urlscan.io logo urlscan.io
SecurityTrails logo

unzip-tar-gz.com Open in urlscan Pro
162.55.0.159  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://unzip-tar-gz.com/
Effective URL: https://unzip-tar-gz.com/
Submission Tags: @phish_report
Submission: On March 04 via api from FI — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 6 countries across 20 domains to perform 174 HTTP transactions. The main IP is 162.55.0.159, located in Bergen, Germany and belongs to HETZNER-AS, DE. The main domain is unzip-tar-gz.com.
TLS certificate: Issued by R3 on March 2nd 2024. Valid for: 3 months.
This is the only time unzip-tar-gz.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 9 162.55.0.159 24940 (HETZNER-AS)
32 172.217.167.98 15169 (GOOGLE)
5 172.217.167.106 15169 (GOOGLE)
1 1 52.220.192.217 16509 (AMAZON-02)
2 18.67.111.77 16509 (AMAZON-02)
4 157.240.8.23 32934 (FACEBOOK)
4 192.229.237.25 15133 (EDGECAST)
5 172.217.24.35 15169 (GOOGLE)
6 25 142.251.221.66 15169 (GOOGLE)
1 157.240.8.35 32934 (FACEBOOK)
2 104.244.42.72 13414 (TWITTER)
46 142.251.221.65 15169 (GOOGLE)
5 7 142.250.204.4 15169 (GOOGLE)
13 142.250.66.227 15169 (GOOGLE)
11 142.250.66.206 15169 (GOOGLE)
12 142.250.204.2 15169 (GOOGLE)
1 2 104.18.25.173 13335 (CLOUDFLAR...)
1 1 151.101.194.49 54113 (FASTLY)
1 5 172.217.167.66 15169 (GOOGLE)
1 1 202.232.238.37 2497 (IIJ Inter...)
1 35.213.12.39 15169 (GOOGLE)
2 2 50.31.142.31 23352 (SERVERCEN...)
1 182.22.28.252 23816 (YAHOO Yah...)
1 2 23.46.44.214 16625 (AKAMAI-AS)
174 21
9    162.55.0.159 (Bergen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.159.0.55.162.clients.your-server.de
unzip-tar-gz.com
32    172.217.167.98 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s17-in-f2.1e100.net
pagead2.googlesyndication.com
5    172.217.167.106 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s17-in-f10.1e100.net
fonts.googleapis.com
1    52.220.192.217 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-192-217.ap-southeast-1.compute.amazonaws.com
cmp.quantcast.com
2    18.67.111.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-111-77.syd62.r.cloudfront.net
cmp.inmobi.com
4    157.240.8.23 (Sydney, Australia)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-syd2.fbcdn.net
connect.facebook.net
static.xx.fbcdn.net
4    192.229.237.25 (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
5    172.217.24.35 (United States)

ASN15169 (GOOGLE, US)
PTR: hkg07s23-in-f35.1e100.net
fonts.gstatic.com
25    142.251.221.66 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f2.1e100.net
googleads.g.doubleclick.net
1    157.240.8.35 (Sydney, Australia)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-syd2.facebook.com
www.facebook.com
2    104.244.42.72 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
46    142.251.221.65 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f1.1e100.net
tpc.googlesyndication.com
7    142.250.204.4 (Sydney, Australia)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f4.1e100.net
www.google.com
13    142.250.66.227 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s15-in-f3.1e100.net
www.gstatic.com
11    142.250.66.206 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s23-in-f14.1e100.net
fundingchoicesmessages.google.com
12    142.250.204.2 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f2.1e100.net
www.googleadservices.com
2    104.18.25.173 (None, )

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
5    172.217.167.66 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s06-in-f2.1e100.net
cm.g.doubleclick.net
1    202.232.238.37 (Tokyo, Japan)

ASN2497 (IIJ Internet Initiative Japan Inc., JP)
sync.fout.jp
1    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
2    50.31.142.31 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
1    182.22.28.252 (Japan)

ASN23816 (YAHOO Yahoo Japan Corporation, JP)
cksync.yahoo.co.jp
2    23.46.44.214 (Sydney, Australia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-46-44-214.deploy.static.akamaitechnologies.com
sync.teads.tv
Apex Domain
Subdomains		 Transfer
78 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
tpc.googlesyndication.com — Cisco Umbrella Rank: 161
1 MB
30 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
cm.g.doubleclick.net — Cisco Umbrella Rank: 271
259 KB
18 google.com
www.google.com — Cisco Umbrella Rank: 2
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 647
75 KB
18 gstatic.com
fonts.gstatic.com
www.gstatic.com
221 KB
12 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 124
9 unzip-tar-gz.com
unzip-tar-gz.com
144 KB
6 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1306
syndication.twitter.com — Cisco Umbrella Rank: 1683
148 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 30
5 KB
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1421
650 B
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 649
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 940
s.tribalfusion.com — Cisco Umbrella Rank: 2540
1 KB
2 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 1064
139 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
92 KB
2 inmobi.com
cmp.inmobi.com — Cisco Umbrella Rank: 4035
45 KB
1 yahoo.co.jp
cksync.yahoo.co.jp — Cisco Umbrella Rank: 4143
619 B
1 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 383
235 B
1 fout.jp
sync.fout.jp — Cisco Umbrella Rank: 64341
717 B
1 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 742
584 B
1 facebook.com
www.facebook.com — Cisco Umbrella Rank: 100
18 KB
1 quantcast.com
cmp.quantcast.com — Cisco Umbrella Rank: 4872
216 B
174 20
Domain Requested by
46 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
unzip-tar-gz.com
www.gstatic.com
32 pagead2.googlesyndication.com unzip-tar-gz.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.gstatic.com
25 googleads.g.doubleclick.net 6 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
unzip-tar-gz.com
13 www.gstatic.com googleads.g.doubleclick.net
unzip-tar-gz.com
12 www.googleadservices.com googleads.g.doubleclick.net
11 fundingchoicesmessages.google.com pagead2.googlesyndication.com
9 unzip-tar-gz.com 1 redirects unzip-tar-gz.com
7 www.google.com 5 redirects tpc.googlesyndication.com
googleads.g.doubleclick.net
5 cm.g.doubleclick.net 1 redirects googleads.g.doubleclick.net
5 fonts.gstatic.com fonts.googleapis.com
5 fonts.googleapis.com unzip-tar-gz.com
googleads.g.doubleclick.net
4 platform.twitter.com unzip-tar-gz.com
platform.twitter.com
2 sync.teads.tv 1 redirects
2 b1sync.zemanta.com 2 redirects
2 static.xx.fbcdn.net www.facebook.com
2 syndication.twitter.com platform.twitter.com
2 connect.facebook.net unzip-tar-gz.com
connect.facebook.net
2 cmp.inmobi.com unzip-tar-gz.com
cmp.quantcast.com
1 cksync.yahoo.co.jp googleads.g.doubleclick.net
1 x.bidswitch.net googleads.g.doubleclick.net
1 sync.fout.jp 1 redirects
1 sync-tm.everesttech.net 1 redirects
1 s.tribalfusion.com
1 a.tribalfusion.com 1 redirects
1 www.facebook.com connect.facebook.net
1 cmp.quantcast.com 1 redirects
174 26

This site contains links to these domains. Also see Links.

Domain
compress-pdf.com
unzip.online
Subject Issuer Validity Valid
unzip-tar-gz.com
R3		 2024-03-02 -
2024-05-31		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-12-12 -
2024-03-11		 3 months crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-28 -
2024-07-26		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-12 -
2024-05-06		 3 months crt.sh
syndication.twitter.com
R3		 2024-02-21 -
2024-05-21		 3 months crt.sh
cmp.inmobi.com
Sectigo ECC Organization Validation Secure Server CA		 2023-08-18 -
2024-08-17		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
edge01.yahoo.co.jp
Cybertrust Japan SureServer CA G4		 2024-02-02 -
2025-03-01		 a year crt.sh

This page contains 31 frames:

Primary Page: https://unzip-tar-gz.com/
Frame ID: DF4EC16CA7B7D5D41A7F5A2842A4E395
Requests: 36 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20190131/zrt_lookup_nohtml_fy2021.html
Frame ID: 99BD14EF3CD3D91CF28D2FC1EAAD0414
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Funzip-tar-gz.com
Frame ID: C94A079081B9408AE4DE44776F5113D1
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/v2.3/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfb5eae0c514efaca3%26domain%3Dunzip-tar-gz.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Funzip-tar-gz.com%252Ffb262aef06b7fd767%26relation%3Dparent.parent&container_width=120&href=https%3A%2F%2Funzip-tar-gz.com%2F&layout=button_count&locale=en_US&sdk=joey&share=true&show_faces=false
Frame ID: 59081F7E9D6D7ECB40C09D00C7F417C4
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1NNN&client=ca-pub-4559838995070559&output=html&h=280&slotname=3428677040&adk=3152364225&adf=1724112941&pi=t.ma~as.3428677040&w=336&fwrn=4&fwrnh=100&lmt=1709511107&rafmt=1&format=336x280&url=https%3A%2F%2Funzip-tar-gz.com%2F&fwr=0&rh=280&rw=336&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709511107307&bpp=4&bdt=600&idt=134&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&correlator=4812284435659&frm=20&pv=2&ga_vid=1990468174.1709511108&ga_sid=1709511108&ga_hid=1220006125&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=252&ady=124&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42532523%2C95325752%2C95321957%2C95324161%2C95325784%2C95326430%2C95326436&oid=2&pvsid=2891286047968147&tmod=570565626&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=651
Frame ID: 38E5AC3F10673FDEBC281C2764986A7A
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1NNN&client=ca-pub-4559838995070559&output=html&h=280&slotname=3428677040&adk=3152364225&adf=2926642551&pi=t.ma~as.3428677040&w=336&fwrn=4&fwrnh=100&lmt=1709511107&rafmt=1&format=336x280&url=https%3A%2F%2Funzip-tar-gz.com%2F&fwr=0&rh=280&rw=336&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709511107307&bpp=1&bdt=600&idt=148&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=4812284435659&frm=20&pv=1&ga_vid=1990468174.1709511108&ga_sid=1709511108&ga_hid=1220006125&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1012&ady=124&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42532523%2C95325752%2C95321957%2C95324161%2C95325784%2C95326430%2C95326436&oid=2&pvsid=2891286047968147&tmod=570565626&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=666
Frame ID: AAD7920BD12EF51B74B3F22C3EB5E103
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1NNN&client=ca-pub-4559838995070559&output=html&adk=1812271804&adf=3025194257&lmt=1709511107&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Funzip-tar-gz.com%2F&pra=7&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709511107307&bpp=4&bdt=600&idt=148&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280&nras=1&correlator=4812284435659&frm=20&pv=1&ga_vid=1990468174.1709511108&ga_sid=1709511108&ga_hid=1220006125&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42532523%2C95325752%2C95321957%2C95324161%2C95325784%2C95326430%2C95326436&oid=2&pvsid=2891286047968147&tmod=570565626&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=688
Frame ID: 4C2FE544A474EFFDD1EE17968744E288
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
Frame ID: 1AD9C05CC694BACE8254084C51E79AD6
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5D628683E63345341B00CA73368C601B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C6CA71FDF8213E46A506991EF56A2028
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: AC82ACBC1AB6153809C6280C20FA917D
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sWfmJsWQCoSmdaAiuh8dwa10lFzQL04fMWr3mCbzgTM.js
Frame ID: 5A2DB918EE570D2D33BD38E5055B6231
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sWfmJsWQCoSmdaAiuh8dwa10lFzQL04fMWr3mCbzgTM.js
Frame ID: 02C5E05FB9E8338444465F32DB58CCAA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1NNN&client=ca-pub-4559838995070559&output=html&h=60&adk=510444280&adf=1020379959&pi=t.aa~a.3620710788~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1709511110&rafmt=1&to=qs&pwprc=7794995290&format=1200x60&url=https%3A%2F%2Funzip-tar-gz.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709511109473&bpp=1&bdt=2766&idt=-M&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da13e31a070e59846%3AT%3D1709511108%3ART%3D1709511108%3AS%3DALNI_MYIDtsd87CB3hI80-VLIgDhX3Xiog&gpic=UID%3D00000d2481fedef9%3AT%3D1709511108%3ART%3D1709511108%3AS%3DALNI_MbcIWSr3IgVEo1EpTZLF2CEGFOFlA&eo_id_str=ID%3Df1b15d0fa449b1e5%3AT%3D1709511108%3ART%3D1709511108%3AS%3DAA-AfjbEgvyNDmYqflfb69kMCirS&prev_fmts=336x280%2C336x280%2C0x0&nras=2&correlator=4812284435659&frm=20&pv=1&ga_vid=1990468174.1709511108&ga_sid=1709511108&ga_hid=1220006125&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1461&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42532523%2C95325752%2C95321957%2C95324161%2C95325784%2C95326430%2C95326436&oid=2&psts=AOrYGslsyUT7b8szZuTIrctVc0k9j5O1Yb72xGu6VP9FGE1y1k51vCB3kCiQeJ_4PqaZCw-mUQHqtHVU1HCr1vlQJSXpqCs%2CAOrYGsl-UUqx9T54akFl8Jr5UaEtyFyYq2_z3JBWBhwJBo_844awGsOwNJbKhWUngRGEm4gqa9GDV4TlzbSeb6rzCwquqhU&pvsid=2891286047968147&tmod=570565626&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=548
Frame ID: 60E0CD78B12A8A5C82CA8278E6CA472D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Frame ID: 8FFFA09D0C408B2E5E1C3CADE906EA52
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Frame ID: 0CF1CAF3AB1801B6FD4218938FA59EF1
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Frame ID: BAD5C442112E9D128EA7EE338A73549C
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Frame ID: 9A8C7BCAF1CE01CFEEBF7A8161E58CDF
Requests: 10 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 857C6B8152D5A5763E1E3CFEC1BC9497
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E5A62599757AECA8DC943293C58D9A9C
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: F5A10402FB1B398657271735AB2FFB83
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 2974A32B293B9767038CB0F8A1828FA3
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C79155DA36312A963F35781717E73449
Requests: 2 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/a557c05b701b7d3041e507ef957cdd82.js?tag=client_fast_engine_2019
Frame ID: 14BA5B6CDF4ED842DBF6AC151ABAB456
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14463782928620631522/index.html
Frame ID: F05B582BC761A2091AF2BBCA322E623F
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F49B5D0913511FCFFB1A0ED23F707CF7
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sWfmJsWQCoSmdaAiuh8dwa10lFzQL04fMWr3mCbzgTM.js
Frame ID: 054577E9B94E761CE14FA91F77E011CD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sWfmJsWQCoSmdaAiuh8dwa10lFzQL04fMWr3mCbzgTM.js
Frame ID: 3EC42E1CE0634686CB168B3EE5901F9D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sWfmJsWQCoSmdaAiuh8dwa10lFzQL04fMWr3mCbzgTM.js
Frame ID: B9D20BCD34311B2FEC8B31A801196947
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sWfmJsWQCoSmdaAiuh8dwa10lFzQL04fMWr3mCbzgTM.js
Frame ID: 18113427BC4814B2B953E10BBA4F5C38
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sWfmJsWQCoSmdaAiuh8dwa10lFzQL04fMWr3mCbzgTM.js
Frame ID: DBDB325634B9C17831EE302CAE203F41
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Free Unzip online tool: Helps you open any .tar.gz file online

Page URL History Show full URLs

  1. http://unzip-tar-gz.com/ HTTP 301
    https://unzip-tar-gz.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

