHBlcWV-aHYHgXAs4LZAKrOESg7Emr5e8CFWwX_GjQm3kiQWI9H6XqQwOrr4ljWNcbtuPXCDBKSG5_whxg1liGPhTAfxik3YP1DcPw99-uZtueoMJzesT7O_21Gj7Ps2fFbXQJY5NFPKq_BUTDUBM15bay9GTPxl2P2FMP_HLuCia5dx5dtUOZFhBaPnpdYfodL5Ka0gemWS9T6mv24QIotd6eJvrdvl_O3lA-gZTef_6Xq5xJeFH2RIq_yOb1t_sQampttgmAPNHFeE1cmtJZ2oMOdbS0jM8ITzH7GydbwwQdOW81bFgV3p9KNOGLGJhFW1ivpERAVCE32DhHbh5c7ZP4L3Tj6eZdkB4vls2VXNGNkOFi2rQyLz4cXuphydbD6zbHxaYL3DcFYT51YT-VdthgL1AVJbOhL7M9KpaDPa3MMkroxfncl3rMvhh_m0kdm-H0kdMn1GFUq2Lx_eA-16870g5uwzIWV04f9rHiwCLIryoywtnJ_8fTQADNaMbhqtpL0P9OZnCpfIfesO3k9rEQeu94U96S4K8ksa6If5BnAmsF5-cFuijV88PJYPGLYySdZ64kYYleQK--HPXoURH9su2TxOH8J8v8p_Cn2-Y9pjBQalkbAWdQD4qFwrwm8CzSIPhTjBcDi1EprdQkp5fpwkmOW8Woo&sai=AMfl-YT8CSwyhfBOmgYbikGaXW_IIUA07bBR7mtOF69zswjffiXYKcEzMA6-Z4Hvqac-jTH6Y6YPmWxnwqM4V9wmnVNxCoTZM2gtu0SuITLM0lHNfu9hlrKoykiLEJ1JRAP1coPa4CCj39GWRAPMhpSMPM744aV5qGd6TUPBNDiqb0gJa6fgisgD_xosfQ3ZSydR3CWBt2ykYzU2GswDWUdKJsHNDdgQSPJshbxPRwGuaWR05q-O1-59Dw&sig=Cg0ArKJSzDv29iIHeywBEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2479&vt=11&dtpt=1307&dett=3&cstd=2479&cisv=r20230111.04806&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Domain

s0.2mdn.net

URL

https://s0.2mdn.net/sadbundle/2028957324518544481/index.html

Domain

tpc.googlesyndication.com

URL

https://tpc.googlesyndication.com/simgad/10929801463330391983?w=300&h=300

Domain

googleads.g.doubleclick.net

URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C9gC5xdHBY_DOLsqSssUPxaCMSOvwi8tkquiPyOsO6MLCpqsqEAEg5-e5HmCr7LGF4BigAcqfw94CyAEBqAMBqgSNAk_Qi0yxR3sFtnHBAMyTp0S1FrRchFT_8a_1YLtak57hv9iR_v9ZrSgtWJvXRT3di-25CFI20V1_JufO96WO9kWRfmAuvjYI5HzcAePzQgf-YHAqLu4A1-YGMMKkoBrBU-rBjeXGmaJ7SVvSTZoFJC99nl8NTH46xWzFBA-83aY0H5aAGvqv2a8hTYrvD9j_npSejDo29S-OadGu_LElbTn8cby20WGAQZQI346tdt8oMao9S0tBULiU6CKbE7MO4134FYvp2S75Kt7cw3SMmcm6RzI2Xu38Z7XpDu-h7fkMMupewj7_7Ecq5mthhX8Y3oLGFuImInc-yYtlXCUWIodEeQSBNSl_vZvPhBj_wATmu5zP2wOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAYAHnuC8oQGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHAxCQNdIIDwiAYRABGB8yAooCOgKAQIAKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi04MzQzMjI3OTUwNjExNDExGAA&sigh=ynujsqOHyiU&uach_m=[UACH]&cid=CAQSGwDq26N9PbBPZT5i06uMYNy2NwTT2iXfFh9-txgBIBM&template_id=5001&vis=1