urlscan.io logo urlscan.io
SecurityTrails logo

5alij.com Open in urlscan Pro
172.67.137.241  Public Scan

Go To Rescan Add Verdict Report
URL: https://5alij.com/user/feastpath8
Submission: On December 23 via manual from GB — Scanned from NZ
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 4 countries across 18 domains to perform 88 HTTP transactions. The main IP is 172.67.137.241, located in United States and belongs to CLOUDFLARENET, US. The main domain is 5alij.com. The Cisco Umbrella rank of the primary domain is 783665.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 5th 2022. Valid for: a year.
This is the only time 5alij.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

7    172.67.137.241 (United States)

ASN13335 (CLOUDFLARENET, US)
5alij.com
4    142.251.10.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f95.1e100.net
fonts.googleapis.com
5    172.253.118.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f154.1e100.net
pagead2.googlesyndication.com
4    142.251.12.94 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f94.1e100.net
fonts.gstatic.com
1    46.105.201.240 (France)

ASN16276 (OVH, FR)
s10.histats.com
8    172.217.194.155 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f155.1e100.net
googleads.g.doubleclick.net
bid.g.doubleclick.net
1    149.56.240.27 (Montreal, Canada)

ASN16276 (OVH, FR)
PTR: ns534106.ip-149-56-240.net
s4.histats.com
3    74.125.68.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f155.1e100.net
partner.googleadservices.com
adservice.google.com
2    74.125.200.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f155.1e100.net
adservice.google.co.nz
3    141.101.120.11 (None, )

ASN13335 (CLOUDFLARENET, US)
e.dtscout.com
t.dtscout.com
14    74.125.24.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f132.1e100.net
tpc.googlesyndication.com
2    74.125.24.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f95.1e100.net
imasdk.googleapis.com
1    108.157.14.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-14-62.han50.r.cloudfront.net
get.s-onetag.com
1    108.157.14.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-14-123.han50.r.cloudfront.net
tags.crwdcntrl.net
1    104.26.12.60 (United States)

ASN13335 (CLOUDFLARENET, US)
t.dtscdn.com
1    172.64.106.25 (United States)

ASN13335 (CLOUDFLARENET, US)
a.dtssrv.com
1    108.157.14.32 (None, )

ASN- ()
onetag-geo.s-onetag.com
3    142.250.4.94 (None, )

ASN- ()
www.gstatic.com
6    142.251.10.132 (None, )

ASN- ()
cdn.ampproject.org
2    142.251.16.120 (None, )

ASN- ()
csi.gstatic.com
1    142.250.4.155 (None, )

ASN- ()
www.googletagservices.com
Apex Domain
Subdomains		 Transfer
19 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 101
tpc.googlesyndication.com — Cisco Umbrella Rank: 139
310 KB
9 gstatic.com
fonts.gstatic.com
www.gstatic.com
csi.gstatic.com
73 KB
8 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
bid.g.doubleclick.net
112 KB
7 5alij.com
5alij.com — Cisco Umbrella Rank: 783665
67 KB
6 ampproject.org
cdn.ampproject.org
119 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
imasdk.googleapis.com — Cisco Umbrella Rank: 405
138 KB
3 dtscout.com
e.dtscout.com — Cisco Umbrella Rank: 14950
t.dtscout.com — Cisco Umbrella Rank: 12728
5 KB
2 s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 3839
onetag-geo.s-onetag.com
data-beacons.s-onetag.com Failed
11 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 72
714 B
2 google.co.nz
adservice.google.co.nz — Cisco Umbrella Rank: 96946
957 B
2 histats.com
s10.histats.com — Cisco Umbrella Rank: 18347
s4.histats.com — Cisco Umbrella Rank: 15345
5 KB
1 googletagservices.com
www.googletagservices.com
47 KB
1 dtssrv.com
a.dtssrv.com — Cisco Umbrella Rank: 20438
576 B
1 dtscdn.com
t.dtscdn.com — Cisco Umbrella Rank: 15058
594 B
1 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1230
16 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 830
693 B
0 2mdn.net Failed
r5---sn-ntqe6n7k.c.2mdn.net Failed
0 bluekai.com Failed
tags.bluekai.com Failed
88 18
Domain Requested by
14 tpc.googlesyndication.com googleads.g.doubleclick.net
imasdk.googleapis.com
tpc.googlesyndication.com
7 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
7 5alij.com 5alij.com
6 cdn.ampproject.org 5alij.com
pagead2.googlesyndication.com
5 pagead2.googlesyndication.com 5alij.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
4 fonts.gstatic.com fonts.googleapis.com
4 fonts.googleapis.com 5alij.com
googleads.g.doubleclick.net
3 www.gstatic.com googleads.g.doubleclick.net
2 csi.gstatic.com imasdk.googleapis.com
2 t.dtscout.com e.dtscout.com
2 imasdk.googleapis.com googleads.g.doubleclick.net
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.co.nz pagead2.googlesyndication.com
1 www.googletagservices.com googleads.g.doubleclick.net
1 bid.g.doubleclick.net imasdk.googleapis.com
1 onetag-geo.s-onetag.com get.s-onetag.com
1 a.dtssrv.com e.dtscout.com
1 t.dtscdn.com e.dtscout.com
1 tags.crwdcntrl.net e.dtscout.com
1 get.s-onetag.com e.dtscout.com
1 e.dtscout.com s4.histats.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 s4.histats.com s10.histats.com
1 s10.histats.com 5alij.com
0 data-beacons.s-onetag.com Failed get.s-onetag.com
0 r5---sn-ntqe6n7k.c.2mdn.net Failed 5alij.com
0 tags.bluekai.com Failed 5alij.com
88 27

This site contains links to these domains. Also see Links.

Domain
ala3raf.net
www.q2amarket.com
www.question2answer.org
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-03-05 -
2023-03-05		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
histats.com
R3		 2022-12-21 -
2023-03-21		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.co.nz
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.dtscout.com
GTS CA 1P5		 2022-11-30 -
2023-02-28		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.s-onetag.com
Amazon		 2022-12-04 -
2024-01-02		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2022-05-01 -
2023-06-02		 a year crt.sh
*.dtscdn.com
GTS CA 1P5		 2022-11-21 -
2023-02-19		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh

This page contains 11 frames:

Primary Page: https://5alij.com/user/feastpath8
Frame ID: 2BFBC4DC896FD47D8FEB85875AACDF41
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Frame ID: C8CA6B6959927A70D04BBB482AFBFA22
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&adk=1812271804&adf=3025194257&lmt=1671826566&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=500x540_l%7C500x540_r&format=0x0&url=https%3A%2F%2F5alij.com%2Fuser%2Ffeastpath8&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671826565321&bpp=4&bdt=2506&idt=1015&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=392598857216&frm=20&pv=2&ga_vid=2084543564.1671826566&ga_sid=1671826566&ga_hid=1817157432&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44780792&oid=2&pvsid=2926690884172248&tmod=1375105988&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1035
Frame ID: 9F590AA1A9F649F84DF6E893C0A4C7D2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=280&slotname=6360763485&adk=3572022879&adf=943920009&pi=t.ma~as.6360763485&w=1004&fwrn=4&fwrnh=100&lmt=1671826566&rafmt=1&format=1004x280&url=https%3A%2F%2F5alij.com%2Fuser%2Ffeastpath8&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671826565325&bpp=2&bdt=2509&idt=1039&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=392598857216&frm=20&pv=1&ga_vid=2084543564.1671826566&ga_sid=1671826566&ga_hid=1817157432&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44780792&oid=2&pvsid=2926690884172248&tmod=1375105988&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Zdoyo3c8Ap&p=https%3A//5alij.com&dtd=1044
Frame ID: 7F04E1CECD1D82EA8A34DE4ED9B8E4E2
Requests: 16 HTTP requests in this frame

Frame: https://t.dtscout.com/idg/?su=10401671826567AF0571923A2E48C9B7
Frame ID: B24687D694E5836E8993E1F420EF4951
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Frame ID: 73BAE213C4A4331F72BE818CAB6C14FD
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Frame ID: 33767DD4DD71774C2B07FBA1B530C409
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Frame ID: B245E95F1D81793FFA6A7F97548985CF
Requests: 25 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: CAA9BF4471CDB1191520D022E7877017
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 12AD107C81E0B272B63F23EB5F60465F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js
Frame ID: 6E7B7A94081A223D908279BB30121FEC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

موقع الخليج

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

88
Requests

81 %
HTTPS

0 %
IPv6

18
Domains

27
Subdomains

22
IPs

4
Countries

907 kB
Transfer

2677 kB
Size

18
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32
  • https://pixel.onaudience.com/?partner=137085098&mapped=10401671826567AF0571923A2E48C9B7 HTTP 302
  • https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m HTTP 302
  • https://tags.bluekai.com/site/33141?&id=7cbac0d947898508
Request Chain 82
  • https://gcdn.2mdn.net/videoplayback/id/00ba440809c18d3f/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1703362569/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/805C5C1F0082FF5E2F152C627201C4996C8DEE82.B9C3AC068D33DC8DACC86BABB34CEA14F60D553A/key/ck2/file/file.mp4 HTTP 302
  • https://r5---sn-ntqe6n7k.c.2mdn.net/videoplayback/id/00ba440809c18d3f/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1703362569/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1057D526A831200D095AE29F93AB5E3E76BDFB7B.2FF8EDA94E4A6F5ADFD60CAB20D46460B73FC64E/key/cms1/cms_redirect/yes/mh/1X/mip/116.90.74.197/mm/42/mn/sn-ntqe6n7k/ms/onc/mt/1671826115/mv/m/mvi/5/pl/24/file/file.mp4