174
Requests

93 %
HTTPS

0 %
IPv6

20
Domains

26
Subdomains

21
IPs

6
Countries

2395 kB
Transfer

6968 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://unzip-tar-gz.com/ HTTP 301
    https://unzip-tar-gz.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js HTTP 301
  • https://cmp.inmobi.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
Request Chain 64
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CQG83xBHlZdeOAu7Q3LUP-LWGkA-2jfzpdKTGhaaFEqiTzLbeCRABILnZyCJgpYCAgJABoAGez6qqAsgBCakCxo7Sc8IsXD6oAwHIA8sEqgTXAU_Qhp1zHBrfHKri6CPlA-cj7z_snr6hPUIMRC0s2jmyNTfO1iLdHq6LXurBF5nerc_LK4eeYgKEm6BUdNUAWHHCb-9beBrmWfsSMnoS8R7cKDXjp8Jmy-kZmph37ZxWEp6eehDzafti3vkSv03xh5MMZORDzAmve2e009rNcjMlHsaCiQDHJ8BZXrW7iK4UhdFKYrNAvs2Q0_rWs9tB0YmonkHveuf1v46OT56MgJ8JSX0Hy2bCSN_1cXc9METkqvn9hbUYPPOTuZFaPcgrDXfZ91nvmvHYwATV1bHSxwSIBczy6d5NkgUECAQYAZIFBAgFGASgBi6AB8qw1dUBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH1ckbqAemvhvYBwDyBwQQtIpE0ggkCIBhEAEYHzICigI6CYBAgMCAgICgKEi9_cE6WKvp1ZKp2YQDmgkXaHR0cHM6Ly9mYWN0b3J5d29yZC5ydS-ACgHICwHaDBEKCxCgv__r3qfK-OUBEgIBA7gT5APYEwKIFAHQFQGYFgGAFwGyFxwKGggAEhRwdWItNDU1OTgzODk5NTA3MDU1ORgA&sigh=BTtlT1OkNNc&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwB7FLtq3aAxEze5hN3GodPvv_iDUbBl9xpyt4Nc-KA_KAZwewL3IROigzG1P4OygEjRp40hxD4CrC6JowgZkvjQ41MRG8OInrOJQGSCeSgYAQ&template_id=484&cbvp=2&vis=1&nis=5 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x20c6d0dbe90f91e60000000000000000%22,%222%22:%220xdb62d60390e74d90000000000000000%22,%223%22:%220x67858785a57501cc0000000000000000%22,%224%22:%220x5b1fb264b651e9b70000000000000000%22,%225%22:%220x1c03b6b45ef9d5c10000000000000000%22},%22debug_key%22:%2210200118156228567895%22,%22debug_reporting%22:true,%22destination%22:%22https://factoryword.ru%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22625649566%22],%2222%22:[%22true%22],%224%22:[%2203-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217086708406843415153%22}&andc=true
Request Chain 68
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 73
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CE8rDxBHlZf6rAcf0z7sPiIGRsA21tKqddJux4tXXDtCo_eu0LxABILnZyCJgpYCAgJABoAH3y7jCAsgBAakC0kSjndrmST6oAwHIA8sEqgTDAU_Q7ryrMULLSMsDMdMO674XPKHIKCqj7gH65U7_eL-_waD5cMm8Ktvx4KKNSv8idOAlV-IMCyHnzpftQND6JyY3H7CZ-aKPMLGcKT69_bGuz1GLsGgZpgtjxO1xNHn4ghag-ErLD_MGD07zsqy5uxfqJJPnsWtS9udR-XdpWg5mqznqh5tB1ylBv3MG6Wj5N4akNMwjVtfvDuATi1PfDQJm7A4EVAtFblOh91hHYrN-6zjfBp5uoJLjdrkCQYtWeup0Y8AEoP2etOADiAWz25-gN5IFBAgEGAGSBQQIBRgEgAfxs8e9AagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4b2AcB8gcEEKacVtIIJAiAYRABGB8yAooCOgmAQIDAgICAgChIvf3BOljzg9WSqdmEA5oJUGh0dHBzOi8vd3d3Lm1hbmFnZWVuZ2luZS5jb20vcHJvZHVjdHMvc2VydmljZS1kZXNrL2xwL3NlcnZpY2UtZGVzay1zb2x1dGlvbi5odG1sgAoByAsB2gwQCgoQsKKTgbDvsoUQEgIBA9gTAogUA9AVAZgWAYAXAbIXHAoaCAASFHB1Yi00NTU5ODM4OTk1MDcwNTU5GAA&sigh=SNXtEu_oum8&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwB7FLtqNvisPHP29Czev8ket9Q4DV0KOq_xnqojGLtO46CL_XE0rg8UJa3KIeScilBo8Ur7kNoc4F4trHQnkQXb5A8iBx3iWs7hUtVgiacYAQ&cbvp=2&vis=1&nis=5 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x4c539540ab29a11c0000000000000000%22,%222%22:%220xeafddc0acd5cc1e90000000000000000%22,%223%22:%220x7fe4f34e6f68924d0000000000000000%22,%224%22:%220x97e16560802c7a900000000000000000%22,%225%22:%220xa49f77046cb5ba680000000000000000%22},%22debug_key%22:%2216792558303676845708%22,%22debug_reporting%22:true,%22destination%22:%22https://manageengine.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22676210167%22],%2222%22:[%22true%22],%224%22:[%2203-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213886015723663027953%22}&andc=true
Request Chain 118
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 119
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 120
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 122
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 123
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CK1VnxBHlZejmA6-g4t4PsfmpuAa1tKqddOD996XyENCo_eu0LxABILnZyCJgpYCAgJABoAH3y7jCAsgBAqkC0kSjndrmST6oAwHIA8kEqgTHAU_QbiIQoLSXQ9IuBfr8It7LKIqSKhjRLmLzQi0hYirySpVpFoZpu3hZ-PnYzIAVdFd9SOckNFfP0oO29_gdPbHgedjs4igs8OE_FaAt655L6akrujxp7BoaJ2y37Bsw7iAFpXOLTUkBFleO9RVhbtesZu7qiFKn3XFrB_N2n540GVYRKE6E2qCQdrB1Qww2noixFDnlnmzdge3qNdwoT27W4iuIiKW9Gx0-ml0-rf7uDhM7n3LDAebGxZrWA-DRgYZ-rytqk73ABKD9nrTgA4gFs9ufoDeSBQQIBBgBkgUECAUYBKAGAoAH8bPHvQGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G9gHAfIHBBDZmxvSCCQIgGEQARgfMgKKAjoJgECAwICAgKAoSL39wTpY2q3XkqnZhAOaCUdodHRwczovL3d3dy5tYW5hZ2VlbmdpbmUuY29tL3Byb2R1Y3RzL3NlcnZpY2UtZGVzay9pdC1zZXJ2aWNlLWRlc2suaHRtbIAKAcgLAdoMEAoKEICX3em41NivJxICAQPYEwLQFQGYFgGAFwGyFxwKGggAEhRwdWItNDU1OTgzODk5NTA3MDU1ORgA&sigh=rMQpxzKs1Xs&uach_m=%5BUACH%5D&ase=2&cid=CAQSTgB7FLtqqTWETxJaWrPuPPIayjG9ngUjyO1Pca7wMhXvVzAyqXL05cYDcHM69C1Mm6Ir8a4bcWNpmcNknRD1i0zymwDx6aPhlxeYs_tszhgB&cbvp=2&vis=1&nis=5 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x4c539540ab29a11c0000000000000000%22,%222%22:%220xeafddc0acd5cc1e90000000000000000%22,%223%22:%220x7fe4f34e6f68924d0000000000000000%22,%224%22:%220x97e16560802c7a900000000000000000%22,%225%22:%220xa49f77046cb5ba680000000000000000%22},%22debug_key%22:%225103399318048085617%22,%22debug_reporting%22:true,%22destination%22:%22https://manageengine.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22676210167%22],%2222%22:[%22true%22],%224%22:[%2203-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221512527914751161249%22}&andc=true
Request Chain 143
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEL249XWxvxs9MOEmNNbbBcE&google_cver=1&google_push=AXcoOmQrISjWV_AqMU-3sCXrVtGHeiQi8WgP6S1w_o0HN9-nOMGxLBRPOGeZoN9ZVcu28SCe0_XaMn4lnoTy_gc9LzLqktbAEHgaBp7wgHhPL_7y93MdPcNodI2gLAbfnecYcR8uRY3L5We2-FCBKpixFNPUrQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQrISjWV_AqMU-3sCXrVtGHeiQi8WgP6S1w_o0HN9-nOMGxLBRPOGeZoN9ZVcu28SCe0_XaMn4lnoTy_gc9LzLqktbAEHgaBp7wgHhPL_7y93MdPcNodI2gLAbfnecYcR8uRY3L5We2-FCBKpixFNPUrQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEL249XWxvxs9MOEmNNbbBcE&google_cver=1&google_push=AXcoOmQrISjWV_AqMU-3sCXrVtGHeiQi8WgP6S1w_o0HN9-nOMGxLBRPOGeZoN9ZVcu28SCe0_XaMn4lnoTy_gc9LzLqktbAEHgaBp7wgHhPL_7y93MdPcNodI2gLAbfnecYcR8uRY3L5We2-FCBKpixFNPUrQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQrISjWV_AqMU-3sCXrVtGHeiQi8WgP6S1w_o0HN9-nOMGxLBRPOGeZoN9ZVcu28SCe0_XaMn4lnoTy_gc9LzLqktbAEHgaBp7wgHhPL_7y93MdPcNodI2gLAbfnecYcR8uRY3L5We2-FCBKpixFNPUrQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 144
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEEZ17ILiaJ5B98VAirG88CE&google_cver=1&google_push=AXcoOmTatRoQLFzoGxa_kyHIYRP_Kx8XFmTQjCclfBkZMYG_IMa-cY77CSROXiij6DPTL4CX7XufqajAHk0v7h9PGUPMMsUxU4RcKcc6UX9Z_9Od4QI3BLNpHheH5BmWXyk9-Gu65PrSmiKsM-5KW2-qfeE3Bg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEZ17ILiaJ5B98VAirG88CE&google_push=AXcoOmTatRoQLFzoGxa_kyHIYRP_Kx8XFmTQjCclfBkZMYG_IMa-cY77CSROXiij6DPTL4CX7XufqajAHk0v7h9PGUPMMsUxU4RcKcc6UX9Z_9Od4QI3BLNpHheH5BmWXyk9-Gu65PrSmiKsM-5KW2-qfeE3Bg
Request Chain 145
  • https://sync.fout.jp/sync?xid=googleadex&g_pixel=&sp=1&google_gid=CAESEG3wlF_TXeYdOQ9vm6jM-fM&google_cver=1&google_push=AXcoOmT3VZawit4sEgkKB4ICHxxGWpL6D2T38CwDQ_TAcYdV50MSAfyVNtCk03aaCj7M-hlG12chCOCUQRmIWJZzjv_OALBeUd0MEdId8L5mPZwJEaWjMXreR4qEO3Vk6NuTMe4semUfnjMyTJvqfPXD8G6Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmT3VZawit4sEgkKB4ICHxxGWpL6D2T38CwDQ_TAcYdV50MSAfyVNtCk03aaCj7M-hlG12chCOCUQRmIWJZzjv_OALBeUd0MEdId8L5mPZwJEaWjMXreR4qEO3Vk6NuTMe4semUfnjMyTJvqfPXD8G6Y&google_hm=VXBZd1dMWGxxVXEtTm5RRVVrTkR1Nzl0M1Vv&from_google=sp1
Request Chain 147
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEI85XK96AcyyGuXIxM5cyYQ&google_cver=1&google_push=AXcoOmT-kgJjvZG0I_Ptfs9Z_wJqRL7gafbi2_1IjJmBscYCp1gAFkSPLEAJ97tEIK06KKyHOgxXlhHVq1Q3HWkPuPT97LSNZQHH38v1fiEpSjKO4FaYWQSdSS7KFwmQUrYghyf96VNDePmufK0cKIZyFuQcyA HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEI85XK96AcyyGuXIxM5cyYQ&google_push=AXcoOmT-kgJjvZG0I_Ptfs9Z_wJqRL7gafbi2_1IjJmBscYCp1gAFkSPLEAJ97tEIK06KKyHOgxXlhHVq1Q3HWkPuPT97LSNZQHH38v1fiEpSjKO4FaYWQSdSS7KFwmQUrYghyf96VNDePmufK0cKIZyFuQcyA&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmT-kgJjvZG0I_Ptfs9Z_wJqRL7gafbi2_1IjJmBscYCp1gAFkSPLEAJ97tEIK06KKyHOgxXlhHVq1Q3HWkPuPT97LSNZQHH38v1fiEpSjKO4FaYWQSdSS7KFwmQUrYghyf96VNDePmufK0cKIZyFuQcyA&google_hm=ZU00cl9xcC1QY0hvQzJnMHNoMWc=
Request Chain 149
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESELLuWRS3OJPwQdGmMVpoE8g&google_cver=1&google_push=AXcoOmRZBqGDSvBKs0IsV4rVzAVvi-r978Ba2sPdm6SH3eaWjFNjGpX_alaegFp4-XzaPbcZCHr_f6SugZgprdzjHQgv_wvRxjRWG7tpl-tc1WEyNeo2YYOOdASuwOmOUfK44hSehOQmmXD9xncluo5KA7gqEkw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=NzgzNDJmZTEtZDcyZi00ODJhLWI5NmEtNzEzZDhkZDQ3ZDNi&google_push=AXcoOmRZBqGDSvBKs0IsV4rVzAVvi-r978Ba2sPdm6SH3eaWjFNjGpX_alaegFp4-XzaPbcZCHr_f6SugZgprdzjHQgv_wvRxjRWG7tpl-tc1WEyNeo2YYOOdASuwOmOUfK44hSehOQmmXD9xncluo5KA7gqEkw HTTP 302
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Request Chain 152
  • https://googleads.g.doubleclick.net/pagead/adview?ai=C-EIHxhHlZdKeBfeA9fwPpdqC8A-K-5qXdvr6gufDEquQ_tWXDhABILnZyCJgpYCAgJABoAH77pyiA8gBCakCnPBNqKI7tT6oAwHIA0iqBM4BT9D-woGvkMBw4OrRstQLIxJUxZIFkD7HR2tD7ei3So-8yUBv4VCvdibP5qLnkh5j-VbsFTH8Hby39KhM-C67D-uIQuUFGk5jP_yiFKmL8LvTkRIfqZ_W9PORUv1UUg3iYYfvDG0XI5BkRbvzOoRsiuqzFPlsDWJbhUVzpmuWFT6H3aPhLFxyORMF8ib5TVhYQqkBN2NzVXsHb_EDHDQ8nUdi0Ma1hNMDMGFnGM3ytcOCtD4HgOrkaVYqnrc2DBkG2ppgcJkYm8CWt6YRoZ7ABLSAk4jrBIgFxaL-0E2SBQQIBBgBkgUECAUYBKAGLoAH7ZDjXagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4b2AcA8gcEELDECdIIJAiAYRABGB8yAooCOgmAQIDAgICAgChIvf3BOlir_dKTqdmEA5oJRmh0dHBzOi8vZG90ZGlnaXRhbC5jb20vcmVzb3VyY2VzL3VubG9ja2luZy1lbWFpbC1tYXJrZXRpbmctYXV0b21hdGlvbi-ACgHICwHaDBAKChDg4cry7a2ErCMSAgED2BMN0BUBgBcBshccChoIABIUcHViLTQ1NTk4Mzg5OTUwNzA1NTkYAA&sigh=f5tjVGUXcUs&uach_m=%5BUACH%5D&ase=2&cid=CAQSPAB7FLtqBWSyrXifZP94c-IwCySFqpuOkpFnf9XeQ75yYE_2rv6pT2qmp1_3JMYtk3i3OHLTfUrDSBiZfhgB&template_id=419&cbvp=2&vis=1&nis=5 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x2b7fa0e520d9fade0000000000000000%22,%222%22:%220x95dcd2699c5de09d0000000000000000%22,%223%22:%220x797556bb7e995eae0000000000000000%22,%224%22:%220x4ea3bf0c5db656d10000000000000000%22,%225%22:%220x19efa9a267ade4500000000000000000%22},%22debug_key%22:%228993107381886693812%22,%22debug_reporting%22:true,%22destination%22:%22https://dotdigital.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22877082491%22],%2222%22:[%22true%22],%224%22:[%2203-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22333798789092994481%22}&andc=true
Request Chain 157
  • https://googleads.g.doubleclick.net/pagead/adview?ai=C67jfxBHlZebmA6-g4t4PsfmpuAa1tKqddOjDsv-AEZ_thK6vKxABILnZyCJgpYCAgJABoAH3y7jCAsgBAqkC0kSjndrmST6oAwHIA8kEqgTGAU_QWXQgtlVkKpAvpaV64kylnBv19deGn2nMicfhJCd6XyVJBKhkoCR6FNCNIpCBmdWn5O4OiHWh-pUihQqoaEvLKXXdZcm1UpkVd3MUN3_BiNeyczYT7Dp5u9BbhA_v1yRhNGo9ER2TnQAsMVls4dh5XO_4Sxusucriodyq_8iXacAoh5xQgR66jdVy6K42a_rggGrIPZFi3JvaTcOP-GZaUkqJZnvIvw_dZe9aUSx7N73lD1_DcWYOkF8hiIE8MUWz8PjJL8AEyP2etOADiAWz25-gN5IFBAgEGAGSBQQIBRgEoAYCgAfxs8e9AagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4b2AcB8gcEEODYFtIIJAiAYRABGB8yAooCOgmAQIDAgICAoChIvf3BOljardeSqdmEA5oJR2h0dHBzOi8vd3d3Lm1hbmFnZWVuZ2luZS5jb20vcHJvZHVjdHMvc2VydmljZS1kZXNrL2l0LXNlcnZpY2UtZGVzay5odG1sgAoByAsB2gwRCgsQ0Pe856SR36i2ARICAQPYEwLQFQGYFgGAFwGyFxwKGggAEhRwdWItNDU1OTgzODk5NTA3MDU1ORgA&sigh=L94NHre3XDY&uach_m=%5BUACH%5D&ase=2&cid=CAQSTgB7FLtqqTWETxJaWrPuPPIayjG9ngUjyO1Pca7wMhXvVzAyqXL05cYDcHM69C1Mm6Ir8a4bcWNpmcNknRD1i0zymwDx6aPhlxeYs_tszhgB&cbvp=2&vis=1&nis=5 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x4c539540ab29a11c0000000000000000%22,%222%22:%220xeafddc0acd5cc1e90000000000000000%22,%223%22:%220x7fe4f34e6f68924d0000000000000000%22,%224%22:%220x537225e5de0ffcc00000000000000000%22,%225%22:%220xa49f77046cb5ba680000000000000000%22},%22debug_key%22:%2210542406156984833695%22,%22debug_reporting%22:true,%22destination%22:%22https://manageengine.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22676210167%22],%2222%22:[%22true%22],%224%22:[%2203-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2218138150812341855777%22}&andc=true
Request Chain 163
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CDAWFxBHlZefmA6-g4t4PsfmpuAa1tKqddPDEtOT8EJ_thK6vKxABILnZyCJgpYCAgJABoAH3y7jCAsgBAqkC0kSjndrmST6oAwHIA8kEqgTGAU_QkFrrb7VLSjuj8oBKvSywwz02DiIzyNk1bvjo3sQg81pMXtNWbTrTwH5aoP7-V58fWjPJvS-q_cgU8VKxRnBWncHNAxe5EtbQoGDQ40xvgPii9ADdO9Gou3cj5cROouSItSLEFAOvFVvyW5acsIDzCFfg8K2mzrsr3yjq8T2mQ5i4JUq9GUwJ9ZzwItT58x7QcTsL5_LG9ltZ_7c9YoM9BHz7Aol2tf7r03j3JvoNuREJ86UwNODIXDufR8hwX4qTvJINX8AEyP2etOADiAWz25-gN5IFBAgEGAGSBQQIBRgEoAYCgAfxs8e9AagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4b2AcB8gcEEKKqFdIIJAiAYRABGB8yAooCOgmAQIDAgICAoChIvf3BOljardeSqdmEA5oJR2h0dHBzOi8vd3d3Lm1hbmFnZWVuZ2luZS5jb20vcHJvZHVjdHMvc2VydmljZS1kZXNrL2l0LXNlcnZpY2UtZGVzay5odG1sgAoByAsB2gwRCgsQ0M_i2NemoayaARICAQPYEwLQFQGYFgGAFwGyFxwKGggAEhRwdWItNDU1OTgzODk5NTA3MDU1ORgA&sigh=tJ3hmBqZV8k&uach_m=%5BUACH%5D&ase=2&cid=CAQSTgB7FLtqqTWETxJaWrPuPPIayjG9ngUjyO1Pca7wMhXvVzAyqXL05cYDcHM69C1Mm6Ir8a4bcWNpmcNknRD1i0zymwDx6aPhlxeYs_tszhgB&cbvp=2&vis=1&nis=5 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x4c539540ab29a11c0000000000000000%22,%222%22:%220xeafddc0acd5cc1e90000000000000000%22,%223%22:%220x7fe4f34e6f68924d0000000000000000%22,%224%22:%220x537225e5de0ffcc00000000000000000%22,%225%22:%220xa49f77046cb5ba680000000000000000%22},%22debug_key%22:%222670354362394015755%22,%22debug_reporting%22:true,%22destination%22:%22https://manageengine.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22676210167%22],%2222%22:[%22true%22],%224%22:[%2203-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225717541373296487329%22}&andc=true

174 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
unzip-tar-gz.com/
Redirect Chain
  • http://unzip-tar-gz.com/
  • https://unzip-tar-gz.com/
55 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://unzip-tar-gz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.55.0.159 Bergen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.0.55.162.clients.your-server.de
Software
nginx /
Resource Hash
41c7be5b3332c9425bc29a6ebad91228565bab48b69f820037484c22dd17619b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 04 Mar 2024 00:11:46 GMT
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-page-speed
1.13.35.2-0

Redirect headers

Connection
keep-alive
Content-Length
178
Content-Type
text/html
Date
Mon, 04 Mar 2024 00:11:45 GMT
Location
https://unzip-tar-gz.com/
Server
nginx
logo.svg
unzip-tar-gz.com/images/ 		13 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unzip-tar-gz.com/images/logo.svg?v6
Requested by
Host: unzip-tar-gz.com
URL: https://unzip-tar-gz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.55.0.159 Bergen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.0.55.162.clients.your-server.de
Software
nginx /
Resource Hash
8bfe117bd2e5937eafb0f2a9e602690b4b3aa91c89e55fdda41ce9ef8e58edc1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://unzip-tar-gz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 00:11:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
last-modified
Wed, 18 Sep 2019 15:47:19 GMT
server
nginx
etag
W/"5d825187-3222"
vary
Accept-Encoding
content-type
image/svg+xml
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		146 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: unzip-tar-gz.com
URL: https://unzip-tar-gz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
cafe /
Resource Hash
a1b4cc7242cc4c24051a323cfe0e38813793bfb41c8e34e2a9fd1a4f7bf9f439
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://unzip-tar-gz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 00:11:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51179
x-xss-protection
0
server
cafe
etag
12162919979156400086
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Mon, 04 Mar 2024 00:11:46 GMT
css
fonts.googleapis.com/ 		3 KB
990 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,700
Requested by
Host: unzip-tar-gz.com
URL: https://unzip-tar-gz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f10.1e100.net
Software
ESF /
Resource Hash
1076d5bb7f1896b00ca2e5fe084f70af57c528d2b01ef24d986e4a5941bc270a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://unzip-tar-gz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 04 Mar 2024 00:11:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 03 Mar 2024 23:41:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 04 Mar 2024 00:11:46 GMT
A.font-awesome.min.css.pagespeed.cf.ZyuYOzkNFF.css
unzip-tar-gz.com/fonts/ 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unzip-tar-gz.com/fonts/A.font-awesome.min.css.pagespeed.cf.ZyuYOzkNFF.css
Requested by
Host: unzip-tar-gz.com
URL: https://unzip-tar-gz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.55.0.159 Bergen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.0.55.162.clients.your-server.de
Software
nginx /
Resource Hash
a8ef39c29abedf66da8304e5807ae559f076b814a6928b957f126b5838a8f452
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://unzip-tar-gz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-page-speed
1.13.35.2-0
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 27 Feb 2024 22:53:07 GMT
content-encoding
gzip
last-modified
Tue, 27 Feb 2024 22:53:07 GMT
server
nginx
x-original-content-length
17735
etag
W/"0"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
3837
expires
Wed, 26 Feb 2025 22:53:07 GMT
jquery-1.11.1.min.js.pagespeed.jm.YSzgc-BSX9.js
unzip-tar-gz.com/js/ 		93 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unzip-tar-gz.com/js/jquery-1.11.1.min.js.pagespeed.jm.YSzgc-BSX9.js
Requested by
Host: unzip-tar-gz.com
URL: https://unzip-tar-gz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.55.0.159 Bergen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.0.55.162.clients.your-server.de
Software
nginx /
Resource Hash
a181a613a6eeab77259b1d6537f82fd28f4cb38fa41e43af8d1677a3542e74bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://unzip-tar-gz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-page-speed
1.13.35.2-0
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 29 Feb 2024 12:39:01 GMT
content-encoding
gzip
last-modified
Thu, 29 Feb 2024 12:39:01 GMT
server
nginx
x-original-content-length
95786
etag
W/"0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
33138
expires
Fri, 28 Feb 2025 12:39:01 GMT
plugins.js.pagespeed.jm.tweiTXaB2r.js
unzip-tar-gz.com/js/ 		139 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unzip-tar-gz.com/js/plugins.js.pagespeed.jm.tweiTXaB2r.js
Requested by
Host: unzip-tar-gz.com
URL: https://unzip-tar-gz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.55.0.159 Bergen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.0.55.162.clients.your-server.de
Software
nginx /
Resource Hash
3c40d8e3f1abe5fc62501eb51b1b52ed1756784d29bec884288f137f479b280b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://unzip-tar-gz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-page-speed
1.13.35.2-0
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 29 Feb 2024 12:39:01 GMT
content-encoding
gzip
last-modified
Thu, 29 Feb 2024 12:39:01 GMT
server
nginx
x-original-content-length
142608
etag
W/"0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
40815
expires
Fri, 28 Feb 2025 12:39:01 GMT
choice.js
cmp.inmobi.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/
Redirect Chain
  • https://cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
  • https://cmp.inmobi.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
Requested by
Host: unzip-tar-gz.com
URL: https://unzip-tar-gz.com/
Protocol
H2
Server
18.67.111.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-77.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c71b9f860fe9bac0f75a98fcb50dc1c4f77e59201ef22001131d3a1adc20fcb0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://unzip-tar-gz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 00:11:47 GMT
content-encoding
gzip
via
1.1 c9801432acaf39452e5421e7eeabc4b0.cloudfront.net (CloudFront)
last-modified
Wed, 22 Nov 2023 13:52:21 GMT
server
AmazonS3
x-amz-cf-pop
SYD62-P2
age
4
x-amz-server-side-encryption
AES256
etag
W/"ec43dec37a4eaf8ca7b754d3aee53c47"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=900
cross-origin-resource-policy
cross-origin
x-amz-cf-id
py4G7BEg_T7sfMsCXSolz2m6YxaEBD3L-alc03lt8DtC089Sj7HZGw==

Redirect headers

date
Mon, 04 Mar 2024 00:11:47 GMT
server
awselb/2.0
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
location
https://cmp.inmobi.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
access-control-allow-origin
*
cache-control
max-age=900
content-length
0
sdk.js
connect.facebook.net/en_US/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: unzip-tar-gz.com
URL: https://unzip-tar-gz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
607f44f400fb49d957ab8dd8412731cd34683521c05d28c6fe5f92176f9be9c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://unzip-tar-gz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 04 Mar 2024 00:11:46 GMT
content-md5
UkRDIAJ3bBPqbojtqvmbzg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1685
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-debug
9WMk3hoJBGiO3TJE9VQ2S5RFnuU14WwZLkXe8BGFPdbzE/cHBBSvx07KVps5qdVLdR2Blew437DkI6UQDQEIKw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
343c662d87afb1d2c15eda712d4ba610
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"48916dd6921084548f5e4121d114a1eb"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Mon, 04 Mar 2024 00:30:26 GMT
widgets.js
platform.twitter.com/ 		91 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: unzip-tar-gz.com
URL: https://unzip-tar-gz.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.237.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nwa/E78F) /
Resource Hash
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://unzip-tar-gz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Mon, 04 Mar 2024 00:11:46 GMT
Content-Encoding
gzip
Age
231
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
27597
Last-Modified
Mon, 11 Dec 2023 17:20:28 GMT
Server
ECS (nwa/E78F)
Etag
"824beb891744db98ccbd3a456e59e0f7+gzip"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
Vary
Accept-Encoding
xbutton-icon.png.pagespeed.ic.1LbNimeRoM.webp
unzip-tar-gz.com/ 		220 B
557 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unzip-tar-gz.com/xbutton-icon.png.pagespeed.ic.1LbNimeRoM.webp
Requested by
Host: unzip-tar-gz.com
URL: https://unzip-tar-gz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.55.0.159 Bergen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.0.55.162.clients.your-server.de
Software
nginx /
Resource Hash
60bf2d3a0af03cbf18a2cb68320e59a2d06ef11692a5a55053bbf3b5e69d486e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://unzip-tar-gz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-page-speed
1.13.35.2-0
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 27 Feb 2024 22:53:07 GMT
last-modified
Tue, 27 Feb 2024 22:53:07 GMT
server
nginx
x-original-content-length
548
etag
W/"0"
content-type
image/webp
cache-control
max-age=31536000
accept-ranges
bytes
link
<https://unzip-tar-gz.com/button-icon.png>; rel="canonical"
content-length
220
expires
Wed, 26 Feb 2025 22:53:07 GMT
sdk.js
connect.facebook.net/en_US/ 		303 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=e4b1ccbdaf4d8fb33cc11cf43cbb3157
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
76f207742ec69e1c6c55608b4b463c759af1991da141a0ffc1222a4fccda412e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://unzip-tar-gz.com/
Origin
https://unzip-tar-gz.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 04 Mar 2024 00:11:46 GMT
content-md5
Htad/pUZmn+xVixcs1xWnw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88664
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-debug
5VGjrNV7iM4wI4EjUr4LRPNb/k9qyfQ3cxU9YArrsIwx5QpVgIGtSW00Rl1PuzU8z/MYLfmF5FOjj80BckJwcQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
166a11249c45d7864b1b2dd95f6bb1c7
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"0d95e24562b9b37e29c5ccdddc3cdfd8"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Mon, 03 Mar 2025 23:31:26 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f35.1e100.net
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://unzip-tar-gz.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 03:29:11 GMT
x-content-type-options
nosniff
age
247356
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 01 Mar 2025 03:29:11 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402270101/ 		406 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402270101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
cafe /
Resource Hash
fdf0b40551fee3c6621a03eea7256ca4d79a0983469c7e81bcb53af5443bb233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://unzip-tar-gz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 00:11:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140898
x-xss-protection
0
server
cafe
etag
6863552580179378165
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Mar 2024 00:11:47 GMT
zrt_lookup_nohtml_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240228/r20190131/ Frame 99BD 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240228/r20190131/zrt_lookup_nohtml_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://unzip-tar-gz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
74737
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4155
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Mar 2024 03:26:10 GMT
etag
5035419970550746386
expires
Sun, 17 Mar 2024 03:26:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
fontawesome-webfont.woff
unzip-tar-gz.com/fonts/ 		43 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://unzip-tar-gz.com/fonts/fontawesome-webfont.woff?v=4.0.3
Requested by
Host: unzip-tar-gz.com
URL: https://unzip-tar-gz.com/fonts/A.font-awesome.min.css.pagespeed.cf.ZyuYOzkNFF.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.55.0.159 Bergen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.0.55.162.clients.your-server.de
Software
nginx /
Resource Hash
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://unzip-tar-gz.com/fonts/A.font-awesome.min.css.pagespeed.cf.ZyuYOzkNFF.css
Origin
https://unzip-tar-gz.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 00:11:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
last-modified
Mon, 16 Sep 2019 11:24:25 GMT
server
nginx
etag
"5d7f70e9-ad90"
content-type
application/font-woff
cache-control
s-maxage=10
accept-ranges
bytes
content-length
44432
widget_iframe.2f70fb173b9000da126c79afe2098f02.html
platform.twitter.com/widgets/ Frame C94A 		319 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Funzip-tar-gz.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.237.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nwa/E78F) /
Resource Hash
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18

