heictojpg.com Open in urlscan Pro
18.67.93.45  Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 67

• https://googleads.g.doubleclick.net/pagead/adview?ai=CRqzveJvJZa2BA8-6z7sP78Gj4A-o5cmqdIOtmrWgDq7N5q2JAhABIPbWwZUBYKWAgICQAaABjezk2QLIAQGpAt0mvNjS7ag-qAMByAPLBKoEzwFP0AbizRw6eL_kqmBCJqo-Uwgt1y_GyXep7peAMvl-FwcLzgLgGmB7KxJ_4GcgTlDaBOQMQS5KMylFNF8Ak1AVEH24Vc9-qgNAy1U5xQCEPgD7VTuRVe89KnyWgGYTK-f9RKO56rBp0Xve1JnMHeOwHKe7CiVXNFfAGU0NZX5ML6McTznki-apJZB5kcUubjV_u8O_cJSBkKwLGiO1o97vsxc37iPAuRSf4tiMWgFVnerLSv7GEhabHucQzndmRd_2USdWp35cn5UmYGSVbnDABLC-nczmA4gFkaXcgDSSBQQIBBgBkgUECAUYBIAH25ObpgGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDlpwrSCCQIgGEQARgfMgKKAjoJgECAwICAgIAISL39wTpYoP6RxPikhAOaCWJodHRwczovL3BjaGVscHNvZnQuY29tL3N0YXRpYy9scC9kcml2ZXItdXBkYXRlci9lbi9MUDE5LnBocD9jYW1wYWlnbmlkPUFEV09SRFMmZmlsdGVyPTEzMDYxOTQ5ODI4OIAKAcgLAdoMEAoKENDV5M_m7fX_JRICAQPYEw2IFAvQFQGAFwGyFxwKGggAEhRwdWItODU5MTMwNjMzMTE2Nzg2OBgA&sigh=ugK7bHawBqY&uach_m=%5BUACH%5D&ase=2&cid=CAQSTgAvHhf_vIniVv1VV1B1yMBSk37Mwb3QbcfCusXAb6pciVyeqhw_2nP2Xr00MDWHmXsaDOL1USpzZLm7Y0CRje30sVe-tzd3zcb1Dr7mABgB&template_id=5001&nis=5 HTTP 302
• https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9abfecb969f01f70000000000000000%22,%222%22:%220x1558513ac27972470000000000000000%22,%223%22:%220xe250d48a9f9aaee50000000000000000%22,%224%22:%220x48b0d9b38d3178010000000000000000%22,%225%22:%220xb6f2d3cc386bcc0000000000000000%22},%22debug_key%22:%2215623933423254104137%22,%22debug_reporting%22:true,%22destination%22:%22https://pchelpsoft.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22725169677%22],%2222%22:[%22true%22],%224%22:[%2202-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217333075794107203297%22}&andc=true

Request Chain 80

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 81

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 95

• https://googleads.g.doubleclick.net/pagead/adview?ai=Cwr-heJvJZeXMA_Xn4t4Pt_W8oAeo5cmqdIf8oP_xDs7o07jPLxABIPbWwZUBYKWAgICQAaABjezk2QLIAQGpAt0mvNjS7ag-qAMByAPLBKoEywFP0H40hZuzTXm0oqUud17DXZ8aT-HbNue_iDp_5LmMriZm7Z63iynd2QPEI3_9PRCfTvcCFRxF_OTS0G-Py6fGA-FGUWLMg4ojOhp8if6_Y65tsVlAORtj0kGVrL0OqnMeu8h7EKQ2G6BlzpyTbaJq5DdLcjiwyKmKnWsUsdDi1koTYItDukJVJ4jSPx5v2eaetUtKDyyhmfYUvW92I0wvia356-tfFOTqGR5qK_jrgAkeLLlMN4Zxglw9mXD3z52a2MF-KHqE_NlO9MAEsLmdzOYDiAWRpdyANJIFBAgEGAGSBQQIBRgEgAfbk5umAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEENnDB9IIJAiAYRABGB8yAooCOgmAQIDAgICAgAhIvf3BOljWypLE-KSEA5oJYmh0dHBzOi8vcGNoZWxwc29mdC5jb20vc3RhdGljL2xwL2RyaXZlci11cGRhdGVyL2VuL0xQMTkucGhwP2NhbXBhaWduaWQ9QURXT1JEUyZmaWx0ZXI9MTMwNjE5NDk3NjQ4gAoByAsB2gwQCgoQ0OKO-qn7-cZ2EgIBA9gTDYgUCdAVAYAXAbIXHAoaCAASFHB1Yi04NTkxMzA2MzMxMTY3ODY4GAA&sigh=E82AsiHUunc&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwAvHhf_DapbBJPTXjfNHRq5SkFpCQJ9sBNVItLkWI3JRMg6D4Pqxd2J0QJvoGRRpoCmsU58ggLW6x4rYmf4z8WImWGPVsZghddQdQkrFX4YAQ&template_id=5001&cbvp=2&vis=1&nis=5 HTTP 302
• https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9abfecb969f01f70000000000000000%22,%222%22:%220x1558513ac27972470000000000000000%22,%223%22:%220xe250d48a9f9aaee50000000000000000%22,%224%22:%220xca51e3274f3801290000000000000000%22,%225%22:%220xb6f2d3cc386bcc0000000000000000%22},%22debug_key%22:%225885937269748673057%22,%22debug_reporting%22:true,%22destination%22:%22https://pchelpsoft.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22725169677%22],%2222%22:[%22true%22],%224%22:[%2202-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226299366921919762353%22}&andc=true

98 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response heictojpg.com/	14 KB 5 KB	98ms 5ms	Document text/html	18.67.93.45 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://heictojpg.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.67.93.45 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-67-93-45.syd62.r.cloudfront.net Software AmazonS3 / Resource Hash 15f8867fb803ec3e7d670c6a0b83bcdcaf6a4361964ab15a33446a4e9d11eced Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers age 119 cache-control max-age=60 content-encoding gzip content-type text/html date Mon, 12 Feb 2024 04:14:32 GMT etag W/"5015ad6fb56a3f0f171f533a3074804e" last-modified Sat, 25 Nov 2023 20:12:56 GMT server AmazonS3 vary Accept-Encoding via 1.1 2e05fb1b0c75f8ef4c701fadb0b27fd8.cloudfront.net (CloudFront) x-amz-cf-id nVNfq9Ek_BuUrRMt2CCGF77jHt3TvpOG9wCN_sdwUARJ8mZwiMNCXA== x-amz-cf-pop SYD62-P1 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront
GET H2	200	main.css heictojpg.com/static/css/	31 KB 7 KB	6ms 5ms	Stylesheet text/css	18.67.93.45 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://heictojpg.com/static/css/main.css Requested by Host: heictojpg.com URL: https://heictojpg.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.67.93.45 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-67-93-45.syd62.r.cloudfront.net Software AmazonS3 / Resource Hash 4c881172b48dc94436fb3f896557faa33919510dc6fe425d370a01353a49d60e Request headers accept-language en-AU,en;q=0.9 Referer https://heictojpg.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Mon, 12 Feb 2024 04:11:10 GMT content-encoding gzip via 1.1 2e05fb1b0c75f8ef4c701fadb0b27fd8.cloudfront.net (CloudFront) last-modified Sat, 25 Nov 2023 20:12:56 GMT server AmazonS3 x-amz-cf-pop SYD62-P1 age 282 x-amz-server-side-encryption AES256 etag W/"ddb63df0865bc504fff40661bb85d2f6" vary Accept-Encoding x-cache Hit from cloudfront content-type text/css cache-control max-age=60 x-amz-cf-id Zt5Z3WRDsIk86zDtesmuPveHF0pXR-jfJLKlI1OE2t2Erws-OAjKig==
GET H2	200	chevron.svg heictojpg.com/static/images/icons/	248 B 637 B	4ms 3ms	Image image/svg+xml	18.67.93.45 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://heictojpg.com/static/images/icons/chevron.svg Requested by Host: heictojpg.com URL: https://heictojpg.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.67.93.45 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-67-93-45.syd62.r.cloudfront.net Software AmazonS3 / Resource Hash a39a6fd730402c0d0938e850f1966e866530c09d360b97744e2f7ea6e2627115 Request headers accept-language en-AU,en;q=0.9 Referer https://heictojpg.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Mon, 12 Feb 2024 00:55:02 GMT via 1.1 2e05fb1b0c75f8ef4c701fadb0b27fd8.cloudfront.net (CloudFront) last-modified Thu, 04 May 2023 23:36:58 GMT server AmazonS3 x-amz-cf-pop SYD62-P1 age 12050 x-amz-server-side-encryption AES256 etag "50576fc9efaeb45e8b3bea31cb1056ae" vary Accept-Encoding x-cache Hit from cloudfront content-type image/svg+xml cache-control max-age=86400 accept-ranges bytes content-length 248 x-amz-cf-id 9k0j97Xnv9J0w8j_KGrH9tkAqd669IWgeXp-O4uvubSn8tmJr5TS1Q==
GET H2	200	photo.svg heictojpg.com/static/images/icons/	623 B 995 B	4ms 4ms	Image image/svg+xml	18.67.93.45 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://heictojpg.com/static/images/icons/photo.svg Requested by Host: heictojpg.com URL: https://heictojpg.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.67.93.45 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-67-93-45.syd62.r.cloudfront.net Software AmazonS3 / Resource Hash abb410d2cd2cf47f3499d4ca3492f3b00861f7021e18d7282f2f812939e115e1 Request headers accept-language en-AU,en;q=0.9 Referer https://heictojpg.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Sun, 11 Feb 2024 07:51:12 GMT via 1.1 2e05fb1b0c75f8ef4c701fadb0b27fd8.cloudfront.net (CloudFront) last-modified Thu, 04 May 2023 23:36:59 GMT server AmazonS3 x-amz-cf-pop SYD62-P1 age 73480 etag "d4468c956786eaa0a0c273fd210181c9" x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type image/svg+xml cache-control max-age=86400 accept-ranges bytes content-length 623 x-amz-cf-id Sqxz7B4BoNbkBrJup6s0K4Y4rWMMS0ZtJSBkCFOcHmhHwGNvtQnwwQ==
GET H2	200	video.svg heictojpg.com/static/images/icons/	1 KB 967 B	7ms 7ms	Image image/svg+xml	18.67.93.45 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://heictojpg.com/static/images/icons/video.svg Requested by Host: heictojpg.com URL: https://heictojpg.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.67.93.45 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-67-93-45.syd62.r.cloudfront.net Software AmazonS3 / Resource Hash b7fa72f1b90d4180c2bb3e4de79853bc43fab82a46caa9478f45ed8a8bd363f7 Request headers accept-language en-AU,en;q=0.9 Referer https://heictojpg.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Sun, 11 Feb 2024 23:48:03 GMT content-encoding gzip via 1.1 2e05fb1b0c75f8ef4c701fadb0b27fd8.cloudfront.net (CloudFront) last-modified Thu, 04 May 2023 23:36:59 GMT server AmazonS3 x-amz-cf-pop SYD62-P1 age 16069 x-amz-server-side-encryption AES256 etag W/"d731228c2a1f9f481bc968d6af0c38c3" vary Accept-Encoding x-cache Hit from cloudfront content-type image/svg+xml cache-control max-age=86400 x-amz-cf-id wX7ulRPqNhkJzId8fpKtaAphK8uy4bEgsqLwfvVROzb4qi3EKOHlZQ==
GET H2	200	arrow-circle-down.svg heictojpg.com/static/images/icons/	1 KB 992 B	7ms 6ms	Image image/svg+xml	18.67.93.45 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://heictojpg.com/static/images/icons/arrow-circle-down.svg Requested by Host: heictojpg.com URL: https://heictojpg.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.67.93.45 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-67-93-45.syd62.r.cloudfront.net Software AmazonS3 / Resource Hash ee4a38008451bdfb5e92e46122372d2f730d67ad5f741414f0fee06a3fd9ae12 Request headers accept-language en-AU,en;q=0.9 Referer https://heictojpg.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Mon, 12 Feb 2024 00:01:57 GMT content-encoding gzip via 1.1 2e05fb1b0c75f8ef4c701fadb0b27fd8.cloudfront.net (CloudFront) last-modified Thu, 04 May 2023 23:36:58 GMT server AmazonS3 x-amz-cf-pop SYD62-P1 age 15235 x-amz-server-side-encryption AES256 etag W/"8ab4b4b2aa7ef9c7706a4e19994f6567" vary Accept-Encoding x-cache Hit from cloudfront content-type image/svg+xml cache-control max-age=86400 x-amz-cf-id qlCcum0ylcP-K0HB1DHmvo4GogwNlYOY_9l-fUv0KpQI14G6VS7mWw==
GET H2	200	signup.svg heictojpg.com/static/images/icons/	1 KB 1021 B	14ms 8ms	Image image/svg+xml	18.67.93.45 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://heictojpg.com/static/images/icons/signup.svg Requested by Host: heictojpg.com URL: https://heictojpg.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.67.93.45 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-67-93-45.syd62.r.cloudfront.net Software AmazonS3 / Resource Hash 2c7e687696356c4791d1a9f5971f9bf1affd23e4f20a119dd30cb87830027cc1 Request headers accept-language en-AU,en;q=0.9 Referer https://heictojpg.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Mon, 12 Feb 2024 00:56:59 GMT content-encoding gzip via 1.1 2e05fb1b0c75f8ef4c701fadb0b27fd8.cloudfront.net (CloudFront) last-modified Thu, 04 May 2023 23:36:59 GMT server AmazonS3 x-amz-cf-pop SYD62-P1 age 11978 x-amz-server-side-encryption AES256 etag W/"9f7e3d2a235e9f841ff1a45c08ec81b1" vary Accept-Encoding x-cache Hit from cloudfront content-type image/svg+xml cache-control max-age=86400 x-amz-cf-id ZaMYkBCmLtV5L4SqwiAyNSdKZUoqYWgAocCV4kaORpMYZ0-6U5Jb0g==
GET H2	200	login.svg heictojpg.com/static/images/icons/	541 B 930 B	11ms 5ms	Image image/svg+xml	18.67.93.45 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://heictojpg.com/static/images/icons/login.svg Requested by Host: heictojpg.com URL: https://heictojpg.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.67.93.45 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-67-93-45.syd62.r.cloudfront.net Software AmazonS3 / Resource Hash b19ff3377b5153b354330a2af56960c37f039944f0437fcb0bf31f58a3240aa5 Request headers accept-language en-AU,en;q=0.9 Referer https://heictojpg.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Sun, 11 Feb 2024 21:37:41 GMT via 1.1 2e05fb1b0c75f8ef4c701fadb0b27fd8.cloudfront.net (CloudFront) last-modified Thu, 04 May 2023 23:36:59 GMT server AmazonS3 x-amz-cf-pop SYD62-P1 age 23897 x-amz-server-side-encryption AES256 etag "b4d62715fe8caed4b38c9e03e6397160" vary Accept-Encoding x-cache Hit from cloudfront content-type image/svg+xml cache-control max-age=86400 accept-ranges bytes content-length 541 x-amz-cf-id mmccumVG50oODOCxpalW4SrKHhng9a2-lICZhpKqUCUP2MASaDfWEQ==
GET H2	200	logout.svg heictojpg.com/static/images/icons/	543 B 933 B	14ms 8ms	Image image/svg+xml	18.67.93.45 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://heictojpg.com/static/images/icons/logout.svg Requested by Host: heictojpg.com URL: https://heictojpg.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.67.93.45 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-67-93-45.syd62.r.cloudfront.net Software AmazonS3 / Resource Hash 2980d539e3feb1828a646d337666087a99c4474ec552b20317a8d33eabc2cfb3 Request headers accept-language en-AU,en;q=0.9 Referer https://heictojpg.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Sun, 11 Feb 2024 20:55:07 GMT via 1.1 2e05fb1b0c75f8ef4c701fadb0b27fd8.cloudfront.net (CloudFront) last-modified Thu, 04 May 2023 23:36:59 GMT server AmazonS3 x-amz-cf-pop SYD62-P1 age 26495 x-amz-server-side-encryption AES256 etag "d5fb8308f83974104cd907457043095a" vary Accept-Encoding x-cache Hit from cloudfront content-type image/svg+xml cache-control max-age=86400 accept-ranges bytes content-length 543 x-amz-cf-id lGusmG1jRAbSVaE4vcqGFqZB5ghoU8mNp6kLo5iWdjVpxrKWTeCaGw==
GET H2	200	minus-circle.svg heictojpg.com/static/images/icons/	881 B 1 KB	19ms 13ms	Image image/svg+xml	18.67.93.45 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://heictojpg.com/static/images/icons/minus-circle.svg Requested by Host: heictojpg.com URL: https://heictojpg.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.67.93.45 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-67-93-45.syd62.r.cloudfront.net Software AmazonS3 / Resource Hash ca211d08fcc2281a85fb1ce611de7dbf3397ac44c0033a66818b22494d832685 Request headers accept-language en-AU,en;q=0.9 Referer https://heictojpg.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Mon, 12 Feb 2024 03:40:45 GMT via 1.1 2e05fb1b0c75f8ef4c701fadb0b27fd8.cloudfront.net (CloudFront) last-modified Thu, 04 May 2023 23:36:59 GMT server AmazonS3 x-amz-cf-pop SYD62-P1 age 2143 x-amz-server-side-encryption AES256 etag "6291315d03a85ec044f801169b0508ee" vary Accept-Encoding x-cache Hit from cloudfront content-type image/svg+xml cache-control max-age=86400 accept-ranges bytes content-length 881 x-amz-cf-id zSzwRf3mmbV0_kwjC5uWGdPKlq6RSMbNsQzvrYRFaXhRIn5OO-YU7g==