88 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request feastpath8
5alij.com/user/ 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://5alij.com/user/feastpath8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.137.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9f31bbbdd47f69392b9ea1747ce30390f8d8dcaca924ba005aa1bcc470499f9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
77e3c5ca5f5faae4-SYD
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 23 Dec 2022 20:16:02 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GXTXegSmw5c%2FQCrQFIoHdxl%2BG6zeqWLwA5E1u39fDKIBP2nPYh%2FvLd5B9nt8rJv0%2BtLdqwsZwZxEerno9DI0TmKYdGtF4ozSnz6%2BrlkeWR6JYRut8Re6kBLKsz4%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
qa-styles.css
5alij.com/qa-theme/SnowFlatCustom/ 		71 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://5alij.com/qa-theme/SnowFlatCustom/qa-styles.css?1.8.3
Requested by
Host: 5alij.com
URL: https://5alij.com/user/feastpath8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.137.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f5802a6a61b055db582426e1a8d9f9d0a9808480baaffb710e57a8f1fa941830

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://5alij.com/user/feastpath8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 20:16:03 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 12 Jan 2019 22:22:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"11af1-57f4a40061080-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Vb2XfVgms1wRtQ8yMqh56%2FOo2sBO%2BnSNlAXwRCyi9H%2FzvuFGWLPrd2O6eDLMM%2FA7Nakc4VkJBVlzBBT6R21ctE7i5Cks293rUPyaQrDZxXSNaqFnuYcIFeboVE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
77e3c5d21d27aae4-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
qa-styles-rtl.css
5alij.com/qa-theme/SnowFlatCustom/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://5alij.com/qa-theme/SnowFlatCustom/qa-styles-rtl.css?1.8.3
Requested by
Host: 5alij.com
URL: https://5alij.com/user/feastpath8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.137.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
806e57f8c7da1780198e2945ab05cab7a252d020bd5049fdc281fa2c62423349

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://5alij.com/user/feastpath8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 20:16:03 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 28 Jul 2021 10:23:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"2d9a-5c82c600af3c0-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dxXciJcc9H4mcSfYlagA4Btcj0VmRZnyk80ivY0QSBLUj5BShX1ElWvrJJt4UW9p573Le6MIwZnhOBO2nvYZalsJC%2Fu%2BZXnBmfGxxgyrRyIuG%2Be2aN21fg8JXHk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
77e3c5d21d29aae4-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
css
fonts.googleapis.com/ 		1 KB
955 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Cairo&display=swap
Requested by
Host: 5alij.com
URL: https://5alij.com/user/feastpath8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f95.1e100.net
Software
ESF /
Resource Hash
1612e7c684acc35f3e2676ff3795cc610941fbae855be4c0e07461a6b55933e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://5alij.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 23 Dec 2022 20:16:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 23 Dec 2022 20:16:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 23 Dec 2022 20:16:03 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: 5alij.com
URL: https://5alij.com/user/feastpath8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
cafe /
Resource Hash
222aec881928c9d37181277126fc2d0f656425c1f358cd6ec7d4952552dbec75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://5alij.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 20:16:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49541
x-xss-protection
0
server
cafe
etag
12931901415151277094
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 23 Dec 2022 20:16:04 GMT
jquery-3.3.1.min.js
5alij.com/qa-content/ 		111 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://5alij.com/qa-content/jquery-3.3.1.min.js
Requested by
Host: 5alij.com
URL: https://5alij.com/user/feastpath8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.137.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6002e23815ec42acedba12390950c5e1bb68a864af09bc445d29ebafd955acea

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://5alij.com/user/feastpath8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 20:16:04 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 11 May 2020 13:00:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1bb29-5a55eef215040-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fOwOYh7N1aZ9cspYcnqiqhw9lDZ9IRF3H%2BGOl6RDDLyLN0a3h8hbdn%2F24uSHLoArL8RqLL7KgARpVB8DM6P37ViJcNSidSgSpiMHTZ5OxUXB9xbzNvYZ7nc8I9w%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e3c5d21d2baae4-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
qa-global.js
5alij.com/qa-content/ 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://5alij.com/qa-content/qa-global.js?1.8.3
Requested by
Host: 5alij.com
URL: https://5alij.com/user/feastpath8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.137.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b79950172d0e6c3091a44a69d615ee5711f57bb59e202b2a383d48e4ca2a4ce3

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://5alij.com/user/feastpath8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 20:16:03 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 12 Jan 2019 22:22:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"5046-57f4a40061080-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o5sPHn9p8pez1zobeCG%2F6WmtPrE%2FysUBgrcRk8IQ7nLpTcYaTUp2HTr4pBpR1DG2MjzF2A%2BM9%2BIYqrYQYjOpo6A4XO5CP5fXNpfpJwhepNrvQvomQArF%2BGKWBxo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e3c5d21d2caae4-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
snow-core.js
5alij.com/qa-theme/SnowFlatCustom/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://5alij.com/qa-theme/SnowFlatCustom/js/snow-core.js?1.8.3
Requested by
Host: 5alij.com
URL: https://5alij.com/user/feastpath8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.137.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eecfa645aee35cb0c6820e187451ab14a9df51283635a2117d7ba866a6a74aa

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://5alij.com/user/feastpath8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 20:16:03 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 12 Jan 2019 22:22:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"94f-57f4a40061080-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2VgG3s5BlBqPB5zLeFt5J6JMGvbQnr5WEuW39nNUPd76FFzV9D0raRLghpOv%2Bh1T%2FKE47BVBx4h5Siu%2FSYPy4dkf8MksMP23KQkJAdu5L8B1920oJgvuoSRf4Hk%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
77e3c5d21d2daae4-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
SLXgc1nY6HkvangtZmpQdkhzfH5lkSs2SgRjCAGMQ1z0hOA-a1biLD-H.woff2
fonts.gstatic.com/s/cairo/v22/ 		11 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/cairo/v22/SLXgc1nY6HkvangtZmpQdkhzfH5lkSs2SgRjCAGMQ1z0hOA-a1biLD-H.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cairo&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
157025606cebc118ce7bb7a62122058604fb39cbae9ae6bf2e7ad57bf4eb8087
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://5alij.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 03:37:22 GMT
x-content-type-options
nosniff
age
146323
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11760
x-xss-protection
0
last-modified
Tue, 08 Nov 2022 19:55:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Dec 2023 03:37:22 GMT
SLXgc1nY6HkvangtZmpQdkhzfH5lkSs2SgRjCAGMQ1z0hOA-a1PiLA.woff2
fonts.gstatic.com/s/cairo/v22/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/cairo/v22/SLXgc1nY6HkvangtZmpQdkhzfH5lkSs2SgRjCAGMQ1z0hOA-a1PiLA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cairo&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
91fa743b90662d1247ff2a9e452e5cfa525e0d4a4caa1a29ed9820a74bb0f80c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://5alij.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 03:30:44 GMT
x-content-type-options
nosniff
age
146721
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14316
x-xss-protection
0
last-modified
Tue, 08 Nov 2022 19:56:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Dec 2023 03:30:44 GMT
js15_as.js
s10.histats.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/js15_as.js
Requested by
Host: 5alij.com
URL: https://5alij.com/user/feastpath8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://5alij.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 20:13:16 GMT
content-encoding
br
last-modified
Thu, 16 Apr 2020 10:44:16 GMT
x-cacheable
Matched cache
x-cdn-pop-ip
51.254.41.128/25
etag
"-375139978"
content-type
text/javascript
x-cdn-pop
rbx1
accept-ranges
bytes
content-length
4364
x-request-id
780927434
spinner-icon-14x14.gif
5alij.com/qa-theme/SnowFlatCustom/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://5alij.com/qa-theme/SnowFlatCustom/images/spinner-icon-14x14.gif?1410117644
Requested by
Host: 5alij.com
URL: https://5alij.com/qa-theme/SnowFlatCustom/qa-styles.css?1.8.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.137.241 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07a75636966b34dd8bbafee0ebced659b03bab0e57641e1fa035ca7da0bd39ce

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://5alij.com/qa-theme/SnowFlatCustom/qa-styles.css?1.8.3
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 20:16:05 GMT
cf-cache-status
MISS
last-modified
Sat, 12 Jan 2019 22:15:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1e65-57f4a2570a500"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oRSMD0h6w8LoYYL3IaVjOkXYtUXON1zGEjk47bOVOaoS%2BCGQ4onrVr7w3Z%2By3KJXqNZqnUMR4Ql7GrR8fEzlb4DBecpwMQ2CCNB90aJ2SBYf00%2FrPnC6vQXEEhs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
77e3c5dc3ab5a801-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7781
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/ 		356 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
cafe /
Resource Hash
23ffcf267eab0f418c7850ae28f0cb135de3d026696668fbc60c89a1d2edacd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://5alij.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 20:16:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119962
x-xss-protection
0
server
cafe
etag
9659889703304803187
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Dec 2022 20:16:05 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/ Frame C8CA 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5alij.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
35437
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 23 Dec 2022 10:25:29 GMT
etag
10353107486223812946
expires
Fri, 06 Jan 2023 10:25:29 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
0.php
s4.histats.com/stats/ 		381 B
516 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/0.php?4375334&@f16&@g1&@h1&@i1&@j1671826565625&@k0&@l1&@m%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D8%AE%D9%84%D9%8A%D8%AC&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-137859073&@b3:1671826566&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2F5alij.com%2Fuser%2Ffeastpath8&@w
Requested by
Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
149.56.240.27 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns534106.ip-149-56-240.net
Software
/
Resource Hash
2c69bb772b4fa2294b6e9a0e17ac70fe2787bdd1319592586ba1e5bbd288b700