Request headers

Referer
https://unzip-tar-gz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
7195812
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105429
Content-Type
text/html; charset=utf-8
Date
Mon, 04 Mar 2024 00:11:47 GMT
Etag
"81267302efdfb3e4524a22631a8fc99e+gzip"
Last-Modified
Mon, 11 Dec 2023 17:19:49 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (nwa/E78F)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
like.php
www.facebook.com/v2.3/plugins/ Frame 5908 		48 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v2.3/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfb5eae0c514efaca3%26domain%3Dunzip-tar-gz.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Funzip-tar-gz.com%252Ffb262aef06b7fd767%26relation%3Dparent.parent&container_width=120&href=https%3A%2F%2Funzip-tar-gz.com%2F&layout=button_count&locale=en_US&sdk=joey&share=true&show_faces=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=e4b1ccbdaf4d8fb33cc11cf43cbb3157
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.35 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-syd2.facebook.com
Software
/
Resource Hash
c815a30075aaeab11b3a3f06d226ef6038def41cffb1172355092a35a6bc5c3c
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://unzip-tar-gz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
unsafe-none;report-to="coop_report"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Mar 2024 00:11:47 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v13.0
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(self), clipboard-write=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
permissions-policy-report-only
clipboard-read=(), clipboard-write=();report-to="permissions_policy"
pragma
no-cache
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
ZM5bY7KyNUEsy+T9ygGjqTL3vQe1e+5jJgQfldFmW867TTh5upe2ZSmaNNHRP6WozaHxyoaaYEuSIXRr1tesWw==
x-xss-protection
0
settings
syndication.twitter.com/ Frame C94A 		870 B
660 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=749e5aeb85198321900bf6d23f2b9924ef916785
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2f70fb173b9000da126c79afe2098f02.html?origin=https%3A%2F%2Funzip-tar-gz.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_r /
Resource Hash
8ec44a4b321f5115d8760f193298585d8b28a26dd3190d0a3690b9e09a489a94
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-response-time
146
date
Mon, 04 Mar 2024 00:11:47 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Mon, 04 Mar 2024 00:11:47 GMT
server
tsa_r
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
89a8b61fb173be8a
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7469935968
x-connection-hash
696976a1e624b5c28cdb7ad08e6a03e9f0704505602347340c2b208ad0bd44d0
content-length
338
cmp2.js
cmp.inmobi.com/tcfv2/ 		164 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.inmobi.com/tcfv2/cmp2.js?referer=www.themoneytizer.com
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/6Fv0cGNfc_bw8/www.themoneytizer.com/choice.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.67.111.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-67-111-77.syd62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
12ccf01f8a2e959b70523bb71ec51563d7ef3a3b8f0c7f04a9c78e55207bd2f4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://unzip-tar-gz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 23:42:10 GMT
content-encoding
br
via
1.1 c9801432acaf39452e5421e7eeabc4b0.cloudfront.net (CloudFront)
x-amz-cf-pop
SYD62-P2
age
1777
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Fri, 01 Mar 2024 10:04:44 GMT
server
AmazonS3
etag
W/"cac85fee3a51a62faa3ce9d10b3ba671"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
vary
Accept-Encoding
x-amz-cf-id
dwmDN-w-hOFBaMwwXyie1Sx-m9VhxomrAA_9r7uE-O1fYL3Pt2cB9A==
FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame 5908 		299 B
745 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.3/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfb5eae0c514efaca3%26domain%3Dunzip-tar-gz.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Funzip-tar-gz.com%252Ffb262aef06b7fd767%26relation%3Dparent.parent&container_width=120&href=https%3A%2F%2Funzip-tar-gz.com%2F&layout=button_count&locale=en_US&sdk=joey&share=true&show_faces=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
date
Mon, 04 Mar 2024 00:11:47 GMT
x-content-type-options
nosniff
content-md5
OIlAxCmR79nrM/Ez4ygGlg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
299
reporting-endpoints
permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
x-fb-debug
yGsncJ8B2/Sad7qrePsFVlvdQLjOkutLTTidoGFSy0fnXOQlyCpukHPOO+woiIcPge+2QaropeDFkrOokmrd4Q==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
report-to
{"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Thu, 27 Feb 2025 19:46:01 GMT
VzoyMO4NpnC.js
static.xx.fbcdn.net/rsrc.php/v3iEpO4/yP/l/en_US/ Frame 5908 		531 KB
138 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/yP/l/en_US/VzoyMO4NpnC.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v2.3/plugins/like.php?action=like&app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfb5eae0c514efaca3%26domain%3Dunzip-tar-gz.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Funzip-tar-gz.com%252Ffb262aef06b7fd767%26relation%3Dparent.parent&container_width=120&href=https%3A%2F%2Funzip-tar-gz.com%2F&layout=button_count&locale=en_US&sdk=joey&share=true&show_faces=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-syd2.fbcdn.net
Software
/
Resource Hash
ef4b47b9a41e73ae624a12f8ab276590bf5835d8dd41f672e665760fba60c8c2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

permissions-policy-report-only
clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
date
Mon, 04 Mar 2024 00:11:47 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
Mi9nK8TtMx7mw6l428ozTA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
140260
reporting-endpoints
permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
x-fb-debug
GyxjJ+DWs8sdGT2PLTy1Ck60q6V46JhKQxkHt0WnQ2/w5ujxvBqZDvMRatXlqTjYlZ0gXMLtiOxjH3+h+M8AOg==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
report-to
{"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sun, 02 Mar 2025 01:32:15 GMT
ngx_pagespeed_beacon
unzip-tar-gz.com/ 		0
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://unzip-tar-gz.com/ngx_pagespeed_beacon?url=https%3A%2F%2Funzip-tar-gz.com%2F
Requested by
Host: unzip-tar-gz.com
URL: https://unzip-tar-gz.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.55.0.159 Bergen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.159.0.55.162.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://unzip-tar-gz.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 04 Mar 2024 00:11:48 GMT
cache-control
max-age=0, no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
server
nginx
button.856debeac157d9669cf51e73a08fbc93.js
platform.twitter.com/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/button.856debeac157d9669cf51e73a08fbc93.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.237.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nwa/E78F) /
Resource Hash
426e16d014775c77916610f675f58880874c645817ed26d01873dde3466e6007

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://unzip-tar-gz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Mon, 04 Mar 2024 00:11:47 GMT
Content-Encoding
gzip
Age
7195803
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
2620
Last-Modified
Mon, 11 Dec 2023 17:19:47 GMT
Server
ECS (nwa/E78F)
Etag
"fdf02dd038ed38dbf3c240d56262af0c+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
ads
googleads.g.doubleclick.net/pagead/ Frame 38E5 		125 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1NNN&client=ca-pub-4559838995070559&output=html&h=280&slotname=3428677040&adk=3152364225&adf=1724112941&pi=t.ma~as.3428677040&w=336&fwrn=4&fwrnh=100&lmt=1709511107&rafmt=1&format=336x280&url=https%3A%2F%2Funzip-tar-gz.com%2F&fwr=0&rh=280&rw=336&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709511107307&bpp=4&bdt=600&idt=134&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&correlator=4812284435659&frm=20&pv=2&ga_vid=1990468174.1709511108&ga_sid=1709511108&ga_hid=1220006125&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=252&ady=124&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42532523%2C95325752%2C95321957%2C95324161%2C95325784%2C95326430%2C95326436&oid=2&pvsid=2891286047968147&tmod=570565626&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=651
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402270101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
8906aa28c95bd94897c0573e280baba6cb171c423c9b87aadf4f3784d48901a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://unzip-tar-gz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
42849
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Mar 2024 00:11:48 GMT
expires
Mon, 04 Mar 2024 00:11:48 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240228&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402270101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
cafe /
Resource Hash
c6cf7fe768fe28179fa1271c1dd793fc600b17bc31998e243bbff2ba9c0d3141
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://unzip-tar-gz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 00:11:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12422
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame AAD7 		118 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1NNN&client=ca-pub-4559838995070559&output=html&h=280&slotname=3428677040&adk=3152364225&adf=2926642551&pi=t.ma~as.3428677040&w=336&fwrn=4&fwrnh=100&lmt=1709511107&rafmt=1&format=336x280&url=https%3A%2F%2Funzip-tar-gz.com%2F&fwr=0&rh=280&rw=336&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709511107307&bpp=1&bdt=600&idt=148&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=4812284435659&frm=20&pv=1&ga_vid=1990468174.1709511108&ga_sid=1709511108&ga_hid=1220006125&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1012&ady=124&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42532523%2C95325752%2C95321957%2C95324161%2C95325784%2C95326430%2C95326436&oid=2&pvsid=2891286047968147&tmod=570565626&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=666
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402270101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
7a1b429e0ff8adc91e65be06e01e85a084b05dc361ed2b225c3d4ab18be2984d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://unzip-tar-gz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
40960
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Mar 2024 00:11:48 GMT
expires
Mon, 04 Mar 2024 00:11:48 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 4C2F 		589 KB
106 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1NNN&client=ca-pub-4559838995070559&output=html&adk=1812271804&adf=3025194257&lmt=1709511107&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x945_l%7C212x945_r&format=0x0&url=https%3A%2F%2Funzip-tar-gz.com%2F&pra=7&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709511107307&bpp=4&bdt=600&idt=148&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280&nras=1&correlator=4812284435659&frm=20&pv=1&ga_vid=1990468174.1709511108&ga_sid=1709511108&ga_hid=1220006125&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42532523%2C95325752%2C95321957%2C95324161%2C95325784%2C95326430%2C95326436&oid=2&pvsid=2891286047968147&tmod=570565626&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=688
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402270101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
b571954e97bb3e1c9fb4f6d634c925b9d0504e1d8c16d86a96d4f936408232dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://unzip-tar-gz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
107865
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Mar 2024 00:11:48 GMT
expires
Mon, 04 Mar 2024 00:11:48 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
platform.twitter.com/widgets/ Frame 1AD9 		33 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/tweet_button.2f70fb173b9000da126c79afe2098f02.en.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
192.229.237.25 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (nwa/E78F) /
Resource Hash
320f88c7a9672864d92d9369cde081ba7c6e9a27cd0592755b011be432373882

Request headers

Referer
https://unzip-tar-gz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
7195792
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
12332
Content-Type
text/html; charset=utf-8
Date
Mon, 04 Mar 2024 00:11:48 GMT
Etag
"e29e65db7bf0a096587728e1faacfd9c+gzip"
Last-Modified
Mon, 11 Dec 2023 17:19:48 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (nwa/E78F)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
embeds
syndication.twitter.com/i/jot/ 		43 B
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot/embeds?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Funzip-tar-gz.com%2F%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1709511108002%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%222615f7e52b7e0%3A1702314776716%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D&session_id=749e5aeb85198321900bf6d23f2b9924ef916785
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_r /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://unzip-tar-gz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

x-response-time
147
date
Mon, 04 Mar 2024 00:11:47 GMT
strict-transport-security
max-age=631138519
last-modified
Mon, 04 Mar 2024 00:11:48 GMT
server
tsa_r
vary
Origin
content-type
image/gif
x-transaction-id
f9a6eeda52f9038f
cache-control
must-revalidate, max-age=600
perf
7469935968
x-connection-hash
696976a1e624b5c28cdb7ad08e6a03e9f0704505602347340c2b208ad0bd44d0
content-length
43
truncated
/ Frame 1AD9 		471 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
844208d3f740c48ca14df4373b0d232cb9e81f3934b53114833ca717b03a90f5

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type
image/svg+xml
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402270101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://unzip-tar-gz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 00:11:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 04 Mar 2024 00:11:48 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&wpc=ca-pub-4559838995070559&su=unzip-tar-gz.com&eid=44759876%2C44759927%2C44759842%2C42532523%2C95325752%2C95321957%2C95324161%2C95325784%2C95326430%2C95326436&doc=complete&pg_h=2080&pg_w=1600&pg_hs=2080&c=2&aa_c=0&av_h=280&av_w=336&av_a=94080&s=424&all_s=424&b=1676&all_b=1676&d=0.269&all_d=0.269&ard=0.057&all_ard=0.057&dt=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://unzip-tar-gz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Mar 2024 00:11:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame AAD7 		6 KB
824 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1NNN&client=ca-pub-4559838995070559&output=html&h=280&slotname=3428677040&adk=3152364225&adf=2926642551&pi=t.ma~as.3428677040&w=336&fwrn=4&fwrnh=100&lmt=1709511107&rafmt=1&format=336x280&url=https%3A%2F%2Funzip-tar-gz.com%2F&fwr=0&rh=280&rw=336&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709511107307&bpp=1&bdt=600&idt=148&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=4812284435659&frm=20&pv=1&ga_vid=1990468174.1709511108&ga_sid=1709511108&ga_hid=1220006125&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1012&ady=124&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42532523%2C95325752%2C95321957%2C95324161%2C95325784%2C95326430%2C95326436&oid=2&pvsid=2891286047968147&tmod=570565626&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=666
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f10.1e100.net
Software
ESF /
Resource Hash
bdb7d822d6afd1c8354749a111f68d56ce5e5db03b8a3028698acfc78358e06d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 04 Mar 2024 00:11:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 03 Mar 2024 23:28:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 04 Mar 2024 00:11:49 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5D62 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://unzip-tar-gz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
247468
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 01 Mar 2024 03:27:20 GMT
expires
Sat, 01 Mar 2025 03:27:20 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C6CA 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.4 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f4.1e100.net
Software
GSE /
Resource Hash
5b88923b090e7c952e847d46d3da0bd785228b4d3c4469d297d83060bbe9d2a5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-y1VV5EOc6OBoDfSogC5rDQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://unzip-tar-gz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-y1VV5EOc6OBoDfSogC5rDQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 04 Mar 2024 00:11:49 GMT
expires
Mon, 04 Mar 2024 00:11:49 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
a557c05b701b7d3041e507ef957cdd82.js
www.gstatic.com/mysidia/ Frame 38E5 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/a557c05b701b7d3041e507ef957cdd82.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1NNN&client=ca-pub-4559838995070559&output=html&h=280&slotname=3428677040&adk=3152364225&adf=1724112941&pi=t.ma~as.3428677040&w=336&fwrn=4&fwrnh=100&lmt=1709511107&rafmt=1&format=336x280&url=https%3A%2F%2Funzip-tar-gz.com%2F&fwr=0&rh=280&rw=336&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709511107307&bpp=4&bdt=600&idt=134&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&correlator=4812284435659&frm=20&pv=2&ga_vid=1990468174.1709511108&ga_sid=1709511108&ga_hid=1220006125&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=252&ady=124&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42532523%2C95325752%2C95321957%2C95324161%2C95325784%2C95326430%2C95326436&oid=2&pvsid=2891286047968147&tmod=570565626&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=651
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.227 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f3.1e100.net
Software
sffe /
Resource Hash
448746297b5f7cd9944269adb069e134c1108f3e2e49f34dd8558de47175f470
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 03:16:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
248098
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3757
x-xss-protection
0
last-modified
Wed, 28 Feb 2024 00:55:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 30 May 2024 03:16:51 GMT
d58f9ae6dab7fd31fc6f5125435dd154.js
www.gstatic.com/mysidia/ Frame 38E5 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/d58f9ae6dab7fd31fc6f5125435dd154.js?tag=text/vanilla_highlight
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1NNN&client=ca-pub-4559838995070559&output=html&h=280&slotname=3428677040&adk=3152364225&adf=1724112941&pi=t.ma~as.3428677040&w=336&fwrn=4&fwrnh=100&lmt=1709511107&rafmt=1&format=336x280&url=https%3A%2F%2Funzip-tar-gz.com%2F&fwr=0&rh=280&rw=336&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709511107307&bpp=4&bdt=600&idt=134&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&correlator=4812284435659&frm=20&pv=2&ga_vid=1990468174.1709511108&ga_sid=1709511108&ga_hid=1220006125&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=252&ady=124&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42532523%2C95325752%2C95321957%2C95324161%2C95325784%2C95326430%2C95326436&oid=2&pvsid=2891286047968147&tmod=570565626&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=651
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.227 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f3.1e100.net
Software
sffe /
Resource Hash
09d38b7c7c43a8e44d722091bc07abc9785c30887f55eeae35a6acbc2212d4f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 03:16:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
248103
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4472
x-xss-protection
0
last-modified
Wed, 28 Feb 2024 00:55:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 30 May 2024 03:16:46 GMT
3e4ba1a8aaf1eb5089ecf6e0b9cafde2.js
www.gstatic.com/mysidia/ Frame 38E5 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/3e4ba1a8aaf1eb5089ecf6e0b9cafde2.js?tag=pingback
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1NNN&client=ca-pub-4559838995070559&output=html&h=280&slotname=3428677040&adk=3152364225&adf=1724112941&pi=t.ma~as.3428677040&w=336&fwrn=4&fwrnh=100&lmt=1709511107&rafmt=1&format=336x280&url=https%3A%2F%2Funzip-tar-gz.com%2F&fwr=0&rh=280&rw=336&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709511107307&bpp=4&bdt=600&idt=134&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&correlator=4812284435659&frm=20&pv=2&ga_vid=1990468174.1709511108&ga_sid=1709511108&ga_hid=1220006125&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=252&ady=124&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42532523%2C95325752%2C95321957%2C95324161%2C95325784%2C95326430%2C95326436&oid=2&pvsid=2891286047968147&tmod=570565626&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=651
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.227 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f3.1e100.net
Software
sffe /
Resource Hash
9fc0f7a449151c3b32dc74fd37fbf2ddddb7cbf17c74bd5e45b70298855b4510
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 03:27:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
247479
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7964
x-xss-protection
0
last-modified
Wed, 28 Feb 2024 00:55:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 30 May 2024 03:27:10 GMT
css
fonts.googleapis.com/ Frame 38E5 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1NNN&client=ca-pub-4559838995070559&output=html&h=280&slotname=3428677040&adk=3152364225&adf=1724112941&pi=t.ma~as.3428677040&w=336&fwrn=4&fwrnh=100&lmt=1709511107&rafmt=1&format=336x280&url=https%3A%2F%2Funzip-tar-gz.com%2F&fwr=0&rh=280&rw=336&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709511107307&bpp=4&bdt=600&idt=134&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&correlator=4812284435659&frm=20&pv=2&ga_vid=1990468174.1709511108&ga_sid=1709511108&ga_hid=1220006125&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=252&ady=124&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42532523%2C95325752%2C95321957%2C95324161%2C95325784%2C95326430%2C95326436&oid=2&pvsid=2891286047968147&tmod=570565626&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=651
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f10.1e100.net
Software
ESF /
Resource Hash
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 04 Mar 2024 00:11:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 04 Mar 2024 00:00:00 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 04 Mar 2024 00:11:49 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame AAD7 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1NNN&client=ca-pub-4559838995070559&output=html&h=280&slotname=3428677040&adk=3152364225&adf=2926642551&pi=t.ma~as.3428677040&w=336&fwrn=4&fwrnh=100&lmt=1709511107&rafmt=1&format=336x280&url=https%3A%2F%2Funzip-tar-gz.com%2F&fwr=0&rh=280&rw=336&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709511107307&bpp=1&bdt=600&idt=148&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=4812284435659&frm=20&pv=1&ga_vid=1990468174.1709511108&ga_sid=1709511108&ga_hid=1220006125&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1012&ady=124&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42532523%2C95325752%2C95321957%2C95324161%2C95325784%2C95326430%2C95326436&oid=2&pvsid=2891286047968147&tmod=570565626&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=666
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 03:23:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
74879
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Mar 2024 03:23:50 GMT
hhT7r2j7IM84IjrHPq4DliozylkjplqSUN38T7c3Pqk.js
pagead2.googlesyndication.com/bg/ Frame 5D62 		40 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/hhT7r2j7IM84IjrHPq4DliozylkjplqSUN38T7c3Pqk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
sffe /
Resource Hash
8614fbaf68fb20cf38223ac73eae03962a33ca5923a65a9250ddfc4fb7373ea9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 03:27:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
247464
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15753
x-xss-protection
0
last-modified
Mon, 26 Feb 2024 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 01 Mar 2025 03:27:25 GMT
2076313506083323656
tpc.googlesyndication.com/simgad/14019516918773918673/ Frame AAD7 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14019516918773918673/2076313506083323656
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1NNN&client=ca-pub-4559838995070559&output=html&h=280&slotname=3428677040&adk=3152364225&adf=2926642551&pi=t.ma~as.3428677040&w=336&fwrn=4&fwrnh=100&lmt=1709511107&rafmt=1&format=336x280&url=https%3A%2F%2Funzip-tar-gz.com%2F&fwr=0&rh=280&rw=336&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709511107307&bpp=1&bdt=600&idt=148&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=4812284435659&frm=20&pv=1&ga_vid=1990468174.1709511108&ga_sid=1709511108&ga_hid=1220006125&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1012&ady=124&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42532523%2C95325752%2C95321957%2C95324161%2C95325784%2C95326430%2C95326436&oid=2&pvsid=2891286047968147&tmod=570565626&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=666
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
sffe /
Resource Hash
7c4cd0ddc3baa309887f4c459b3a8f93409dc4e6a3f79b50df1650db9a1f5b5f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires
Sun, 02 Mar 2025 09:19:53 GMT
date
Sat, 02 Mar 2024 09:19:53 GMT
x-content-type-options
nosniff
age
139916
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26861
x-xss-protection
0
last-modified
Mon, 26 Feb 2024 22:46:47 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
truncated
/ Frame AAD7 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fa59faa4f2c1af615fd78b3dc6f19efae0c2e2a8a3960eceb55d06551bbbf94c

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type
image/svg+xml
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame 38E5 		2 KB
856 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1NNN&client=ca-pub-4559838995070559&output=html&h=280&slotname=3428677040&adk=3152364225&adf=1724112941&pi=t.ma~as.3428677040&w=336&fwrn=4&fwrnh=100&lmt=1709511107&rafmt=1&format=336x280&url=https%3A%2F%2Funzip-tar-gz.com%2F&fwr=0&rh=280&rw=336&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709511107307&bpp=4&bdt=600&idt=134&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&correlator=4812284435659&frm=20&pv=2&ga_vid=1990468174.1709511108&ga_sid=1709511108&ga_hid=1220006125&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=252&ady=124&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42532523%2C95325752%2C95321957%2C95324161%2C95325784%2C95326430%2C95326436&oid=2&pvsid=2891286047968147&tmod=570565626&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=651
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 03:23:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
74879
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Mar 2024 03:23:50 GMT
ee184beea2a7701d5a0ba0da2f04d34e.js
www.gstatic.com/mysidia/ Frame 38E5 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/ee184beea2a7701d5a0ba0da2f04d34e.js?tag=analytics_pingback_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1NNN&client=ca-pub-4559838995070559&output=html&h=280&slotname=3428677040&adk=3152364225&adf=1724112941&pi=t.ma~as.3428677040&w=336&fwrn=4&fwrnh=100&lmt=1709511107&rafmt=1&format=336x280&url=https%3A%2F%2Funzip-tar-gz.com%2F&fwr=0&rh=280&rw=336&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709511107307&bpp=4&bdt=600&idt=134&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&correlator=4812284435659&frm=20&pv=2&ga_vid=1990468174.1709511108&ga_sid=1709511108&ga_hid=1220006125&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=252&ady=124&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42532523%2C95325752%2C95321957%2C95324161%2C95325784%2C95326430%2C95326436&oid=2&pvsid=2891286047968147&tmod=570565626&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=651
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.227 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f3.1e100.net
Software
sffe /
Resource Hash
996f88d4ae84cfdc5dae1b82c48027687864b3e242fe5cc4ed69518e0dfc7867
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 03:16:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
248103
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1707
x-xss-protection
0
last-modified
Wed, 28 Feb 2024 00:55:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 30 May 2024 03:16:46 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/ Frame 38E5 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1NNN&client=ca-pub-4559838995070559&output=html&h=280&slotname=3428677040&adk=3152364225&adf=1724112941&pi=t.ma~as.3428677040&w=336&fwrn=4&fwrnh=100&lmt=1709511107&rafmt=1&format=336x280&url=https%3A%2F%2Funzip-tar-gz.com%2F&fwr=0&rh=280&rw=336&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709511107307&bpp=4&bdt=600&idt=134&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&correlator=4812284435659&frm=20&pv=2&ga_vid=1990468174.1709511108&ga_sid=1709511108&ga_hid=1220006125&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=252&ady=124&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42532523%2C95325752%2C95321957%2C95324161%2C95325784%2C95326430%2C95326436&oid=2&pvsid=2891286047968147&tmod=570565626&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=651
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 18:04:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
22012
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8947
x-xss-protection
0
server
cafe
etag
12299188824252842506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Mar 2024 18:04:57 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame 38E5 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1NNN&client=ca-pub-4559838995070559&output=html&h=280&slotname=3428677040&adk=3152364225&adf=1724112941&pi=t.ma~as.3428677040&w=336&fwrn=4&fwrnh=100&lmt=1709511107&rafmt=1&format=336x280&url=https%3A%2F%2Funzip-tar-gz.com%2F&fwr=0&rh=280&rw=336&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709511107307&bpp=4&bdt=600&idt=134&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&correlator=4812284435659&frm=20&pv=2&ga_vid=1990468174.1709511108&ga_sid=1709511108&ga_hid=1220006125&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=252&ady=124&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42532523%2C95325752%2C95321957%2C95324161%2C95325784%2C95326430%2C95326436&oid=2&pvsid=2891286047968147&tmod=570565626&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=651
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 18:04:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
22012
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Mar 2024 18:04:57 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame 38E5 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1NNN&client=ca-pub-4559838995070559&output=html&h=280&slotname=3428677040&adk=3152364225&adf=1724112941&pi=t.ma~as.3428677040&w=336&fwrn=4&fwrnh=100&lmt=1709511107&rafmt=1&format=336x280&url=https%3A%2F%2Funzip-tar-gz.com%2F&fwr=0&rh=280&rw=336&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709511107307&bpp=4&bdt=600&idt=134&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&correlator=4812284435659&frm=20&pv=2&ga_vid=1990468174.1709511108&ga_sid=1709511108&ga_hid=1220006125&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=252&ady=124&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42532523%2C95325752%2C95321957%2C95324161%2C95325784%2C95326430%2C95326436&oid=2&pvsid=2891286047968147&tmod=570565626&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=651
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 03:13:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
75499
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8211
x-xss-protection
0
server
cafe
etag
3968847549730513390
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Mar 2024 03:13:30 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 38E5 		207 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1NNN&client=ca-pub-4559838995070559&output=html&h=280&slotname=3428677040&adk=3152364225&adf=1724112941&pi=t.ma~as.3428677040&w=336&fwrn=4&fwrnh=100&lmt=1709511107&rafmt=1&format=336x280&url=https%3A%2F%2Funzip-tar-gz.com%2F&fwr=0&rh=280&rw=336&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709511107307&bpp=4&bdt=600&idt=134&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&correlator=4812284435659&frm=20&pv=2&ga_vid=1990468174.1709511108&ga_sid=1709511108&ga_hid=1220006125&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=252&ady=124&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42532523%2C95325752%2C95321957%2C95324161%2C95325784%2C95326430%2C95326436&oid=2&pvsid=2891286047968147&tmod=570565626&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=651
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
cafe /
Resource Hash
b2aa131b334742b75fe3de815997b21d4783cea50a210783c0e243fb7d9d6eac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 23:42:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
1745
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64050
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 04 Mar 2024 00:42:44 GMT
eea50308dcf9de2b0c0fe89d3b5a5e83.js
www.gstatic.com/mysidia/ Frame 38E5 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/eea50308dcf9de2b0c0fe89d3b5a5e83.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1NNN&client=ca-pub-4559838995070559&output=html&h=280&slotname=3428677040&adk=3152364225&adf=1724112941&pi=t.ma~as.3428677040&w=336&fwrn=4&fwrnh=100&lmt=1709511107&rafmt=1&format=336x280&url=https%3A%2F%2Funzip-tar-gz.com%2F&fwr=0&rh=280&rw=336&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709511107307&bpp=4&bdt=600&idt=134&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&correlator=4812284435659&frm=20&pv=2&ga_vid=1990468174.1709511108&ga_sid=1709511108&ga_hid=1220006125&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=252&ady=124&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42532523%2C95325752%2C95321957%2C95324161%2C95325784%2C95326430%2C95326436&oid=2&pvsid=2891286047968147&tmod=570565626&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=651
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.227 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f3.1e100.net
Software
sffe /
Resource Hash
a86d26e0a9759e5d6b482f102d7cade65f3dbe4792972bd59caa9966b9ff568b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 03:19:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
247921
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15206
x-xss-protection
0
last-modified
Wed, 28 Feb 2024 00:55:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 30 May 2024 03:19:48 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/ Frame AAD7 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1NNN&client=ca-pub-4559838995070559&output=html&h=280&slotname=3428677040&adk=3152364225&adf=2926642551&pi=t.ma~as.3428677040&w=336&fwrn=4&fwrnh=100&lmt=1709511107&rafmt=1&format=336x280&url=https%3A%2F%2Funzip-tar-gz.com%2F&fwr=0&rh=280&rw=336&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709511107307&bpp=1&bdt=600&idt=148&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=4812284435659&frm=20&pv=1&ga_vid=1990468174.1709511108&ga_sid=1709511108&ga_hid=1220006125&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1012&ady=124&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42532523%2C95325752%2C95321957%2C95324161%2C95325784%2C95326430%2C95326436&oid=2&pvsid=2891286047968147&tmod=570565626&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=666
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 18:04:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
22012
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8947
x-xss-protection
0
server
cafe
etag
12299188824252842506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Mar 2024 18:04:57 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame AAD7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1NNN&client=ca-pub-4559838995070559&output=html&h=280&slotname=3428677040&adk=3152364225&adf=2926642551&pi=t.ma~as.3428677040&w=336&fwrn=4&fwrnh=100&lmt=1709511107&rafmt=1&format=336x280&url=https%3A%2F%2Funzip-tar-gz.com%2F&fwr=0&rh=280&rw=336&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709511107307&bpp=1&bdt=600&idt=148&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=4812284435659&frm=20&pv=1&ga_vid=1990468174.1709511108&ga_sid=1709511108&ga_hid=1220006125&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1012&ady=124&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42532523%2C95325752%2C95321957%2C95324161%2C95325784%2C95326430%2C95326436&oid=2&pvsid=2891286047968147&tmod=570565626&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=666
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 18:04:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
22012
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Mar 2024 18:04:57 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame AAD7 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1NNN&client=ca-pub-4559838995070559&output=html&h=280&slotname=3428677040&adk=3152364225&adf=2926642551&pi=t.ma~as.3428677040&w=336&fwrn=4&fwrnh=100&lmt=1709511107&rafmt=1&format=336x280&url=https%3A%2F%2Funzip-tar-gz.com%2F&fwr=0&rh=280&rw=336&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709511107307&bpp=1&bdt=600&idt=148&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=4812284435659&frm=20&pv=1&ga_vid=1990468174.1709511108&ga_sid=1709511108&ga_hid=1220006125&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1012&ady=124&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42532523%2C95325752%2C95321957%2C95324161%2C95325784%2C95326430%2C95326436&oid=2&pvsid=2891286047968147&tmod=570565626&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=666
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 03:13:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
75499
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8211
x-xss-protection
0
server
cafe
etag
3968847549730513390
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Mar 2024 03:13:30 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame AAD7 		2 KB
856 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1NNN&client=ca-pub-4559838995070559&output=html&h=280&slotname=3428677040&adk=3152364225&adf=2926642551&pi=t.ma~as.3428677040&w=336&fwrn=4&fwrnh=100&lmt=1709511107&rafmt=1&format=336x280&url=https%3A%2F%2Funzip-tar-gz.com%2F&fwr=0&rh=280&rw=336&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709511107307&bpp=1&bdt=600&idt=148&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=4812284435659&frm=20&pv=1&ga_vid=1990468174.1709511108&ga_sid=1709511108&ga_hid=1220006125&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1012&ady=124&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42532523%2C95325752%2C95321957%2C95324161%2C95325784%2C95326430%2C95326436&oid=2&pvsid=2891286047968147&tmod=570565626&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=666
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 03:23:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
74879
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Mar 2024 03:23:50 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame AAD7 		207 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1NNN&client=ca-pub-4559838995070559&output=html&h=280&slotname=3428677040&adk=3152364225&adf=2926642551&pi=t.ma~as.3428677040&w=336&fwrn=4&fwrnh=100&lmt=1709511107&rafmt=1&format=336x280&url=https%3A%2F%2Funzip-tar-gz.com%2F&fwr=0&rh=280&rw=336&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709511107307&bpp=1&bdt=600&idt=148&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=4812284435659&frm=20&pv=1&ga_vid=1990468174.1709511108&ga_sid=1709511108&ga_hid=1220006125&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1012&ady=124&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42532523%2C95325752%2C95321957%2C95324161%2C95325784%2C95326430%2C95326436&oid=2&pvsid=2891286047968147&tmod=570565626&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=666
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
cafe /
Resource Hash
b2aa131b334742b75fe3de815997b21d4783cea50a210783c0e243fb7d9d6eac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 23:42:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
1745
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64050
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 04 Mar 2024 00:42:44 GMT
eea50308dcf9de2b0c0fe89d3b5a5e83.js
www.gstatic.com/mysidia/ Frame AAD7 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/eea50308dcf9de2b0c0fe89d3b5a5e83.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1NNN&client=ca-pub-4559838995070559&output=html&h=280&slotname=3428677040&adk=3152364225&adf=2926642551&pi=t.ma~as.3428677040&w=336&fwrn=4&fwrnh=100&lmt=1709511107&rafmt=1&format=336x280&url=https%3A%2F%2Funzip-tar-gz.com%2F&fwr=0&rh=280&rw=336&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709511107307&bpp=1&bdt=600&idt=148&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=4812284435659&frm=20&pv=1&ga_vid=1990468174.1709511108&ga_sid=1709511108&ga_hid=1220006125&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1012&ady=124&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42532523%2C95325752%2C95321957%2C95324161%2C95325784%2C95326430%2C95326436&oid=2&pvsid=2891286047968147&tmod=570565626&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=666
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.227 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f3.1e100.net
Software
sffe /
Resource Hash
a86d26e0a9759e5d6b482f102d7cade65f3dbe4792972bd59caa9966b9ff568b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 03:19:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
247921
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15206
x-xss-protection
0
last-modified
Wed, 28 Feb 2024 00:55:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 30 May 2024 03:19:48 GMT
truncated
/ Frame AAD7 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
66b1b8e67567edb7d20b271a25fb00887f089707114caf506a1036a59736d159