GET H2	200	refresh.svg heictojpg.com/static/images/icons/	3 KB 2 KB	14ms 9ms	Image image/svg+xml	18.67.93.45 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://heictojpg.com/static/images/icons/refresh.svg Requested by Host: heictojpg.com URL: https://heictojpg.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.67.93.45 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-67-93-45.syd62.r.cloudfront.net Software AmazonS3 / Resource Hash 150d581aecad944db72e7a924cbe84fe9c5bacc71367d628be06bce73b49dae7 Request headers accept-language en-AU,en;q=0.9 Referer https://heictojpg.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Sun, 11 Feb 2024 23:50:24 GMT content-encoding gzip via 1.1 2e05fb1b0c75f8ef4c701fadb0b27fd8.cloudfront.net (CloudFront) last-modified Thu, 04 May 2023 23:36:59 GMT server AmazonS3 x-amz-cf-pop SYD62-P1 age 15928 x-amz-server-side-encryption AES256 etag W/"5e583ce8dc7cdc115be51ea6dd918e15" vary Accept-Encoding x-cache Hit from cloudfront content-type image/svg+xml cache-control max-age=86400 x-amz-cf-id z6LXCg58c2quXfJFB55bk__tMnrWd_Y50E8jDrtf8QH5jUhk9VEevQ==
GET H2	200	runtime.f8451a3c.js Show response heictojpg.com/static/js/	3 KB 2 KB	11ms 6ms	Script application/javascript	18.67.93.45 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://heictojpg.com/static/js/runtime.f8451a3c.js Requested by Host: heictojpg.com URL: https://heictojpg.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.67.93.45 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-67-93-45.syd62.r.cloudfront.net Software AmazonS3 / Resource Hash 99d3ba4ba69fb30e4b3a2e269563bf58cc0ac0918ef563c8d8680d29d92c292e Request headers accept-language en-AU,en;q=0.9 Referer https://heictojpg.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Sun, 11 Feb 2024 07:51:13 GMT content-encoding gzip via 1.1 2e05fb1b0c75f8ef4c701fadb0b27fd8.cloudfront.net (CloudFront) last-modified Sat, 25 Nov 2023 20:12:54 GMT server AmazonS3 x-amz-cf-pop SYD62-P1 age 73479 etag W/"dc2d9529464a5e8904e2ce92dc6c9fb0" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=86400 x-amz-cf-id 96YBLLUu55Dn7Od1_idR_li61U2oujn9fzo68CNLDTQ9rlMMjEcgCw==
GET H2	200	setup.5705528d.js Show response heictojpg.com/static/js/	51 KB 17 KB	14ms 10ms	Script application/javascript	18.67.93.45 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://heictojpg.com/static/js/setup.5705528d.js Requested by Host: heictojpg.com URL: https://heictojpg.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.67.93.45 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-67-93-45.syd62.r.cloudfront.net Software AmazonS3 / Resource Hash 715f7e500e5c0460e11b63e672dbd0cad2be72fb82b8aaa352d94b0ae3fe9cf6 Request headers accept-language en-AU,en;q=0.9 Referer https://heictojpg.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Sun, 11 Feb 2024 21:53:32 GMT content-encoding gzip via 1.1 2e05fb1b0c75f8ef4c701fadb0b27fd8.cloudfront.net (CloudFront) last-modified Sat, 25 Nov 2023 20:12:54 GMT server AmazonS3 x-amz-cf-pop SYD62-P1 age 23138 x-amz-server-side-encryption AES256 etag W/"da6ee3818080a29ec84572c46496a362" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=86400 x-amz-cf-id VijcI_XU02ROVljGJT6XUjYFCU6HckptGjEOfJ4gxm2VsirXtnQlxQ==
GET H2	200	index.8dc39edb.js Show response heictojpg.com/static/js/	163 KB 53 KB	12ms 7ms	Script application/javascript	18.67.93.45 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://heictojpg.com/static/js/index.8dc39edb.js Requested by Host: heictojpg.com URL: https://heictojpg.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.67.93.45 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-67-93-45.syd62.r.cloudfront.net Software AmazonS3 / Resource Hash e0984fbc2307f12b64548bb9ed47281aa991dc5471a74ef77e49063bd6575049 Request headers accept-language en-AU,en;q=0.9 Referer https://heictojpg.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Sun, 11 Feb 2024 06:09:21 GMT content-encoding gzip via 1.1 2e05fb1b0c75f8ef4c701fadb0b27fd8.cloudfront.net (CloudFront) last-modified Sat, 25 Nov 2023 20:12:54 GMT server AmazonS3 x-amz-cf-pop SYD62-P1 age 79590 etag W/"4877ca2557390395ede43969ec54bdf8" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=86400 x-amz-cf-id Klrn9gnl2C5ES9Iufif_L2DBREFAp3eiucQYqG0OL2teRtRaF3-pTg==
GET H2	200	gtm.js Show response www.googletagmanager.com/	187 KB 66 KB	212ms 107ms	Script application/javascript	142.250.204.8 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-PG8SHQR Requested by Host: heictojpg.com URL: https://heictojpg.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.204.8 , United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s25-in-f8.1e100.net Software Google Tag Manager / Resource Hash 10fc61f5794888cbe2b9a26555e27576e0ea4ae23820aa3aafc17e4ab8c7fba7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://heictojpg.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Mon, 12 Feb 2024 04:15:51 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 67294 x-xss-protection 0 last-modified Mon, 12 Feb 2024 03:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Mon, 12 Feb 2024 04:15:51 GMT
GET H2	200	hotjar-621224.js Show response static.hotjar.com/c/	11 KB 5 KB	270ms 257ms	Script application/javascript	18.67.93.15 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-621224.js?sv=6 Requested by Host: heictojpg.com URL: https://heictojpg.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.67.93.15 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-67-93-15.syd62.r.cloudfront.net Software / Resource Hash 30b06fc5650485bb7ae20306e671d014c6b3168caa87a46c7c0803cfc700aa03 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language en-AU,en;q=0.9 Referer https://heictojpg.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers strict-transport-security max-age=2592000; includeSubDomains content-encoding br x-content-type-options nosniff date Mon, 12 Feb 2024 04:15:51 GMT via 1.1 903696f43fdfc4019d7102b6711e9fca.cloudfront.net (CloudFront) x-amz-cf-pop SYD62-P1 etag W/17e0ac0b1534a5ad66f68b4f337f70ea vary Accept-Encoding x-cache RefreshHit from cloudfront content-type application/javascript; charset=UTF-8 access-control-allow-origin * x-cache-hit 1 cache-control max-age=60 cross-origin-resource-policy cross-origin x-amz-cf-id u1c4myZkjo6vlkPQzLudSGfimmwYLdSLc5qTo0cuX_US4BEjsh57Ug==
GET H2	200	proximanova-bold.woff2 heictojpg.com/static/css/fonts/	52 KB 53 KB	9ms 7ms	Font binary/octet-stream	18.67.93.45 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://heictojpg.com/static/css/fonts/proximanova-bold.woff2 Requested by Host: heictojpg.com URL: https://heictojpg.com/static/css/main.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.67.93.45 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-67-93-45.syd62.r.cloudfront.net Software AmazonS3 / Resource Hash 5c7b47b78f9dd84a22b5a8c296ba68539895666b262de5b796846203fe1679a7 Request headers Referer https://heictojpg.com/static/css/main.css Origin https://heictojpg.com accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Sun, 11 Feb 2024 21:55:31 GMT via 1.1 2e05fb1b0c75f8ef4c701fadb0b27fd8.cloudfront.net (CloudFront) last-modified Thu, 04 May 2023 23:36:57 GMT server AmazonS3 x-amz-cf-pop SYD62-P1 age 22858 x-amz-server-side-encryption AES256 etag "16565a28248b2b4b6bd3561e3e0aaa00" vary Accept-Encoding x-cache Hit from cloudfront content-type binary/octet-stream cache-control max-age=86400 accept-ranges bytes content-length 53632 x-amz-cf-id s2iRepcm-s8D63zn9iUOZAcZWfU9OtxaFyW43ViBCu4hN_Y0mVtuIg==
GET H2	200	Inter-Regular.woff2 heictojpg.com/static/css/fonts/	97 KB 97 KB	11ms 9ms	Font binary/octet-stream	18.67.93.45 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://heictojpg.com/static/css/fonts/Inter-Regular.woff2 Requested by Host: heictojpg.com URL: https://heictojpg.com/static/css/main.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.67.93.45 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-67-93-45.syd62.r.cloudfront.net Software AmazonS3 / Resource Hash d612f1212b452af07f1a5defb2b672e76a91f7139e7499fa48bb9b2b985c22d6 Request headers Referer https://heictojpg.com/static/css/main.css Origin https://heictojpg.com accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Mon, 12 Feb 2024 03:40:45 GMT via 1.1 2e05fb1b0c75f8ef4c701fadb0b27fd8.cloudfront.net (CloudFront) last-modified Thu, 04 May 2023 23:36:56 GMT server AmazonS3 x-amz-cf-pop SYD62-P1 age 2142 x-amz-server-side-encryption AES256 etag "dc131113894217b5031000575d9de002" vary Accept-Encoding x-cache Hit from cloudfront content-type binary/octet-stream cache-control max-age=86400 accept-ranges bytes content-length 98868 x-amz-cf-id X_QsoxmHRxDsdlQpeW0ljSfXf1l4gWjg75GWsW-p9tK79mz9_Cg8RA==
GET H2	200	Inter-Bold.woff2 heictojpg.com/static/css/fonts/	104 KB 104 KB	14ms 12ms	Font binary/octet-stream	18.67.93.45 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://heictojpg.com/static/css/fonts/Inter-Bold.woff2 Requested by Host: heictojpg.com URL: https://heictojpg.com/static/css/main.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.67.93.45 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-67-93-45.syd62.r.cloudfront.net Software AmazonS3 / Resource Hash c63158babcb7902203ed73476ccf901db34825ea524d4a36a52b5e5f97e1abf7 Request headers Referer https://heictojpg.com/static/css/main.css Origin https://heictojpg.com accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Sun, 11 Feb 2024 23:52:10 GMT via 1.1 2e05fb1b0c75f8ef4c701fadb0b27fd8.cloudfront.net (CloudFront) last-modified Thu, 04 May 2023 23:36:55 GMT server AmazonS3 x-amz-cf-pop SYD62-P1 age 15870 x-amz-server-side-encryption AES256 etag "444a7284663a3bc886683eb81450b294" vary Accept-Encoding x-cache Hit from cloudfront content-type binary/octet-stream cache-control max-age=86400 accept-ranges bytes content-length 106140 x-amz-cf-id _G53WJnjGmVR72Ro6eddPo7uq2E7SNJoladGrCoBt0Imjfk_tBBNIg==
GET H2	200	Inter-Medium.woff2 heictojpg.com/static/css/fonts/	103 KB 104 KB	14ms 13ms	Font binary/octet-stream	18.67.93.45 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://heictojpg.com/static/css/fonts/Inter-Medium.woff2 Requested by Host: heictojpg.com URL: https://heictojpg.com/static/css/main.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.67.93.45 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-67-93-45.syd62.r.cloudfront.net Software AmazonS3 / Resource Hash 1b498b959e5b7decbf9185803591d25bc1fbf83e798372ed30d32d5c79d82ff6 Request headers Referer https://heictojpg.com/static/css/main.css Origin https://heictojpg.com accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Sun, 11 Feb 2024 21:53:32 GMT via 1.1 2e05fb1b0c75f8ef4c701fadb0b27fd8.cloudfront.net (CloudFront) last-modified Thu, 04 May 2023 23:36:56 GMT server AmazonS3 x-amz-cf-pop SYD62-P1 age 23138 x-amz-server-side-encryption AES256 etag "75db5319e7e87c587019a5df08d7272c" vary Accept-Encoding x-cache Hit from cloudfront content-type binary/octet-stream cache-control max-age=86400 accept-ranges bytes content-length 105924 x-amz-cf-id FY8Fi7tCGyN1etw3EoDuadb7L2vKPECOMNNEQquet5_1Y1zO0Sus4Q==
GET H2	200	proximanova-medium.woff2 heictojpg.com/static/css/fonts/	52 KB 53 KB	15ms 14ms	Font binary/octet-stream	18.67.93.45 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://heictojpg.com/static/css/fonts/proximanova-medium.woff2 Requested by Host: heictojpg.com URL: https://heictojpg.com/static/css/main.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.67.93.45 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-67-93-45.syd62.r.cloudfront.net Software AmazonS3 / Resource Hash a7bacca0e03265eee58945bd60c30ffea14d78b0cc013ced3e09fed49c34a95f Request headers Referer https://heictojpg.com/static/css/main.css Origin https://heictojpg.com accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Sun, 11 Feb 2024 08:46:45 GMT via 1.1 2e05fb1b0c75f8ef4c701fadb0b27fd8.cloudfront.net (CloudFront) last-modified Thu, 04 May 2023 23:36:58 GMT server AmazonS3 x-amz-cf-pop SYD62-P1 age 70146 etag "e310867dcf25aadaaf2bd631aff8bd74" x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type binary/octet-stream cache-control max-age=86400 accept-ranges bytes content-length 53648 x-amz-cf-id wkwXUvSP-Ad6Un8KvWbvi2-QrewsaQsuwdYoKVqf7aLn9EJcV0vFYQ==
GET H2	200	proximanova-extrabold.woff2 heictojpg.com/static/css/fonts/	33 KB 33 KB	20ms 18ms	Font binary/octet-stream	18.67.93.45 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://heictojpg.com/static/css/fonts/proximanova-extrabold.woff2 Requested by Host: heictojpg.com URL: https://heictojpg.com/static/css/main.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.67.93.45 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-67-93-45.syd62.r.cloudfront.net Software AmazonS3 / Resource Hash be3e0dd0e4fa607ea6209de58a5c1d5fea515b6aae3aadf7fce3dbb5f5e9dd4e Request headers Referer https://heictojpg.com/static/css/main.css Origin https://heictojpg.com accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Sun, 11 Feb 2024 04:57:11 GMT via 1.1 2e05fb1b0c75f8ef4c701fadb0b27fd8.cloudfront.net (CloudFront) last-modified Thu, 04 May 2023 23:36:57 GMT server AmazonS3 x-amz-cf-pop SYD62-P1 age 83920 etag "c1c9bfeeaea03d0fc08d966efe537216" x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type binary/octet-stream cache-control max-age=86400 accept-ranges bytes content-length 33568 x-amz-cf-id wsAukK_-id-yoQphV_AnNz31fVOUZdyrSDyzniOipfArwHJ7nfSKkg==
GET H2	200	Inter-SemiBold.woff2 heictojpg.com/static/css/fonts/	103 KB 104 KB	5ms 4ms	Font binary/octet-stream	18.67.93.45 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://heictojpg.com/static/css/fonts/Inter-SemiBold.woff2 Requested by Host: heictojpg.com URL: https://heictojpg.com/static/css/main.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.67.93.45 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-67-93-45.syd62.r.cloudfront.net Software AmazonS3 / Resource Hash 152261291c938aa5aad6a56d52b47ffcb893d1c0387e76d7f270a7382ff786d5 Request headers Referer https://heictojpg.com/static/css/main.css Origin https://heictojpg.com accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Mon, 12 Feb 2024 03:36:56 GMT via 1.1 2e05fb1b0c75f8ef4c701fadb0b27fd8.cloudfront.net (CloudFront) last-modified Thu, 04 May 2023 23:36:57 GMT server AmazonS3 x-amz-cf-pop SYD62-P1 age 2340 x-amz-server-side-encryption AES256 etag "007ad31a53f4ab3f58ee74f2308482ce" vary Accept-Encoding x-cache Hit from cloudfront content-type binary/octet-stream cache-control max-age=86400 accept-ranges bytes content-length 105804 x-amz-cf-id s-aWeB6cPJaeQ2I3-40JrFMNPPjsy1nv3Kw1u084DJh2hWFi2PdmMg==