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://5alij.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 23 Dec 2022 20:16:06 GMT
Connection
close
Content-Length
381
Content-Type
text/html;charset=UTF-8
cookie.js
partner.googleadservices.com/gampad/ 		385 B
693 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=5alij.com&callback=_gfp_s_&client=ca-pub-8343227950611411&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
cafe /
Resource Hash
38b27f37699baae62db4b218fa378ea83f9dee84299a1e006a8f1bf3ee97acf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://5alij.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 20:16:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
integrator.js
adservice.google.co.nz/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=5alij.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://5alij.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 20:16:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=5alij.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://5alij.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 20:16:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9F59 		279 KB
62 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&adk=1812271804&adf=3025194257&lmt=1671826566&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=500x540_l%7C500x540_r&format=0x0&url=https%3A%2F%2F5alij.com%2Fuser%2Ffeastpath8&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671826565321&bpp=4&bdt=2506&idt=1015&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=392598857216&frm=20&pv=2&ga_vid=2084543564.1671826566&ga_sid=1671826566&ga_hid=1817157432&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44780792&oid=2&pvsid=2926690884172248&tmod=1375105988&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1035
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
fb9a4e9a65c7ad8fc23e052db8d4e6ea328d6d75fb51ff050b1927cdc29080ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5alij.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
63390
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 23 Dec 2022 20:16:07 GMT
expires
Fri, 23 Dec 2022 20:16:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7F04 		65 KB
21 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=280&slotname=6360763485&adk=3572022879&adf=943920009&pi=t.ma~as.6360763485&w=1004&fwrn=4&fwrnh=100&lmt=1671826566&rafmt=1&format=1004x280&url=https%3A%2F%2F5alij.com%2Fuser%2Ffeastpath8&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671826565325&bpp=2&bdt=2509&idt=1039&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=392598857216&frm=20&pv=1&ga_vid=2084543564.1671826566&ga_sid=1671826566&ga_hid=1817157432&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44780792&oid=2&pvsid=2926690884172248&tmod=1375105988&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Zdoyo3c8Ap&p=https%3A//5alij.com&dtd=1044
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
98155f3695e3f35ab3a4ec9edb5e259e2ded3d79102b5635523c84a6e80d05b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5alij.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
21715
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 23 Dec 2022 20:16:07 GMT
expires
Fri, 23 Dec 2022 20:16:07 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
e.dtscout.com/e/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F5alij.com%2Fuser%2Ffeastpath8&j=
Requested by
Host: s4.histats.com
URL: https://s4.histats.com/stats/0.php?4375334&@f16&@g1&@h1&@i1&@j1671826565625&@k0&@l1&@m%D9%85%D9%88%D9%82%D8%B9%20%D8%A7%D9%84%D8%AE%D9%84%D9%8A%D8%AC&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-137859073&@b3:1671826566&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2F5alij.com%2Fuser%2Ffeastpath8&@w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.101.120.11 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f63a45e1a453e5002e3e4958fce663c85590cd7250806eb578b33af60852d96d

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://5alij.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 20:16:07 GMT
x-t
0.598
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=faN56v59vAcJMiZhJuFuF77iYvJit52PC0mHvknBITPGSWdIQW8Ther968FPUuoWgjgeQyT9k31otVF5J%2BonyRK4OxDR4u91fVeoTjkOBjqW1Db7noKl8rzkN6%2BVuck%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
no-cache
x-s
mtl2
cf-ray
77e3c5eb8e981c5d-AKL
expires
Fri, 23 Dec 2022 20:16:06 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 7F04 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=280&slotname=6360763485&adk=3572022879&adf=943920009&pi=t.ma~as.6360763485&w=1004&fwrn=4&fwrnh=100&lmt=1671826566&rafmt=1&format=1004x280&url=https%3A%2F%2F5alij.com%2Fuser%2Ffeastpath8&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671826565325&bpp=2&bdt=2509&idt=1039&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=392598857216&frm=20&pv=1&ga_vid=2084543564.1671826566&ga_sid=1671826566&ga_hid=1817157432&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44780792&oid=2&pvsid=2926690884172248&tmod=1375105988&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Zdoyo3c8Ap&p=https%3A//5alij.com&dtd=1044
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 12:58:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
26286
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9443
x-xss-protection
0
server
cafe
etag
9828741834572772835
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 06 Jan 2023 12:58:01 GMT
css
fonts.googleapis.com/ Frame 7F04 		8 KB
812 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=280&slotname=6360763485&adk=3572022879&adf=943920009&pi=t.ma~as.6360763485&w=1004&fwrn=4&fwrnh=100&lmt=1671826566&rafmt=1&format=1004x280&url=https%3A%2F%2F5alij.com%2Fuser%2Ffeastpath8&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671826565325&bpp=2&bdt=2509&idt=1039&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=392598857216&frm=20&pv=1&ga_vid=2084543564.1671826566&ga_sid=1671826566&ga_hid=1817157432&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44780792&oid=2&pvsid=2926690884172248&tmod=1375105988&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Zdoyo3c8Ap&p=https%3A//5alij.com&dtd=1044
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f95.1e100.net
Software
ESF /
Resource Hash
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 23 Dec 2022 20:16:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 23 Dec 2022 18:48:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 23 Dec 2022 20:16:07 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/ Frame 7F04 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=280&slotname=6360763485&adk=3572022879&adf=943920009&pi=t.ma~as.6360763485&w=1004&fwrn=4&fwrnh=100&lmt=1671826566&rafmt=1&format=1004x280&url=https%3A%2F%2F5alij.com%2Fuser%2Ffeastpath8&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671826565325&bpp=2&bdt=2509&idt=1039&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=392598857216&frm=20&pv=1&ga_vid=2084543564.1671826566&ga_sid=1671826566&ga_hid=1817157432&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44780792&oid=2&pvsid=2926690884172248&tmod=1375105988&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Zdoyo3c8Ap&p=https%3A//5alij.com&dtd=1044
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f95.1e100.net
Software
sffe /
Resource Hash
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 16 Dec 2022 22:34:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
596505
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2798
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 11:42:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 16 Dec 2023 22:34:22 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/ Frame 7F04 		388 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=280&slotname=6360763485&adk=3572022879&adf=943920009&pi=t.ma~as.6360763485&w=1004&fwrn=4&fwrnh=100&lmt=1671826566&rafmt=1&format=1004x280&url=https%3A%2F%2F5alij.com%2Fuser%2Ffeastpath8&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671826565325&bpp=2&bdt=2509&idt=1039&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=392598857216&frm=20&pv=1&ga_vid=2084543564.1671826566&ga_sid=1671826566&ga_hid=1817157432&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44780792&oid=2&pvsid=2926690884172248&tmod=1375105988&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Zdoyo3c8Ap&p=https%3A//5alij.com&dtd=1044
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f95.1e100.net
Software
sffe /
Resource Hash
101b8d837f8e01156fc293db1932eead16c29f9f16da622bfa89f394fbfd1273
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 18:33:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92548
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
134376
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 11:42:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Dec 2023 18:33:39 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 7F04 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=280&slotname=6360763485&adk=3572022879&adf=943920009&pi=t.ma~as.6360763485&w=1004&fwrn=4&fwrnh=100&lmt=1671826566&rafmt=1&format=1004x280&url=https%3A%2F%2F5alij.com%2Fuser%2Ffeastpath8&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671826565325&bpp=2&bdt=2509&idt=1039&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=392598857216&frm=20&pv=1&ga_vid=2084543564.1671826566&ga_sid=1671826566&ga_hid=1817157432&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44780792&oid=2&pvsid=2926690884172248&tmod=1375105988&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Zdoyo3c8Ap&p=https%3A//5alij.com&dtd=1044
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 13:07:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
25744
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 06 Jan 2023 13:07:03 GMT
/
t.dtscout.com/idg/ Frame B246 		1 KB
753 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/idg/?su=10401671826567AF0571923A2E48C9B7
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F5alij.com%2Fuser%2Ffeastpath8&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.101.120.11 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2de72cfcf78e1763282f1b76329d517063ac3ba812ac0128e19664ade443d4ad

Request headers

Referer
https://5alij.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
77e3c5ef68e81c5d-AKL
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 23 Dec 2022 20:16:08 GMT
expires
Fri, 23 Dec 2022 20:16:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iX%2FsbZaMd3qela06nFAexjatZK7WfPlsdC9EQ4FihgrhyCQh%2F7bCaWjJey2jTNRgUw3XDjIW7zzr3DTn3X5BHjS5xyBkTs2cSImjtW0UkSG7wFquoVgxFB1hNpOMHcI%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
tag.min.js
get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F5alij.com%2Fuser%2Ffeastpath8&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.14.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-14-62.han50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
caf00dccdfb24b237c2e763929bbdbf10d64d66606688390a39c6456fbddb409