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type
image/png
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame AAD7 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f35.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 03:29:00 GMT
x-content-type-options
nosniff
age
247369
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 01 Mar 2025 03:29:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame AAD7 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f35.1e100.net
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 03:16:24 GMT
x-content-type-options
nosniff
age
248125
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 01 Mar 2025 03:16:24 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame AAD7 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f35.1e100.net
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sat, 02 Mar 2024 15:05:31 GMT
x-content-type-options
nosniff
age
119178
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 02 Mar 2025 15:05:31 GMT
generate_204
tpc.googlesyndication.com/ Frame 5D62 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?SJZqXQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 00:11:49 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402270101/ 		166 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402270101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402270101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
cafe /
Resource Hash
c375be0fbaca4e84134f98950c5852bce14c97f50bb835c90d890e4906dbefa6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://unzip-tar-gz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 00:11:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57350
x-xss-protection
0
server
cafe
etag
5462351026974263912
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 04 Mar 2024 00:11:49 GMT
ca-pub-4559838995070559
fundingchoicesmessages.google.com/i/ 		183 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-4559838995070559?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402270101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f14.1e100.net
Software
ESF /
Resource Hash
430fa1d26988942f98a009c26b806b481e96c5c2167522b852156818ddd59d45
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-kdFIqS3o29r2B0QVbeYUqw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://unzip-tar-gz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 00:11:49 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-kdFIqS3o29r2B0QVbeYUqw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjStHikmJw0JBiOO90h-k6ENcyPGNqBWIDjedMFkDM-OcFEycQv_vykkng60smCSDWAuIdPh4sfOums6oAseH66ayRQBzzfDprChA7pc9gDQFin_oZrHFALMTDcXTxlPVsAhN-979lAgD_5i2C"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame AC82 		143 B
228 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1NNN&client=ca-pub-4559838995070559&output=html&h=280&slotname=3428677040&adk=3152364225&adf=1724112941&pi=t.ma~as.3428677040&w=336&fwrn=4&fwrnh=100&lmt=1709511107&rafmt=1&format=336x280&url=https%3A%2F%2Funzip-tar-gz.com%2F&fwr=0&rh=280&rw=336&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709511107307&bpp=4&bdt=600&idt=134&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&correlator=4812284435659&frm=20&pv=2&ga_vid=1990468174.1709511108&ga_sid=1709511108&ga_hid=1220006125&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=252&ady=124&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42532523%2C95325752%2C95321957%2C95324161%2C95325784%2C95326430%2C95326436&oid=2&pvsid=2891286047968147&tmod=570565626&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=651
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1NNN&client=ca-pub-4559838995070559&output=html&h=280&slotname=3428677040&adk=3152364225&adf=1724112941&pi=t.ma~as.3428677040&w=336&fwrn=4&fwrnh=100&lmt=1709511107&rafmt=1&format=336x280&url=https%3A%2F%2Funzip-tar-gz.com%2F&fwr=0&rh=280&rw=336&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709511107307&bpp=4&bdt=600&idt=134&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&correlator=4812284435659&frm=20&pv=2&ga_vid=1990468174.1709511108&ga_sid=1709511108&ga_hid=1220006125&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=252&ady=124&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42532523%2C95325752%2C95321957%2C95324161%2C95325784%2C95326430%2C95326436&oid=2&pvsid=2891286047968147&tmod=570565626&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=651
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
2487
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Mar 2024 23:30:22 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame AAD7
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CQG83xBHlZdeOAu7Q3LUP-LWGkA-2jfzpdKTGhaaFEqiTzLbeCRABILnZyCJgpYCAgJABoAGez6qqAsgBCakCxo7Sc8IsXD6oAwHIA8sEqgTXAU_Qhp1zHBrfHKri6CPlA-cj7z_snr6hPUI...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x20c6d0dbe90f91e60000000000000000%22,%222%22:%220xdb62d60390e74d90000000000000000%22,%223%22:%220x6785878...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x20c6d0dbe90f91e60000000000000000%22,%222%22:%220xdb62d60390e74d90000000000000000%22,%223%22:%220x67858785a57501cc0000000000000000%22,%224%22:%220x5b1fb264b651e9b70000000000000000%22,%225%22:%220x1c03b6b45ef9d5c10000000000000000%22},%22debug_key%22:%2210200118156228567895%22,%22debug_reporting%22:true,%22destination%22:%22https://factoryword.ru%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22625649566%22],%2222%22:[%22true%22],%224%22:[%2203-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217086708406843415153%22}&andc=true
Protocol
H2
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 00:11:50 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x20c6d0dbe90f91e60000000000000000","2":"0xdb62d60390e74d90000000000000000","3":"0x67858785a57501cc0000000000000000","4":"0x5b1fb264b651e9b70000000000000000","5":"0x1c03b6b45ef9d5c10000000000000000"},"debug_key":"10200118156228567895","debug_reporting":true,"destination":"https://factoryword.ru","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["625649566"],"22":["true"],"4":["03-04"],"6":["true"]},"priority":"500","source_event_id":"17086708406843415153"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 04 Mar 2024 00:11:50 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 04 Mar 2024 00:11:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x20c6d0dbe90f91e60000000000000000","2":"0xdb62d60390e74d90000000000000000","3":"0x67858785a57501cc0000000000000000","4":"0x5b1fb264b651e9b70000000000000000","5":"0x1c03b6b45ef9d5c10000000000000000"},"debug_key":"10200118156228567895","debug_reporting":true,"destination":"https://factoryword.ru","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["625649566"],"22":["true"],"4":["03-04"],"6":["true"]},"priority":"500","source_event_id":"17086708406843415153"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
truncated
/ Frame 38E5 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9aa9da696bc60baae9f466c82d30fca7e389203a76587253e3fd8549b3b7182e

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type
image/png
sWfmJsWQCoSmdaAiuh8dwa10lFzQL04fMWr3mCbzgTM.js
pagead2.googlesyndication.com/bg/ Frame 5A2D 		52 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sWfmJsWQCoSmdaAiuh8dwa10lFzQL04fMWr3mCbzgTM.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1NNN&client=ca-pub-4559838995070559&output=html&h=280&slotname=3428677040&adk=3152364225&adf=2926642551&pi=t.ma~as.3428677040&w=336&fwrn=4&fwrnh=100&lmt=1709511107&rafmt=1&format=336x280&url=https%3A%2F%2Funzip-tar-gz.com%2F&fwr=0&rh=280&rw=336&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709511107307&bpp=1&bdt=600&idt=148&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=4812284435659&frm=20&pv=1&ga_vid=1990468174.1709511108&ga_sid=1709511108&ga_hid=1220006125&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1012&ady=124&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42532523%2C95325752%2C95321957%2C95324161%2C95325784%2C95326430%2C95326436&oid=2&pvsid=2891286047968147&tmod=570565626&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=666
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
sffe /
Resource Hash
b167e626c5900a84a675a022ba1f1dc1ad74945cd02f4e1f316af79826f38133
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 03:37:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
246836
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20324
x-xss-protection
0
last-modified
Mon, 26 Feb 2024 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 01 Mar 2025 03:37:53 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 38E5 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.24.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
hkg07s23-in-f35.1e100.net
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 03:30:18 GMT
x-content-type-options
nosniff
age
247291
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 01 Mar 2025 03:30:18 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame AC82
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
168 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1NNN&client=ca-pub-4559838995070559&output=html&h=280&slotname=3428677040&adk=3152364225&adf=1724112941&pi=t.ma~as.3428677040&w=336&fwrn=4&fwrnh=100&lmt=1709511107&rafmt=1&format=336x280&url=https%3A%2F%2Funzip-tar-gz.com%2F&fwr=0&rh=280&rw=336&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709511107307&bpp=4&bdt=600&idt=134&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&correlator=4812284435659&frm=20&pv=2&ga_vid=1990468174.1709511108&ga_sid=1709511108&ga_hid=1220006125&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=252&ady=124&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42532523%2C95325752%2C95321957%2C95324161%2C95325784%2C95326430%2C95326436&oid=2&pvsid=2891286047968147&tmod=570565626&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=651
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Mar 2024 00:11:49 GMT
expires
Mon, 04 Mar 2024 00:11:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Mar 2024 00:11:49 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 38E5 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoWCAEqEnNxdWFyZS1yZGEtdmFuaWxsYQoKCAIqBnNlcnZlcgoNECshAAAAAAAAJkAwBAoNEEshAACAZmamlkAwBAoNEAMhAAAAAAC0lkAwBAoNEAohAAAAAM3MEkAwBAoNEA0hAAAAAAAAAAAwBAoNEB4qBzMzNngyODAwBAoNEBkqBzMzNngyODAwBAoNEA4hAAAAAICZuT8wBAoNEAQhAAAAMzPJlkAwBAoNEA8hAAAAAAAAAAAwBAoNECshAAAAAAAANEAwBAoNEAUhAACAmZnJlkAwBAoNEBAhAAAAAKAR5UAwBAoNEBEhAAAAADCw9EAwBAoNEBIhAAAAAAAAIEAwBAoNEBMhAAAAAAAACEAwBAoNEBchAAAAMzOtl0AwBBIaQ1A2ZDFaS3AyWVFERlVmNmN3RWRpRUFFMWciFnRleHQvdmFuaWxsYV9oaWdobGlnaHQoAw==
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/3e4ba1a8aaf1eb5089ecf6e0b9cafde2.js?tag=pingback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Mar 2024 00:11:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame C6CA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240228&jk=2891286047968147&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x20c6d0dbe90f91e60000000000000000%22,%222%22:%220xdb62d60390e74d90000000000000000%22,%223%22:%220x67858785a57501cc0000000000000000%22,%224%22:%220x5b1fb264b651e9b70000000000000000%22,%225%22:%220x1c03b6b45ef9d5c10000000000000000%22},%22debug_key%22:%2210200118156228567895%22,%22debug_reporting%22:true,%22destination%22:%22https://factoryword.ru%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22625649566%22],%2222%22:[%22true%22],%224%22:[%2203-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217086708406843415153%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 04 Mar 2024 00:11:49 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240228&jk=2891286047968147&bg=!S0ilSAfNAAauXHXJjlw7ADQBe5WfOPhbHfnBCCzW3hCAjrT6zy8KEMX27N8TEUnvf25jmoERSklQkZH58CUz94y5JiTpAgAAAHlSAAAAAmgBBwoAButg9x1OgJkC2qvi65D6PD3FKmrDJqI0FKpLHPqEQSRvxtmLzfd3aAMbdVbXF_zvWHKcu2qWWJYK-9k1IerbQKP-ZPmSMuwyKSYJDvwwIZKO_96AK3Qkhdd1Et8Hah5H7ny2EJuvVL9E-Dkf_C9k5Cpwrj33Ffu-CRIkoDKIgxTFw2jusOMXBRTGPvoDq0xxF4METp-yQYSd1EXpTvI_3vYW-L_GQLtp2gZt8vM03FshlFY4OZR3igoFcxns61pNAzh3xvOuh1Il33zZIyRNJCKJtD_JKsuY0034DQJdm5LHnaM2DwjVYa8xIsSBb2ZPrcRElyEiI5wUqhQFvEadEMzigNHC_nKJOVj5WxaB6rXLX9HyS_B94oA_pOeoBWoQrvMDv2SeYXuSTgQZny3jEwEy8HWIf8Z242SBiu_6CaItccIj28stAhxWR0XgZwAbIpTEVOGIj_DYTIyQffxRgMMDyVP6MyDXjZixbXzxwUBUdqTHbeWmLkh6HVefLPl48JqptpkmcfJP2pPIiTZYOFzbUbgGLhqBaVKjqTsVY1d3OYcT1cD6SS22FqAcv6lpUQHe-u540g1MtSlAEbOjC-2jYM9hEb0bky7iCVa5uShm6NW6SqC_UiwMx26H6kjbwtk0d9WWYFYMZil94bmGjulCOetPHOxVL7l7NhCSnWHlrj8cHAYaffjy6LIyb4DPe3VNDrgrXrZLwWg4ubc-x1PeWx6crwI9QSo2CNeZcJEERP5WlInpD7wSjUBPewGb-b3LWg1xWPhBBAunEWQXx92WrFA1tpKEPLPrrIgEOKPAcecbmmAKOlxSXABRQeb8dCBy7mi3rleSg833hma2DN1S5A0O_YrFcpH6BizxgVaDUYHhktWT03k96RBymjy3pIMeEzzui9EvcQ_4rjkjCt05ul31X4-rerh9j-E7Xv__RhNvgSjdoklcPc4nFFA6JTx-xwyQ_q87C-leBTL_PfDg9Xs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://unzip-tar-gz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers
/
www.googleadservices.com/pagead/ar-adview/ Frame 38E5
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CE8rDxBHlZf6rAcf0z7sPiIGRsA21tKqddJux4tXXDtCo_eu0LxABILnZyCJgpYCAgJABoAH3y7jCAsgBAakC0kSjndrmST6oAwHIA8sEqgTDAU_Q7ryrMULLSMsDMdMO674XPKHIKCqj7gH...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x4c539540ab29a11c0000000000000000%22,%222%22:%220xeafddc0acd5cc1e90000000000000000%22,%223%22:%220x7fe4f3...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x4c539540ab29a11c0000000000000000%22,%222%22:%220xeafddc0acd5cc1e90000000000000000%22,%223%22:%220x7fe4f34e6f68924d0000000000000000%22,%224%22:%220x97e16560802c7a900000000000000000%22,%225%22:%220xa49f77046cb5ba680000000000000000%22},%22debug_key%22:%2216792558303676845708%22,%22debug_reporting%22:true,%22destination%22:%22https://manageengine.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22676210167%22],%2222%22:[%22true%22],%224%22:[%2203-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213886015723663027953%22}&andc=true
Protocol
H3
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 00:11:50 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x4c539540ab29a11c0000000000000000","2":"0xeafddc0acd5cc1e90000000000000000","3":"0x7fe4f34e6f68924d0000000000000000","4":"0x97e16560802c7a900000000000000000","5":"0xa49f77046cb5ba680000000000000000"},"debug_key":"16792558303676845708","debug_reporting":true,"destination":"https://manageengine.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["676210167"],"22":["true"],"4":["03-04"],"6":["true"]},"priority":"500","source_event_id":"13886015723663027953"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 04 Mar 2024 00:11:50 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 04 Mar 2024 00:11:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x4c539540ab29a11c0000000000000000","2":"0xeafddc0acd5cc1e90000000000000000","3":"0x7fe4f34e6f68924d0000000000000000","4":"0x97e16560802c7a900000000000000000","5":"0xa49f77046cb5ba680000000000000000"},"debug_key":"16792558303676845708","debug_reporting":true,"destination":"https://manageengine.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["676210167"],"22":["true"],"4":["03-04"],"6":["true"]},"priority":"500","source_event_id":"13886015723663027953"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sWfmJsWQCoSmdaAiuh8dwa10lFzQL04fMWr3mCbzgTM.js
pagead2.googlesyndication.com/bg/ Frame 02C5 		52 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sWfmJsWQCoSmdaAiuh8dwa10lFzQL04fMWr3mCbzgTM.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1NNN&client=ca-pub-4559838995070559&output=html&h=280&slotname=3428677040&adk=3152364225&adf=1724112941&pi=t.ma~as.3428677040&w=336&fwrn=4&fwrnh=100&lmt=1709511107&rafmt=1&format=336x280&url=https%3A%2F%2Funzip-tar-gz.com%2F&fwr=0&rh=280&rw=336&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709511107307&bpp=4&bdt=600&idt=134&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&correlator=4812284435659&frm=20&pv=2&ga_vid=1990468174.1709511108&ga_sid=1709511108&ga_hid=1220006125&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=252&ady=124&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42532523%2C95325752%2C95321957%2C95324161%2C95325784%2C95326430%2C95326436&oid=2&pvsid=2891286047968147&tmod=570565626&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=651
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
sffe /
Resource Hash
b167e626c5900a84a675a022ba1f1dc1ad74945cd02f4e1f316af79826f38133
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 03:37:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
246836
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20324
x-xss-protection
0
last-modified
Mon, 26 Feb 2024 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 01 Mar 2025 03:37:53 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 38E5 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoWCAEqEnNxdWFyZS1yZGEtdmFuaWxsYQoKCAIqBnNlcnZlcgoNEBQhAAAAAFAu9UAwBAoNEBUhAAAAAAAAKEAwBAoNEBYhAAAAAAAAFEAwBAoNEBghAACAmZk_nUAwBAoNEDIhAAAAAAAA4D8wBAoNEDMhAAAAAAAA4D8wBAoNEDQhAAAAAAAA4D8wBAoNEDUhAAAAAAAA4D8wBAoNEDYhAAAAAAAA4D8wBAoNEDchAAAAAAAA4D8wBAoNEDghAAAAADMzA0AwBAoNEDkhAAAAmpnVj0AwBAoNEDohAACAmZlvkEAwBAoNEDshAACAmZmnl0AwBAoNEDwhAACAmZmnl0AwBAoNED0hAAAAMzOtl0AwBAoNED4hAAAAAAAmnUAwBAoNED8hAAAAAAAmnUAwBAoNEEAhAACAZmZOnUAwBBIaQ1A2ZDFaS3AyWVFERlVmNmN3RWRpRUFFMWciFnRleHQvdmFuaWxsYV9oaWdobGlnaHQoAw==
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/3e4ba1a8aaf1eb5089ecf6e0b9cafde2.js?tag=pingback
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Mar 2024 00:11:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x4c539540ab29a11c0000000000000000%22,%222%22:%220xeafddc0acd5cc1e90000000000000000%22,%223%22:%220x7fe4f34e6f68924d0000000000000000%22,%224%22:%220x97e16560802c7a900000000000000000%22,%225%22:%220xa49f77046cb5ba680000000000000000%22},%22debug_key%22:%2216792558303676845708%22,%22debug_reporting%22:true,%22destination%22:%22https://manageengine.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22676210167%22],%2222%22:[%22true%22],%224%22:[%2203-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2213886015723663027953%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 04 Mar 2024 00:11:50 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 60E0 		149 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1NNN&client=ca-pub-4559838995070559&output=html&h=60&adk=510444280&adf=1020379959&pi=t.aa~a.3620710788~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1709511110&rafmt=1&to=qs&pwprc=7794995290&format=1200x60&url=https%3A%2F%2Funzip-tar-gz.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709511109473&bpp=1&bdt=2766&idt=-M&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da13e31a070e59846%3AT%3D1709511108%3ART%3D1709511108%3AS%3DALNI_MYIDtsd87CB3hI80-VLIgDhX3Xiog&gpic=UID%3D00000d2481fedef9%3AT%3D1709511108%3ART%3D1709511108%3AS%3DALNI_MbcIWSr3IgVEo1EpTZLF2CEGFOFlA&eo_id_str=ID%3Df1b15d0fa449b1e5%3AT%3D1709511108%3ART%3D1709511108%3AS%3DAA-AfjbEgvyNDmYqflfb69kMCirS&prev_fmts=336x280%2C336x280%2C0x0&nras=2&correlator=4812284435659&frm=20&pv=1&ga_vid=1990468174.1709511108&ga_sid=1709511108&ga_hid=1220006125&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1461&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42532523%2C95325752%2C95321957%2C95324161%2C95325784%2C95326430%2C95326436&oid=2&psts=AOrYGslsyUT7b8szZuTIrctVc0k9j5O1Yb72xGu6VP9FGE1y1k51vCB3kCiQeJ_4PqaZCw-mUQHqtHVU1HCr1vlQJSXpqCs%2CAOrYGsl-UUqx9T54akFl8Jr5UaEtyFyYq2_z3JBWBhwJBo_844awGsOwNJbKhWUngRGEm4gqa9GDV4TlzbSeb6rzCwquqhU&pvsid=2891286047968147&tmod=570565626&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=548
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402270101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
61503614f43bb8bb40d23a48cb095fca530bdc32ad88682adb9c400db72c3356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://unzip-tar-gz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
44929
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Mar 2024 00:11:50 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_nohtml_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/ Frame 8FFF 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402270101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://unzip-tar-gz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
11589
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4155
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Mar 2024 20:58:41 GMT
etag
5035419970550746386
expires
Sun, 17 Mar 2024 20:58:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_nohtml_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/ Frame 0CF1 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402270101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://unzip-tar-gz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
11589
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4155
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Mar 2024 20:58:41 GMT
etag
5035419970550746386
expires
Sun, 17 Mar 2024 20:58:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_nohtml_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/ Frame BAD5 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402270101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://unzip-tar-gz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
11589
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4155
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Mar 2024 20:58:41 GMT
etag
5035419970550746386
expires
Sun, 17 Mar 2024 20:58:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_nohtml_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/ Frame 9A8C 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402270101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://unzip-tar-gz.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
11589
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4155
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Mar 2024 20:58:41 GMT
etag
5035419970550746386
expires
Sun, 17 Mar 2024 20:58:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxXDRG8J6bzIiFt1bVfgDIqBpl2LfrxXMjox2D3dUPSzFEe14VkJXLpfNIMw4Us-pjW64QQDnvSLMh5obvis4f8Alsxz2Q7YKgKXlijOm8Y5MkFKJ81LD5FrcK-vkF2hnVAaRw6RtA==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXDRG8J6bzIiFt1bVfgDIqBpl2LfrxXMjox2D3dUPSzFEe14VkJXLpfNIMw4Us-pjW64QQDnvSLMh5obvis4f8Alsxz2Q7YKgKXlijOm8Y5MkFKJ81LD5FrcK-vkF2hnVAaRw6RtA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA5NTExMTEwLDYxMDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL3VuemlwLXRhci1nei5jb20vIixudWxsLFtbOCwidnpyTnZIUS1jeW8iXSxbOSwiZW4tR0IiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.vzrNvHQ-cyo.es5.O/am=wA/d=1/rs=AJlcJMwwidr7eeSUbaorybI6I8UAPUWJpQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f14.1e100.net
Software
ESF /
Resource Hash
f5466c05fa3bf26a54093449084fdcc26818d2061bbd1195e8f1966d0a181330
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Zit8nm0sFXQhF16Ln5jabg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://unzip-tar-gz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 00:11:50 GMT
content-security-policy
script-src 'report-sample' 'nonce-Zit8nm0sFXQhF16Ln5jabg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStHikmLw15BiOO90h-k6ENcyPGNqBWIDjedMFkDM-OcFEycQv_vykkng60smCSDWAuIdPh4sfOums6oAseH66ayRQBzzfDprChA7pc9gDQFin_oZrHFALMTNcWzxlPVsAjNunbcBANhRLQU"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
css2
fonts.googleapis.com/ Frame 8FFF 		5 KB
790 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f10.1e100.net
Software
ESF /
Resource Hash
47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 04 Mar 2024 00:11:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 03 Mar 2024 23:32:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 04 Mar 2024 00:11:50 GMT
css
fonts.googleapis.com/ Frame 857C 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: unzip-tar-gz.com
URL: https://unzip-tar-gz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f10.1e100.net
Software
ESF /
Resource Hash
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 04 Mar 2024 00:11:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 03 Mar 2024 23:29:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 04 Mar 2024 00:11:50 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame 857C 		2 KB
861 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: unzip-tar-gz.com
URL: https://unzip-tar-gz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 03:23:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
74880
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Mar 2024 03:23:50 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/ Frame 857C 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/abg_lite_fy2021.js
Requested by
Host: unzip-tar-gz.com
URL: https://unzip-tar-gz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 18:04:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
22013
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8947
x-xss-protection
0
server
cafe
etag
12299188824252842506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Mar 2024 18:04:57 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame E5A6 		143 B
204 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: unzip-tar-gz.com
URL: https://unzip-tar-gz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
2488
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Mar 2024 23:30:22 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame 857C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/window_focus_fy2021.js
Requested by
Host: unzip-tar-gz.com
URL: https://unzip-tar-gz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 18:04:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
22013
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Mar 2024 18:04:57 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame 857C 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: unzip-tar-gz.com
URL: https://unzip-tar-gz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 03:13:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
75500
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8211
x-xss-protection
0
server
cafe
etag
3968847549730513390
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Mar 2024 03:13:30 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 857C 		207 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: unzip-tar-gz.com
URL: https://unzip-tar-gz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
cafe /
Resource Hash
b2aa131b334742b75fe3de815997b21d4783cea50a210783c0e243fb7d9d6eac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 23:42:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
1746
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64050
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 04 Mar 2024 00:42:44 GMT
eea50308dcf9de2b0c0fe89d3b5a5e83.js
www.gstatic.com/mysidia/ Frame 857C 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/eea50308dcf9de2b0c0fe89d3b5a5e83.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: unzip-tar-gz.com
URL: https://unzip-tar-gz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.227 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f3.1e100.net
Software
sffe /
Resource Hash
a86d26e0a9759e5d6b482f102d7cade65f3dbe4792972bd59caa9966b9ff568b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 03:19:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
247922
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15206
x-xss-protection
0
last-modified
Wed, 28 Feb 2024 00:55:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 30 May 2024 03:19:48 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/elements/html/ Frame 8FFF 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
628752823728c98087a38cb07a2db44eb34acdc7e8d69d1e84281ed774eade67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 03:20:00 GMT
content-encoding
br
x-content-type-options
nosniff
age
75110
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6454
x-xss-protection
0
server
cafe
etag
7487576354850247333
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Mar 2024 03:20:00 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8FFF 		205 B
520 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.227 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f3.1e100.net
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 00:32:32 GMT
x-content-type-options
nosniff
age
257958
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 01 Mar 2025 00:32:32 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8FFF 		604 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.227 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f3.1e100.net
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 03:13:27 GMT
x-content-type-options
nosniff
age
248303
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 01 Mar 2025 03:13:27 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/elements/html/ Frame 8FFF 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
5efd17aa9600929f5517878dd267b6fdfeca37478d6987b5d75caec4f1e4b1a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 21:08:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
10987
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9093
x-xss-protection
0
server
cafe
etag
981128176822753981
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Mar 2024 21:08:43 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/ Frame 0CF1 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 18:04:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
22013
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8947
x-xss-protection
0
server
cafe
etag
12299188824252842506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Mar 2024 18:04:57 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame F5A1 		143 B
200 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
2488
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Mar 2024 23:30:22 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame 0CF1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 18:04:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
22013
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Mar 2024 18:04:57 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame 0CF1 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 03:13:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
75500
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8211
x-xss-protection
0
server
cafe
etag
3968847549730513390
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Mar 2024 03:13:30 GMT
15907318599269795396
tpc.googlesyndication.com/simgad/ Frame 0CF1 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15907318599269795396?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qnm7ohAy3VMnj-BPy8VtrhZhGMpfA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
sffe /
Resource Hash
b7b4e3d5f238300ac77e388a66a013aa2fb3c8409b226e4e67f6a371637d4338
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 04:39:04 GMT
x-content-type-options
nosniff
age
243166
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14289
x-xss-protection
0
last-modified
Thu, 27 Oct 2022 13:41:28 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 01 Mar 2025 04:39:04 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 0CF1 		207 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
cafe /
Resource Hash
b2aa131b334742b75fe3de815997b21d4783cea50a210783c0e243fb7d9d6eac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 23:42:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
1746
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64050
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 04 Mar 2024 00:42:44 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame 0CF1 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
c80dc76a18ba8d711399bb1926d4afc46dbec0fa9a39f76933aae78861fb75c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 21:55:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
8155
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14561
x-xss-protection
0
server
cafe
etag
9133869656772815932
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Mar 2024 21:55:55 GMT
15907318599269795396
tpc.googlesyndication.com/simgad/ Frame BAD5 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15907318599269795396?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qnm7ohAy3VMnj-BPy8VtrhZhGMpfA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
sffe /
Resource Hash
b7b4e3d5f238300ac77e388a66a013aa2fb3c8409b226e4e67f6a371637d4338
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 04:39:04 GMT
x-content-type-options
nosniff
age
243166
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14289
x-xss-protection
0
last-modified
Thu, 27 Oct 2022 13:41:28 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 01 Mar 2025 04:39:04 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/ Frame BAD5 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 18:04:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
22013
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8947
x-xss-protection
0
server
cafe
etag
12299188824252842506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Mar 2024 18:04:57 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 2974 		143 B
200 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
2488
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Mar 2024 23:30:22 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame BAD5 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 18:04:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
22013
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Mar 2024 18:04:57 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame BAD5 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 03:13:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
75500
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8211
x-xss-protection
0
server
cafe
etag
3968847549730513390
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Mar 2024 03:13:30 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame BAD5 		207 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
cafe /
Resource Hash
b2aa131b334742b75fe3de815997b21d4783cea50a210783c0e243fb7d9d6eac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 23:42:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
1746
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64050
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 04 Mar 2024 00:42:44 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame BAD5 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
c80dc76a18ba8d711399bb1926d4afc46dbec0fa9a39f76933aae78861fb75c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 21:55:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
8155
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14561
x-xss-protection
0
server
cafe
etag
9133869656772815932
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Mar 2024 21:55:55 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/ Frame 9A8C 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 18:04:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
22013
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8947
x-xss-protection
0
server
cafe
etag
12299188824252842506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Mar 2024 18:04:57 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame C791 		143 B
200 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
2488
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Mar 2024 23:30:22 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame 9A8C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 18:04:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
22013
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Mar 2024 18:04:57 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame 9A8C 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 03:13:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
75500
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8211
x-xss-protection
0
server
cafe
etag
3968847549730513390
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Mar 2024 03:13:30 GMT
16187553198797540310
tpc.googlesyndication.com/daca_images/simgad/ Frame 9A8C 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/16187553198797540310
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
sffe /
Resource Hash
55754f752518f2a6b1b38fe69d11075f87dc92cc1ec8b484886a95f6b08bd4e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires
Sat, 01 Mar 2025 10:29:57 GMT
date
Fri, 01 Mar 2024 10:29:57 GMT
x-content-type-options
nosniff
age
222113
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38820
x-xss-protection
0
last-modified
Sun, 19 Feb 2023 02:14:49 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 9A8C 		207 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
cafe /
Resource Hash
b2aa131b334742b75fe3de815997b21d4783cea50a210783c0e243fb7d9d6eac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 23:42:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
1746
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64050
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 04 Mar 2024 00:42:44 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame 9A8C 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
c80dc76a18ba8d711399bb1926d4afc46dbec0fa9a39f76933aae78861fb75c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 21:55:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
8155
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14561
x-xss-protection
0
server
cafe
etag
9133869656772815932
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Mar 2024 21:55:55 GMT
AGSKWxWTMPigWlOxQbrYWDA56Gu_CqlArYEVFTJwVDTrisuB60RGai27Fg86qARH-UdL2nmKK2J6QYuYugD7Amuf_x7lLQmgQVVaUWFJ9NiVjHLSkbVBXzccZ_DyQ-saODP8y5hQqSDjxw==
fundingchoicesmessages.google.com/f/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWTMPigWlOxQbrYWDA56Gu_CqlArYEVFTJwVDTrisuB60RGai27Fg86qARH-UdL2nmKK2J6QYuYugD7Amuf_x7lLQmgQVVaUWFJ9NiVjHLSkbVBXzccZ_DyQ-saODP8y5hQqSDjxw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA5NTExMTEwLDI0NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vdW56aXAtdGFyLWd6LmNvbS8iLG51bGwsW1s4LCJ2enJOdkhRLWN5byJdLFs5LCJlbi1HQiJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.vzrNvHQ-cyo.es5.O/am=wA/d=1/rs=AJlcJMwwidr7eeSUbaorybI6I8UAPUWJpQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f14.1e100.net
Software
ESF /
Resource Hash
69883fdf48497125ed97976f66669da68149038748251a17f134d806ecfe9906
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-3281HZY2B9QDojnnkKFNXg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://unzip-tar-gz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 00:11:50 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-3281HZY2B9QDojnnkKFNXg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStHikmJw15BiOO90h-k6ENcyPGNqBWIDjedMFkDM-OcFEycQv_vykkng60smCSDWAuIdPh4sfOums6oAseH66ayRQBzzfDprChA7pc9gDQFin_oZrHFALMTDcWzxlPVsAjM2nJnKCAACBC0r"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame E5A6
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
168 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Mar 2024 00:11:50 GMT
expires
Mon, 04 Mar 2024 00:11:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Mar 2024 00:11:50 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame F5A1
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
145 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Mar 2024 00:11:50 GMT
expires
Mon, 04 Mar 2024 00:11:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Mar 2024 00:11:50 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 2974
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
145 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Mar 2024 00:11:50 GMT
expires
Mon, 04 Mar 2024 00:11:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Mar 2024 00:11:50 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 9A8C 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60216a0f7b323075c92b0d14720d5e4cce2fb41ab92035d1c866cda861d25a5d