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	147 KB 51 KB	256ms 156ms	Script text/javascript	142.250.204.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8591306331167868 Requested by Host: heictojpg.com URL: https://heictojpg.com/static/js/setup.5705528d.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.204.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s25-in-f2.1e100.net Software cafe / Resource Hash 243aff1cf5629767b7204e9466b9b2394317bc250b31318842405caeaaee26e8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://heictojpg.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Mon, 12 Feb 2024 04:15:51 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 51292 x-xss-protection 0 server cafe etag 16522584105675132425 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * link <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin expires Mon, 12 Feb 2024 04:15:51 GMT
GET H2	200	669.918c6dfa.js heictojpg.com/static/js/	0 8 KB	8ms 6ms	Other application/javascript	18.67.93.45 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://heictojpg.com/static/js/669.918c6dfa.js Requested by Host: heictojpg.com URL: https://heictojpg.com/static/js/runtime.f8451a3c.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.67.93.45 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-67-93-45.syd62.r.cloudfront.net Software AmazonS3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-AU,en;q=0.9 Referer https://heictojpg.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Sun, 11 Feb 2024 06:09:23 GMT content-encoding gzip via 1.1 2e05fb1b0c75f8ef4c701fadb0b27fd8.cloudfront.net (CloudFront) last-modified Sat, 25 Nov 2023 20:12:54 GMT server AmazonS3 x-amz-cf-pop SYD62-P1 age 79589 etag W/"264acfdd6eb89ce38e5e186e9d01361c" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=86400 x-amz-cf-id wdATG2PSVr6b5mmsUuI9W9pIOlfvW_R9ciioddF_SIdSRnPGTPZmgg==
GET H2	200	831.cfefb7de.js heictojpg.com/static/js/	0 6 KB	9ms 8ms	Other application/javascript	18.67.93.45 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://heictojpg.com/static/js/831.cfefb7de.js Requested by Host: heictojpg.com URL: https://heictojpg.com/static/js/runtime.f8451a3c.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.67.93.45 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-67-93-45.syd62.r.cloudfront.net Software AmazonS3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-AU,en;q=0.9 Referer https://heictojpg.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Sun, 11 Feb 2024 04:57:11 GMT content-encoding gzip via 1.1 2e05fb1b0c75f8ef4c701fadb0b27fd8.cloudfront.net (CloudFront) last-modified Sat, 25 Nov 2023 20:12:54 GMT server AmazonS3 x-amz-cf-pop SYD62-P1 age 83920 etag W/"92f4c4da57613918f4de5c08b9668a7d" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=86400 x-amz-cf-id 3u5pB6CLMhJ_yWIRYET0_XNVV6mGgViC3NDWvgws_6x8O4Lq6bwQgg==
GET H2	200	608.f67a459c.js heictojpg.com/static/js/	0 41 KB	8ms 8ms	Other application/javascript	18.67.93.45 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://heictojpg.com/static/js/608.f67a459c.js Requested by Host: heictojpg.com URL: https://heictojpg.com/static/js/runtime.f8451a3c.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.67.93.45 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-67-93-45.syd62.r.cloudfront.net Software AmazonS3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-AU,en;q=0.9 Referer https://heictojpg.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Sun, 11 Feb 2024 23:25:18 GMT content-encoding gzip via 1.1 2e05fb1b0c75f8ef4c701fadb0b27fd8.cloudfront.net (CloudFront) last-modified Sat, 25 Nov 2023 20:12:54 GMT server AmazonS3 x-amz-cf-pop SYD62-P1 age 17479 x-amz-server-side-encryption AES256 etag W/"c496be5494e5859ce16cbd7aba8f9b2e" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=86400 x-amz-cf-id oMCGDVgcPssrkEhcVz_pUb8XH1ty3vcTcgDcaMU4Wa0hiymiwmf--A==
GET H2	200	113.faacbda0.js heictojpg.com/static/js/	0 499 B	9ms 9ms	Other application/javascript	18.67.93.45 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://heictojpg.com/static/js/113.faacbda0.js Requested by Host: heictojpg.com URL: https://heictojpg.com/static/js/runtime.f8451a3c.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.67.93.45 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-67-93-45.syd62.r.cloudfront.net Software AmazonS3 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-AU,en;q=0.9 Referer https://heictojpg.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Mon, 12 Feb 2024 03:40:45 GMT via 1.1 2e05fb1b0c75f8ef4c701fadb0b27fd8.cloudfront.net (CloudFront) last-modified Sat, 25 Nov 2023 20:12:55 GMT server AmazonS3 x-amz-cf-pop SYD62-P1 age 2141 x-amz-server-side-encryption AES256 etag "ee274a94a206fcbeb5de3fa34684e5d5" vary Accept-Encoding x-cache Hit from cloudfront content-type application/javascript cache-control max-age=86400 accept-ranges bytes content-length 99 x-amz-cf-id eV8kqllh9RqZAcyATdbnbgAlyxvKarPZT4AFzdIcSKjs3zvirbCjvQ==
GET H2	200	plus.svg heictojpg.com/static/images/icons/	260 B 631 B	5ms 4ms	Image image/svg+xml	18.67.93.45 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://heictojpg.com/static/images/icons/plus.svg Requested by Host: heictojpg.com URL: https://heictojpg.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.67.93.45 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-67-93-45.syd62.r.cloudfront.net Software AmazonS3 / Resource Hash f2a7f0d7a383636af07e0e345ff23c2178f9f65aa60390ee12d9049f5841bcc5 Request headers accept-language en-AU,en;q=0.9 Referer https://heictojpg.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Sun, 11 Feb 2024 07:51:14 GMT via 1.1 2e05fb1b0c75f8ef4c701fadb0b27fd8.cloudfront.net (CloudFront) last-modified Sun, 18 Jun 2023 19:30:06 GMT server AmazonS3 x-amz-cf-pop SYD62-P1 age 73478 etag "4571ed9b3473b21cf288907c6c10659f" x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-type image/svg+xml cache-control max-age=86400 accept-ranges bytes content-length 260 x-amz-cf-id V9W6BDtUtrFgE6QRNUr-ale6z2ar-JSFAYToIUbbbGwcsMV7RiT9Lw==
GET H2	200	plus-circle.svg heictojpg.com/static/images/icons/	1 KB 958 B	3ms 3ms	Image image/svg+xml	18.67.93.45 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://heictojpg.com/static/images/icons/plus-circle.svg Requested by Host: heictojpg.com URL: https://heictojpg.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.67.93.45 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-67-93-45.syd62.r.cloudfront.net Software AmazonS3 / Resource Hash 43424b37bcb22893c85d7afec073a9ab9831efe3be04cac5cdf67597e807369a Request headers accept-language en-AU,en;q=0.9 Referer https://heictojpg.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Sun, 11 Feb 2024 07:51:14 GMT content-encoding gzip via 1.1 2e05fb1b0c75f8ef4c701fadb0b27fd8.cloudfront.net (CloudFront) last-modified Thu, 04 May 2023 23:36:59 GMT server AmazonS3 x-amz-cf-pop SYD62-P1 age 73478 etag W/"cad4c8ea188279691393a6af5d4f92d2" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type image/svg+xml cache-control max-age=86400 x-amz-cf-id ntHOeX7SEKqjsw2NJnZxNx24KuBJqUYTlV3wcZXhSgtU_RIDdWIy5A==
GET H2	200	modules.8414bbb3c65a3c228a5a.js Show response script.hotjar.com/	218 KB 55 KB	10ms 3ms	Script application/javascript	18.67.111.11 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.8414bbb3c65a3c228a5a.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-621224.js?sv=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.67.111.11 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-67-111-11.syd62.r.cloudfront.net Software / Resource Hash 290f298e1bb2bdcb4feccae77ba34dbc0cdccadbbcfa8489d758edb282bd1f31 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language en-AU,en;q=0.9 Referer https://heictojpg.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Fri, 09 Feb 2024 12:50:07 GMT content-encoding br x-content-type-options nosniff strict-transport-security max-age=2592000; includeSubDomains via 1.1 72d783f19e38dd5db23a648a65feb4f2.cloudfront.net (CloudFront) x-amz-cf-pop SYD62-P2 age 228344 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin content-length 55350 last-modified Fri, 09 Feb 2024 12:49:54 GMT etag "a7ea8f13d71da1eabb486d86cde54573" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=31536000 accept-ranges bytes x-robots-tag none x-amz-cf-id Gf98w-wGIIECh5MO-QsPsWpqG7JUQ-5E0hiTzViF5G1g_x2erxafLg==
GET H2	200	js Show response www.googletagmanager.com/gtag/	276 KB 92 KB	118ms 117ms	Script application/javascript	142.250.204.8 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-9YNHJNWLFK&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-PG8SHQR Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.204.8 , United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s25-in-f8.1e100.net Software Google Tag Manager / Resource Hash ce24b73a25d5e4a497f662b0d99f02b19d6dbbbc2bdae4e485b2a768363301e9 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://heictojpg.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Mon, 12 Feb 2024 04:15:51 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 93909 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Mon, 12 Feb 2024 04:15:51 GMT
GET H2	200	show_ads_impl_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/	406 KB 138 KB	172ms 172ms	Script text/javascript	142.250.204.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/show_ads_impl_fy2021.js?bust=31080932 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8591306331167868 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.204.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s25-in-f2.1e100.net Software cafe / Resource Hash 21f5a848e627ce4ae2618f8ce7559cb8750c1d393c4c12c5cb14d4e7932e038f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://heictojpg.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Mon, 12 Feb 2024 04:15:51 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 140887 x-xss-protection 0 server cafe etag 12132918687930183875 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Mon, 12 Feb 2024 04:15:51 GMT
GET H2	200	zrt_lookup_fy2021.html Show response googleads.g.doubleclick.net/pagead/html/r20240207/r20190131/ Frame 3629	9 KB 5 KB	105ms 3ms	Document text/html	172.217.167.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20240207/r20190131/zrt_lookup_fy2021.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8591306331167868 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.167.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS syd15s06-in-f2.1e100.net Software cafe / Resource Hash 9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://heictojpg.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers age 80942 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4209 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 11 Feb 2024 05:46:49 GMT etag 3890843268177463596 expires Sun, 25 Feb 2024 05:46:49 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
POST H2	204	collect www.google-analytics.com/g/	0 252 B	501ms 99ms	Ping text/plain	142.250.204.14 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-9YNHJNWLFK&gtm=45je4270v9100658478z89104427503za200&_p=1707711351068&gcd=13l3l3l3l1&npa=0&dma=0&cid=703588968.1707711352&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1707711351&sct=1&seg=0&dl=https%3A%2F%2Fheictojpg.com%2F&dt=Convert%20Heic%20to%20JPEG%20for%20free%20%7C%20Made%20by%20JPEGmini&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=788 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-9YNHJNWLFK&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.204.14 , United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s25-in-f14.1e100.net Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-AU,en;q=0.9 Referer https://heictojpg.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers pragma no-cache date Mon, 12 Feb 2024 04:15:52 GMT server Golfe2 content-type text/plain access-control-allow-origin https://heictojpg.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 1ADC	342 KB 84 KB	1088ms 1087ms	Document text/html	172.217.167.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8591306331167868&output=html&adk=1812271804&adf=3025194257&lmt=1700943176&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fheictojpg.com%2F&pra=5&wgl=1&easpi=1&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6~9~17&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707711351447&bpp=3&bdt=401&idt=522&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3301078249764&frm=20&pv=2&ga_vid=703588968.1707711352&ga_sid=1707711352&ga_hid=1769459783&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31080780%2C31080819%2C31080946%2C31081025%2C31081034%2C44785292%2C44795921%2C95324580%2C31080932%2C95322329%2C95320870%2C95324154%2C95324160%2C95324264%2C21065724&oid=2&pvsid=554293353685293&tmod=908766259&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=536 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/show_ads_impl_fy2021.js?bust=31080932 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.167.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS syd15s06-in-f2.1e100.net Software cafe / Resource Hash 6eab3f878ed12fce997ce21d89f5e5a3d538781f00cc58f47d33c2aea4d22bf7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://heictojpg.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 86158 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 12 Feb 2024 04:15:53 GMT expires Mon, 12 Feb 2024 04:15:53 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 7508	130 KB 44 KB	1673ms 1673ms	Document text/html	172.217.167.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8591306331167868&output=html&h=120&slotname=7735410782&adk=1790428439&adf=3493039506&pi=t.ma~as.7735410782&w=600&lmt=1700943176&rafmt=12&format=600x120&url=https%3A%2F%2Fheictojpg.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707711351450&bpp=1&bdt=403&idt=541&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3301078249764&frm=20&pv=1&ga_vid=703588968.1707711352&ga_sid=1707711352&ga_hid=1769459783&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=628&ady=1080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31080780%2C31080819%2C31080946%2C31081025%2C31081034%2C44785292%2C44795921%2C95324580%2C31080932%2C95322329%2C95320870%2C95324154%2C95324160%2C95324264%2C21065724&oid=2&pvsid=554293353685293&tmod=908766259&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=256&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=545 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/show_ads_impl_fy2021.js?bust=31080932 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.167.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS syd15s06-in-f2.1e100.net Software cafe / Resource Hash 8a3fe076fbfb64dec5251cb12fa3e44e3bdecd17f2faaec91e274b371639cfaf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://heictojpg.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 44809 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 12 Feb 2024 04:15:53 GMT expires Mon, 12 Feb 2024 04:15:53 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	reactive_library_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/	165 KB 56 KB	160ms 159ms	Script text/javascript	142.250.204.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/reactive_library_fy2021.js?bust=31080932 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/show_ads_impl_fy2021.js?bust=31080932 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.204.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s25-in-f2.1e100.net Software cafe / Resource Hash 9c175752b6a7ef1acf58f29794ccd4f41a3f2e99eea1d549cda7692f9187b92d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://heictojpg.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Mon, 12 Feb 2024 04:15:53 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 57064 x-xss-protection 0 server cafe etag 6249776695486008079 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Mon, 12 Feb 2024 04:15:53 GMT