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://5alij.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
ePoTNcv0DaSHt0vz0AKUJEI0tBAExaJ3
content-encoding
gzip
via
1.1 ed9b5ead18a5d9b0f2855a2953e4322c.cloudfront.net (CloudFront)
date
Fri, 23 Dec 2022 04:35:09 GMT
last-modified
Thu, 25 Aug 2022 14:07:06 GMT
server
AmazonS3
x-amz-cf-pop
HAN50-P1
age
56460
etag
W/"c722c8e06c3a9be75b009576c49f7792"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
x-amz-cf-id
xVMN20V8GXpl1WG4vn7U-9o2NUxvGTVL8YdAaQ8gdltncf_wwCl1qg==
/
t.dtscout.com/pv/ 		50 B
333 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscout.com/pv/?_a=v&_h=5alij.com&_ss=yr4h5b407h&_pv=1&_ls=0&_u1=1&_u3=1&_cc=nz&_pl=d&_cbid=73yb&_cb=_dtspv.c
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F5alij.com%2Fuser%2Ffeastpath8&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.101.120.11 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1c1a69da840f5b37139473b9244f653c055f51682898867b5acdb53e72b497a

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://5alij.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 20:16:08 GMT
x-t
0.147
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zeoK00biLBOsVvsHTSRwqT719yT9%2BFOXVWOUWhf%2F%2BKWHkoEnNLFpXVKUll22QPpjj9PbLe6Hc%2BY49twadIDx%2BngBPjF8Y5zwi13GU7euGfApncvsEXpvtQrkupRlI%2Bg%3D"}],"group":"cf-nel","max_age":604800}
x-c
0
content-type
application/javascript
cache-control
no-cache
cf-ray
77e3c5ef68e91c5d-AKL
expires
Fri, 23 Dec 2022 20:16:06 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/ 		150 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
cafe /
Resource Hash
efd26621eee27800574ceb521f6a5bd39ba9650d0532d0b832aa713172da883f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://5alij.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 20:16:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52347
x-xss-protection
0
server
cafe
etag
4634831389682247162
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Dec 2022 20:16:07 GMT
lt.min.js
tags.crwdcntrl.net/lt/c/3825/ 		52 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/3825/lt.min.js
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F5alij.com%2Fuser%2Ffeastpath8&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.14.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-14-123.han50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
291b6bd7f8a7131a09497b84a3393b49086b8f7e2f3f2f15aba866ff988d9bb4

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://5alij.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 12:55:16 GMT
content-encoding
gzip
via
1.1 005d840cb6b280bb283379318d5779bc.cloudfront.net (CloudFront)
last-modified
Mon, 21 Nov 2022 17:14:46 GMT
server
AmazonS3
x-amz-cf-pop
HAN50-P1
age
26452
x-amz-server-side-encryption
AES256
etag
W/"589afe2aa7c0b6b01bf8474c7ae2e61b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age: 86400
x-amz-cf-id
eb7SbUmTV5L0s26aiXfCLHvKdBHFvig-wjJDqfnQ090conubLaltXw==
/
t.dtscdn.com/widget/ 		0
594 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t.dtscdn.com/widget/?d=10401671826567AF0571923A2E48C9B7&nid=300&p=836148727&t=0&s=1600x1200x24&u=https%3A%2F%2F5alij.com%2Fuser%2Ffeastpath8&r=
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F5alij.com%2Fuser%2Ffeastpath8&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://5alij.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 20:16:08 GMT
x-t
1.04
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CH5jNBwH1rG2nzMfFCkwklIiJsnHskzRiJRjCJsXdR62NRzO58x3HK2jREvaLsBa9N9A2J6pAimu1J%2FCx2uGdEcK3Guasv9gdZGT5dw74NyYwySQVAr3Czs3eoh1%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
no-cache
x-server
web16.ny1.dtscdn.com
cf-ray
77e3c5f52f4c550f-SYD
expires
Fri, 23 Dec 2022 19:51:54 GMT
e
a.dtssrv.com/ 		21 B
576 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.dtssrv.com/e?i=10401671826567AF0571923A2E48C9B7
Requested by
Host: e.dtscout.com
URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2F5alij.com%2Fuser%2Ffeastpath8&j=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.106.25 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
853c7c7b8665ba98782bd2d9713bc5fa5acf31d536002af175cdea543448bf14

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://5alij.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
cache
date
Fri, 23 Dec 2022 20:16:08 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
access-control-max-age
86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ssVFrXSFTUmQgax8BLudJG5YMLqCpmbpM8bPzJi97ylEqaBNlOgb%2B3wN2%2FOtVYKOlDyl%2BlJdGda3aSh8KDI1YuRQTCQ1EQeVWjCxCLGJ4WAyKiB%2FERpLZy8%2BJ7SFTC0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://5alij.com
cache-control
s-maxage=0
access-control-allow-credentials
true
cf-ray
77e3c5f549035ab4-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Fri, 23 Dec 2022 22:16:08 GMT
33141
tags.bluekai.com/site/
Redirect Chain
  • https://pixel.onaudience.com/?partner=137085098&mapped=10401671826567AF0571923A2E48C9B7
  • https://pixel.onaudience.com/?partner=109&icm&cver&gdpr=0&smartmap=1&redirect=tags.bluekai.com%2Fsite%2F33141%3F%26id%3D%25m
  • https://tags.bluekai.com/site/33141?&id=7cbac0d947898508
0
0
integrator.js
adservice.google.co.nz/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=5alij.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://5alij.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 20:16:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=5alij.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://5alij.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 20:16:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/ Frame 73BA 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5alij.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
35457
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 23 Dec 2022 10:25:11 GMT
etag
10353107486223812946
expires
Fri, 06 Jan 2023 10:25:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/ Frame 3376 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212010101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://5alij.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
35457
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 23 Dec 2022 10:25:11 GMT
etag
10353107486223812946
expires
Fri, 06 Jan 2023 10:25:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
onetag-geo.s-onetag.com/ 		535 B
940 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.14.32 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
a0ef9664ce4745a7141cfee9be2ff66c682596db11fde27129c25e5120b5b490

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://5alij.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 20:16:09 GMT
via
1.1 729399d6290e74ddd43cb2da1cab5266.cloudfront.net (CloudFront), 1.1 3f0bb28fb1a9d7cc350db3a326fdc824.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1, HAN50-P1
x-amzn-requestid
9c042e5f-ba0d-4c9e-8ede-40904dba1df7
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
dnbljE9_iYcFScg=
content-length
535
x-amz-cf-id
aFMiCFfhgI3SDav92Y98vuRyGtDiOLsr1F393xRdwbCW5mkBBb2F2A==
css2
fonts.googleapis.com/ Frame 73BA 		4 KB
636 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f95.1e100.net
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 23 Dec 2022 20:16:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 23 Dec 2022 19:38:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 23 Dec 2022 20:16:08 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 73BA 		205 B
744 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.94 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 16:40:51 GMT
x-content-type-options
nosniff
age
185718
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 21 Dec 2023 16:40:51 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 73BA 		604 B
695 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.94 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 12:40:58 GMT
x-content-type-options
nosniff
age
200111
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 21 Dec 2023 12:40:58 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ Frame 73BA 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
4d0ed9630334a711204c67723b1eb52755c8316466fa7e4e601958e0c12a5da9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 18:40:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
5751
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8084
x-xss-protection
0
server
cafe
etag
2222875591315018765
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 06 Jan 2023 18:40:18 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012211060024000/ Frame B245 		221 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/amp4ads-v0.mjs
Requested by
Host: 5alij.com
URL: https://5alij.com/user/feastpath8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 17 Dec 2022 19:38:12 GMT
age
520677
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61592
x-xss-protection
0
server
sffe
etag
"a2fca7132416d151"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 17 Dec 2023 19:38:12 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame B245 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: 5alij.com
URL: https://5alij.com/user/feastpath8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 17 Dec 2022 19:46:45 GMT
age
520164
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5218
x-xss-protection
0
server
sffe
etag
"abd4378f71571d78"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 17 Dec 2023 19:46:45 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame B245 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-analytics-0.1.mjs
Requested by
Host: 5alij.com
URL: https://5alij.com/user/feastpath8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 17 Dec 2022 19:37:59 GMT
age
520690
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28809
x-xss-protection
0
server
sffe
etag
"dd6615029de85e23"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 17 Dec 2023 19:37:59 GMT
amp-carousel-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame B245 		33 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-carousel-0.1.mjs
Requested by
Host: 5alij.com
URL: https://5alij.com/user/feastpath8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
a2cef147f59ba3c90ea2d5a2d4897f9c126b5d71b472d5625cd484fa232ef0c1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 17 Dec 2022 19:30:56 GMT
age
521113
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10090
x-xss-protection
0
server
sffe
etag
"e045a48636d92551"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 17 Dec 2023 19:30:56 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame B245 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-fit-text-0.1.mjs
Requested by
Host: 5alij.com
URL: https://5alij.com/user/feastpath8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 17 Dec 2022 19:43:46 GMT
age
520343
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1913
x-xss-protection
0
server
sffe
etag
"403438c4d550ee88"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 17 Dec 2023 19:43:46 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame B245 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-form-0.1.mjs
Requested by
Host: 5alij.com
URL: https://5alij.com/user/feastpath8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 17 Dec 2022 19:38:12 GMT
age
520677
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12946
x-xss-protection
0
server
sffe
etag
"0bacd3f1ce38a7db"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 17 Dec 2023 19:38:12 GMT
amp-gwd-animation-0.1.mjs
cdn.ampproject.org/rtv/012211060024000/v0/ Frame B245 		0
0
truncated
/ Frame B245 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
882224484c916f5f08a7634cbce25f2c63f8704a10416d6c1490fd2d1d24edad