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame C791
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
145 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.66 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Mar 2024 00:11:50 GMT
expires
Mon, 04 Mar 2024 00:11:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Mar 2024 00:11:50 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 9A8C
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CK1VnxBHlZejmA6-g4t4PsfmpuAa1tKqddOD996XyENCo_eu0LxABILnZyCJgpYCAgJABoAH3y7jCAsgBAqkC0kSjndrmST6oAwHIA8kEqgTHAU_QbiIQoLSXQ9IuBfr8It7LKIqSKhjRLmL...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x4c539540ab29a11c0000000000000000%22,%222%22:%220xeafddc0acd5cc1e90000000000000000%22,%223%22:%220x7fe4f3...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x4c539540ab29a11c0000000000000000%22,%222%22:%220xeafddc0acd5cc1e90000000000000000%22,%223%22:%220x7fe4f34e6f68924d0000000000000000%22,%224%22:%220x97e16560802c7a900000000000000000%22,%225%22:%220xa49f77046cb5ba680000000000000000%22},%22debug_key%22:%225103399318048085617%22,%22debug_reporting%22:true,%22destination%22:%22https://manageengine.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22676210167%22],%2222%22:[%22true%22],%224%22:[%2203-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221512527914751161249%22}&andc=true
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Protocol
H3
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 00:11:50 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x4c539540ab29a11c0000000000000000","2":"0xeafddc0acd5cc1e90000000000000000","3":"0x7fe4f34e6f68924d0000000000000000","4":"0x97e16560802c7a900000000000000000","5":"0xa49f77046cb5ba680000000000000000"},"debug_key":"5103399318048085617","debug_reporting":true,"destination":"https://manageengine.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["676210167"],"22":["true"],"4":["03-04"],"6":["true"]},"priority":"500","source_event_id":"1512527914751161249"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 04 Mar 2024 00:11:50 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 04 Mar 2024 00:11:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x4c539540ab29a11c0000000000000000","2":"0xeafddc0acd5cc1e90000000000000000","3":"0x7fe4f34e6f68924d0000000000000000","4":"0x97e16560802c7a900000000000000000","5":"0xa49f77046cb5ba680000000000000000"},"debug_key":"5103399318048085617","debug_reporting":true,"destination":"https://manageengine.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["676210167"],"22":["true"],"4":["03-04"],"6":["true"]},"priority":"500","source_event_id":"1512527914751161249"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame AAD7 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssfoz6lo-19WjrHwU2JjQxf1w1Mk9l7nzcS9HCMe6afzYdwB_TD1O4mJrkmWkq1spGT31qHMQ4HtncE-uznhCXmam3MW9xWpummIXltIH4Csq-gAXO_EDLsb7jraw0RCwJ0UmkjiRanSg8afLNOsFR1BGixWJOuWE4&sai=AMfl-YRSIG5DZtCVJrE4Wh_kgqG3KonlA-poQPi3JE6p51F7UN7iZP3PBZOUILuStxZ4tBxE4IGYiSofN9ergbxyea8nFafNRaRXL7sTSwMneyCCJit_FkgKrsdm9jINpvpIrGL2Yu-DyyB1Md33ld6k2Q&sig=Cg0ArKJSzCWvW2hSel7xEAE&cid=CAQSTwB7FLtq3aAxEze5hN3GodPvv_iDUbBl9xpyt4Nc-KA_KAZwewL3IROigzG1P4OygEjRp40hxD4CrC6JowgZkvjQ41MRG8OInrOJQGSCeSgYAQ&id=lidar2&mcvt=1000&p=0,0,280,336&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240229&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3152364225&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=544390900&rst=1709511107974&rpt=1480&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Mar 2024 00:11:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a557c05b701b7d3041e507ef957cdd82.js
www.gstatic.com/mysidia/ Frame 14BA 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/a557c05b701b7d3041e507ef957cdd82.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1NNN&client=ca-pub-4559838995070559&output=html&h=60&adk=510444280&adf=1020379959&pi=t.aa~a.3620710788~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1709511110&rafmt=1&to=qs&pwprc=7794995290&format=1200x60&url=https%3A%2F%2Funzip-tar-gz.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709511109473&bpp=1&bdt=2766&idt=-M&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da13e31a070e59846%3AT%3D1709511108%3ART%3D1709511108%3AS%3DALNI_MYIDtsd87CB3hI80-VLIgDhX3Xiog&gpic=UID%3D00000d2481fedef9%3AT%3D1709511108%3ART%3D1709511108%3AS%3DALNI_MbcIWSr3IgVEo1EpTZLF2CEGFOFlA&eo_id_str=ID%3Df1b15d0fa449b1e5%3AT%3D1709511108%3ART%3D1709511108%3AS%3DAA-AfjbEgvyNDmYqflfb69kMCirS&prev_fmts=336x280%2C336x280%2C0x0&nras=2&correlator=4812284435659&frm=20&pv=1&ga_vid=1990468174.1709511108&ga_sid=1709511108&ga_hid=1220006125&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1461&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42532523%2C95325752%2C95321957%2C95324161%2C95325784%2C95326430%2C95326436&oid=2&psts=AOrYGslsyUT7b8szZuTIrctVc0k9j5O1Yb72xGu6VP9FGE1y1k51vCB3kCiQeJ_4PqaZCw-mUQHqtHVU1HCr1vlQJSXpqCs%2CAOrYGsl-UUqx9T54akFl8Jr5UaEtyFyYq2_z3JBWBhwJBo_844awGsOwNJbKhWUngRGEm4gqa9GDV4TlzbSeb6rzCwquqhU&pvsid=2891286047968147&tmod=570565626&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=548
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.227 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f3.1e100.net
Software
sffe /
Resource Hash
448746297b5f7cd9944269adb069e134c1108f3e2e49f34dd8558de47175f470
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 03:16:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
248099
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3757
x-xss-protection
0
last-modified
Wed, 28 Feb 2024 00:55:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 30 May 2024 03:16:51 GMT
18237942aa2fcadce968187580046b2b.js
www.gstatic.com/mysidia/ Frame 14BA 		41 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/18237942aa2fcadce968187580046b2b.js?tag=html5_display_upload/html5_exit_api
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1NNN&client=ca-pub-4559838995070559&output=html&h=60&adk=510444280&adf=1020379959&pi=t.aa~a.3620710788~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1709511110&rafmt=1&to=qs&pwprc=7794995290&format=1200x60&url=https%3A%2F%2Funzip-tar-gz.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709511109473&bpp=1&bdt=2766&idt=-M&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da13e31a070e59846%3AT%3D1709511108%3ART%3D1709511108%3AS%3DALNI_MYIDtsd87CB3hI80-VLIgDhX3Xiog&gpic=UID%3D00000d2481fedef9%3AT%3D1709511108%3ART%3D1709511108%3AS%3DALNI_MbcIWSr3IgVEo1EpTZLF2CEGFOFlA&eo_id_str=ID%3Df1b15d0fa449b1e5%3AT%3D1709511108%3ART%3D1709511108%3AS%3DAA-AfjbEgvyNDmYqflfb69kMCirS&prev_fmts=336x280%2C336x280%2C0x0&nras=2&correlator=4812284435659&frm=20&pv=1&ga_vid=1990468174.1709511108&ga_sid=1709511108&ga_hid=1220006125&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1461&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42532523%2C95325752%2C95321957%2C95324161%2C95325784%2C95326430%2C95326436&oid=2&psts=AOrYGslsyUT7b8szZuTIrctVc0k9j5O1Yb72xGu6VP9FGE1y1k51vCB3kCiQeJ_4PqaZCw-mUQHqtHVU1HCr1vlQJSXpqCs%2CAOrYGsl-UUqx9T54akFl8Jr5UaEtyFyYq2_z3JBWBhwJBo_844awGsOwNJbKhWUngRGEm4gqa9GDV4TlzbSeb6rzCwquqhU&pvsid=2891286047968147&tmod=570565626&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=548
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.227 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f3.1e100.net
Software
sffe /
Resource Hash
3708c7138c901b15c9340b98a893545cdcb905c7f707a36dd93ea4ef6c5088be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 03:16:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
248126
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16341
x-xss-protection
0
last-modified
Wed, 28 Feb 2024 00:55:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 30 May 2024 03:16:24 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame 14BA 		2 KB
859 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1NNN&client=ca-pub-4559838995070559&output=html&h=60&adk=510444280&adf=1020379959&pi=t.aa~a.3620710788~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1709511110&rafmt=1&to=qs&pwprc=7794995290&format=1200x60&url=https%3A%2F%2Funzip-tar-gz.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709511109473&bpp=1&bdt=2766&idt=-M&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da13e31a070e59846%3AT%3D1709511108%3ART%3D1709511108%3AS%3DALNI_MYIDtsd87CB3hI80-VLIgDhX3Xiog&gpic=UID%3D00000d2481fedef9%3AT%3D1709511108%3ART%3D1709511108%3AS%3DALNI_MbcIWSr3IgVEo1EpTZLF2CEGFOFlA&eo_id_str=ID%3Df1b15d0fa449b1e5%3AT%3D1709511108%3ART%3D1709511108%3AS%3DAA-AfjbEgvyNDmYqflfb69kMCirS&prev_fmts=336x280%2C336x280%2C0x0&nras=2&correlator=4812284435659&frm=20&pv=1&ga_vid=1990468174.1709511108&ga_sid=1709511108&ga_hid=1220006125&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1461&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42532523%2C95325752%2C95321957%2C95324161%2C95325784%2C95326430%2C95326436&oid=2&psts=AOrYGslsyUT7b8szZuTIrctVc0k9j5O1Yb72xGu6VP9FGE1y1k51vCB3kCiQeJ_4PqaZCw-mUQHqtHVU1HCr1vlQJSXpqCs%2CAOrYGsl-UUqx9T54akFl8Jr5UaEtyFyYq2_z3JBWBhwJBo_844awGsOwNJbKhWUngRGEm4gqa9GDV4TlzbSeb6rzCwquqhU&pvsid=2891286047968147&tmod=570565626&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=548
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 03:23:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
74880
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Mar 2024 03:23:50 GMT
f30634b4a3ab8fb661763ee5d6c29381.js
www.gstatic.com/mysidia/ Frame 14BA 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/f30634b4a3ab8fb661763ee5d6c29381.js?tag=exit_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1NNN&client=ca-pub-4559838995070559&output=html&h=60&adk=510444280&adf=1020379959&pi=t.aa~a.3620710788~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1709511110&rafmt=1&to=qs&pwprc=7794995290&format=1200x60&url=https%3A%2F%2Funzip-tar-gz.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709511109473&bpp=1&bdt=2766&idt=-M&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da13e31a070e59846%3AT%3D1709511108%3ART%3D1709511108%3AS%3DALNI_MYIDtsd87CB3hI80-VLIgDhX3Xiog&gpic=UID%3D00000d2481fedef9%3AT%3D1709511108%3ART%3D1709511108%3AS%3DALNI_MbcIWSr3IgVEo1EpTZLF2CEGFOFlA&eo_id_str=ID%3Df1b15d0fa449b1e5%3AT%3D1709511108%3ART%3D1709511108%3AS%3DAA-AfjbEgvyNDmYqflfb69kMCirS&prev_fmts=336x280%2C336x280%2C0x0&nras=2&correlator=4812284435659&frm=20&pv=1&ga_vid=1990468174.1709511108&ga_sid=1709511108&ga_hid=1220006125&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1461&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42532523%2C95325752%2C95321957%2C95324161%2C95325784%2C95326430%2C95326436&oid=2&psts=AOrYGslsyUT7b8szZuTIrctVc0k9j5O1Yb72xGu6VP9FGE1y1k51vCB3kCiQeJ_4PqaZCw-mUQHqtHVU1HCr1vlQJSXpqCs%2CAOrYGsl-UUqx9T54akFl8Jr5UaEtyFyYq2_z3JBWBhwJBo_844awGsOwNJbKhWUngRGEm4gqa9GDV4TlzbSeb6rzCwquqhU&pvsid=2891286047968147&tmod=570565626&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=548
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.227 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f3.1e100.net
Software
sffe /
Resource Hash
e38585fe1420e1227de54c45057bfbe84ae69461b8ba4e4fc5bbd1a2b31484c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 03:23:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
247687
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9382
x-xss-protection
0
last-modified
Wed, 28 Feb 2024 00:55:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 30 May 2024 03:23:43 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/ Frame 14BA 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1NNN&client=ca-pub-4559838995070559&output=html&h=60&adk=510444280&adf=1020379959&pi=t.aa~a.3620710788~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1709511110&rafmt=1&to=qs&pwprc=7794995290&format=1200x60&url=https%3A%2F%2Funzip-tar-gz.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709511109473&bpp=1&bdt=2766&idt=-M&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da13e31a070e59846%3AT%3D1709511108%3ART%3D1709511108%3AS%3DALNI_MYIDtsd87CB3hI80-VLIgDhX3Xiog&gpic=UID%3D00000d2481fedef9%3AT%3D1709511108%3ART%3D1709511108%3AS%3DALNI_MbcIWSr3IgVEo1EpTZLF2CEGFOFlA&eo_id_str=ID%3Df1b15d0fa449b1e5%3AT%3D1709511108%3ART%3D1709511108%3AS%3DAA-AfjbEgvyNDmYqflfb69kMCirS&prev_fmts=336x280%2C336x280%2C0x0&nras=2&correlator=4812284435659&frm=20&pv=1&ga_vid=1990468174.1709511108&ga_sid=1709511108&ga_hid=1220006125&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1461&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42532523%2C95325752%2C95321957%2C95324161%2C95325784%2C95326430%2C95326436&oid=2&psts=AOrYGslsyUT7b8szZuTIrctVc0k9j5O1Yb72xGu6VP9FGE1y1k51vCB3kCiQeJ_4PqaZCw-mUQHqtHVU1HCr1vlQJSXpqCs%2CAOrYGsl-UUqx9T54akFl8Jr5UaEtyFyYq2_z3JBWBhwJBo_844awGsOwNJbKhWUngRGEm4gqa9GDV4TlzbSeb6rzCwquqhU&pvsid=2891286047968147&tmod=570565626&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=548
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 18:04:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
22013
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8947
x-xss-protection
0
server
cafe
etag
12299188824252842506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Mar 2024 18:04:57 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame 14BA 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1NNN&client=ca-pub-4559838995070559&output=html&h=60&adk=510444280&adf=1020379959&pi=t.aa~a.3620710788~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1709511110&rafmt=1&to=qs&pwprc=7794995290&format=1200x60&url=https%3A%2F%2Funzip-tar-gz.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709511109473&bpp=1&bdt=2766&idt=-M&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da13e31a070e59846%3AT%3D1709511108%3ART%3D1709511108%3AS%3DALNI_MYIDtsd87CB3hI80-VLIgDhX3Xiog&gpic=UID%3D00000d2481fedef9%3AT%3D1709511108%3ART%3D1709511108%3AS%3DALNI_MbcIWSr3IgVEo1EpTZLF2CEGFOFlA&eo_id_str=ID%3Df1b15d0fa449b1e5%3AT%3D1709511108%3ART%3D1709511108%3AS%3DAA-AfjbEgvyNDmYqflfb69kMCirS&prev_fmts=336x280%2C336x280%2C0x0&nras=2&correlator=4812284435659&frm=20&pv=1&ga_vid=1990468174.1709511108&ga_sid=1709511108&ga_hid=1220006125&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1461&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42532523%2C95325752%2C95321957%2C95324161%2C95325784%2C95326430%2C95326436&oid=2&psts=AOrYGslsyUT7b8szZuTIrctVc0k9j5O1Yb72xGu6VP9FGE1y1k51vCB3kCiQeJ_4PqaZCw-mUQHqtHVU1HCr1vlQJSXpqCs%2CAOrYGsl-UUqx9T54akFl8Jr5UaEtyFyYq2_z3JBWBhwJBo_844awGsOwNJbKhWUngRGEm4gqa9GDV4TlzbSeb6rzCwquqhU&pvsid=2891286047968147&tmod=570565626&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=548
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 18:04:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
22013
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Mar 2024 18:04:57 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame 14BA 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240228/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1NNN&client=ca-pub-4559838995070559&output=html&h=60&adk=510444280&adf=1020379959&pi=t.aa~a.3620710788~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1709511110&rafmt=1&to=qs&pwprc=7794995290&format=1200x60&url=https%3A%2F%2Funzip-tar-gz.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709511109473&bpp=1&bdt=2766&idt=-M&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da13e31a070e59846%3AT%3D1709511108%3ART%3D1709511108%3AS%3DALNI_MYIDtsd87CB3hI80-VLIgDhX3Xiog&gpic=UID%3D00000d2481fedef9%3AT%3D1709511108%3ART%3D1709511108%3AS%3DALNI_MbcIWSr3IgVEo1EpTZLF2CEGFOFlA&eo_id_str=ID%3Df1b15d0fa449b1e5%3AT%3D1709511108%3ART%3D1709511108%3AS%3DAA-AfjbEgvyNDmYqflfb69kMCirS&prev_fmts=336x280%2C336x280%2C0x0&nras=2&correlator=4812284435659&frm=20&pv=1&ga_vid=1990468174.1709511108&ga_sid=1709511108&ga_hid=1220006125&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1461&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42532523%2C95325752%2C95321957%2C95324161%2C95325784%2C95326430%2C95326436&oid=2&psts=AOrYGslsyUT7b8szZuTIrctVc0k9j5O1Yb72xGu6VP9FGE1y1k51vCB3kCiQeJ_4PqaZCw-mUQHqtHVU1HCr1vlQJSXpqCs%2CAOrYGsl-UUqx9T54akFl8Jr5UaEtyFyYq2_z3JBWBhwJBo_844awGsOwNJbKhWUngRGEm4gqa9GDV4TlzbSeb6rzCwquqhU&pvsid=2891286047968147&tmod=570565626&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=548
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 03:13:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
75500
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8211
x-xss-protection
0
server
cafe
etag
3968847549730513390
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 17 Mar 2024 03:13:30 GMT
l
www.google.com/ads/measurement/ Frame 14BA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSST0WygZrmT04tlIKp6ypSJME9M5nf4pKs19Mp7xkmqukI9hIZuuXkB_LrJgMmYiZSLYSZlYmpMBuy9dfIMIeeLjUUgQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1NNN&client=ca-pub-4559838995070559&output=html&h=60&adk=510444280&adf=1020379959&pi=t.aa~a.3620710788~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1709511110&rafmt=1&to=qs&pwprc=7794995290&format=1200x60&url=https%3A%2F%2Funzip-tar-gz.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709511109473&bpp=1&bdt=2766&idt=-M&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da13e31a070e59846%3AT%3D1709511108%3ART%3D1709511108%3AS%3DALNI_MYIDtsd87CB3hI80-VLIgDhX3Xiog&gpic=UID%3D00000d2481fedef9%3AT%3D1709511108%3ART%3D1709511108%3AS%3DALNI_MbcIWSr3IgVEo1EpTZLF2CEGFOFlA&eo_id_str=ID%3Df1b15d0fa449b1e5%3AT%3D1709511108%3ART%3D1709511108%3AS%3DAA-AfjbEgvyNDmYqflfb69kMCirS&prev_fmts=336x280%2C336x280%2C0x0&nras=2&correlator=4812284435659&frm=20&pv=1&ga_vid=1990468174.1709511108&ga_sid=1709511108&ga_hid=1220006125&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1461&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42532523%2C95325752%2C95321957%2C95324161%2C95325784%2C95326430%2C95326436&oid=2&psts=AOrYGslsyUT7b8szZuTIrctVc0k9j5O1Yb72xGu6VP9FGE1y1k51vCB3kCiQeJ_4PqaZCw-mUQHqtHVU1HCr1vlQJSXpqCs%2CAOrYGsl-UUqx9T54akFl8Jr5UaEtyFyYq2_z3JBWBhwJBo_844awGsOwNJbKhWUngRGEm4gqa9GDV4TlzbSeb6rzCwquqhU&pvsid=2891286047968147&tmod=570565626&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=548
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.4 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 14BA 		207 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1NNN&client=ca-pub-4559838995070559&output=html&h=60&adk=510444280&adf=1020379959&pi=t.aa~a.3620710788~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1709511110&rafmt=1&to=qs&pwprc=7794995290&format=1200x60&url=https%3A%2F%2Funzip-tar-gz.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709511109473&bpp=1&bdt=2766&idt=-M&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da13e31a070e59846%3AT%3D1709511108%3ART%3D1709511108%3AS%3DALNI_MYIDtsd87CB3hI80-VLIgDhX3Xiog&gpic=UID%3D00000d2481fedef9%3AT%3D1709511108%3ART%3D1709511108%3AS%3DALNI_MbcIWSr3IgVEo1EpTZLF2CEGFOFlA&eo_id_str=ID%3Df1b15d0fa449b1e5%3AT%3D1709511108%3ART%3D1709511108%3AS%3DAA-AfjbEgvyNDmYqflfb69kMCirS&prev_fmts=336x280%2C336x280%2C0x0&nras=2&correlator=4812284435659&frm=20&pv=1&ga_vid=1990468174.1709511108&ga_sid=1709511108&ga_hid=1220006125&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1461&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42532523%2C95325752%2C95321957%2C95324161%2C95325784%2C95326430%2C95326436&oid=2&psts=AOrYGslsyUT7b8szZuTIrctVc0k9j5O1Yb72xGu6VP9FGE1y1k51vCB3kCiQeJ_4PqaZCw-mUQHqtHVU1HCr1vlQJSXpqCs%2CAOrYGsl-UUqx9T54akFl8Jr5UaEtyFyYq2_z3JBWBhwJBo_844awGsOwNJbKhWUngRGEm4gqa9GDV4TlzbSeb6rzCwquqhU&pvsid=2891286047968147&tmod=570565626&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=548
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
cafe /
Resource Hash
b2aa131b334742b75fe3de815997b21d4783cea50a210783c0e243fb7d9d6eac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 23:42:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
1746
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64050
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 04 Mar 2024 00:42:44 GMT
eea50308dcf9de2b0c0fe89d3b5a5e83.js
www.gstatic.com/mysidia/ Frame 14BA 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/eea50308dcf9de2b0c0fe89d3b5a5e83.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1NNN&client=ca-pub-4559838995070559&output=html&h=60&adk=510444280&adf=1020379959&pi=t.aa~a.3620710788~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1709511110&rafmt=1&to=qs&pwprc=7794995290&format=1200x60&url=https%3A%2F%2Funzip-tar-gz.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709511109473&bpp=1&bdt=2766&idt=-M&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da13e31a070e59846%3AT%3D1709511108%3ART%3D1709511108%3AS%3DALNI_MYIDtsd87CB3hI80-VLIgDhX3Xiog&gpic=UID%3D00000d2481fedef9%3AT%3D1709511108%3ART%3D1709511108%3AS%3DALNI_MbcIWSr3IgVEo1EpTZLF2CEGFOFlA&eo_id_str=ID%3Df1b15d0fa449b1e5%3AT%3D1709511108%3ART%3D1709511108%3AS%3DAA-AfjbEgvyNDmYqflfb69kMCirS&prev_fmts=336x280%2C336x280%2C0x0&nras=2&correlator=4812284435659&frm=20&pv=1&ga_vid=1990468174.1709511108&ga_sid=1709511108&ga_hid=1220006125&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1461&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42532523%2C95325752%2C95321957%2C95324161%2C95325784%2C95326430%2C95326436&oid=2&psts=AOrYGslsyUT7b8szZuTIrctVc0k9j5O1Yb72xGu6VP9FGE1y1k51vCB3kCiQeJ_4PqaZCw-mUQHqtHVU1HCr1vlQJSXpqCs%2CAOrYGsl-UUqx9T54akFl8Jr5UaEtyFyYq2_z3JBWBhwJBo_844awGsOwNJbKhWUngRGEm4gqa9GDV4TlzbSeb6rzCwquqhU&pvsid=2891286047968147&tmod=570565626&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=548
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.227 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f3.1e100.net
Software
sffe /
Resource Hash
a86d26e0a9759e5d6b482f102d7cade65f3dbe4792972bd59caa9966b9ff568b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 03:19:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
247922
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15206
x-xss-protection
0
last-modified
Wed, 28 Feb 2024 00:55:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 30 May 2024 03:19:48 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x4c539540ab29a11c0000000000000000%22,%222%22:%220xeafddc0acd5cc1e90000000000000000%22,%223%22:%220x7fe4f34e6f68924d0000000000000000%22,%224%22:%220x97e16560802c7a900000000000000000%22,%225%22:%220xa49f77046cb5ba680000000000000000%22},%22debug_key%22:%225103399318048085617%22,%22debug_reporting%22:true,%22destination%22:%22https://manageengine.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22676210167%22],%2222%22:[%22true%22],%224%22:[%2203-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221512527914751161249%22}&andc=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 04 Mar 2024 00:11:50 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14463782928620631522/ Frame F05B 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14463782928620631522/index.html
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/18237942aa2fcadce968187580046b2b.js?tag=html5_display_upload/html5_exit_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
sffe /
Resource Hash
8603067c87428bb65ca58bebdd7427c2d44ef354f82601fee8f7dc86a27a3003
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
44905
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
3335
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Sun, 03 Mar 2024 11:43:25 GMT
expires
Mon, 03 Mar 2025 11:43:25 GMT
last-modified
Wed, 10 Jan 2024 15:43:20 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame F49B 		1 KB
738 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1NNN&client=ca-pub-4559838995070559&output=html&h=60&adk=510444280&adf=1020379959&pi=t.aa~a.3620710788~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1709511110&rafmt=1&to=qs&pwprc=7794995290&format=1200x60&url=https%3A%2F%2Funzip-tar-gz.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709511109473&bpp=1&bdt=2766&idt=-M&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da13e31a070e59846%3AT%3D1709511108%3ART%3D1709511108%3AS%3DALNI_MYIDtsd87CB3hI80-VLIgDhX3Xiog&gpic=UID%3D00000d2481fedef9%3AT%3D1709511108%3ART%3D1709511108%3AS%3DALNI_MbcIWSr3IgVEo1EpTZLF2CEGFOFlA&eo_id_str=ID%3Df1b15d0fa449b1e5%3AT%3D1709511108%3ART%3D1709511108%3AS%3DAA-AfjbEgvyNDmYqflfb69kMCirS&prev_fmts=336x280%2C336x280%2C0x0&nras=2&correlator=4812284435659&frm=20&pv=1&ga_vid=1990468174.1709511108&ga_sid=1709511108&ga_hid=1220006125&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1461&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42532523%2C95325752%2C95321957%2C95324161%2C95325784%2C95326430%2C95326436&oid=2&psts=AOrYGslsyUT7b8szZuTIrctVc0k9j5O1Yb72xGu6VP9FGE1y1k51vCB3kCiQeJ_4PqaZCw-mUQHqtHVU1HCr1vlQJSXpqCs%2CAOrYGsl-UUqx9T54akFl8Jr5UaEtyFyYq2_z3JBWBhwJBo_844awGsOwNJbKhWUngRGEm4gqa9GDV4TlzbSeb6rzCwquqhU&pvsid=2891286047968147&tmod=570565626&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=548
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
1343
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 03 Mar 2024 23:49:27 GMT
etag
48472445140208031
expires
Mon, 04 Mar 2024 23:49:27 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 14BA 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4e1a27e943382c89b9070d33677db542f4419fa861e4382779a1dece9ad094b9