GET H2	200	ca-pub-8591306331167868 Show response fundingchoicesmessages.google.com/i/	182 KB 61 KB	229ms 125ms	Script application/javascript	172.217.167.78 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/i/ca-pub-8591306331167868?ers=2 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/show_ads_impl_fy2021.js?bust=31080932 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.167.78 , United States, ASN15169 (GOOGLE, US), Reverse DNS syd15s06-in-f14.1e100.net Software ESF / Resource Hash c0d8ff657421508f43bb88db527ada7a09e088ee1984ae7a50e71303a75d6e1f Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-EGko5uIlFGFqi9A0TVB31g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://heictojpg.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Mon, 12 Feb 2024 04:15:53 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-EGko5uIlFGFqi9A0TVB31g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 reporting-endpoints default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjWsKoxSXF4KQhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ycTx9SWTBBCrAfE7yVdM34B4h48Hy5vw6axsEdNZ4-qms-YAMd-66aya66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYAIP6cOYP1NxD71M9gjQJiIR6On9uWrWMTeLF350NGACXASsk" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* timing-allow-origin * expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	zrt_lookup_fy2021.html Show response googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/ Frame 163F	9 KB 4 KB	3ms 3ms	Document text/html	172.217.167.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/show_ads_impl_fy2021.js?bust=31080932 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.167.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS syd15s06-in-f2.1e100.net Software cafe / Resource Hash 9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://heictojpg.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers age 3463 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4209 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 12 Feb 2024 03:18:10 GMT etag 3890843268177463596 expires Mon, 26 Feb 2024 03:18:10 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	zrt_lookup_fy2021.html Show response googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/ Frame 9564	9 KB 4 KB	3ms 2ms	Document text/html	172.217.167.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/show_ads_impl_fy2021.js?bust=31080932 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.167.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS syd15s06-in-f2.1e100.net Software cafe / Resource Hash 9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://heictojpg.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers age 3463 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4209 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 12 Feb 2024 03:18:10 GMT etag 3890843268177463596 expires Mon, 26 Feb 2024 03:18:10 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	AGSKWxUWBpDnByPiJ7dyiyyGQydT_lHH5wAyeopJkDhYDkBuNaH5hG4lKO-hYu4UfCE6_H7DpJfD3ctCvqBA6kiMgvegAZTFfc2EZTpnm0QIxScLxYMG4cpRZmSsTj7GIQUqRbf6wo6r8Q== Show response fundingchoicesmessages.google.com/f/	3 KB 2 KB	121ms 121ms	Script application/javascript	172.217.167.78 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxUWBpDnByPiJ7dyiyyGQydT_lHH5wAyeopJkDhYDkBuNaH5hG4lKO-hYu4UfCE6_H7DpJfD3ctCvqBA6kiMgvegAZTFfc2EZTpnm0QIxScLxYMG4cpRZmSsTj7GIQUqRbf6wo6r8Q==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA3NzExMzUzLDYyOTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9oZWljdG9qcGcuY29tLyIsbnVsbCxbWzgsIk0wWmdkYW1PTk5zIl0sWzksImVuLUdCIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.M0ZgdamONNs.es5.O/am=wA/d=1/rs=AJlcJMzSL-D1KrpxNnEDbMxZh6nUkqIpxQ/m=kernel_loader,loader_js_executable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.167.78 , United States, ASN15169 (GOOGLE, US), Reverse DNS syd15s06-in-f14.1e100.net Software ESF / Resource Hash 305f2c34dff40bed21e6cab995f8d68fee827b82a66e5f3fe8515544d36898c2 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-ei2GcrIXD6nblD_Wtvnwfg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://heictojpg.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Mon, 12 Feb 2024 04:15:53 GMT content-security-policy script-src 'report-sample' 'nonce-ei2GcrIXD6nblD_Wtvnwfg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 reporting-endpoints default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjWsOoxSXF4KohxXDi1m2mC0B83ukO03UgvqjylOkmENcyPGNqBeIH4c-YXgCxgcZzJgsgZvzzgokTiN99ecnE8fUlkwQQqwHxO8lXTN-AeIePB8ub8OmsbBHTWePqprPmADHfuumsmuuns245M511DxDHPJ_OmgLEi1lnsK4G4imBM1jnALFT-gzWACD-nDmD9TcQ-9TPYI0CYiEejp_blq1jE7ix7d9ZJgCpH0_1" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* timing-allow-origin * expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	css2 fonts.googleapis.com/ Frame 163F	5 KB 1 KB	500ms 96ms	Stylesheet text/css	142.251.221.74 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.221.74 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s31-in-f10.1e100.net Software ESF / Resource Hash 47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 12 Feb 2024 04:15:54 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 12 Feb 2024 03:20:51 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 12 Feb 2024 04:15:54 GMT
GET H2	200	feedback_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame 163F	205 B 296 B	411ms 8ms	Image image/png	142.250.66.195 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.66.195 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s23-in-f3.1e100.net Software sffe / Resource Hash 4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Sat, 10 Feb 2024 17:53:04 GMT x-content-type-options nosniff age 123770 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 205 x-xss-protection 0 last-modified Thu, 20 Jul 2023 22:48:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Sun, 09 Feb 2025 17:53:04 GMT
GET H2	200	settings_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame 163F	604 B 919 B	410ms 8ms	Image image/png	142.250.66.195 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.66.195 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s23-in-f3.1e100.net Software sffe / Resource Hash 5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Sat, 10 Feb 2024 18:02:02 GMT x-content-type-options nosniff age 123232 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 604 x-xss-protection 0 last-modified Thu, 20 Jul 2023 22:48:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Sun, 09 Feb 2025 18:02:02 GMT
GET H2	200	fullscreen_api_adapter_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20240207/r20110914/elements/html/ Frame 163F	16 KB 7 KB	419ms 7ms	Script text/javascript	142.250.204.1 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/elements/html/fullscreen_api_adapter_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.204.1 , United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s25-in-f1.1e100.net Software cafe / Resource Hash 1984c4bb2ce10d00cb478c4ab216301e04502e25f2025b30dbeeb019172beb0d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Sun, 11 Feb 2024 17:15:56 GMT content-encoding br x-content-type-options nosniff age 39598 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6823 x-xss-protection 0 server cafe etag 14359709190881042667 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 25 Feb 2024 17:15:56 GMT
GET H2	200	interstitial_ad_frame_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20240207/r20110914/elements/html/ Frame 163F	22 KB 10 KB	416ms 4ms	Script text/javascript	142.250.204.1 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/elements/html/interstitial_ad_frame_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.204.1 , United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s25-in-f1.1e100.net Software cafe / Resource Hash c6f8aad2c2e01e81032eb3ce744f73450e33b1718dd95ee9cb968e76b8512f59 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Sun, 11 Feb 2024 14:58:59 GMT content-encoding br x-content-type-options nosniff age 47815 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9451 x-xss-protection 0 server cafe etag 11136001603933606047 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 25 Feb 2024 14:58:59 GMT
GET H2	200	73134fbfa16854d24caf7cd541ab86d9.js Show response www.gstatic.com/mysidia/ Frame 9564	9 KB 4 KB	405ms 6ms	Script text/javascript	142.250.66.195 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/73134fbfa16854d24caf7cd541ab86d9.js?tag=client_fast_engine_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.66.195 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s23-in-f3.1e100.net Software sffe / Resource Hash d99a3294b83fe3b21e9251c87e7696b7f5ba1651c5d82256db3c0700ead09b57 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Sat, 10 Feb 2024 17:37:41 GMT content-encoding gzip x-content-type-options nosniff age 124693 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4097 x-xss-protection 0 last-modified Thu, 08 Feb 2024 17:48:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Fri, 10 May 2024 17:37:41 GMT
GET H2	200	42bbf393f5cdd3b75ade82a6a1ced124.js Show response www.gstatic.com/mysidia/ Frame 9564	11 KB 5 KB	404ms 5ms	Script text/javascript	142.250.66.195 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/42bbf393f5cdd3b75ade82a6a1ced124.js?tag=text/vanilla_highlight_ms_cta_adjustment Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.66.195 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s23-in-f3.1e100.net Software sffe / Resource Hash c168339ab69ef010555b0678046a26f4b1657f6acd82c85d8ceaa709c1029c2e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Sat, 10 Feb 2024 17:32:03 GMT content-encoding gzip x-content-type-options nosniff age 125031 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4932 x-xss-protection 0 last-modified Tue, 06 Feb 2024 17:13:29 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Fri, 10 May 2024 17:32:03 GMT
GET H2	200	css fonts.googleapis.com/ Frame 9564	14 KB 1 KB	495ms 98ms	Stylesheet text/css	142.251.221.74 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.221.74 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s31-in-f10.1e100.net Software ESF / Resource Hash a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 12 Feb 2024 04:15:54 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 12 Feb 2024 03:27:23 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 12 Feb 2024 04:15:54 GMT
GET H2	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 9564	2 KB 904 B	413ms 6ms	Script text/javascript	142.250.204.1 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.204.1 , United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s25-in-f1.1e100.net Software cafe / Resource Hash 41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Sun, 11 Feb 2024 17:45:54 GMT content-encoding br x-content-type-options nosniff age 37800 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 795 x-xss-protection 0 server cafe etag 4925184154378345226 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 25 Feb 2024 17:45:54 GMT
GET H2	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20240207/r20110914/ Frame 9564	23 KB 9 KB	413ms 6ms	Script text/javascript	142.250.204.1 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.204.1 , United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s25-in-f1.1e100.net Software cafe / Resource Hash 7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Sun, 11 Feb 2024 11:16:32 GMT content-encoding br x-content-type-options nosniff age 61162 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9319 x-xss-protection 0 server cafe etag 3610546441309021303 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 25 Feb 2024 11:16:32 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 9564	3 KB 1 KB	414ms 7ms	Script text/javascript	142.250.204.1 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.204.1 , United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s25-in-f1.1e100.net Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Sun, 11 Feb 2024 17:44:32 GMT content-encoding br x-content-type-options nosniff age 37882 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 25 Feb 2024 17:44:32 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 9564	20 KB 8 KB	411ms 5ms	Script text/javascript	142.250.204.1 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.204.1 , United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s25-in-f1.1e100.net Software cafe / Resource Hash 0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Sun, 11 Feb 2024 17:40:41 GMT content-encoding br x-content-type-options nosniff age 38113 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8501 x-xss-protection 0 server cafe etag 9351358253902147912 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 25 Feb 2024 17:40:41 GMT