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
ar.png
tpc.googlesyndication.com/pagead/images/abg/ Frame B245 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/ar.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 18:28:00 GMT
x-content-type-options
nosniff
server
cafe
age
6489
etag
9421415325968714010
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2737
x-xss-protection
0
expires
Sat, 24 Dec 2022 18:28:00 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame B245 		344 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 13:06:29 GMT
x-content-type-options
nosniff
server
cafe
age
25780
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Sat, 24 Dec 2022 13:06:29 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame B245 		0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CUJFwhgymY_CkMMSOowOyrKDoC9T32Zpi4rfTm_UQgIq20YsOEAEg5-e5HmCr7LGF4BigAYXbhc4DyAEJqQJlXmT6wRelPqgDAcgDCKoEigJP0Iz2AGI8RRRcJChKKx5KzgFlD1DR-_icryE67qW74HGudic1p06G7d7qbA9QCOSgd_gW7vj_LlEgmjDltznCGJ_O_TMINhpTWo-b8SXdXKvnzqy0FjpgNdSgodjIga8ukKa2Lk_fFa7tMFqnEP23kwRSrt-K7OUowxGuPBqtDLI5L_AuY42x7sJZ6k3y6ZihU51HmkVGCZR-uIIxsJp3Jl7eDercD-C8Et16McsH_-O19-uGQ-TAO10AhR_24H6OFTtOscXwAhKTMFH0JWthkbBPptbEuA24UsbBXUqrwWFOMyvecXCLTy6gIqM1_PUjA3U5KUO7CkYpm9T8awQvWLjFhXnOKsk_78AEk5PCp_oDkgUECAQYAZIFBAgFGASgBi6AB-Ok-jGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDzgAHSCA8IgGEQARgfMgKKAjoCgECACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItODM0MzIyNzk1MDYxMTQxMRgA&sigh=TLLdhWn9XMY&uach_m=[UACH]&cid=CAQSGwDq26N9IeQRGD_YMxcc4mlIq_CaNuegFHLOkhgBIBM&template_id=419
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 23 Dec 2022 20:16:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
img3.jpg
tpc.googlesyndication.com/sadbundle/2378673332833475306/ Frame B245 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/2378673332833475306/img3.jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
86b2e18b3f79512082e96f43c3425915f4d29f26c80977577a69f4a2847a8dec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 20:16:10 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2400
x-xss-protection
0
last-modified
Sun, 30 Oct 2022 01:26:18 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 23 Dec 2023 20:16:10 GMT
img2.jpg
tpc.googlesyndication.com/sadbundle/2378673332833475306/ Frame B245 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/2378673332833475306/img2.jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
6b80cb72d9feef6edc591f8991e32cf658da22abf0f91eb482e0a72ca666980c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 20:16:10 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3263
x-xss-protection
0
last-modified
Sun, 30 Oct 2022 01:26:18 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 23 Dec 2023 20:16:10 GMT
img1.jpg
tpc.googlesyndication.com/sadbundle/2378673332833475306/ Frame B245 		655 B
681 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/2378673332833475306/img1.jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
33baabf073143b742808d3be6ca4db54e70821ac0cbf6f62996d096a3fc3ad72
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 20:16:10 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
655
x-xss-protection
0
last-modified
Sun, 30 Oct 2022 01:26:18 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 23 Dec 2023 20:16:10 GMT
t1.png
tpc.googlesyndication.com/sadbundle/2378673332833475306/ Frame B245 		0
0
t1Star.png
tpc.googlesyndication.com/sadbundle/2378673332833475306/ Frame B245 		0
0
t2.png
tpc.googlesyndication.com/sadbundle/2378673332833475306/ Frame B245 		0
0
t2-1.png
tpc.googlesyndication.com/sadbundle/2378673332833475306/ Frame B245 		0
0
t2Line.png
tpc.googlesyndication.com/sadbundle/2378673332833475306/ Frame B245 		0
0
t3.png
tpc.googlesyndication.com/sadbundle/2378673332833475306/ Frame B245 		0
0
t3-1.png
tpc.googlesyndication.com/sadbundle/2378673332833475306/ Frame B245 		0
0
btn.png
tpc.googlesyndication.com/sadbundle/2378673332833475306/ Frame B245 		0
0
qr.png
tpc.googlesyndication.com/sadbundle/2378673332833475306/ Frame B245 		0
0
address.png
tpc.googlesyndication.com/sadbundle/2378673332833475306/ Frame B245 		0
0
Frame.png
tpc.googlesyndication.com/sadbundle/2378673332833475306/ Frame B245 		0
0
csi
csi.gstatic.com/ Frame 7F04 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lc0ydgi3&c=2011402632857&slotId=1005701316428.5&qqid=CIfFj6XHkPwCFSEraAod5k0LlA&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.120 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 20:16:09 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7F04 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 18 Dec 2022 00:12:07 GMT
x-content-type-options
nosniff
age
504242
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 18 Dec 2023 00:12:07 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7F04 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f94.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 03:35:29 GMT
x-content-type-options
nosniff
age
146440
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Dec 2023 03:35:29 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7F04 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=Cp1NAhgymY4fqMKHWoAPmm62gCZvIjOhtj4eS4IMR8C4QASDn57keYKvssYXgGMgBBagDAcgDmwSqBOgBT9CGsRA3sFqELmWXFy_gl4N4SsAqGHrcN7SAM-hZfowZJbKJPPka4tOaTkAznKLXmARlJ7QFtu9HSDPx_cwBxWmfLD5tlbv7a0RAlypt43dvrAvJ0yv9Nj8d4Vi04LQxhBDFGbmqQuzLK9uQkkNrwAcLNk4-VlopZ2TXru97oMPwEy8At84mLOgRu6vhzUuBezHTUQce8tNbRBV0IsoF9llRCIfMZtJWkODxpvGETHgRg1vRJPCdtITEqzYOhnLFXWMheyqL0mRlM-pNCvbprAGMTIigTwJu30ih8TTjXGHhogChwYS0TsAEx_qZg6QE4AQDkAYBoAZ2gAfQp7CbA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgGEQARgfMgKKAjoCgECACgHICwHgCwGADAGwE_fGvRHIE4fbyeED0BMA2BMKiBQC2BQB0BUB-BYBgBcB&eventType=clickstring&clientTime=1671826568923&ai=Cp1NAhgymY4fqMKHWoAPmm62gCZvIjOhtj4eS4IMR8C4QASDn57keYKvssYXgGMgBBagDAcgDmwSqBOgBT9CGsRA3sFqELmWXFy_gl4N4SsAqGHrcN7SAM-hZfowZJbKJPPka4tOaTkAznKLXmARlJ7QFtu9HSDPx_cwBxWmfLD5tlbv7a0RAlypt43dvrAvJ0yv9Nj8d4Vi04LQxhBDFGbmqQuzLK9uQkkNrwAcLNk4-VlopZ2TXru97oMPwEy8At84mLOgRu6vhzUuBezHTUQce8tNbRBV0IsoF9llRCIfMZtJWkODxpvGETHgRg1vRJPCdtITEqzYOhnLFXWMheyqL0mRlM-pNCvbprAGMTIigTwJu30ih8TTjXGHhogChwYS0TsAEx_qZg6QE4AQDkAYBoAZ2gAfQp7CbA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgGEQARgfMgKKAjoCgECACgHICwHgCwGADAGwE_fGvRHIE4fbyeED0BMA2BMKiBQC2BQB0BUB-BYBgBcB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=280&slotname=6360763485&adk=3572022879&adf=943920009&pi=t.ma~as.6360763485&w=1004&fwrn=4&fwrnh=100&lmt=1671826566&rafmt=1&format=1004x280&url=https%3A%2F%2F5alij.com%2Fuser%2Ffeastpath8&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671826565325&bpp=2&bdt=2509&idt=1039&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=392598857216&frm=20&pv=1&ga_vid=2084543564.1671826566&ga_sid=1671826566&ga_hid=1817157432&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44780792&oid=2&pvsid=2926690884172248&tmod=1375105988&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Zdoyo3c8Ap&p=https%3A//5alij.com&dtd=1044
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 20:16:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 7F04 		28 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-C3z8ImgGu0F5u6KEotBROOEnBv3jXtsdrd3HcEtm6SJaDu8Y5PtRfdCHARi23_YtPzrIhLeHJlVqGzL9lu1YPj0X6CpQ&cry=1&dbm_d=AKAmf-C8G1aHXWcURtQrLUKluDEBoPGMkwSBczE_r0jZ62C240Zc2JGFltJmaRiKv0V3JczvMptW3CnEzb3q4I5aEkWY8iq3dWpm6lVw8JagPViwRe1kaR_EwT53HZF5NP2JUJaTYhPRgsB_MCFll-o7xCrsU5TFer01iIw125GgzQAxmuedz0_221riKwkoQqPglTqBaXlasgyljCOsG5ep9sxJ_tbDk2vxRiKixjXBW5QtUleKyL_fojcm1d3Z2ttc99tLgGH52jdba_UKr7rf3mRgWJmqsn32A-uDhV5tnesvNmkK_IGZ15mMn_Lti-2zbUDWUhu3xV0vancs6BtSaiyyv-RzyCP1JqAaFe-aIiHlMjt1yzuAntqpKNcRxA3ynjrw7W4Xfmr9xu41B9iII2obp46TMIcd2cBJRBbdknyRDPuT1XFEJAqGz8jvcmWzPKZfEY8-PgTMsPWlQCnUKsNevdbHZFvVy-G2T30IIAnBT2gIM7KvVCEDuDLVEA86L0a3OlN5_OXL1ysuIbodk369oBoUDV3TG3wwIztK4jLNcDfsi8c58V4vfFDYpyiRVRx323bSGWDpfC9gJ1ykSQ8rNFBdSkNi4hVq4aizroFRuBLXJit9nmRqqmRrj1fImvxOBvohDQrP2vzM_OCqG-33k7AqEBcBGQb3Cr-q6KJ2EK14xFoBhCm2VlAdNA3H5aDJJIPYwmA8GV5MrBfdUUyfhkRFwdh9YIf0loMlIYsLpC4IOUthfMlGwXkAWUeFUL7EDklYuZ0oIKZhZUHJC1O8S9mdar-ufZF3jsjAWKWa4E4nG4aULQhgFyNkrA_ehAJ5qqBZhQ51d1SmO4hWjXWRUCdqtMzWBO2GKn5fRdwQh77sgaTOpqnL8qfC0Jr0JuN6SHUW7eOStYGX8A01y7Er1PLj5pYQr57WxOTMqGVlVQIplHvPrT4JdwlyJXjU0wDen0yUlLOeyNCRqBD9Sm-H3mLi7IaUjF_MrRPE-5bBZb54gsnR_Z4uE8rjQjTN6SYHXquZu_njXiG5ICh7z3tnwHNVKj-GeqdH_8BMH3nynl5MEHd573HFHErZVl7OJY9G9xs8kNwB-Gqk1hUhFG8jvxhaqFUn3Xu0XkORYp4pDSv4jFu5gKIABNKUGx9q8Bt4GPTGmT3nU5rxbvbXoAIchj-jXPxSCa4NmMZ6CAGrjutWBslTzwZm64c_TiSOutQ3C1M3oHNzyDEvR5tkXoXv-rn9WCjkJPC0JBN8Wf9AzFfxSNQugwdbFiXJyOeHKQOeay1o6PUh457CPBBoG5552HzKTW4YuhE-Z0IisYI7Jxg3OKB3TELvN2oKWXjO185EOXFRhs4w5KmUcadEXcej684o2FEZVpzHH6DO1khoKEIA_s8PgjF8geu-0mADWkApqWOcv5MzOUL_xCbTupEH3iGZQD0GhBhG6Lm2uEvmMdGV8kLAkLbiarvo0uaZXD1d9H5TPZ4iqtJRlh42UV4QkCWVkCRF7WoUq5f0-vkIHWJ4Tb2IxtLCdnrE_oDaa0kHI1K7m_k_f7zLDit09b05o4SaKaoeOhnn8mhWLsYNNtjm3W_MtKo8OTYqPQTohxvHXrb1NznxW6_mTWJBH7eDwGpfA9OWULOZcMh4_PTs87svBO7X7iQLudksYRve4V-XdUfvPsJAsU_Q5e7tH3xo2tjii6EzbXxVRm7zktnn7Eg0HlbBj51Wai919ugHfPNm7_9Wz5rm22OXH8fywFQERltXQudprkPnFg0Q2uRkk3z6QGu8JV1lyYArFEjEpxNhCq7_OXv8fJB9pO0Z1zXq-N8lYvFUw4J_Yrtf-F59GjA5rYQEoQHrOQfI89sJ3mVaOlBCswzjc0oFUwyBZFkxD20F6c6mBvDxJV0rxaduVa32kyr4DU9w3RiZ2kk52bQLka0F83AhKPevyEXK_IQMGdvS500Iuxi8SXobIUVFWtdXcwmraMmOqLJ20K74-662UbVYQnayiZmjtBNZ9vy0E7He7jVlQjojsUqNXMKoonZ4WeOTIa2LsH9c1TdmgrkoZ9Gm8LZsO83DeVmM-o2woyG4RPjxLidOqw57gS5zQO40ZgpGq-Aqmn5VsBPhJoG2XQ8K9GRXrxOP-6B8_TKhnvq4A8V4DKeR9doKoh4DV4Xki9f5HtuLzFs-pVaygOoceA5bXdLc4qzumWFd2XQ7Q36nO7v0uy4ssJjspzmSKdxumcpwzdtKlk-JzO23zIH1F6nQBn_bsnzM6i6dHi-H3xKvcAOMjJoPUWU6A2kyIHa4jqfVW2Zvrfkx9PKA1NstAR_12RpV4wTyHpfuevSGbNSYR8LhtT8tTRvQFnWBgUVSZo3aRUdpGzsDSZC6tPEh10kQu4_d3l7rdISS7oNqN7LOJ5nnNWYeNAH_gOsBQ-sMkBy8QnbWcV1ZEpPYZvJDYLpivLQq5ZQ8aUPfXtHlxpbUsyyuU0nhnhJwHUjXw1oVwKZF0GI5_24thba9o0mQsIPbZ-F0WTcUzk-pa5RxGeALB4L3sd28fNruKih8tZkKmTWa0rxXVXJ7QF29J-vMBisQT3fsNElfswgsC9qtyj2sIMYpyrMNCT9c7bpsiwsr-elLwNe-a_5Nmgk3PTLlys5dhGTT9VreWsNdqY6u2imCOmPGlLjCWd4sllKZvyRDe1SWSBEe0FNoxgwGVmVXMZfaOan2Sl0v7nJ2MSq1wI9Hoz6YAJgDrENUCYpMSciPimF8JNoCrBQeTE93zQhi8eX27k-6777nK2h5DmFTMwr9O2aUWNj5sEABVGXgWZTWu-TRoEgjUtn1UeMX_QD6H0W0r1fGgWpM6AIubWNnk8KQMjWKHZw-c_tztlmK1g-a1Aa6SmIwBCqTEtnYg1N83O0RBm5dIR3mnSet-UT0OyFws-gyKpjfUyFEDeIcIgCXeXZg05O0MpPdY-eeU3vOg6DKrW1_VP4sJjgQr-erpikuPAb5jvGnBUHQi5r4xS_YQL_H7-MkdM5Yg9o4yaMxFTR26_mbQdEWKHnbFNc9XS_akvyYRwnLGfXmbM5jo8G9Gr9A4ZF1g79YwfE3c9r6XX_CT9d766A5UDckPoBF3hrF4rN-YQuu10Wgjk0IAu7xawGjWyqCL5Ht0rxhRNPqRhvz8WYE0AIfOulo08oInlWEmSOttcoxlO3P1PrLJVzzjXexKvl1-sEqGAtUK2wRVpKr_vZWo2AMA6V0LHTF5Ljcg9KQlnZ4mWCq_HfWsE8ntBTfesQQFJXXnsBTA2e1-bMrjnJBUGCKW-_yycEh3f83S5jBYZy59rIJ_m7Ulb-z2ky3Oz6DPunCi3fhdOPWchK1wKCRsciYXZMyXIG7mM3JAPTy1NNwOwuWSb1pu8HmeqqHlbqNXTu_uVsDe4WRIm9G3khNXZSnqr-vSq9vWfmYtXZstorOEAaxIGi6Ys4cIwWBkfxUrIZQ42Rq6tRJRcHSADKlsrfcP7TWIs18l51S66HggmQAEvyF919Zk2eh8HNTl8ntiXoAH15hA7va6ATVCnel3ZfzYFrzuQDd8AnbsZpNBAfVXXVUA-dah_jTRzM&cid=CAQSGwDq26N97zpP2AJTZ61KPwWJUZK3KpkuPlE7VhgBIBM&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