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type
image/png
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame F05B 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14463782928620631522/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14463782928620631522/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 03:43:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
73700
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2551
x-xss-protection
0
server
cafe
etag
4618035238173732404
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 04 Mar 2024 03:43:30 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame F05B 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14463782928620631522/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
cafe /
Resource Hash
9412328c893fb4c6709628ccd2abe0fb40ac5479f67a4fc9811f9626971ab543
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14463782928620631522/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 03:25:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
74769
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13986
x-xss-protection
0
server
cafe
etag
13700676731869450326
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 04 Mar 2024 03:25:41 GMT
5d371cadb906ef09214e77aace1bad6f.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14463782928620631522/ Frame F05B 		63 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14463782928620631522/5d371cadb906ef09214e77aace1bad6f.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14463782928620631522/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
sffe /
Resource Hash
ddda74ba65b0563e6921604efc06599c80bae23554111c6ef5be1c30b7bd4605
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14463782928620631522/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires
Mon, 03 Mar 2025 11:43:27 GMT
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 03 Mar 2024 11:43:27 GMT
age
44903
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18703
x-xss-protection
0
last-modified
Wed, 10 Jan 2024 15:43:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
sWfmJsWQCoSmdaAiuh8dwa10lFzQL04fMWr3mCbzgTM.js
pagead2.googlesyndication.com/bg/ Frame 0545 		52 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sWfmJsWQCoSmdaAiuh8dwa10lFzQL04fMWr3mCbzgTM.js
Requested by
Host: unzip-tar-gz.com
URL: https://unzip-tar-gz.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
sffe /
Resource Hash
b167e626c5900a84a675a022ba1f1dc1ad74945cd02f4e1f316af79826f38133
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 03:37:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
246837
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20324
x-xss-protection
0
last-modified
Mon, 26 Feb 2024 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 01 Mar 2025 03:37:53 GMT
i.match
s.tribalfusion.com/z/ Frame F49B
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEL249XWxvxs9MOEmNNbbBcE&google_cver=1&google_push=AXcoOmQrISjWV_AqMU-3sCXrVtGHeiQi8WgP6S1w_o0HN9-nOMGxLBRPOGeZoN9ZVcu28SCe0_XaMn4lnoTy_gc9LzLqktbAEHgaB...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEL249XWxvxs9MOEmNNbbBcE&google_cver=1&google_push=AXcoOmQrISjWV_AqMU-3sCXrVtGHeiQi8WgP6S1w_o0HN9-nOMGxLBRPOGeZoN9ZVcu28SCe0_XaMn4lnoTy_gc9LzLqktbAEHg...
43 B
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEL249XWxvxs9MOEmNNbbBcE&google_cver=1&google_push=AXcoOmQrISjWV_AqMU-3sCXrVtGHeiQi8WgP6S1w_o0HN9-nOMGxLBRPOGeZoN9ZVcu28SCe0_XaMn4lnoTy_gc9LzLqktbAEHgaBp7wgHhPL_7y93MdPcNodI2gLAbfnecYcR8uRY3L5We2-FCBKpixFNPUrQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQrISjWV_AqMU-3sCXrVtGHeiQi8WgP6S1w_o0HN9-nOMGxLBRPOGeZoN9ZVcu28SCe0_XaMn4lnoTy_gc9LzLqktbAEHgaBp7wgHhPL_7y93MdPcNodI2gLAbfnecYcR8uRY3L5We2-FCBKpixFNPUrQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol
H2
Server
104.18.25.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Mar 2024 00:11:51 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
85eda6bc8d08a968-SYD
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 04 Mar 2024 00:11:51 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
3797
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEL249XWxvxs9MOEmNNbbBcE&google_cver=1&google_push=AXcoOmQrISjWV_AqMU-3sCXrVtGHeiQi8WgP6S1w_o0HN9-nOMGxLBRPOGeZoN9ZVcu28SCe0_XaMn4lnoTy_gc9LzLqktbAEHgaBp7wgHhPL_7y93MdPcNodI2gLAbfnecYcR8uRY3L5We2-FCBKpixFNPUrQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQrISjWV_AqMU-3sCXrVtGHeiQi8WgP6S1w_o0HN9-nOMGxLBRPOGeZoN9ZVcu28SCe0_XaMn4lnoTy_gc9LzLqktbAEHgaBp7wgHhPL_7y93MdPcNodI2gLAbfnecYcR8uRY3L5We2-FCBKpixFNPUrQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
85eda6bb7bc4a968-SYD
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F49B
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEZ17ILiaJ5B98VAirG88CE&google_push=AXcoOmTatRoQLFzoGxa_kyHIYRP_Kx8XFmTQjCclfBkZMYG_IMa-cY77CS...
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEZ17ILiaJ5B98VAirG88CE&google_push=AXcoOmTatRoQLFzoGxa_kyHIYRP_Kx8XFmTQjCclfBkZMYG_IMa-cY77CSROXiij6DPTL4CX7XufqajAHk0v7h9PGUPMMsUxU4RcKcc6UX9Z_9Od4QI3BLNpHheH5BmWXyk9-Gu65PrSmiKsM-5KW2-qfeE3Bg
Protocol
H2
Server
172.217.167.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Mar 2024 00:11:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-bne12529-BNE
pragma
no-cache
date
Mon, 04 Mar 2024 00:11:50 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1709511111.683108,VS0,VE219
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEEZ17ILiaJ5B98VAirG88CE&google_push=AXcoOmTatRoQLFzoGxa_kyHIYRP_Kx8XFmTQjCclfBkZMYG_IMa-cY77CSROXiij6DPTL4CX7XufqajAHk0v7h9PGUPMMsUxU4RcKcc6UX9Z_9Od4QI3BLNpHheH5BmWXyk9-Gu65PrSmiKsM-5KW2-qfeE3Bg
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame F49B
Redirect Chain
  • https://sync.fout.jp/sync?xid=googleadex&g_pixel=&sp=1&google_gid=CAESEG3wlF_TXeYdOQ9vm6jM-fM&google_cver=1&google_push=AXcoOmT3VZawit4sEgkKB4ICHxxGWpL6D2T38CwDQ_TAcYdV50MSAfyVNtCk03aaCj7M-hlG12chC...
  • https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmT3VZawit4sEgkKB4ICHxxGWpL6D2T38CwDQ_TAcYdV50MSAfyVNtCk03aaCj7M-hlG12chCOCUQRmIWJZzjv_OALBeUd0MEdId8L5mPZwJEaWjMXreR4qEO3Vk6N...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmT3VZawit4sEgkKB4ICHxxGWpL6D2T38CwDQ_TAcYdV50MSAfyVNtCk03aaCj7M-hlG12chCOCUQRmIWJZzjv_OALBeUd0MEdId8L5mPZwJEaWjMXreR4qEO3Vk6NuTMe4semUfnjMyTJvqfPXD8G6Y&google_hm=VXBZd1dMWGxxVXEtTm5RRVVrTkR1Nzl0M1Vv&from_google=sp1
Protocol
H3
Server
172.217.167.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Mar 2024 00:11:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 04 Mar 2024 00:11:51 GMT
Strict-Transport-Security
max-age=15768000
Server
nginx
Transfer-Encoding
chunked
P3P
CP="ADM NOI OUR"
Location
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmT3VZawit4sEgkKB4ICHxxGWpL6D2T38CwDQ_TAcYdV50MSAfyVNtCk03aaCj7M-hlG12chCOCUQRmIWJZzjv_OALBeUd0MEdId8L5mPZwJEaWjMXreR4qEO3Vk6NuTMe4semUfnjMyTJvqfPXD8G6Y&google_hm=VXBZd1dMWGxxVXEtTm5RRVVrTkR1Nzl0M1Vv&from_google=sp1
Cache-Control
private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection
keep-alive
sync
x.bidswitch.net/ Frame F49B 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEM5YOKjDm6A5R6vlrmrLyws&google_cver=1&google_push=AXcoOmQ0QeyqNeN6dMiEarTkXFZkFetCZCEAT-nRe89Dx2dK_YLiSXUdQMSbqTtoP5ZUGOUsAYYHCSITfZcUnOybhkfNqWDTiCIhsMdLGweC24AMogWzGAuLRlVjLfKMw5qzfXzrHki5wInN2aKoHsMRkX1LZA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1NNN&client=ca-pub-4559838995070559&output=html&h=60&adk=510444280&adf=1020379959&pi=t.aa~a.3620710788~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1709511110&rafmt=1&to=qs&pwprc=7794995290&format=1200x60&url=https%3A%2F%2Funzip-tar-gz.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709511109473&bpp=1&bdt=2766&idt=-M&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da13e31a070e59846%3AT%3D1709511108%3ART%3D1709511108%3AS%3DALNI_MYIDtsd87CB3hI80-VLIgDhX3Xiog&gpic=UID%3D00000d2481fedef9%3AT%3D1709511108%3ART%3D1709511108%3AS%3DALNI_MbcIWSr3IgVEo1EpTZLF2CEGFOFlA&eo_id_str=ID%3Df1b15d0fa449b1e5%3AT%3D1709511108%3ART%3D1709511108%3AS%3DAA-AfjbEgvyNDmYqflfb69kMCirS&prev_fmts=336x280%2C336x280%2C0x0&nras=2&correlator=4812284435659&frm=20&pv=1&ga_vid=1990468174.1709511108&ga_sid=1709511108&ga_hid=1220006125&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1461&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42532523%2C95325752%2C95321957%2C95324161%2C95325784%2C95326430%2C95326436&oid=2&psts=AOrYGslsyUT7b8szZuTIrctVc0k9j5O1Yb72xGu6VP9FGE1y1k51vCB3kCiQeJ_4PqaZCw-mUQHqtHVU1HCr1vlQJSXpqCs%2CAOrYGsl-UUqx9T54akFl8Jr5UaEtyFyYq2_z3JBWBhwJBo_844awGsOwNJbKhWUngRGEm4gqa9GDV4TlzbSeb6rzCwquqhU&pvsid=2891286047968147&tmod=570565626&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=548
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date
Mon, 04 Mar 2024 00:11:51 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
pixel
cm.g.doubleclick.net/ Frame F49B
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEI85XK96AcyyGuXIxM5cyYQ&google_cver=1&google_push=AXcoOmT-kgJjvZG0I_Ptfs9Z_wJqRL7gafbi2_1IjJmBscYCp1gAFkSPLEAJ97tEIK06KKyHOgxXlhHVq1Q3H...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEI85XK96AcyyGuXIxM5cyYQ&google_push=AXcoOmT-kgJjvZG0I_Ptfs9Z_wJqRL7gafbi2_1IjJmBscYCp1gAFkSPLEAJ97tEIK06KKyHOgxXlhHVq1Q3H...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmT-kgJjvZG0I_Ptfs9Z_wJqRL7gafbi2_1IjJmBscYCp1gAFkSPLEAJ97tEIK06KKyHOgxXlhHVq1Q3HWkPuPT97LSNZQHH38v1fiEpSjKO4FaYWQSdSS7KFwmQUrY...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmT-kgJjvZG0I_Ptfs9Z_wJqRL7gafbi2_1IjJmBscYCp1gAFkSPLEAJ97tEIK06KKyHOgxXlhHVq1Q3HWkPuPT97LSNZQHH38v1fiEpSjKO4FaYWQSdSS7KFwmQUrYghyf96VNDePmufK0cKIZyFuQcyA&google_hm=ZU00cl9xcC1QY0hvQzJnMHNoMWc=
Protocol
H3
Server
172.217.167.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Mar 2024 00:11:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 04 Mar 2024 00:11:51 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
text/html; charset=utf-8
Location
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AXcoOmT-kgJjvZG0I_Ptfs9Z_wJqRL7gafbi2_1IjJmBscYCp1gAFkSPLEAJ97tEIK06KKyHOgxXlhHVq1Q3HWkPuPT97LSNZQHH38v1fiEpSjKO4FaYWQSdSS7KFwmQUrYghyf96VNDePmufK0cKIZyFuQcyA&google_hm=ZU00cl9xcC1QY0hvQzJnMHNoMWc=
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
294
Expires
Thu, 01 Dec 1994 16:00:00 GMT
sspsync
cksync.yahoo.co.jp/ Frame F49B 		35 B
619 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cksync.yahoo.co.jp/sspsync?ptr=12703&google_gid=CAESEJ7NBkT8VXBivr4iN7KZA9k&google_cver=1&google_push=AXcoOmQcHKDlCIpaYck2p9Ty0a1tBiNWI7SCBsm5Ya1Q_6GFApVjRlzrpGtBsewWoASc_Yqno4NSYBNK6l_lhNFhm4grvBw6Tu6aqz65CCHq-zMiXYEflidf4Z9luJK6N-A0q8kgmqZ_enHiPlolOLZegt5JNlY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1NNN&client=ca-pub-4559838995070559&output=html&h=60&adk=510444280&adf=1020379959&pi=t.aa~a.3620710788~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1709511110&rafmt=1&to=qs&pwprc=7794995290&format=1200x60&url=https%3A%2F%2Funzip-tar-gz.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709511109473&bpp=1&bdt=2766&idt=-M&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da13e31a070e59846%3AT%3D1709511108%3ART%3D1709511108%3AS%3DALNI_MYIDtsd87CB3hI80-VLIgDhX3Xiog&gpic=UID%3D00000d2481fedef9%3AT%3D1709511108%3ART%3D1709511108%3AS%3DALNI_MbcIWSr3IgVEo1EpTZLF2CEGFOFlA&eo_id_str=ID%3Df1b15d0fa449b1e5%3AT%3D1709511108%3ART%3D1709511108%3AS%3DAA-AfjbEgvyNDmYqflfb69kMCirS&prev_fmts=336x280%2C336x280%2C0x0&nras=2&correlator=4812284435659&frm=20&pv=1&ga_vid=1990468174.1709511108&ga_sid=1709511108&ga_hid=1220006125&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1461&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42532523%2C95325752%2C95321957%2C95324161%2C95325784%2C95326430%2C95326436&oid=2&psts=AOrYGslsyUT7b8szZuTIrctVc0k9j5O1Yb72xGu6VP9FGE1y1k51vCB3kCiQeJ_4PqaZCw-mUQHqtHVU1HCr1vlQJSXpqCs%2CAOrYGsl-UUqx9T54akFl8Jr5UaEtyFyYq2_z3JBWBhwJBo_844awGsOwNJbKhWUngRGEm4gqa9GDV4TlzbSeb6rzCwquqhU&pvsid=2891286047968147&tmod=570565626&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=548
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.22.28.252 , Japan, ASN23816 (YAHOO Yahoo Japan Corporation, JP),
Reverse DNS
Software
nghttpx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 00:11:51 GMT
x-content-type-options
nosniff
server
nghttpx
age
0
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
private, no-store, no-cache
cross-origin-resource-policy
cross-origin
content-length
35
x-xss-protection
1; mode=block
report
sync.teads.tv/um/ Frame F49B
Redirect Chain
  • https://sync.teads.tv/um?ssb_provider_id=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESELLuWRS3OJPw...
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=NzgzNDJmZTEtZDcyZi00ODJhLWI5NmEtNzEzZDhkZDQ3ZDNi&google_push=AXcoOmRZBqGDSvBKs0IsV4rVzAVvi-r978Ba2sPdm6SH3eaWjFNjGpX_alaegFp4-XzaP...
  • https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Protocol
H2
Server
23.46.44.214 Sydney, Australia, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-46-44-214.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires
Mon, 04 Mar 2024 00:11:51 GMT
pragma
no-cache
date
Mon, 04 Mar 2024 00:11:51 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 04 Mar 2024 00:11:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
260
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame F49B 		0
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JLut39A95L515fym2iZOqQbbeu3Ybn5GKs-EpjOL5DPE2-Cd9sF6qVnp0CVEwUeuKKAizMGRc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1NNN&client=ca-pub-4559838995070559&output=html&h=60&adk=510444280&adf=1020379959&pi=t.aa~a.3620710788~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1709511110&rafmt=1&to=qs&pwprc=7794995290&format=1200x60&url=https%3A%2F%2Funzip-tar-gz.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709511109473&bpp=1&bdt=2766&idt=-M&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da13e31a070e59846%3AT%3D1709511108%3ART%3D1709511108%3AS%3DALNI_MYIDtsd87CB3hI80-VLIgDhX3Xiog&gpic=UID%3D00000d2481fedef9%3AT%3D1709511108%3ART%3D1709511108%3AS%3DALNI_MbcIWSr3IgVEo1EpTZLF2CEGFOFlA&eo_id_str=ID%3Df1b15d0fa449b1e5%3AT%3D1709511108%3ART%3D1709511108%3AS%3DAA-AfjbEgvyNDmYqflfb69kMCirS&prev_fmts=336x280%2C336x280%2C0x0&nras=2&correlator=4812284435659&frm=20&pv=1&ga_vid=1990468174.1709511108&ga_sid=1709511108&ga_hid=1220006125&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1461&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42532523%2C95325752%2C95321957%2C95324161%2C95325784%2C95326430%2C95326436&oid=2&psts=AOrYGslsyUT7b8szZuTIrctVc0k9j5O1Yb72xGu6VP9FGE1y1k51vCB3kCiQeJ_4PqaZCw-mUQHqtHVU1HCr1vlQJSXpqCs%2CAOrYGsl-UUqx9T54akFl8Jr5UaEtyFyYq2_z3JBWBhwJBo_844awGsOwNJbKhWUngRGEm4gqa9GDV4TlzbSeb6rzCwquqhU&pvsid=2891286047968147&tmod=570565626&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=548
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 00:11:50 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame 0CF1 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a10a321cb38a3f1d8a0a3115976b04dedd8bbf35a0e89c5742b9608f650c02d7