GET H2	200	ufs_web_display.js Show response pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 9564	203 KB 61 KB	3ms 2ms	Script text/javascript	142.250.204.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.204.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s25-in-f2.1e100.net Software cafe / Resource Hash 23d11567502488b4905a85c8ce6a03d6ce539620fa559b8f24a2a95b292a2c6a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Mon, 12 Feb 2024 03:30:35 GMT content-encoding br x-content-type-options nosniff age 2718 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 62553 x-xss-protection 0 server cafe etag vary Accept-Encoding content-type text/javascript; charset=ISO-8859-1 cache-control public, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Mon, 12 Feb 2024 04:30:35 GMT
GET H2	200	7b5e6815b417a6dcda76775ec840e2bc.js Show response www.gstatic.com/mysidia/ Frame 9564	37 KB 16 KB	401ms 4ms	Script text/javascript	142.250.66.195 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/7b5e6815b417a6dcda76775ec840e2bc.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.66.195 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s23-in-f3.1e100.net Software sffe / Resource Hash 87e0bffd01248ccc0369b210b2b2004ded168a8fc478f628faa17974b7f4d6da Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Sat, 10 Feb 2024 17:43:46 GMT content-encoding gzip x-content-type-options nosniff age 124328 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15515 x-xss-protection 0 last-modified Thu, 08 Feb 2024 17:48:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Fri, 10 May 2024 17:43:46 GMT
GET H2	200	73134fbfa16854d24caf7cd541ab86d9.js Show response www.gstatic.com/mysidia/ Frame 7508	9 KB 4 KB	384ms 7ms	Script text/javascript	142.250.66.195 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/73134fbfa16854d24caf7cd541ab86d9.js?tag=client_fast_engine_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8591306331167868&output=html&h=120&slotname=7735410782&adk=1790428439&adf=3493039506&pi=t.ma~as.7735410782&w=600&lmt=1700943176&rafmt=12&format=600x120&url=https%3A%2F%2Fheictojpg.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707711351450&bpp=1&bdt=403&idt=541&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3301078249764&frm=20&pv=1&ga_vid=703588968.1707711352&ga_sid=1707711352&ga_hid=1769459783&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=628&ady=1080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31080780%2C31080819%2C31080946%2C31081025%2C31081034%2C44785292%2C44795921%2C95324580%2C31080932%2C95322329%2C95320870%2C95324154%2C95324160%2C95324264%2C21065724&oid=2&pvsid=554293353685293&tmod=908766259&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=256&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=545 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.66.195 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s23-in-f3.1e100.net Software sffe / Resource Hash d99a3294b83fe3b21e9251c87e7696b7f5ba1651c5d82256db3c0700ead09b57 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Sat, 10 Feb 2024 17:37:41 GMT content-encoding gzip x-content-type-options nosniff age 124693 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4097 x-xss-protection 0 last-modified Thu, 08 Feb 2024 17:48:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Fri, 10 May 2024 17:37:41 GMT
GET H2	200	42bbf393f5cdd3b75ade82a6a1ced124.js Show response www.gstatic.com/mysidia/ Frame 7508	11 KB 5 KB	383ms 6ms	Script text/javascript	142.250.66.195 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/42bbf393f5cdd3b75ade82a6a1ced124.js?tag=text/vanilla_highlight_ms_cta_adjustment Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8591306331167868&output=html&h=120&slotname=7735410782&adk=1790428439&adf=3493039506&pi=t.ma~as.7735410782&w=600&lmt=1700943176&rafmt=12&format=600x120&url=https%3A%2F%2Fheictojpg.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707711351450&bpp=1&bdt=403&idt=541&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3301078249764&frm=20&pv=1&ga_vid=703588968.1707711352&ga_sid=1707711352&ga_hid=1769459783&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=628&ady=1080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31080780%2C31080819%2C31080946%2C31081025%2C31081034%2C44785292%2C44795921%2C95324580%2C31080932%2C95322329%2C95320870%2C95324154%2C95324160%2C95324264%2C21065724&oid=2&pvsid=554293353685293&tmod=908766259&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=256&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=545 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.66.195 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s23-in-f3.1e100.net Software sffe / Resource Hash c168339ab69ef010555b0678046a26f4b1657f6acd82c85d8ceaa709c1029c2e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Sat, 10 Feb 2024 17:32:03 GMT content-encoding gzip x-content-type-options nosniff age 125031 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4932 x-xss-protection 0 last-modified Tue, 06 Feb 2024 17:13:29 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Fri, 10 May 2024 17:32:03 GMT
GET H2	200	css fonts.googleapis.com/ Frame 7508	14 KB 1 KB	567ms 192ms	Stylesheet text/css	142.251.221.74 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8591306331167868&output=html&h=120&slotname=7735410782&adk=1790428439&adf=3493039506&pi=t.ma~as.7735410782&w=600&lmt=1700943176&rafmt=12&format=600x120&url=https%3A%2F%2Fheictojpg.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707711351450&bpp=1&bdt=403&idt=541&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3301078249764&frm=20&pv=1&ga_vid=703588968.1707711352&ga_sid=1707711352&ga_hid=1769459783&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=628&ady=1080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31080780%2C31080819%2C31080946%2C31081025%2C31081034%2C44785292%2C44795921%2C95324580%2C31080932%2C95322329%2C95320870%2C95324154%2C95324160%2C95324264%2C21065724&oid=2&pvsid=554293353685293&tmod=908766259&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=256&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=545 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.221.74 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s31-in-f10.1e100.net Software ESF / Resource Hash a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 12 Feb 2024 04:15:54 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 12 Feb 2024 03:38:41 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 12 Feb 2024 04:15:54 GMT
GET H2	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 7508	2 KB 856 B	4ms 3ms	Script text/javascript	142.250.204.1 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8591306331167868&output=html&h=120&slotname=7735410782&adk=1790428439&adf=3493039506&pi=t.ma~as.7735410782&w=600&lmt=1700943176&rafmt=12&format=600x120&url=https%3A%2F%2Fheictojpg.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707711351450&bpp=1&bdt=403&idt=541&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3301078249764&frm=20&pv=1&ga_vid=703588968.1707711352&ga_sid=1707711352&ga_hid=1769459783&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=628&ady=1080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31080780%2C31080819%2C31080946%2C31081025%2C31081034%2C44785292%2C44795921%2C95324580%2C31080932%2C95322329%2C95320870%2C95324154%2C95324160%2C95324264%2C21065724&oid=2&pvsid=554293353685293&tmod=908766259&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=256&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=545 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.204.1 , United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s25-in-f1.1e100.net Software cafe / Resource Hash 41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Sun, 11 Feb 2024 17:45:54 GMT content-encoding br x-content-type-options nosniff age 37800 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 795 x-xss-protection 0 server cafe etag 4925184154378345226 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 25 Feb 2024 17:45:54 GMT
GET H2	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20240207/r20110914/ Frame 7508	23 KB 9 KB	4ms 3ms	Script text/javascript	142.250.204.1 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8591306331167868&output=html&h=120&slotname=7735410782&adk=1790428439&adf=3493039506&pi=t.ma~as.7735410782&w=600&lmt=1700943176&rafmt=12&format=600x120&url=https%3A%2F%2Fheictojpg.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707711351450&bpp=1&bdt=403&idt=541&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3301078249764&frm=20&pv=1&ga_vid=703588968.1707711352&ga_sid=1707711352&ga_hid=1769459783&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=628&ady=1080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31080780%2C31080819%2C31080946%2C31081025%2C31081034%2C44785292%2C44795921%2C95324580%2C31080932%2C95322329%2C95320870%2C95324154%2C95324160%2C95324264%2C21065724&oid=2&pvsid=554293353685293&tmod=908766259&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=256&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=545 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.204.1 , United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s25-in-f1.1e100.net Software cafe / Resource Hash 7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Sun, 11 Feb 2024 11:16:32 GMT content-encoding br x-content-type-options nosniff age 61162 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9319 x-xss-protection 0 server cafe etag 3610546441309021303 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 25 Feb 2024 11:16:32 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 7508	3 KB 1 KB	5ms 4ms	Script text/javascript	142.250.204.1 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8591306331167868&output=html&h=120&slotname=7735410782&adk=1790428439&adf=3493039506&pi=t.ma~as.7735410782&w=600&lmt=1700943176&rafmt=12&format=600x120&url=https%3A%2F%2Fheictojpg.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707711351450&bpp=1&bdt=403&idt=541&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3301078249764&frm=20&pv=1&ga_vid=703588968.1707711352&ga_sid=1707711352&ga_hid=1769459783&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=628&ady=1080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31080780%2C31080819%2C31080946%2C31081025%2C31081034%2C44785292%2C44795921%2C95324580%2C31080932%2C95322329%2C95320870%2C95324154%2C95324160%2C95324264%2C21065724&oid=2&pvsid=554293353685293&tmod=908766259&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=256&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=545 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.204.1 , United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s25-in-f1.1e100.net Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Sun, 11 Feb 2024 17:44:32 GMT content-encoding br x-content-type-options nosniff age 37882 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 25 Feb 2024 17:44:32 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 7508	20 KB 8 KB	369ms 5ms	Script text/javascript	142.250.204.1 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8591306331167868&output=html&h=120&slotname=7735410782&adk=1790428439&adf=3493039506&pi=t.ma~as.7735410782&w=600&lmt=1700943176&rafmt=12&format=600x120&url=https%3A%2F%2Fheictojpg.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707711351450&bpp=1&bdt=403&idt=541&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3301078249764&frm=20&pv=1&ga_vid=703588968.1707711352&ga_sid=1707711352&ga_hid=1769459783&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=628&ady=1080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31080780%2C31080819%2C31080946%2C31081025%2C31081034%2C44785292%2C44795921%2C95324580%2C31080932%2C95322329%2C95320870%2C95324154%2C95324160%2C95324264%2C21065724&oid=2&pvsid=554293353685293&tmod=908766259&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=256&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=545 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.204.1 , United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s25-in-f1.1e100.net Software cafe / Resource Hash 0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Sun, 11 Feb 2024 17:40:41 GMT content-encoding br x-content-type-options nosniff age 38113 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8501 x-xss-protection 0 server cafe etag 9351358253902147912 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 25 Feb 2024 17:40:41 GMT
GET H2	200	ufs_web_display.js Show response pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 7508	203 KB 61 KB	2ms 2ms	Script text/javascript	142.250.204.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8591306331167868&output=html&h=120&slotname=7735410782&adk=1790428439&adf=3493039506&pi=t.ma~as.7735410782&w=600&lmt=1700943176&rafmt=12&format=600x120&url=https%3A%2F%2Fheictojpg.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707711351450&bpp=1&bdt=403&idt=541&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3301078249764&frm=20&pv=1&ga_vid=703588968.1707711352&ga_sid=1707711352&ga_hid=1769459783&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=628&ady=1080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31080780%2C31080819%2C31080946%2C31081025%2C31081034%2C44785292%2C44795921%2C95324580%2C31080932%2C95322329%2C95320870%2C95324154%2C95324160%2C95324264%2C21065724&oid=2&pvsid=554293353685293&tmod=908766259&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=256&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=545 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.204.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s25-in-f2.1e100.net Software cafe / Resource Hash 23d11567502488b4905a85c8ce6a03d6ce539620fa559b8f24a2a95b292a2c6a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Mon, 12 Feb 2024 03:30:35 GMT content-encoding br x-content-type-options nosniff age 2718 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 62553 x-xss-protection 0 server cafe etag vary Accept-Encoding content-type text/javascript; charset=ISO-8859-1 cache-control public, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Mon, 12 Feb 2024 04:30:35 GMT