b3e1a259698b5eea45701feade26137787a228e5c1795b3346265cf22b8a6f19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 20:16:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15687
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 7F04 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CbgAWhgymY4fqMKHWoAPmm62gCZvIjOhtj4eS4IMR8C4QASDn57keYKvssYXgGMgBBagDAaoE5QFP0IaxEDewWoQuZZcXL-CXg3hKwCoYetw3tIAz6Fl-jBklsok8-Rri05pOQDOcoteYBGUntAW270dIM_H9zAHFaZ8sPm2Vu_trRECXKm3jd2-sC8nTK_02Px3hWLTgtDGEEMUZuapC7Msr25CSQ2vABws2Tj5WWilnZNeu73ugw_ATLwC3ziYs6BG7q-HNS4F7MdNRBx7y01tEFXQiygX2WVEIh8xm0laQ4KmnQ-5EUvGxyX3sCrxRfp1Mw2Feh7SdlVC79OLybrU6w1XcDATD2Vv1oY5XyosxOWEljcpweU9f4oAkwATH-pmDpATgBAOIBZzJsLBHkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ2gAfQp7CbA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcKEPjMAhiK94rbAdIIDwiAYRABGB8yAooCOgKAQIAKAcgLAbAT98a9EcgTh9vJ4QPQEwDYEwqIFALYFAHQFQGAFwGyFxwKGggAEhRwdWItODM0MzIyNzk1MDYxMTQxMRgA&sigh=IQkrnx3Esyc&uach_m=[UACH]&cid=CAQSGwDq26N97zpP2AJTZ61KPwWJUZK3KpkuPlE7VhgBIBM&vt=10
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=280&slotname=6360763485&adk=3572022879&adf=943920009&pi=t.ma~as.6360763485&w=1004&fwrn=4&fwrnh=100&lmt=1671826566&rafmt=1&format=1004x280&url=https%3A%2F%2F5alij.com%2Fuser%2Ffeastpath8&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671826565325&bpp=2&bdt=2509&idt=1039&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=392598857216&frm=20&pv=1&ga_vid=2084543564.1671826566&ga_sid=1671826566&ga_hid=1817157432&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44780792&oid=2&pvsid=2926690884172248&tmod=1375105988&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Zdoyo3c8Ap&p=https%3A//5alij.com&dtd=1044
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8343227950611411&output=html&h=280&slotname=6360763485&adk=3572022879&adf=943920009&pi=t.ma~as.6360763485&w=1004&fwrn=4&fwrnh=100&lmt=1671826566&rafmt=1&format=1004x280&url=https%3A%2F%2F5alij.com%2Fuser%2Ffeastpath8&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671826565325&bpp=2&bdt=2509&idt=1039&shv=r20221207&mjsv=m202212010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=392598857216&frm=20&pv=1&ga_vid=2084543564.1671826566&ga_sid=1671826566&ga_hid=1817157432&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=298&ady=149&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44780792&oid=2&pvsid=2926690884172248&tmod=1375105988&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=Zdoyo3c8Ap&p=https%3A//5alij.com&dtd=1044
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 23 Dec 2022 20:16:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 23 Dec 2022 20:16:09 GMT
truncated
/ Frame 7F04 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ea8d57ea2a9c3941f67e70636dca9bd7522efdf0e23cf2c86af9e62226eee2f7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame CAA9 		8 KB
895 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f95.1e100.net
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 23 Dec 2022 20:16:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 23 Dec 2022 18:47:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 23 Dec 2022 20:16:09 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame CAA9 		2 KB
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 04:09:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
58004
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 06 Jan 2023 04:09:25 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame CAA9 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 12:58:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
26288
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9443
x-xss-protection
0
server
cafe
etag
9828741834572772835
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 06 Jan 2023 12:58:01 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame CAA9 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 13:07:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
25746
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 06 Jan 2023 13:07:03 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame CAA9 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 13:07:03 GMT
content-encoding
br
x-content-type-options
nosniff
age
25746
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 06 Jan 2023 13:07:03 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CAA9 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.155 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 20:16:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 23 Dec 2022 20:16:09 GMT
5abbe811e7745ada511aeaa994a13f9f.js
www.gstatic.com/mysidia/ Frame CAA9 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.94 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 10:59:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
119797
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14213
x-xss-protection
0
last-modified
Thu, 08 Dec 2022 23:34:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 22 Mar 2023 10:59:33 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 7F04 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 13:06:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
198603
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Dec 2023 13:06:06 GMT
file.mp4
r5---sn-ntqe6n7k.c.2mdn.net/videoplayback/id/00ba440809c18d3f/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1703362569/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 7F04
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/00ba440809c18d3f/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1703362569/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
  • https://r5---sn-ntqe6n7k.c.2mdn.net/videoplayback/id/00ba440809c18d3f/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1703362569/sparams/acao,ctier,expire,id,ip,ipbits,ita...
0
0
csi
csi.gstatic.com/ Frame 7F04 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lc0ydgil&c=2011402632857&slotId=1005701316428.5&qqid=CIfFj6XHkPwCFSEraAod5k0LlA&fb=outstream-lima&gpm_i=7&gpm_c=7&gpm_a=7&smb=1000&br=864&mt=video%2Fmp4&vs=720x720&ulv=1&cll=0&vast_v=2.0&vmfc=9&vhc=0&msm=1&aits=0%2C18%2C22%2C692%2C59%2C342%2C343%2C345%2C346&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=346&vsrc=web_video_ads&ape=1&met.4=videopreviewvisible.29a
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.120 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 20:16:09 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 12AD 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
198603
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 13:06:06 GMT
expires
Thu, 21 Dec 2023 13:06:06 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-host-v0.js
cdn.ampproject.org/rtv/012211060024000/ 		0
0
3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js
pagead2.googlesyndication.com/bg/ Frame 12AD 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f154.1e100.net
Software
sffe /
Resource Hash
dd6a4d39482b37efe9c55c363401d536da1f7abff0e9a2dbdd91d718700ce386
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 08:21:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
215682
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16071
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 21 Dec 2023 08:21:28 GMT
dataBeacons.min.js
data-beacons.s-onetag.com/ 		0
0
3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js
pagead2.googlesyndication.com/bg/ Frame 6E7B 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
tags.bluekai.com
URL
https://tags.bluekai.com/site/33141?&id=7cbac0d947898508
Domain
cdn.ampproject.org
URL
https://cdn.ampproject.org/rtv/012211060024000/v0/amp-gwd-animation-0.1.mjs
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/sadbundle/2378673332833475306/t1.png
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/sadbundle/2378673332833475306/t1Star.png
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/sadbundle/2378673332833475306/t2.png
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/sadbundle/2378673332833475306/t2-1.png
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/sadbundle/2378673332833475306/t2Line.png
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/sadbundle/2378673332833475306/t3.png
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/sadbundle/2378673332833475306/t3-1.png
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/sadbundle/2378673332833475306/btn.png
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/sadbundle/2378673332833475306/qr.png
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/sadbundle/2378673332833475306/address.png
Domain
tpc.googlesyndication.com
URL
https://tpc.googlesyndication.com/sadbundle/2378673332833475306/Frame.png
Domain
r5---sn-ntqe6n7k.c.2mdn.net
URL
https://r5---sn-ntqe6n7k.c.2mdn.net/videoplayback/id/00ba440809c18d3f/itag/346/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1703362569/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1057D526A831200D095AE29F93AB5E3E76BDFB7B.2FF8EDA94E4A6F5ADFD60CAB20D46460B73FC64E/key/cms1/cms_redirect/yes/mh/1X/mip/116.90.74.197/mm/42/mn/sn-ntqe6n7k/ms/onc/mt/1671826115/mv/m/mvi/5/pl/24/file/file.mp4
Domain
cdn.ampproject.org
URL
https://cdn.ampproject.org/rtv/012211060024000/amp4ads-host-v0.js
Domain
data-beacons.s-onetag.com
URL
https://data-beacons.s-onetag.com/dataBeacons.min.js
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/bg/3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js