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type
image/png
/
www.googleadservices.com/pagead/ar-adview/ Frame 14BA
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=C-EIHxhHlZdKeBfeA9fwPpdqC8A-K-5qXdvr6gufDEquQ_tWXDhABILnZyCJgpYCAgJABoAH77pyiA8gBCakCnPBNqKI7tT6oAwHIA0iqBM4BT9D-woGvkMBw4OrRstQLIxJUxZIFkD7HR2t...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x2b7fa0e520d9fade0000000000000000%22,%222%22:%220x95dcd2699c5de09d0000000000000000%22,%223%22:%220x797556...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x2b7fa0e520d9fade0000000000000000%22,%222%22:%220x95dcd2699c5de09d0000000000000000%22,%223%22:%220x797556bb7e995eae0000000000000000%22,%224%22:%220x4ea3bf0c5db656d10000000000000000%22,%225%22:%220x19efa9a267ade4500000000000000000%22},%22debug_key%22:%228993107381886693812%22,%22debug_reporting%22:true,%22destination%22:%22https://dotdigital.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22877082491%22],%2222%22:[%22true%22],%224%22:[%2203-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22333798789092994481%22}&andc=true
Protocol
H3
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 00:11:51 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x2b7fa0e520d9fade0000000000000000","2":"0x95dcd2699c5de09d0000000000000000","3":"0x797556bb7e995eae0000000000000000","4":"0x4ea3bf0c5db656d10000000000000000","5":"0x19efa9a267ade4500000000000000000"},"debug_key":"8993107381886693812","debug_reporting":true,"destination":"https://dotdigital.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["877082491"],"22":["true"],"4":["03-04"],"6":["true"]},"priority":"500","source_event_id":"333798789092994481"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 04 Mar 2024 00:11:51 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 04 Mar 2024 00:11:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x2b7fa0e520d9fade0000000000000000","2":"0x95dcd2699c5de09d0000000000000000","3":"0x797556bb7e995eae0000000000000000","4":"0x4ea3bf0c5db656d10000000000000000","5":"0x19efa9a267ade4500000000000000000"},"debug_key":"8993107381886693812","debug_reporting":true,"destination":"https://dotdigital.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["877082491"],"22":["true"],"4":["03-04"],"6":["true"]},"priority":"500","source_event_id":"333798789092994481"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sWfmJsWQCoSmdaAiuh8dwa10lFzQL04fMWr3mCbzgTM.js
pagead2.googlesyndication.com/bg/ Frame 3EC4 		52 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sWfmJsWQCoSmdaAiuh8dwa10lFzQL04fMWr3mCbzgTM.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
sffe /
Resource Hash
b167e626c5900a84a675a022ba1f1dc1ad74945cd02f4e1f316af79826f38133
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 03:37:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
246837
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20324
x-xss-protection
0
last-modified
Mon, 26 Feb 2024 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 01 Mar 2025 03:37:53 GMT
461c74e3268cee70e91fb54252204799.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14463782928620631522/media/ Frame F05B 		15 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14463782928620631522/media/461c74e3268cee70e91fb54252204799.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14463782928620631522/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
sffe /
Resource Hash
90d5e63cdb9ee2ecf6a0db2075771956f263b426c7ea2abd5b0a55db3ea79359
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14463782928620631522/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires
Mon, 03 Mar 2025 11:43:28 GMT
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 03 Mar 2024 11:43:28 GMT
age
44902
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3702
x-xss-protection
0
last-modified
Wed, 10 Jan 2024 15:43:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
50a2769b7af0fb95c56eb668e55be416.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14463782928620631522/media/ Frame F05B 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14463782928620631522/media/50a2769b7af0fb95c56eb668e55be416.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14463782928620631522/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
sffe /
Resource Hash
0aca4c4bde3894859783b1550d142022e16d3aba0ebdf407ed848d53a48f3fc9
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14463782928620631522/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires
Mon, 03 Mar 2025 11:43:28 GMT
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Sun, 03 Mar 2024 11:43:28 GMT
x-content-type-options
nosniff
age
44902
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3845
x-xss-protection
0
last-modified
Wed, 10 Jan 2024 15:43:20 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
6f740159bc4ed5af5fa5f49756627125.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14463782928620631522/media/ Frame F05B 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14463782928620631522/media/6f740159bc4ed5af5fa5f49756627125.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14463782928620631522/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
sffe /
Resource Hash
f73adb53252b154fa83bec6ee793f2d84e2f5b269ddaccd1ff9478587fe834fa
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14463782928620631522/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires
Mon, 03 Mar 2025 11:43:29 GMT
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Sun, 03 Mar 2024 11:43:29 GMT
x-content-type-options
nosniff
age
44901
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8610
x-xss-protection
0
last-modified
Wed, 10 Jan 2024 15:43:20 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
/
www.googleadservices.com/pagead/ar-adview/ Frame 0CF1
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=C67jfxBHlZebmA6-g4t4PsfmpuAa1tKqddOjDsv-AEZ_thK6vKxABILnZyCJgpYCAgJABoAH3y7jCAsgBAqkC0kSjndrmST6oAwHIA8kEqgTGAU_QWXQgtlVkKpAvpaV64kylnBv19deGn2n...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x4c539540ab29a11c0000000000000000%22,%222%22:%220xeafddc0acd5cc1e90000000000000000%22,%223%22:%220x7fe4f3...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x4c539540ab29a11c0000000000000000%22,%222%22:%220xeafddc0acd5cc1e90000000000000000%22,%223%22:%220x7fe4f34e6f68924d0000000000000000%22,%224%22:%220x537225e5de0ffcc00000000000000000%22,%225%22:%220xa49f77046cb5ba680000000000000000%22},%22debug_key%22:%2210542406156984833695%22,%22debug_reporting%22:true,%22destination%22:%22https://manageengine.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22676210167%22],%2222%22:[%22true%22],%224%22:[%2203-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2218138150812341855777%22}&andc=true
Protocol
H3
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 00:11:51 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x4c539540ab29a11c0000000000000000","2":"0xeafddc0acd5cc1e90000000000000000","3":"0x7fe4f34e6f68924d0000000000000000","4":"0x537225e5de0ffcc00000000000000000","5":"0xa49f77046cb5ba680000000000000000"},"debug_key":"10542406156984833695","debug_reporting":true,"destination":"https://manageengine.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["676210167"],"22":["true"],"4":["03-04"],"6":["true"]},"priority":"500","source_event_id":"18138150812341855777"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 04 Mar 2024 00:11:51 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 04 Mar 2024 00:11:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x4c539540ab29a11c0000000000000000","2":"0xeafddc0acd5cc1e90000000000000000","3":"0x7fe4f34e6f68924d0000000000000000","4":"0x537225e5de0ffcc00000000000000000","5":"0xa49f77046cb5ba680000000000000000"},"debug_key":"10542406156984833695","debug_reporting":true,"destination":"https://manageengine.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["676210167"],"22":["true"],"4":["03-04"],"6":["true"]},"priority":"500","source_event_id":"18138150812341855777"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
85db29a1987122adc6922e35d03b20b7.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14463782928620631522/media/ Frame F05B 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14463782928620631522/media/85db29a1987122adc6922e35d03b20b7.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14463782928620631522/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.65 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f1.1e100.net
Software
sffe /
Resource Hash
096430a3ce1124e478cd1aa06c9de77f4fe6908dbec31c5c7bcf1dd8f3cbd8e2
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14463782928620631522/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