GET H2	200	7b5e6815b417a6dcda76775ec840e2bc.js Show response www.gstatic.com/mysidia/ Frame 7508	37 KB 15 KB	2ms 2ms	Script text/javascript	142.250.66.195 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/7b5e6815b417a6dcda76775ec840e2bc.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8591306331167868&output=html&h=120&slotname=7735410782&adk=1790428439&adf=3493039506&pi=t.ma~as.7735410782&w=600&lmt=1700943176&rafmt=12&format=600x120&url=https%3A%2F%2Fheictojpg.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707711351450&bpp=1&bdt=403&idt=541&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3301078249764&frm=20&pv=1&ga_vid=703588968.1707711352&ga_sid=1707711352&ga_hid=1769459783&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=628&ady=1080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31080780%2C31080819%2C31080946%2C31081025%2C31081034%2C44785292%2C44795921%2C95324580%2C31080932%2C95322329%2C95320870%2C95324154%2C95324160%2C95324264%2C21065724&oid=2&pvsid=554293353685293&tmod=908766259&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=256&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=545 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.66.195 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s23-in-f3.1e100.net Software sffe / Resource Hash 87e0bffd01248ccc0369b210b2b2004ded168a8fc478f628faa17974b7f4d6da Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Sat, 10 Feb 2024 17:43:46 GMT content-encoding gzip x-content-type-options nosniff age 124328 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15515 x-xss-protection 0 last-modified Thu, 08 Feb 2024 17:48:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Fri, 10 May 2024 17:43:46 GMT
GET H2	200	AGSKWxVKgHXCdwiCUNFOA_Euy5eyvoZTkQ0WPrOmr-h0H2rfBY33tiC6fvOhJH626ZA0J2iL1Dbiuj1SLstzBQq4nxhGRUOa4NvRfEY1MJXMITefHYFVa2AoeTOBs1ANppvOhKz7MPzx8Q== Show response fundingchoicesmessages.google.com/f/	10 KB 5 KB	124ms 124ms	Script application/javascript	172.217.167.78 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxVKgHXCdwiCUNFOA_Euy5eyvoZTkQ0WPrOmr-h0H2rfBY33tiC6fvOhJH626ZA0J2iL1Dbiuj1SLstzBQq4nxhGRUOa4NvRfEY1MJXMITefHYFVa2AoeTOBs1ANppvOhKz7MPzx8Q==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA3NzExMzUzLDc1NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuLUdCIl0sImh0dHBzOi8vaGVpY3RvanBnLmNvbS8iLG51bGwsW1s4LCJNMFpnZGFtT05OcyJdLFs5LCJlbi1HQiJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.M0ZgdamONNs.es5.O/am=wA/d=1/rs=AJlcJMzSL-D1KrpxNnEDbMxZh6nUkqIpxQ/m=kernel_loader,loader_js_executable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.167.78 , United States, ASN15169 (GOOGLE, US), Reverse DNS syd15s06-in-f14.1e100.net Software ESF / Resource Hash 357212832b80d53a93fd2465cb32588a81a7af9ceeaa9cf026ba8c9b222cd8fc Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-qZ40WBi8jzzPEqTYmJzlmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://heictojpg.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Mon, 12 Feb 2024 04:15:53 GMT content-security-policy script-src 'report-sample' 'nonce-qZ40WBi8jzzPEqTYmJzlmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 reporting-endpoints default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjWsKoxSXF4KMhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ycTx9SWTBBCrAfE7yVdM34B4h48Hy5vw6axsEdNZ4-qms-YAMd-66aya66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYAIP6cOYP1NxD71M9gjQJiIR6On9uWrWMTmPH1eCczACtYSnM" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* timing-allow-origin * expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	15133298075068839658 tpc.googlesyndication.com/simgad/ Frame 9564	2 KB 2 KB	3ms 2ms	Image image/png	142.250.204.1 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/15133298075068839658?w=100&h=100&tw=1&q=75 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.204.1 , United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s25-in-f1.1e100.net Software sffe / Resource Hash d1a8b4d1304ed99171e80224f08f804ec55fd77067c1a4025385eb800369f345 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers expires Thu, 06 Feb 2025 18:41:53 GMT date Wed, 07 Feb 2024 18:41:53 GMT x-content-type-options nosniff age 380041 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1913 x-xss-protection 0 last-modified Sun, 24 Jul 2022 17:06:52 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" allow-fenced-frame-automatic-beacons true
GET H2	200	16724293977746283999 tpc.googlesyndication.com/simgad/ Frame 7508	4 KB 4 KB	4ms 2ms	Image image/png	142.250.204.1 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/16724293977746283999?w=100&h=100&tw=1&q=75 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8591306331167868&output=html&h=120&slotname=7735410782&adk=1790428439&adf=3493039506&pi=t.ma~as.7735410782&w=600&lmt=1700943176&rafmt=12&format=600x120&url=https%3A%2F%2Fheictojpg.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707711351450&bpp=1&bdt=403&idt=541&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3301078249764&frm=20&pv=1&ga_vid=703588968.1707711352&ga_sid=1707711352&ga_hid=1769459783&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=628&ady=1080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31080780%2C31080819%2C31080946%2C31081025%2C31081034%2C44785292%2C44795921%2C95324580%2C31080932%2C95322329%2C95320870%2C95324154%2C95324160%2C95324264%2C21065724&oid=2&pvsid=554293353685293&tmod=908766259&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=256&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=545 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.204.1 , United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s25-in-f1.1e100.net Software sffe / Resource Hash 541bd46059c2b8987999b59ba85e695f38663ba0c3457f15d4b63ec710f06216 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers expires Sun, 09 Feb 2025 17:44:04 GMT date Sat, 10 Feb 2024 17:44:04 GMT x-content-type-options nosniff age 124310 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 3670 x-xss-protection 0 last-modified Sun, 22 Mar 2020 15:22:16 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" allow-fenced-frame-automatic-beacons true
GET H3	200	/ www.googleadservices.com/pagead/ar-adview/ Frame 9564 Redirect Chain https://googleads.g.doubleclick.net/pagead/adview?ai=CRqzveJvJZa2BA8-6z7sP78Gj4A-o5cmqdIOtmrWgDq7N5q2JAhABIPbWwZUBYKWAgICQAaABjezk2QLIAQGpAt0mvNjS7ag-qAMByAPLBKoEzwFP0AbizRw6eL_kqmBCJqo-Uwgt1y_GyXe... https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9abfecb969f01f70000000000000000%22,%222%22:%220x1558513ac27972470000000000000000%22,%223%22:%220xe250d48...	0 0	237ms 139ms	Fetch text/css	142.250.71.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9abfecb969f01f70000000000000000%22,%222%22:%220x1558513ac27972470000000000000000%22,%223%22:%220xe250d48a9f9aaee50000000000000000%22,%224%22:%220x48b0d9b38d3178010000000000000000%22,%225%22:%220xb6f2d3cc386bcc0000000000000000%22},%22debug_key%22:%2215623933423254104137%22,%22debug_reporting%22:true,%22destination%22:%22https://pchelpsoft.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22725169677%22],%2222%22:[%22true%22],%224%22:[%2202-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217333075794107203297%22}&andc=true Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Server 142.250.71.66 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS syd15s17-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Mon, 12 Feb 2024 04:15:54 GMT x-content-type-options nosniff attribution-reporting-register-source {"aggregation_keys":{"1":"0x9abfecb969f01f70000000000000000","2":"0x1558513ac27972470000000000000000","3":"0xe250d48a9f9aaee50000000000000000","4":"0x48b0d9b38d3178010000000000000000","5":"0xb6f2d3cc386bcc0000000000000000"},"debug_key":"15623933423254104137","debug_reporting":true,"destination":"https://pchelpsoft.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["725169677"],"22":["true"],"4":["02-12"],"6":["true"]},"priority":"500","source_event_id":"17333075794107203297"} server cafe content-type text/css; charset=UTF-8 access-control-allow-origin https://googleads.g.doubleclick.net p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Mon, 12 Feb 2024 04:15:54 GMT Redirect headers content-security-policy script-src 'none'; object-src 'none' date Mon, 12 Feb 2024 04:15:54 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x9abfecb969f01f70000000000000000","2":"0x1558513ac27972470000000000000000","3":"0xe250d48a9f9aaee50000000000000000","4":"0x48b0d9b38d3178010000000000000000","5":"0xb6f2d3cc386bcc0000000000000000"},"debug_key":"15623933423254104137","debug_reporting":true,"destination":"https://pchelpsoft.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["725169677"],"22":["true"],"4":["02-12"],"6":["true"]},"priority":"500","source_event_id":"17333075794107203297"}&andc=true access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame CCCD	143 B 228 B	2ms 2ms	Document text/html	172.217.167.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.167.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS syd15s06-in-f2.1e100.net Software cafe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers age 1226 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=3600 content-encoding gzip content-length 145 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 12 Feb 2024 03:55:28 GMT server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame 6AC4	143 B 200 B	3ms 2ms	Document text/html	172.217.167.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8591306331167868&output=html&h=120&slotname=7735410782&adk=1790428439&adf=3493039506&pi=t.ma~as.7735410782&w=600&lmt=1700943176&rafmt=12&format=600x120&url=https%3A%2F%2Fheictojpg.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707711351450&bpp=1&bdt=403&idt=541&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3301078249764&frm=20&pv=1&ga_vid=703588968.1707711352&ga_sid=1707711352&ga_hid=1769459783&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=628&ady=1080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31080780%2C31080819%2C31080946%2C31081025%2C31081034%2C44785292%2C44795921%2C95324580%2C31080932%2C95322329%2C95320870%2C95324154%2C95324160%2C95324264%2C21065724&oid=2&pvsid=554293353685293&tmod=908766259&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=256&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=545 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.167.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS syd15s06-in-f2.1e100.net Software cafe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8591306331167868&output=html&h=120&slotname=7735410782&adk=1790428439&adf=3493039506&pi=t.ma~as.7735410782&w=600&lmt=1700943176&rafmt=12&format=600x120&url=https%3A%2F%2Fheictojpg.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707711351450&bpp=1&bdt=403&idt=541&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3301078249764&frm=20&pv=1&ga_vid=703588968.1707711352&ga_sid=1707711352&ga_hid=1769459783&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=628&ady=1080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31080780%2C31080819%2C31080946%2C31081025%2C31081034%2C44785292%2C44795921%2C95324580%2C31080932%2C95322329%2C95320870%2C95324154%2C95324160%2C95324264%2C21065724&oid=2&pvsid=554293353685293&tmod=908766259&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=256&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=545 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers age 1226 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=3600 content-encoding gzip content-length 145 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 12 Feb 2024 03:55:28 GMT server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET DATA	200 OK	truncated / Frame 7508	215 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 4f53b2417fb58a5e192330ae7813d3c9e7510a58ffecf61889846bd25fb4c819 Request headers accept-language en-AU,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame 9564	214 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9188c9ff345bce8aba4bd6cab09a9c1e518fcad626da8b728e39efe6f84548c4 Request headers accept-language en-AU,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers Content-Type image/png
GET H2	200	4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 fonts.gstatic.com/s/googlesans/v58/ Frame 9564	33 KB 34 KB	402ms 2ms	Font font/woff2	142.251.221.67 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.221.67 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s31-in-f3.1e100.net Software sffe / Resource Hash 65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Sat, 10 Feb 2024 17:41:37 GMT x-content-type-options nosniff age 124457 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 34108 x-xss-protection 0 last-modified Tue, 23 May 2023 16:35:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 09 Feb 2025 17:41:37 GMT
GET H2	200	css fonts.googleapis.com/ Frame 7343	14 KB 1 KB	103ms 102ms	Stylesheet text/css	142.251.221.74 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.221.74 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s31-in-f10.1e100.net Software ESF / Resource Hash a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 12 Feb 2024 04:15:54 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 12 Feb 2024 03:35:44 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 12 Feb 2024 04:15:54 GMT
GET H2	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 7343	2 KB 856 B	2ms 2ms	Script text/javascript	142.250.204.1 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.204.1 , United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s25-in-f1.1e100.net Software cafe / Resource Hash 41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Sun, 11 Feb 2024 17:45:54 GMT content-encoding br x-content-type-options nosniff age 37800 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 795 x-xss-protection 0 server cafe etag 4925184154378345226 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 25 Feb 2024 17:45:54 GMT