Verdicts & Comments Add Verdict or Comment

277 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| oncontentvisibilityautostatechange string| qa_root string| qa_request function| $ function| jQuery number| _x000ade32f function| _x1ab32cdf function| qa_reveal function| qa_conceal function| qa_set_inner_html function| qa_set_outer_html function| qa_show_waiting_after function| qa_hide_waiting function| qa_vote_click function| qa_notice_click function| qa_favorite_click function| qa_ajax_post function| qa_ajax_error function| qa_display_rule_show object| qa_element_revealed function| qa_toggle_element function| qa_submit_answer function| qa_submit_comment function| qa_answer_click function| qa_comment_click function| qa_show_comments function| qa_form_params function| qa_scroll_page_to function| qa_title_change function| qa_html_unescape function| qa_html_escape function| qa_tag_click function| qa_tag_hints function| qa_tags_to_html function| qa_caret_from_end function| qa_tag_typed_parts function| qa_category_select function| set_category_description function| qa_submit_wall_post function| qa_wall_post_click function| qa_pm_click object| b object| adsbygoogle object| _Hasync object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc number| google_rum_task_id_counter string| google_user_agent_client_hint function| chfh function| chfh2 string| _HST_cntval object| Histats function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| _HistatsCounterGraphics_0_setValues object| a object| cv object| _dtspv object| google_llp object| lotame_3825 number| char object| __connect object| googletag function| lotameIsCompatible function| lt3825_ba function| lt3825_b undefined| lt3825_c undefined| lt3825_ca undefined| lt3825_da function| lt3825_ea object| lt3825_e function| lt3825_fa function| lt3825_ga object| lt3825_ object| lt3825_ka object| lt3825_la object| lt3825_Qa object| lt3825_Ra object| lt3825_7 function| lt3825_aa function| lt3825_a function| lt3825_d function| lt3825_f function| lt3825_g function| lt3825_h function| lt3825_i function| lt3825_j function| lt3825_k function| lt3825_ia function| lt3825_ha function| lt3825_l function| lt3825_m function| lt3825_ja function| lt3825_n function| lt3825_o function| lt3825_p function| lt3825_q function| lt3825_r function| lt3825_pa function| lt3825_ma function| lt3825_na function| lt3825_t function| lt3825_oa function| lt3825_u function| lt3825_v function| lt3825_w function| lt3825_x function| lt3825_s function| lt3825_y function| lt3825_z function| lt3825_qa function| lt3825_A function| lt3825_B function| lt3825_ra function| lt3825_C function| lt3825_D function| lt3825_sa function| lt3825_E function| lt3825_F function| lt3825_G function| lt3825_ta function| lt3825_I function| lt3825_J function| lt3825_H function| lt3825_ua function| lt3825_K function| lt3825_L function| lt3825_va function| lt3825_wa function| lt3825_M function| lt3825_xa function| lt3825_ya function| lt3825_za function| lt3825_Da function| lt3825_Aa function| lt3825_Ba function| lt3825_Ca function| lt3825_Ea function| lt3825_Ga function| lt3825_Fa function| lt3825_N function| lt3825_Ha function| lt3825_Ia function| lt3825_Ja function| lt3825_Ka function| lt3825_La function| lt3825_Ma function| lt3825_Na function| lt3825_Oa function| lt3825_Pa function| lt3825_O function| lt3825_Sa function| lt3825_P function| lt3825_Q function| lt3825_R function| lt3825_S function| lt3825_Ta function| lt3825_T function| lt3825_U function| lt3825_Ua function| lt3825_Va function| lt3825_V function| lt3825_W function| lt3825_X function| lt3825_Y function| lt3825_Wa function| lt3825_Ya function| lt3825_Xa function| lt3825_Z function| lt3825__ function| lt3825_0 function| lt3825_1 function| lt3825_4 function| lt3825__a function| lt3825_1a function| lt3825_0a function| lt3825_3a function| lt3825_2a function| lt3825_2 function| lt3825_4a function| lt3825_5a function| lt3825_3 function| lt3825_Za function| lt3825_6a function| lt3825_7a function| lt3825_8a function| lt3825_9a function| lt3825_5 function| lt3825_6 function| lt3825_$a function| lt3825_ab function| lt3825_bb function| lt3825_cb function| lt3825_db function| lt3825_eb function| lt3825_fb function| lt3825_gb function| lt3825_hb function| lt3825_ib function| lt3825_8 function| lt3825_lb function| lt3825_mb function| lt3825_kb function| lt3825_jb function| lt3825_ob function| lt3825_nb function| lt3825_qb function| lt3825_pb function| lt3825_rb function| lt3825_sb function| lt3825_tb function| lt3825_ub function| lt3825_vb function| lt3825_wb function| lt3825_yb function| lt3825_Bb function| lt3825_Ab function| lt3825_xb function| lt3825_Eb function| lt3825_zb function| lt3825_Cb function| lt3825_Gb function| lt3825_Fb function| lt3825_Hb function| lt3825_Db function| lt3825_Ib function| lt3825_Jb function| lt3825_Kb function| lt3825_9 function| lt3825_Lb function| lt3825_Mb function| lt3825_Nb function| lt3825_Ob function| lt3825_Pb function| lt3825_$ function| lt3825_Qb function| lt3825_Rb function| lt3825_Sb function| lt3825_Tb function| lt3825_Ub function| lt3825_Vb function| lt3825_Wb function| lt3825_Xb function| lt3825_Zb function| lt3825__b function| lt3825_0b function| lt3825_Yb