expires
Mon, 03 Mar 2025 11:43:31 GMT
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 03 Mar 2024 11:43:31 GMT
age
44899
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1832
x-xss-protection
0
last-modified
Wed, 10 Jan 2024 15:43:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
truncated
/ Frame BAD5 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ddf7a378ace817c4ea63431ca4af7fbf121eedc2f357d4e40d9554c8b40401c0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type
image/png
sWfmJsWQCoSmdaAiuh8dwa10lFzQL04fMWr3mCbzgTM.js
pagead2.googlesyndication.com/bg/ Frame B9D2 		52 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sWfmJsWQCoSmdaAiuh8dwa10lFzQL04fMWr3mCbzgTM.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&us_privacy=1NNN&client=ca-pub-4559838995070559&output=html&h=60&adk=510444280&adf=1020379959&pi=t.aa~a.3620710788~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1709511110&rafmt=1&to=qs&pwprc=7794995290&format=1200x60&url=https%3A%2F%2Funzip-tar-gz.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709511109473&bpp=1&bdt=2766&idt=-M&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Da13e31a070e59846%3AT%3D1709511108%3ART%3D1709511108%3AS%3DALNI_MYIDtsd87CB3hI80-VLIgDhX3Xiog&gpic=UID%3D00000d2481fedef9%3AT%3D1709511108%3ART%3D1709511108%3AS%3DALNI_MbcIWSr3IgVEo1EpTZLF2CEGFOFlA&eo_id_str=ID%3Df1b15d0fa449b1e5%3AT%3D1709511108%3ART%3D1709511108%3AS%3DAA-AfjbEgvyNDmYqflfb69kMCirS&prev_fmts=336x280%2C336x280%2C0x0&nras=2&correlator=4812284435659&frm=20&pv=1&ga_vid=1990468174.1709511108&ga_sid=1709511108&ga_hid=1220006125&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1461&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42532523%2C95325752%2C95321957%2C95324161%2C95325784%2C95326430%2C95326436&oid=2&psts=AOrYGslsyUT7b8szZuTIrctVc0k9j5O1Yb72xGu6VP9FGE1y1k51vCB3kCiQeJ_4PqaZCw-mUQHqtHVU1HCr1vlQJSXpqCs%2CAOrYGsl-UUqx9T54akFl8Jr5UaEtyFyYq2_z3JBWBhwJBo_844awGsOwNJbKhWUngRGEm4gqa9GDV4TlzbSeb6rzCwquqhU&pvsid=2891286047968147&tmod=570565626&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=1&fsb=1&dtd=548
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
sffe /
Resource Hash
b167e626c5900a84a675a022ba1f1dc1ad74945cd02f4e1f316af79826f38133
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 03:37:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
246837
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20324
x-xss-protection
0
last-modified
Mon, 26 Feb 2024 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 01 Mar 2025 03:37:53 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x2b7fa0e520d9fade0000000000000000%22,%222%22:%220x95dcd2699c5de09d0000000000000000%22,%223%22:%220x797556bb7e995eae0000000000000000%22,%224%22:%220x4ea3bf0c5db656d10000000000000000%22,%225%22:%220x19efa9a267ade4500000000000000000%22},%22debug_key%22:%228993107381886693812%22,%22debug_reporting%22:true,%22destination%22:%22https://dotdigital.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22877082491%22],%2222%22:[%22true%22],%224%22:[%2203-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22333798789092994481%22}&andc=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 04 Mar 2024 00:11:50 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sWfmJsWQCoSmdaAiuh8dwa10lFzQL04fMWr3mCbzgTM.js
pagead2.googlesyndication.com/bg/ Frame 1811 		52 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sWfmJsWQCoSmdaAiuh8dwa10lFzQL04fMWr3mCbzgTM.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
sffe /
Resource Hash
b167e626c5900a84a675a022ba1f1dc1ad74945cd02f4e1f316af79826f38133
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 03:37:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
246837
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20324
x-xss-protection
0
last-modified
Mon, 26 Feb 2024 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 01 Mar 2025 03:37:53 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame BAD5
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CDAWFxBHlZefmA6-g4t4PsfmpuAa1tKqddPDEtOT8EJ_thK6vKxABILnZyCJgpYCAgJABoAH3y7jCAsgBAqkC0kSjndrmST6oAwHIA8kEqgTGAU_QkFrrb7VLSjuj8oBKvSywwz02DiIzyNk...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x4c539540ab29a11c0000000000000000%22,%222%22:%220xeafddc0acd5cc1e90000000000000000%22,%223%22:%220x7fe4f3...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x4c539540ab29a11c0000000000000000%22,%222%22:%220xeafddc0acd5cc1e90000000000000000%22,%223%22:%220x7fe4f34e6f68924d0000000000000000%22,%224%22:%220x537225e5de0ffcc00000000000000000%22,%225%22:%220xa49f77046cb5ba680000000000000000%22},%22debug_key%22:%222670354362394015755%22,%22debug_reporting%22:true,%22destination%22:%22https://manageengine.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22676210167%22],%2222%22:[%22true%22],%224%22:[%2203-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225717541373296487329%22}&andc=true
Protocol
H3
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 00:11:51 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x4c539540ab29a11c0000000000000000","2":"0xeafddc0acd5cc1e90000000000000000","3":"0x7fe4f34e6f68924d0000000000000000","4":"0x537225e5de0ffcc00000000000000000","5":"0xa49f77046cb5ba680000000000000000"},"debug_key":"2670354362394015755","debug_reporting":true,"destination":"https://manageengine.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["676210167"],"22":["true"],"4":["03-04"],"6":["true"]},"priority":"500","source_event_id":"5717541373296487329"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Mon, 04 Mar 2024 00:11:51 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 04 Mar 2024 00:11:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x4c539540ab29a11c0000000000000000","2":"0xeafddc0acd5cc1e90000000000000000","3":"0x7fe4f34e6f68924d0000000000000000","4":"0x537225e5de0ffcc00000000000000000","5":"0xa49f77046cb5ba680000000000000000"},"debug_key":"2670354362394015755","debug_reporting":true,"destination":"https://manageengine.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["676210167"],"22":["true"],"4":["03-04"],"6":["true"]},"priority":"500","source_event_id":"5717541373296487329"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x4c539540ab29a11c0000000000000000%22,%222%22:%220xeafddc0acd5cc1e90000000000000000%22,%223%22:%220x7fe4f34e6f68924d0000000000000000%22,%224%22:%220x537225e5de0ffcc00000000000000000%22,%225%22:%220xa49f77046cb5ba680000000000000000%22},%22debug_key%22:%2210542406156984833695%22,%22debug_reporting%22:true,%22destination%22:%22https://manageengine.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22676210167%22],%2222%22:[%22true%22],%224%22:[%2203-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2218138150812341855777%22}&andc=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 04 Mar 2024 00:11:50 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sWfmJsWQCoSmdaAiuh8dwa10lFzQL04fMWr3mCbzgTM.js
pagead2.googlesyndication.com/bg/ Frame F05B 		52 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sWfmJsWQCoSmdaAiuh8dwa10lFzQL04fMWr3mCbzgTM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
sffe /
Resource Hash
b167e626c5900a84a675a022ba1f1dc1ad74945cd02f4e1f316af79826f38133
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 03:37:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
246837
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20324
x-xss-protection
0
last-modified
Mon, 26 Feb 2024 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 01 Mar 2025 03:37:53 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 38E5 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsthbh3O3Oa3_T4R28CiKdhB-nA_eRL515gFvbdDIKBs9kbz2V3aU80OKa3B2679MYx8wgpegNo4syYrlWuCujKxVtRmDqGmYphXLeHViKs5hH_uWyvDXQbnHpHftn_bi7a_a_ckFoKyR9lVy48vvgdNM6VeEUMx9mQ&sai=AMfl-YTVCL2V0VtLMBbkJ2iTpJR01yIzWTNN8zgXxaOdAYxD2szdq10WoUHGNP6f7oeKpf_1CYNxvWNMm8bt4Qis5kmj6_-SNzSEeZIwBtELj8wT3-PjJX1EVP-dFFYh-DTT0S-D9Rwb8DI0Hahe718-DQ&sig=Cg0ArKJSzOObbZx4L9MAEAE&cid=CAQSTwB7FLtqNvisPHP29Czev8ket9Q4DV0KOq_xnqojGLtO46CL_XE0rg8UJa3KIeScilBo8Ur7kNoc4F4trHQnkQXb5A8iBx3iWs7hUtVgiacYAQ&id=lidar2&mcvt=1059&p=0,0,280,336&mtos=1059,1059,1059,1059,1059&tos=1059,0,0,0,0&v=20240229&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3152364225&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=544390900&rst=1709511107960&rpt=1872&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Mar 2024 00:11:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sWfmJsWQCoSmdaAiuh8dwa10lFzQL04fMWr3mCbzgTM.js
pagead2.googlesyndication.com/bg/ Frame DBDB 		52 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/sWfmJsWQCoSmdaAiuh8dwa10lFzQL04fMWr3mCbzgTM.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
sffe /
Resource Hash
b167e626c5900a84a675a022ba1f1dc1ad74945cd02f4e1f316af79826f38133
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Fri, 01 Mar 2024 03:37:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
246837
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20324
x-xss-protection
0
last-modified
Mon, 26 Feb 2024 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 01 Mar 2025 03:37:53 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x4c539540ab29a11c0000000000000000%22,%222%22:%220xeafddc0acd5cc1e90000000000000000%22,%223%22:%220x7fe4f34e6f68924d0000000000000000%22,%224%22:%220x537225e5de0ffcc00000000000000000%22,%225%22:%220xa49f77046cb5ba680000000000000000%22},%22debug_key%22:%222670354362394015755%22,%22debug_reporting%22:true,%22destination%22:%22https://manageengine.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22676210167%22],%2222%22:[%22true%22],%224%22:[%2203-04%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%225717541373296487329%22}&andc=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 04 Mar 2024 00:11:51 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads.
fundingchoicesmessages.google.com/f/AGSKWxWFr2GSb3V6RixG-bTQCJndZeHjRGnrQu5fFXCb0o9z81xk1bMWGXiFZrLnqR5zar80llZqr54hX826vHGD_5zRH3Suzpp3QvwBQqS6cj43WsR53-HMHc1zZAakJAXJRnuvP4CaRwDnw8iyNuK6Vug3UEIl1... 		54 B
466 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWFr2GSb3V6RixG-bTQCJndZeHjRGnrQu5fFXCb0o9z81xk1bMWGXiFZrLnqR5zar80llZqr54hX826vHGD_5zRH3Suzpp3QvwBQqS6cj43WsR53-HMHc1zZAakJAXJRnuvP4CaRwDnw8iyNuK6Vug3UEIl12TbCauCDfpERspbIG8tTJMJechRbti-/_/iframead_/ad-top.-sprite-ad._adbreak./ads/ads.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.vzrNvHQ-cyo.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMzr_7a5mSN4iNaaC9J9X5mbXO90aw/m=ad_blocking_detection_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f14.1e100.net
Software
ESF /
Resource Hash
b2708264202a7d66c18814ab5fa8ee825088f658a281860785a7804756acb6c3
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-1nHOsqH6bKxrNnHiPbfufA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://unzip-tar-gz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 00:11:51 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-1nHOsqH6bKxrNnHiPbfufA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjStHikmII0pBiOO90h-k6ENcyPGNqBWIDjedMFkDM-OcFEycQv_vykkng60smCSDWAuIdPh4sfOums6oAseH66ayRQBzzfDprChA7pc9gDQFin_oZrHFALMTDcXzxlPVsAhsaDjUyAgAGOy0B"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
lidar.js
pagead2.googlesyndication.com/pagead/js/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/lidar.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.vzrNvHQ-cyo.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMzr_7a5mSN4iNaaC9J9X5mbXO90aw/m=ad_blocking_detection_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
cafe /
Resource Hash
efae00f257fbdd16f945d40156928e4d796449859e1a4dc05fde50f61f61840a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://unzip-tar-gz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Sun, 03 Mar 2024 23:25:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
2756
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31003
x-xss-protection
0
server
cafe
etag
16097037246406947114
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Mon, 04 Mar 2024 00:25:55 GMT
AGSKWxVvqYMqWBf-ynGN8PE1ZxNUGcpCbrqyu5C2dcMsbP0Y2lEWKytrNscjae0aQ6pHieNAOs7VwaPlg9ttOjigZV_5F1BHIT-GpQwbZgiCffFggTlj3ovzjKgEVqHEptU7BPo7R6CQSg==
fundingchoicesmessages.google.com/el/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVvqYMqWBf-ynGN8PE1ZxNUGcpCbrqyu5C2dcMsbP0Y2lEWKytrNscjae0aQ6pHieNAOs7VwaPlg9ttOjigZV_5F1BHIT-GpQwbZgiCffFggTlj3ovzjKgEVqHEptU7BPo7R6CQSg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.vzrNvHQ-cyo.es5.O/am=wA/d=1/rs=AJlcJMwwidr7eeSUbaorybI6I8UAPUWJpQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-R3_k4W8O7QuGWUAOMYK02g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://unzip-tar-gz.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Mar 2024 00:11:51 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-R3_k4W8O7QuGWUAOMYK02g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmII0JBiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrCFALMTDcXzxlPVsAg0_-ncwAwCMNhFQ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://unzip-tar-gz.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVvqYMqWBf-ynGN8PE1ZxNUGcpCbrqyu5C2dcMsbP0Y2lEWKytrNscjae0aQ6pHieNAOs7VwaPlg9ttOjigZV_5F1BHIT-GpQwbZgiCffFggTlj3ovzjKgEVqHEptU7BPo7R6CQSg==
fundingchoicesmessages.google.com/el/ 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVvqYMqWBf-ynGN8PE1ZxNUGcpCbrqyu5C2dcMsbP0Y2lEWKytrNscjae0aQ6pHieNAOs7VwaPlg9ttOjigZV_5F1BHIT-GpQwbZgiCffFggTlj3ovzjKgEVqHEptU7BPo7R6CQSg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.vzrNvHQ-cyo.es5.O/am=wA/d=1/rs=AJlcJMwwidr7eeSUbaorybI6I8UAPUWJpQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-bRKgIVhvEaJcJFGLBh5xjA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://unzip-tar-gz.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Mar 2024 00:11:51 GMT
content-security-policy
script-src 'report-sample' 'nonce-bRKgIVhvEaJcJFGLBh5xjA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmII1JBiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrCFALMTDcXzxlPVsAh9eLdjJDACOkRHF"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://unzip-tar-gz.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVvqYMqWBf-ynGN8PE1ZxNUGcpCbrqyu5C2dcMsbP0Y2lEWKytrNscjae0aQ6pHieNAOs7VwaPlg9ttOjigZV_5F1BHIT-GpQwbZgiCffFggTlj3ovzjKgEVqHEptU7BPo7R6CQSg==
fundingchoicesmessages.google.com/el/ 		0
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVvqYMqWBf-ynGN8PE1ZxNUGcpCbrqyu5C2dcMsbP0Y2lEWKytrNscjae0aQ6pHieNAOs7VwaPlg9ttOjigZV_5F1BHIT-GpQwbZgiCffFggTlj3ovzjKgEVqHEptU7BPo7R6CQSg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.vzrNvHQ-cyo.es5.O/am=wA/d=1/rs=AJlcJMwwidr7eeSUbaorybI6I8UAPUWJpQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-pDbBP6QSTNFo8a1X_q2wiA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://unzip-tar-gz.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Mar 2024 00:11:51 GMT
content-security-policy
script-src 'report-sample' 'nonce-pDbBP6QSTNFo8a1X_q2wiA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmJw0JBiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrCFALMTDcXzxlPVsAifO7tnJDACKmxGL"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://unzip-tar-gz.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVvqYMqWBf-ynGN8PE1ZxNUGcpCbrqyu5C2dcMsbP0Y2lEWKytrNscjae0aQ6pHieNAOs7VwaPlg9ttOjigZV_5F1BHIT-GpQwbZgiCffFggTlj3ovzjKgEVqHEptU7BPo7R6CQSg==
fundingchoicesmessages.google.com/el/ 		0
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVvqYMqWBf-ynGN8PE1ZxNUGcpCbrqyu5C2dcMsbP0Y2lEWKytrNscjae0aQ6pHieNAOs7VwaPlg9ttOjigZV_5F1BHIT-GpQwbZgiCffFggTlj3ovzjKgEVqHEptU7BPo7R6CQSg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.vzrNvHQ-cyo.es5.O/am=wA/d=1/rs=AJlcJMwwidr7eeSUbaorybI6I8UAPUWJpQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-3GX3-APr774mwBHqpBFyTg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://unzip-tar-gz.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Mar 2024 00:11:51 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-3GX3-APr774mwBHqpBFyTg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzj0tDikmII1JBiWMy_i6mW4RlTKxAz_nnBxAnEO3w8WJzSZ7CGALEQD8fxxVPWswmcOPZiJzMA02gTMw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://unzip-tar-gz.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWIdDrIGie1N_dzpw7HY9YW5EsfHE42G9kctpCQ0Q5G2vJhvzqlY9yZfiHNZVm3g7096i0HM5POmOpVUKx985tUSmczNmucamQleqKaLiCElpKBmpMxq00K9BJCQShSGLcpkg8KXA==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWIdDrIGie1N_dzpw7HY9YW5EsfHE42G9kctpCQ0Q5G2vJhvzqlY9yZfiHNZVm3g7096i0HM5POmOpVUKx985tUSmczNmucamQleqKaLiCElpKBmpMxq00K9BJCQShSGLcpkg8KXA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA5NTExMTExLDMyOTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly91bnppcC10YXItZ3ouY29tLyIsbnVsbCxbWzgsInZ6ck52SFEtY3lvIl0sWzksImVuLUdCIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.vzrNvHQ-cyo.es5.O/am=wA/d=1/rs=AJlcJMwwidr7eeSUbaorybI6I8UAPUWJpQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f14.1e100.net
Software
ESF /
Resource Hash
82cc938b931d09d00f0d290d840ee26d3ac8a0985ebc5707b2609695f06ee6ab
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-RoV5jIlWTYC0mB_blJijQA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://unzip-tar-gz.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date
Mon, 04 Mar 2024 00:11:51 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-RoV5jIlWTYC0mB_blJijQA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjytHikmLw0pBiOHHrNtMFID7vdIfpOhDXMjxjagViA43nTBZAzPjnBRMnEL_78pJJ4OtLJgkg1gLiHT4eLHzrprOqALHh-umskUAc83w6awoQO6XPYA0BYp_6GaxxQCzEw3F88ZT1bAIvrl-_zwQAQd0zCg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9A8C 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstFe2R98R0gU43A-EbGur4trNxQ99qHL6vfWyKP_79_hH1g4Ge_KafnWMSxSK5RU_fu8jfnTmLaguPC_8hN2G5DqjHspiLmQC-lbe6jqAye1cOJpi8ZTM6T-fKKbBH_rqtqaRai5eM-tBtbb9fk-oH52TysjKZxF8w&sai=AMfl-YRhzbjLaYAWm8dVvZnfFzO0ELjqvipomhH3Ubsg_qr2frF7Y2PNrIS9O5fVTGW0isA13jVT4aZyC-feKoOMyGUjIoRJthRgmyOR6TI5FVQEd2tw6t_ensGMA5L8Ahyvuy-fQhJPYiBDpjdAf2Ra&sig=Cg0ArKJSzORh5GuB1d0lEAE&cid=CAQSTgB7FLtqqTWETxJaWrPuPPIayjG9ngUjyO1Pca7wMhXvVzAyqXL05cYDcHM69C1Mm6Ir8a4bcWNpmcNknRD1i0zymwDx6aPhlxeYs_tszhgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=82,750,1000,1061,1080&tos=82,668,250,61,19&v=20240229&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=544391000&rst=1709511110050&rpt=261&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Mar 2024 00:11:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0CF1 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstR1ItjDXWpHIlES4y8uqj-IvDjcbQO2COgZH7KrT_t4yXTMxSCn6X60IFmXDDZmKFqUpEzTMMFQq2iJUzarl18YtDWIcjEZJyxybrSQ50yn_pSjM7-403dE6Olg0YgaWn1AlXbWNU0Prlrg_iCHMJx6zwCa1-UQz8&sai=AMfl-YQ6OtX2u5nZiPyUvmsU3WZ7He-4tJZvtL2TzI1kPS2FoeJcXcRMvkBknXfObdAL_8nRGZZddQFh8KwFW7Bbt2YLlFlwMdBAZ-CMwknaBSeXaRc_dsi6PgFjaX9DKCkcMKmAf93iqGLSdbRxBe1Q&sig=Cg0ArKJSzEb-U1IHX7JREAE&cid=CAQSTgB7FLtqqTWETxJaWrPuPPIayjG9ngUjyO1Pca7wMhXvVzAyqXL05cYDcHM69C1Mm6Ir8a4bcWNpmcNknRD1i0zymwDx6aPhlxeYs_tszhgB&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240229&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=544391000&rst=1709511110046&rpt=225&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Mar 2024 00:11:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AGSKWxVlCmGMwfQNG6DGHeLlhwt6xwsQrnTY-2HEWcy8dlCHXTLerZI6901V9kV5AIXy-nGmWyRutsY_6J83I5ec1HudGdNGQJxgeoPClbOGZmTFOTk1xa5cxV8rNkCJKSlFEU4RltqJhA==
fundingchoicesmessages.google.com/el/ 		0
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVlCmGMwfQNG6DGHeLlhwt6xwsQrnTY-2HEWcy8dlCHXTLerZI6901V9kV5AIXy-nGmWyRutsY_6J83I5ec1HudGdNGQJxgeoPClbOGZmTFOTk1xa5cxV8rNkCJKSlFEU4RltqJhA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.vzrNvHQ-cyo.es5.O/am=wA/d=1/rs=AJlcJMwwidr7eeSUbaorybI6I8UAPUWJpQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-q3OgxOUyEnUw7zxlpXVyLA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://unzip-tar-gz.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Mar 2024 00:11:52 GMT
content-security-policy
script-src 'report-sample' 'nonce-q3OgxOUyEnUw7zxlpXVyLA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmJw0JBiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrCFALMTNcWLxlPVsAhf6zrsDAHglEPI"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://unzip-tar-gz.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVvqYMqWBf-ynGN8PE1ZxNUGcpCbrqyu5C2dcMsbP0Y2lEWKytrNscjae0aQ6pHieNAOs7VwaPlg9ttOjigZV_5F1BHIT-GpQwbZgiCffFggTlj3ovzjKgEVqHEptU7BPo7R6CQSg==
fundingchoicesmessages.google.com/el/ 		0
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVvqYMqWBf-ynGN8PE1ZxNUGcpCbrqyu5C2dcMsbP0Y2lEWKytrNscjae0aQ6pHieNAOs7VwaPlg9ttOjigZV_5F1BHIT-GpQwbZgiCffFggTlj3ovzjKgEVqHEptU7BPo7R6CQSg==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.vzrNvHQ-cyo.es5.O/am=wA/d=1/rs=AJlcJMwwidr7eeSUbaorybI6I8UAPUWJpQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.206 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-0VJ0q8gMwXmarm5zOJNe-w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://unzip-tar-gz.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 04 Mar 2024 00:11:52 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-0VJ0q8gMwXmarm5zOJNe-w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtHikmLw0ZBiqGV4xtQKxIx_XjBxAvEOHw8Wp_QZrCFALMTNcWLxlPVsAjPu_fIEAHqpEUM"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://unzip-tar-gz.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame BAD5 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuRnTzRzHQCbszu0dIDAWJJZ4yfoMqvdOVAdzHQElZVaI5bDf1iCOKQOrQJZLGNznvPPn4kA7VJmEmyB7g0SlQLowuLZV-JxJKqp_bJVHo2gcfH2Zd__356dp9yJ4oca73mhQnJ4uW-OdrhfOApp55nwFxdQepcx_s&sai=AMfl-YSjv_Ba07erZ3lzlBpnPoRKAI-M2LC-z8IX94l_KYtE4e3ZJB9ws61ZYzl_vgcQTWLgXsriORFJkkG5MDRruOR2Olc9V1t6dszmQli5NAg6TS5plLdPgmPGMaQGcM2DMsfi2JwLW8Slwc7rMzdb&sig=Cg0ArKJSzHJJKKbBIXIBEAE&cid=CAQSTgB7FLtqqTWETxJaWrPuPPIayjG9ngUjyO1Pca7wMhXvVzAyqXL05cYDcHM69C1Mm6Ir8a4bcWNpmcNknRD1i0zymwDx6aPhlxeYs_tszhgB&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240229&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=544391000&rst=1709511110048&rpt=242&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Mar 2024 00:11:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

101 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 string| jobid string| filename function| gtag object| dataLayer function| __tcfapi function| __uspapi object| pagespeed object| adsbygoogle object| FB object| __twttrll object| twttr object| __twttr object| __buffer object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint function| $ function| jQuery function| coverVid object| jQuery111108063947660787356 function| Retina function| RetinaImagePath function| RetinaImage object| html5 object| Modernizr function| yepnope function| WOW object| eventie function| docReady function| EventEmitter function| getStyleProperty function| getSize function| matchesSelector function| Outlayer function| Isotope function| Masonry string| interval function| start_display function| stop_display function| reset_form function| display object| google_ama_state number| google_rum_task_id_counter function| google_sa_impl object| regeneratorRuntime function| __tcfapiui number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests object| googletag object| google_llp object| googlefc boolean| adsbygoogle_ama_fc_has_run object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| Y2E4ODJiNjE4NjAxZTE0OWxvYWRlcl9qcw== string| Y2E4ODJiNjE4NjAxZTE0OWNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady number| __google_lidar_ function| __google_lidar_radf_ boolean| 6a7ad0de-a1ff-402c-a20f-3f83a964d216

15 Cookies

Domain/Path Name / Value
.unzip-tar-gz.com/ Name: usprivacy
Value: 1NNN
.unzip-tar-gz.com/ Name: __gads
Value: ID=a13e31a070e59846:T=1709511108:RT=1709511108:S=ALNI_MYIDtsd87CB3hI80-VLIgDhX3Xiog
.unzip-tar-gz.com/ Name: __gpi
Value: UID=00000d2481fedef9:T=1709511108:RT=1709511108:S=ALNI_MbcIWSr3IgVEo1EpTZLF2CEGFOFlA
.unzip-tar-gz.com/ Name: __eoi
Value: ID=f1b15d0fa449b1e5:T=1709511108:RT=1709511108:S=AA-AfjbEgvyNDmYqflfb69kMCirS
.doubleclick.net/ Name: IDE
Value: AHWqTUlDF9pPcJrFcLoMtLYUYiinb0CTJgX2tBWwp466YuZIDAyU-ooX7bV254bFGUk
.doubleclick.net/ Name: DSID
Value: NO_DATA
.googleadservices.com/ Name: ar_debug
Value: 1
.teads.tv/ Name: tt_viewer
Value: 78342fe1-d72f-482a-b96a-713d8dd47d3b
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZeURxgAJWx_1sgAg
.tribalfusion.com/ Name: ANON_ID
Value: akntuJtlix98qyTAZaRq6fM4eJpGHZbVvVoyPvXtP4JPuaJbj6KANrbnpibsbWUp5d9sTIhWTyycTrtUhbKF38FVlG
.zemanta.com/ Name: zuid
Value: eM4r_qp-PcHoC2g0sh1g
.yahoo.co.jp/ Name: XA
Value: 57e2fvdiua4e7&sd=A&t=1709511111&u=1709511111&v=1
.yahoo.co.jp/ Name: XB
Value: 1scmiutiua4e7&b=3&s=bo
.fout.jp/ Name: uid
Value: UpYwWLXlqUq-NnQEUkNDu79t3Uo
.unzip-tar-gz.com/ Name: FCNEC
Value: %5B%5B%22AKsRol-QcMc-ieZ22pJ1WMC07tWFbOacAlzyzb0PR0r8YSbCBznJa0XeAs_FrEbdoqM0WVflwMq_T20l5snfdJv0CLpAD6ol6knY82XgYC3m0vyycSdQVjtbWnn8sjd1_BmbRUhXqXKhwUEIU_q6PkchL-fUcJ9EfA%3D%3D%22%5D%5D

85 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://cksync.yahoo.co.jp/sspsync?ptr=12703&google_gid=CAESEJ7NBkT8VXBivr4iN7KZA9k&google_cver=1&google_push=AXcoOmQcHKDlCIpaYck2p9Ty0a1tBiNWI7SCBsm5Ya1Q_6GFApVjRlzrpGtBsewWoASc_Yqno4NSYBNK6l_lhNFhm4grvBw6Tu6aqz65CCHq-zMiXYEflidf4Z9luJK6N-A0q8kgmqZ_enHiPlolOLZegt5JNlY
Message:
Failed to load resource: the server responded with a status of 400 ()
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://unzip-tar-gz.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
b1sync.zemanta.com
cksync.yahoo.co.jp
cm.g.doubleclick.net
cmp.inmobi.com
cmp.quantcast.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
platform.twitter.com
s.tribalfusion.com
static.xx.fbcdn.net
sync-tm.everesttech.net
sync.fout.jp
sync.teads.tv
syndication.twitter.com
tpc.googlesyndication.com
unzip-tar-gz.com
www.facebook.com
www.google.com
www.googleadservices.com
www.gstatic.com
x.bidswitch.net
104.18.25.173
104.244.42.72
142.250.204.2
142.250.204.4
142.250.66.206
142.250.66.227
142.251.221.65
142.251.221.66
151.101.194.49
157.240.8.23
157.240.8.35
162.55.0.159
172.217.167.106
172.217.167.66
172.217.167.98
172.217.24.35
18.67.111.77
182.22.28.252
192.229.237.25
202.232.238.37
23.46.44.214
35.213.12.39
50.31.142.31
52.220.192.217
096430a3ce1124e478cd1aa06c9de77f4fe6908dbec31c5c7bcf1dd8f3cbd8e2
09d38b7c7c43a8e44d722091bc07abc9785c30887f55eeae35a6acbc2212d4f9
0aca4c4bde3894859783b1550d142022e16d3aba0ebdf407ed848d53a48f3fc9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0fd28fece9ebd606b8b071460ebd3fc2ed7bc7a66ef91c8834f11dfacab4a849
1076d5bb7f1896b00ca2e5fe084f70af57c528d2b01ef24d986e4a5941bc270a
12ccf01f8a2e959b70523bb71ec51563d7ef3a3b8f0c7f04a9c78e55207bd2f4
173460e89e6a7244218badae2016f65c48a3eae9d400802273eeca18b07336f1
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
320f88c7a9672864d92d9369cde081ba7c6e9a27cd0592755b011be432373882
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3708c7138c901b15c9340b98a893545cdcb905c7f707a36dd93ea4ef6c5088be
3c40d8e3f1abe5fc62501eb51b1b52ed1756784d29bec884288f137f479b280b
41c7be5b3332c9425bc29a6ebad91228565bab48b69f820037484c22dd17619b
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
426e16d014775c77916610f675f58880874c645817ed26d01873dde3466e6007
430fa1d26988942f98a009c26b806b481e96c5c2167522b852156818ddd59d45
448746297b5f7cd9944269adb069e134c1108f3e2e49f34dd8558de47175f470
47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e1a27e943382c89b9070d33677db542f4419fa861e4382779a1dece9ad094b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55754f752518f2a6b1b38fe69d11075f87dc92cc1ec8b484886a95f6b08bd4e1
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5b88923b090e7c952e847d46d3da0bd785228b4d3c4469d297d83060bbe9d2a5
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5efd17aa9600929f5517878dd267b6fdfeca37478d6987b5d75caec4f1e4b1a8
60216a0f7b323075c92b0d14720d5e4cce2fb41ab92035d1c866cda861d25a5d
607f44f400fb49d957ab8dd8412731cd34683521c05d28c6fe5f92176f9be9c6
60bf2d3a0af03cbf18a2cb68320e59a2d06ef11692a5a55053bbf3b5e69d486e
61503614f43bb8bb40d23a48cb095fca530bdc32ad88682adb9c400db72c3356
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
628752823728c98087a38cb07a2db44eb34acdc7e8d69d1e84281ed774eade67
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
66b1b8e67567edb7d20b271a25fb00887f089707114caf506a1036a59736d159
69883fdf48497125ed97976f66669da68149038748251a17f134d806ecfe9906
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
70c00445d6632039ed99af760731daf3bf60eb12061863ee61e2cd7276a54d18
76f207742ec69e1c6c55608b4b463c759af1991da141a0ffc1222a4fccda412e
7a1b429e0ff8adc91e65be06e01e85a084b05dc361ed2b225c3d4ab18be2984d
7c4cd0ddc3baa309887f4c459b3a8f93409dc4e6a3f79b50df1650db9a1f5b5f
82cc938b931d09d00f0d290d840ee26d3ac8a0985ebc5707b2609695f06ee6ab
844208d3f740c48ca14df4373b0d232cb9e81f3934b53114833ca717b03a90f5
8603067c87428bb65ca58bebdd7427c2d44ef354f82601fee8f7dc86a27a3003
8614fbaf68fb20cf38223ac73eae03962a33ca5923a65a9250ddfc4fb7373ea9
8906aa28c95bd94897c0573e280baba6cb171c423c9b87aadf4f3784d48901a0
8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460
8bfe117bd2e5937eafb0f2a9e602690b4b3aa91c89e55fdda41ce9ef8e58edc1
8ec44a4b321f5115d8760f193298585d8b28a26dd3190d0a3690b9e09a489a94
90d5e63cdb9ee2ecf6a0db2075771956f263b426c7ea2abd5b0a55db3ea79359
9412328c893fb4c6709628ccd2abe0fb40ac5479f67a4fc9811f9626971ab543
996f88d4ae84cfdc5dae1b82c48027687864b3e242fe5cc4ed69518e0dfc7867
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9aa9da696bc60baae9f466c82d30fca7e389203a76587253e3fd8549b3b7182e
9fc0f7a449151c3b32dc74fd37fbf2ddddb7cbf17c74bd5e45b70298855b4510
a10a321cb38a3f1d8a0a3115976b04dedd8bbf35a0e89c5742b9608f650c02d7
a181a613a6eeab77259b1d6537f82fd28f4cb38fa41e43af8d1677a3542e74bf
a1b4cc7242cc4c24051a323cfe0e38813793bfb41c8e34e2a9fd1a4f7bf9f439
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
a86d26e0a9759e5d6b482f102d7cade65f3dbe4792972bd59caa9966b9ff568b
a8ef39c29abedf66da8304e5807ae559f076b814a6928b957f126b5838a8f452
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b167e626c5900a84a675a022ba1f1dc1ad74945cd02f4e1f316af79826f38133
b2708264202a7d66c18814ab5fa8ee825088f658a281860785a7804756acb6c3
b2aa131b334742b75fe3de815997b21d4783cea50a210783c0e243fb7d9d6eac
b571954e97bb3e1c9fb4f6d634c925b9d0504e1d8c16d86a96d4f936408232dc
b7b4e3d5f238300ac77e388a66a013aa2fb3c8409b226e4e67f6a371637d4338
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bdb7d822d6afd1c8354749a111f68d56ce5e5db03b8a3028698acfc78358e06d
c375be0fbaca4e84134f98950c5852bce14c97f50bb835c90d890e4906dbefa6
c6cf7fe768fe28179fa1271c1dd793fc600b17bc31998e243bbff2ba9c0d3141
c71b9f860fe9bac0f75a98fcb50dc1c4f77e59201ef22001131d3a1adc20fcb0
c80dc76a18ba8d711399bb1926d4afc46dbec0fa9a39f76933aae78861fb75c1
c815a30075aaeab11b3a3f06d226ef6038def41cffb1172355092a35a6bc5c3c
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
ddda74ba65b0563e6921604efc06599c80bae23554111c6ef5be1c30b7bd4605
ddf7a378ace817c4ea63431ca4af7fbf121eedc2f357d4e40d9554c8b40401c0
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
e38585fe1420e1227de54c45057bfbe84ae69461b8ba4e4fc5bbd1a2b31484c7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4b47b9a41e73ae624a12f8ab276590bf5835d8dd41f672e665760fba60c8c2
efae00f257fbdd16f945d40156928e4d796449859e1a4dc05fde50f61f61840a
f5466c05fa3bf26a54093449084fdcc26818d2061bbd1195e8f1966d0a181330
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f73adb53252b154fa83bec6ee793f2d84e2f5b269ddaccd1ff9478587fe834fa
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fa59faa4f2c1af615fd78b3dc6f19efae0c2e2a8a3960eceb55d06551bbbf94c
fdf0b40551fee3c6621a03eea7256ca4d79a0983469c7e81bcb53af5443bb233