GET H2	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20240207/r20110914/ Frame 7343	23 KB 9 KB	4ms 2ms	Script text/javascript	142.250.204.1 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.204.1 , United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s25-in-f1.1e100.net Software cafe / Resource Hash 7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Sun, 11 Feb 2024 11:16:32 GMT content-encoding br x-content-type-options nosniff age 61162 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9319 x-xss-protection 0 server cafe etag 3610546441309021303 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 25 Feb 2024 11:16:32 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 7343	3 KB 1 KB	7ms 6ms	Script text/javascript	142.250.204.1 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.204.1 , United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s25-in-f1.1e100.net Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Sun, 11 Feb 2024 17:44:32 GMT content-encoding br x-content-type-options nosniff age 37882 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 25 Feb 2024 17:44:32 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 7343	20 KB 8 KB	6ms 5ms	Script text/javascript	142.250.204.1 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.204.1 , United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s25-in-f1.1e100.net Software cafe / Resource Hash 0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Sun, 11 Feb 2024 17:40:41 GMT content-encoding br x-content-type-options nosniff age 38113 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8501 x-xss-protection 0 server cafe etag 9351358253902147912 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 25 Feb 2024 17:40:41 GMT
GET H2	200	ufs_web_display.js Show response pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 7343	203 KB 61 KB	3ms 2ms	Script text/javascript	142.250.204.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.204.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s25-in-f2.1e100.net Software cafe / Resource Hash 23d11567502488b4905a85c8ce6a03d6ce539620fa559b8f24a2a95b292a2c6a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Mon, 12 Feb 2024 03:30:35 GMT content-encoding br x-content-type-options nosniff age 2719 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 62553 x-xss-protection 0 server cafe etag vary Accept-Encoding content-type text/javascript; charset=ISO-8859-1 cache-control public, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Mon, 12 Feb 2024 04:30:35 GMT
GET H2	200	7b5e6815b417a6dcda76775ec840e2bc.js Show response www.gstatic.com/mysidia/ Frame 7343	37 KB 15 KB	4ms 3ms	Script text/javascript	142.250.66.195 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/7b5e6815b417a6dcda76775ec840e2bc.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.66.195 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s23-in-f3.1e100.net Software sffe / Resource Hash 87e0bffd01248ccc0369b210b2b2004ded168a8fc478f628faa17974b7f4d6da Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Sat, 10 Feb 2024 17:43:46 GMT content-encoding gzip x-content-type-options nosniff age 124328 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15515 x-xss-protection 0 last-modified Thu, 08 Feb 2024 17:48:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Fri, 10 May 2024 17:43:46 GMT
GET H2	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame CCCD Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 168 B	109ms 109ms	Document text/html	172.217.167.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.167.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS syd15s06-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 12 Feb 2024 04:15:54 GMT expires Mon, 12 Feb 2024 04:15:54 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 12 Feb 2024 04:15:54 GMT location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame 6AC4 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 145 B	118ms 118ms	Document text/html	172.217.167.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8591306331167868&output=html&h=120&slotname=7735410782&adk=1790428439&adf=3493039506&pi=t.ma~as.7735410782&w=600&lmt=1700943176&rafmt=12&format=600x120&url=https%3A%2F%2Fheictojpg.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707711351450&bpp=1&bdt=403&idt=541&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3301078249764&frm=20&pv=1&ga_vid=703588968.1707711352&ga_sid=1707711352&ga_hid=1769459783&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=628&ady=1080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31080780%2C31080819%2C31080946%2C31081025%2C31081034%2C44785292%2C44795921%2C95324580%2C31080932%2C95322329%2C95320870%2C95324154%2C95324160%2C95324264%2C21065724&oid=2&pvsid=554293353685293&tmod=908766259&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=256&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=545 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.167.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS syd15s06-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 12 Feb 2024 04:15:54 GMT expires Mon, 12 Feb 2024 04:15:54 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 12 Feb 2024 04:15:54 GMT location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
OPTIONS H2	204	/ www.googleadservices.com/pagead/ar-adview/ Frame	0 0	244ms 140ms	Preflight text/html	142.250.71.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9abfecb969f01f70000000000000000%22,%222%22:%220x1558513ac27972470000000000000000%22,%223%22:%220xe250d48a9f9aaee50000000000000000%22,%224%22:%220x48b0d9b38d3178010000000000000000%22,%225%22:%220xb6f2d3cc386bcc0000000000000000%22},%22debug_key%22:%2215623933423254104137%22,%22debug_reporting%22:true,%22destination%22:%22https://pchelpsoft.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22725169677%22],%2222%22:[%22true%22],%224%22:[%2202-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217333075794107203297%22}&andc=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.71.66 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS syd15s17-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers attribution-reporting-eligible Access-Control-Request-Method GET Origin https://googleads.g.doubleclick.net Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers attribution-reporting-eligible access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://googleads.g.doubleclick.net alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html; charset=UTF-8 date Mon, 12 Feb 2024 04:15:54 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 fonts.gstatic.com/s/googlesans/v58/ Frame 7508	33 KB 33 KB	335ms 5ms	Font font/woff2	142.251.221.67 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.251.221.67 Farmingdale, United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s31-in-f3.1e100.net Software sffe / Resource Hash 65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Sat, 10 Feb 2024 17:41:37 GMT x-content-type-options nosniff age 124457 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 34108 x-xss-protection 0 last-modified Tue, 23 May 2023 16:35:55 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 09 Feb 2025 17:41:37 GMT
GET H2	200	s2FIp7qIh4Ll-h1SuqPbkEUlb76jWjaUEpOM7BUf_00.js Show response pagead2.googlesyndication.com/bg/ Frame 5D99	51 KB 20 KB	3ms 3ms	Script text/javascript	142.250.204.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/s2FIp7qIh4Ll-h1SuqPbkEUlb76jWjaUEpOM7BUf_00.js Requested by Host: heictojpg.com URL: https://heictojpg.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.204.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s25-in-f2.1e100.net Software sffe / Resource Hash b36148a7ba888782e5fa1d52baa3db9045256fbea35a369412938cec151fff4d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Sun, 11 Feb 2024 22:31:08 GMT content-encoding br x-content-type-options nosniff age 20686 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19835 x-xss-protection 0 last-modified Mon, 05 Feb 2024 17:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 10 Feb 2025 22:31:08 GMT
GET H2	200	adtracker Show response fundingchoicesmessages.google.com/f/AGSKWxV6UXHgymAI_gcAgSLCrSLRg6o2b9lbMv7A483cG-CbW2irwgZcgkeGevJHFbiOS3zyzWHNdBQEvWXnsaSZUE8LPOjmWNAxBnCEvNLkkTsEkiNY6MbZntbj-RhGWwkzbsNXq63ip5QFLOY9xS28Ul7lkXL-7...	54 B 531 B	118ms 118ms	Script application/javascript	172.217.167.78 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxV6UXHgymAI_gcAgSLCrSLRg6o2b9lbMv7A483cG-CbW2irwgZcgkeGevJHFbiOS3zyzWHNdBQEvWXnsaSZUE8LPOjmWNAxBnCEvNLkkTsEkiNY6MbZntbj-RhGWwkzbsNXq63ip5QFLOY9xS28Ul7lkXL-7LhMcikYX6vUfiSTkUhwGTDP_SBHMDCO/_/google-adverts-/righttopads._adobjects./ads/daily./adtracker? Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.M0ZgdamONNs.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMzNIge2Spy2wNBvrWqKrLYxkq9tSg/m=ad_blocking_detection_executable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.167.78 , United States, ASN15169 (GOOGLE, US), Reverse DNS syd15s06-in-f14.1e100.net Software ESF / Resource Hash b8c2eb11e5bcd56618c5d579170c2f5cc54b0f135c02075af6678b47c379e76a Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-NY7TVRY6tUv54k_dcyhdbg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://heictojpg.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Mon, 12 Feb 2024 04:15:54 GMT content-security-policy script-src 'report-sample' 'nonce-NY7TVRY6tUv54k_dcyhdbg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 reporting-endpoints default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjWsKoxSXFEKwhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ycTx9SWTBBCrAfE7yVdM34B4h48Hy5vw6axsEdNZ4-qms-YAMd-66aya66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYAIP6cOYP1NxD71M9gjQJiIR6OX9uWrWMT-PH09SwmADJSSv8" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	lidar.js Show response pagead2.googlesyndication.com/pagead/js/	86 KB 31 KB	5ms 5ms	Script text/javascript	142.250.204.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/lidar.js?fcd=true Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.M0ZgdamONNs.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMzNIge2Spy2wNBvrWqKrLYxkq9tSg/m=ad_blocking_detection_executable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.204.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s25-in-f2.1e100.net Software cafe / Resource Hash 936e1a0afd168f16e9f8786a457f17452a8bb7510b9e11e9e7fe6068a5cf968e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://heictojpg.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Mon, 12 Feb 2024 03:25:55 GMT content-encoding br x-content-type-options nosniff age 2999 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31330 x-xss-protection 0 server cafe etag 15856514363235644871 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, max-age=3600 timing-allow-origin * expires Mon, 12 Feb 2024 04:25:55 GMT
POST H2	204	AGSKWxUoXL_fUvMt5gq6WGL5Cwh4Q5pUIuBPwOPsT3irRs9w-NBZOzjbDrKwqQWQNWOONjnLzWujKe-z0ee6mAXbG3GwRsqhc9xkIksUaAebiCpr4ZmDl-i3XwcqE0uNs53CpSSPhSYNvw== Show response fundingchoicesmessages.google.com/el/	0 1 KB	508ms 109ms	XHR text/html	172.217.167.78 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxUoXL_fUvMt5gq6WGL5Cwh4Q5pUIuBPwOPsT3irRs9w-NBZOzjbDrKwqQWQNWOONjnLzWujKe-z0ee6mAXbG3GwRsqhc9xkIksUaAebiCpr4ZmDl-i3XwcqE0uNs53CpSSPhSYNvw== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.M0ZgdamONNs.es5.O/am=wA/d=1/rs=AJlcJMzSL-D1KrpxNnEDbMxZh6nUkqIpxQ/m=kernel_loader,loader_js_executable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.167.78 , United States, ASN15169 (GOOGLE, US), Reverse DNS syd15s06-in-f14.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce--2N3rxsfUNkyGOAu9MBKZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://heictojpg.com/ accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Content-Type text/plain Response headers date Mon, 12 Feb 2024 04:15:54 GMT content-security-policy script-src 'report-sample' 'nonce--2N3rxsfUNkyGOAu9MBKZQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 reporting-endpoints default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmII1JBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBAL8XD82rZsHZvAj67P15gBB50ZPg" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF access-control-max-age 86400 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site content-type text/html; charset=utf-8 access-control-allow-origin https://heictojpg.com access-control-allow-methods POST, GET, OPTIONS cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
POST H2	204	AGSKWxUoXL_fUvMt5gq6WGL5Cwh4Q5pUIuBPwOPsT3irRs9w-NBZOzjbDrKwqQWQNWOONjnLzWujKe-z0ee6mAXbG3GwRsqhc9xkIksUaAebiCpr4ZmDl-i3XwcqE0uNs53CpSSPhSYNvw== Show response fundingchoicesmessages.google.com/el/	0 322 B	498ms 111ms	XHR text/html	172.217.167.78 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxUoXL_fUvMt5gq6WGL5Cwh4Q5pUIuBPwOPsT3irRs9w-NBZOzjbDrKwqQWQNWOONjnLzWujKe-z0ee6mAXbG3GwRsqhc9xkIksUaAebiCpr4ZmDl-i3XwcqE0uNs53CpSSPhSYNvw== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.M0ZgdamONNs.es5.O/am=wA/d=1/rs=AJlcJMzSL-D1KrpxNnEDbMxZh6nUkqIpxQ/m=kernel_loader,loader_js_executable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.167.78 , United States, ASN15169 (GOOGLE, US), Reverse DNS syd15s06-in-f14.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-GnHaEZtu6rY6AHKjGulYRg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://heictojpg.com/ accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Content-Type text/plain Response headers date Mon, 12 Feb 2024 04:15:54 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-GnHaEZtu6rY6AHKjGulYRg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 reporting-endpoints default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmJw0pBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBAL8XD82rZsHZvAh47tN5gBAxsY6w" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://heictojpg.com content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