18 Cookies

Domain/Path Name / Value
5alij.com/ Name: PHPSESSID
Value: ia6k7nf87q7r38iqjq4rbtfb5h
5alij.com/ Name: qa_key
Value: cimn11r12o1y34rsd2cg1iaby34ujyrf
5alij.com/ Name: HstCfa4375334
Value: 1671826565625
5alij.com/ Name: HstCla4375334
Value: 1671826565625
5alij.com/ Name: HstCmu4375334
Value: 1671826565625
5alij.com/ Name: HstPn4375334
Value: 1
5alij.com/ Name: HstPt4375334
Value: 1
5alij.com/ Name: HstCnv4375334
Value: 1
5alij.com/ Name: HstCns4375334
Value: 1
.5alij.com/ Name: __gads
Value: ID=522897ebaf736587-22b7c091f6d80012:T=1671826567:RT=1671826567:S=ALNI_MYMjwCtALhLotYiaWQQ3Q1tMOp3Eg
.5alij.com/ Name: __gpi
Value: UID=00000b966d7ede97:T=1671826567:RT=1671826567:S=ALNI_MYAm4XRM5DQ5trYXr_YUSrGRxVKDg
.dtscout.com/ Name: m
Value: 1
.dtscout.com/ Name: oa
Value: 1
.dtscout.com/ Name: df
Value: 1671826567
.dtscout.com/ Name: l
Value: 10401671826567AF0571923A2E48C9B7
.5alij.com/ Name: __dtsu
Value: 10401671826567AF0571923A2E48C9B7
.dtscdn.com/ Name: uid
Value: 10401671826567AF0571923A2E48C9B7
.doubleclick.net/ Name: IDE
Value: AHWqTUnaWEPyp_fyTy_6bSug7Asf82LViW08kIZLBQNWtM4lKqBS4YgSkokqpNrbgPw

1 Console Messages

Source Level URL
Text
other warning URL: https://cdn.ampproject.org/rtv/012211060024000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5alij.com
a.dtssrv.com
adservice.google.co.nz
adservice.google.com
bid.g.doubleclick.net
cdn.ampproject.org
csi.gstatic.com
data-beacons.s-onetag.com
e.dtscout.com
fonts.googleapis.com
fonts.gstatic.com
get.s-onetag.com
googleads.g.doubleclick.net
imasdk.googleapis.com
onetag-geo.s-onetag.com
pagead2.googlesyndication.com
partner.googleadservices.com
r5---sn-ntqe6n7k.c.2mdn.net
s10.histats.com
s4.histats.com
t.dtscdn.com
t.dtscout.com
tags.bluekai.com
tags.crwdcntrl.net
tpc.googlesyndication.com
www.googletagservices.com
www.gstatic.com
cdn.ampproject.org
data-beacons.s-onetag.com
pagead2.googlesyndication.com
r5---sn-ntqe6n7k.c.2mdn.net
tags.bluekai.com
tpc.googlesyndication.com
104.26.12.60
108.157.14.123
108.157.14.32
108.157.14.62
141.101.120.11
142.250.4.155
142.250.4.94
142.251.10.132
142.251.10.95
142.251.12.94
142.251.16.120
149.56.240.27
172.217.194.155
172.253.118.154
172.64.106.25
172.67.137.241
46.105.201.240
74.125.200.155
74.125.24.132
74.125.24.95
74.125.68.155
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
07a75636966b34dd8bbafee0ebced659b03bab0e57641e1fa035ca7da0bd39ce
101b8d837f8e01156fc293db1932eead16c29f9f16da622bfa89f394fbfd1273
157025606cebc118ce7bb7a62122058604fb39cbae9ae6bf2e7ad57bf4eb8087
1612e7c684acc35f3e2676ff3795cc610941fbae855be4c0e07461a6b55933e0
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
1b1c3ea8b3d9fec1913ac70c81c83f2172acc41988e747bd24d22bf779fd19a0
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
222aec881928c9d37181277126fc2d0f656425c1f358cd6ec7d4952552dbec75
23ffcf267eab0f418c7850ae28f0cb135de3d026696668fbc60c89a1d2edacd3
291b6bd7f8a7131a09497b84a3393b49086b8f7e2f3f2f15aba866ff988d9bb4
2c69bb772b4fa2294b6e9a0e17ac70fe2787bdd1319592586ba1e5bbd288b700
2de72cfcf78e1763282f1b76329d517063ac3ba812ac0128e19664ade443d4ad
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33baabf073143b742808d3be6ca4db54e70821ac0cbf6f62996d096a3fc3ad72
38b27f37699baae62db4b218fa378ea83f9dee84299a1e006a8f1bf3ee97acf7
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4d0ed9630334a711204c67723b1eb52755c8316466fa7e4e601958e0c12a5da9
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5eecfa645aee35cb0c6820e187451ab14a9df51283635a2117d7ba866a6a74aa
6002e23815ec42acedba12390950c5e1bb68a864af09bc445d29ebafd955acea
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037
6b80cb72d9feef6edc591f8991e32cf658da22abf0f91eb482e0a72ca666980c
806e57f8c7da1780198e2945ab05cab7a252d020bd5049fdc281fa2c62423349
853c7c7b8665ba98782bd2d9713bc5fa5acf31d536002af175cdea543448bf14
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
86b2e18b3f79512082e96f43c3425915f4d29f26c80977577a69f4a2847a8dec
882224484c916f5f08a7634cbce25f2c63f8704a10416d6c1490fd2d1d24edad
8ee5f53d3752309af021002b2199a06523b1fd03f3ea1cdaf5d59e911d4d8178
91fa743b90662d1247ff2a9e452e5cfa525e0d4a4caa1a29ed9820a74bb0f80c
98155f3695e3f35ab3a4ec9edb5e259e2ded3d79102b5635523c84a6e80d05b8
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a01f9f2f5ba1812441a49f7f1dc0b04fb56a18b486005289b8df4212381f10ce
a0ef9664ce4745a7141cfee9be2ff66c682596db11fde27129c25e5120b5b490
a2cef147f59ba3c90ea2d5a2d4897f9c126b5d71b472d5625cd484fa232ef0c1
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
b3e1a259698b5eea45701feade26137787a228e5c1795b3346265cf22b8a6f19
b79950172d0e6c3091a44a69d615ee5711f57bb59e202b2a383d48e4ca2a4ce3
b9f31bbbdd47f69392b9ea1747ce30390f8d8dcaca924ba005aa1bcc470499f9
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c3f73b989e0620a4d2e12ed57a0d538e4580b8fefaa1fefbad73e0abad6d227f
caf00dccdfb24b237c2e763929bbdbf10d64d66606688390a39c6456fbddb409
d1c1a69da840f5b37139473b9244f653c055f51682898867b5acdb53e72b497a
d89cb9800cc62dcc44a0ba866b4a080ad06f735f60a6afecbd6d691d2e8939dd
dd6a4d39482b37efe9c55c363401d536da1f7abff0e9a2dbdd91d718700ce386
dfa586fa8b70c056272ef189e613dc9f6bcb8f9b659259219fa776f639dd3374
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea8d57ea2a9c3941f67e70636dca9bd7522efdf0e23cf2c86af9e62226eee2f7
efd26621eee27800574ceb521f6a5bd39ba9650d0532d0b832aa713172da883f
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5802a6a61b055db582426e1a8d9f9d0a9808480baaffb710e57a8f1fa941830
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f63a45e1a453e5002e3e4958fce663c85590cd7250806eb578b33af60852d96d
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fb9a4e9a65c7ad8fc23e052db8d4e6ea328d6d75fb51ff050b1927cdc29080ea