POST H2	204	AGSKWxUoXL_fUvMt5gq6WGL5Cwh4Q5pUIuBPwOPsT3irRs9w-NBZOzjbDrKwqQWQNWOONjnLzWujKe-z0ee6mAXbG3GwRsqhc9xkIksUaAebiCpr4ZmDl-i3XwcqE0uNs53CpSSPhSYNvw== Show response fundingchoicesmessages.google.com/el/	0 318 B	412ms 111ms	XHR text/html	172.217.167.78 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxUoXL_fUvMt5gq6WGL5Cwh4Q5pUIuBPwOPsT3irRs9w-NBZOzjbDrKwqQWQNWOONjnLzWujKe-z0ee6mAXbG3GwRsqhc9xkIksUaAebiCpr4ZmDl-i3XwcqE0uNs53CpSSPhSYNvw== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.M0ZgdamONNs.es5.O/am=wA/d=1/rs=AJlcJMzSL-D1KrpxNnEDbMxZh6nUkqIpxQ/m=kernel_loader,loader_js_executable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.167.78 , United States, ASN15169 (GOOGLE, US), Reverse DNS syd15s06-in-f14.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-zsfg0pDi7easz-fM8dwrtg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://heictojpg.com/ accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Content-Type text/plain Response headers date Mon, 12 Feb 2024 04:15:55 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-zsfg0pDi7easz-fM8dwrtg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 reporting-endpoints default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmJw15BiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBALcXP83rZsHZtAx4K5rADo8Rew" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF access-control-max-age 86400 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site content-type text/html; charset=utf-8 access-control-allow-origin https://heictojpg.com access-control-allow-methods POST, GET, OPTIONS cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
POST H2	204	AGSKWxUoXL_fUvMt5gq6WGL5Cwh4Q5pUIuBPwOPsT3irRs9w-NBZOzjbDrKwqQWQNWOONjnLzWujKe-z0ee6mAXbG3GwRsqhc9xkIksUaAebiCpr4ZmDl-i3XwcqE0uNs53CpSSPhSYNvw== Show response fundingchoicesmessages.google.com/el/	0 320 B	426ms 125ms	XHR text/html	172.217.167.78 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxUoXL_fUvMt5gq6WGL5Cwh4Q5pUIuBPwOPsT3irRs9w-NBZOzjbDrKwqQWQNWOONjnLzWujKe-z0ee6mAXbG3GwRsqhc9xkIksUaAebiCpr4ZmDl-i3XwcqE0uNs53CpSSPhSYNvw== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.M0ZgdamONNs.es5.O/am=wA/d=1/rs=AJlcJMzSL-D1KrpxNnEDbMxZh6nUkqIpxQ/m=kernel_loader,loader_js_executable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.167.78 , United States, ASN15169 (GOOGLE, US), Reverse DNS syd15s06-in-f14.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-q4ZGlkdTgua_iZ_NWmapjQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://heictojpg.com/ accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Content-Type text/plain Response headers date Mon, 12 Feb 2024 04:15:55 GMT content-security-policy script-src 'report-sample' 'nonce-q4ZGlkdTgua_iZ_NWmapjQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 reporting-endpoints default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmJw1ZBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBALcXP83rZsHZvAgXl7uQHplxgK" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF access-control-max-age 86400 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site content-type text/html; charset=utf-8 access-control-allow-origin https://heictojpg.com access-control-allow-methods POST, GET, OPTIONS cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	AGSKWxWfrjWxrAdqKIW2SF4sJ0XX0L8vpA8lk9qzdRkV6dCyRBH9DGnikNFlDovra2hClq814N88uqQMge22O7JF39tv1QYxAIPPb3cWwNIhZqJYKZGfzLpMkrpxNvssO6t4qABuMHRTNw== Show response fundingchoicesmessages.google.com/f/	3 KB 2 KB	134ms 134ms	Script application/javascript	172.217.167.78 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxWfrjWxrAdqKIW2SF4sJ0XX0L8vpA8lk9qzdRkV6dCyRBH9DGnikNFlDovra2hClq814N88uqQMge22O7JF39tv1QYxAIPPb3cWwNIhZqJYKZGfzLpMkrpxNvssO6t4qABuMHRTNw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA3NzExMzU0LDY1MzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4tR0IiLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9oZWljdG9qcGcuY29tLyIsbnVsbCxbWzgsIk0wWmdkYW1PTk5zIl0sWzksImVuLUdCIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.M0ZgdamONNs.es5.O/am=wA/d=1/rs=AJlcJMzSL-D1KrpxNnEDbMxZh6nUkqIpxQ/m=kernel_loader,loader_js_executable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.167.78 , United States, ASN15169 (GOOGLE, US), Reverse DNS syd15s06-in-f14.1e100.net Software ESF / Resource Hash b67852d2b621c05fdf36f9a0ecb670bb46459144ce13b1b0433a984406dd3824 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-wCoS9YYTPvz5d8D4NayiRA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://heictojpg.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Mon, 12 Feb 2024 04:15:54 GMT content-security-policy script-src 'report-sample' 'nonce-wCoS9YYTPvz5d8D4NayiRA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 reporting-endpoints default="/_/ContributorGlobalRouterHttp/web-reports?context=eJzjWsKoxSXF4KYhxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyBm_POCiROI3315ycTx9SWTBBCrAfE7yVdM34B4h48Hy5vw6axsEdNZ4-qms-YAMd-66aya66ezbjkznXUPEMc8n86aAsSLWWewrgbiKYEzWOcAsVP6DNYAIP6cOYP1NxD71M9gjQJiIR6OX9uWrWMT-PCl9y4TACj8St4" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* timing-allow-origin * expires Mon, 01 Jan 1990 00:00:00 GMT
POST H2	204	AGSKWxWEw9uP_UQSFsq_0scfkywPz5KFs95fmLEslDjTBzqks-xU98bBEFJxcE4wBR2gzZop0i0l7fJinTEbP63r7_kMHE0qWG1p0-uJktmK0M0rRkMY92IT-Mr3AUV5ZgLNRRziKX55KA== Show response fundingchoicesmessages.google.com/el/	0 321 B	410ms 108ms	XHR text/html	172.217.167.78 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxWEw9uP_UQSFsq_0scfkywPz5KFs95fmLEslDjTBzqks-xU98bBEFJxcE4wBR2gzZop0i0l7fJinTEbP63r7_kMHE0qWG1p0-uJktmK0M0rRkMY92IT-Mr3AUV5ZgLNRRziKX55KA== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.M0ZgdamONNs.es5.O/am=wA/d=1/rs=AJlcJMzSL-D1KrpxNnEDbMxZh6nUkqIpxQ/m=kernel_loader,loader_js_executable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.167.78 , United States, ASN15169 (GOOGLE, US), Reverse DNS syd15s06-in-f14.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-bv59mArUKTGuj3YQovjylA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://heictojpg.com/ accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Content-Type text/plain Response headers date Mon, 12 Feb 2024 04:15:55 GMT content-security-policy script-src 'report-sample' 'nonce-bv59mArUKTGuj3YQovjylA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 reporting-endpoints default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmJw05BiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBALcXP83rZsHZvAiRXP3ADqnxiB" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://heictojpg.com content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
POST H2	204	AGSKWxUoXL_fUvMt5gq6WGL5Cwh4Q5pUIuBPwOPsT3irRs9w-NBZOzjbDrKwqQWQNWOONjnLzWujKe-z0ee6mAXbG3GwRsqhc9xkIksUaAebiCpr4ZmDl-i3XwcqE0uNs53CpSSPhSYNvw== Show response fundingchoicesmessages.google.com/el/	0 320 B	408ms 107ms	XHR text/html	172.217.167.78 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxUoXL_fUvMt5gq6WGL5Cwh4Q5pUIuBPwOPsT3irRs9w-NBZOzjbDrKwqQWQNWOONjnLzWujKe-z0ee6mAXbG3GwRsqhc9xkIksUaAebiCpr4ZmDl-i3XwcqE0uNs53CpSSPhSYNvw== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.M0ZgdamONNs.es5.O/am=wA/d=1/rs=AJlcJMzSL-D1KrpxNnEDbMxZh6nUkqIpxQ/m=kernel_loader,loader_js_executable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.167.78 , United States, ASN15169 (GOOGLE, US), Reverse DNS syd15s06-in-f14.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-1fbzEvHAiZIm6or6elE6Aw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://heictojpg.com/ accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Content-Type text/plain Response headers date Mon, 12 Feb 2024 04:15:55 GMT content-security-policy script-src 'report-sample' 'nonce-1fbzEvHAiZIm6or6elE6Aw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 reporting-endpoints default="/_/ContributorLoggingHttp/web-reports?context=eJzjMtHikmII0pBiqGV4xtQKxIx_XjBxAvE7yVdM34B4h48Hy5TAGaxzgNgpfQZrCBALcXP83rZsHZvAjzen3ADuzxjl" pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://heictojpg.com content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	s2FIp7qIh4Ll-h1SuqPbkEUlb76jWjaUEpOM7BUf_00.js Show response pagead2.googlesyndication.com/bg/ Frame 25D3	51 KB 19 KB	2ms 2ms	Script text/javascript	142.250.204.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/s2FIp7qIh4Ll-h1SuqPbkEUlb76jWjaUEpOM7BUf_00.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.204.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s25-in-f2.1e100.net Software sffe / Resource Hash b36148a7ba888782e5fa1d52baa3db9045256fbea35a369412938cec151fff4d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Sun, 11 Feb 2024 22:31:08 GMT content-encoding br x-content-type-options nosniff age 20686 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19835 x-xss-protection 0 last-modified Mon, 05 Feb 2024 17:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 10 Feb 2025 22:31:08 GMT
GET H3	200	/ www.googleadservices.com/pagead/ar-adview/ Frame 7508 Redirect Chain https://googleads.g.doubleclick.net/pagead/adview?ai=Cwr-heJvJZeXMA_Xn4t4Pt_W8oAeo5cmqdIf8oP_xDs7o07jPLxABIPbWwZUBYKWAgICQAaABjezk2QLIAQGpAt0mvNjS7ag-qAMByAPLBKoEywFP0H40hZuzTXm0oqUud17DXZ8aT-HbNue... https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9abfecb969f01f70000000000000000%22,%222%22:%220x1558513ac27972470000000000000000%22,%223%22:%220xe250d48...	0 0	139ms 139ms	Fetch text/css	142.250.71.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9abfecb969f01f70000000000000000%22,%222%22:%220x1558513ac27972470000000000000000%22,%223%22:%220xe250d48a9f9aaee50000000000000000%22,%224%22:%220xca51e3274f3801290000000000000000%22,%225%22:%220xb6f2d3cc386bcc0000000000000000%22},%22debug_key%22:%225885937269748673057%22,%22debug_reporting%22:true,%22destination%22:%22https://pchelpsoft.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22725169677%22],%2222%22:[%22true%22],%224%22:[%2202-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226299366921919762353%22}&andc=true Protocol H3 Server 142.250.71.66 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS syd15s17-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Mon, 12 Feb 2024 04:15:55 GMT x-content-type-options nosniff attribution-reporting-register-source {"aggregation_keys":{"1":"0x9abfecb969f01f70000000000000000","2":"0x1558513ac27972470000000000000000","3":"0xe250d48a9f9aaee50000000000000000","4":"0xca51e3274f3801290000000000000000","5":"0xb6f2d3cc386bcc0000000000000000"},"debug_key":"5885937269748673057","debug_reporting":true,"destination":"https://pchelpsoft.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["725169677"],"22":["true"],"4":["02-12"],"6":["true"]},"priority":"500","source_event_id":"6299366921919762353"} server cafe content-type text/css; charset=UTF-8 access-control-allow-origin https://googleads.g.doubleclick.net p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Mon, 12 Feb 2024 04:15:55 GMT Redirect headers content-security-policy script-src 'none'; object-src 'none' date Mon, 12 Feb 2024 04:15:55 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x9abfecb969f01f70000000000000000","2":"0x1558513ac27972470000000000000000","3":"0xe250d48a9f9aaee50000000000000000","4":"0xca51e3274f3801290000000000000000","5":"0xb6f2d3cc386bcc0000000000000000"},"debug_key":"5885937269748673057","debug_reporting":true,"destination":"https://pchelpsoft.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["725169677"],"22":["true"],"4":["02-12"],"6":["true"]},"priority":"500","source_event_id":"6299366921919762353"}&andc=true access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET		sodar pagead2.googlesyndication.com/getconfig/	0 0
GET H2	200	s2FIp7qIh4Ll-h1SuqPbkEUlb76jWjaUEpOM7BUf_00.js Show response pagead2.googlesyndication.com/bg/ Frame BC69	51 KB 19 KB	2ms 2ms	Script text/javascript	142.250.204.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/s2FIp7qIh4Ll-h1SuqPbkEUlb76jWjaUEpOM7BUf_00.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8591306331167868&output=html&h=120&slotname=7735410782&adk=1790428439&adf=3493039506&pi=t.ma~as.7735410782&w=600&lmt=1700943176&rafmt=12&format=600x120&url=https%3A%2F%2Fheictojpg.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707711351450&bpp=1&bdt=403&idt=541&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3301078249764&frm=20&pv=1&ga_vid=703588968.1707711352&ga_sid=1707711352&ga_hid=1769459783&ga_fc=1&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=628&ady=1080&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808398%2C31080780%2C31080819%2C31080946%2C31081025%2C31081034%2C44785292%2C44795921%2C95324580%2C31080932%2C95322329%2C95320870%2C95324154%2C95324160%2C95324264%2C21065724&oid=2&pvsid=554293353685293&tmod=908766259&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaoeE%7C&abl=CA&pfx=0&fu=256&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=545 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.204.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS syd09s25-in-f2.1e100.net Software sffe / Resource Hash b36148a7ba888782e5fa1d52baa3db9045256fbea35a369412938cec151fff4d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-AU,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers date Sun, 11 Feb 2024 22:31:08 GMT content-encoding br x-content-type-options nosniff age 20686 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19835 x-xss-protection 0 last-modified Mon, 05 Feb 2024 17:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 10 Feb 2025 22:31:08 GMT
OPTIONS H2	204	/ www.googleadservices.com/pagead/ar-adview/ Frame	0 0	139ms 138ms	Preflight text/html	142.250.71.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x9abfecb969f01f70000000000000000%22,%222%22:%220x1558513ac27972470000000000000000%22,%223%22:%220xe250d48a9f9aaee50000000000000000%22,%224%22:%220xca51e3274f3801290000000000000000%22,%225%22:%220xb6f2d3cc386bcc0000000000000000%22},%22debug_key%22:%225885937269748673057%22,%22debug_reporting%22:true,%22destination%22:%22https://pchelpsoft.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22725169677%22],%2222%22:[%22true%22],%224%22:[%2202-12%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226299366921919762353%22}&andc=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.71.66 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS syd15s17-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers attribution-reporting-eligible Access-Control-Request-Method GET Origin https://googleads.g.doubleclick.net Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers attribution-reporting-eligible access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://googleads.g.doubleclick.net alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html; charset=UTF-8 date Mon, 12 Feb 2024 04:15:55 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

pagead2.googlesyndication.com

URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240207&st=env