urlscan.io logo urlscan.io
SecurityTrails logo

googleads.g.doubleclick.net
142.250.4.154 

Go To Rescan Add Verdict Report
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0401673461163526&output=html&h=280&slotname=8571202859&adk=4221222081&a...
Submission: On November 28 via manual from AU — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 2 countries across 6 domains to perform 32 HTTP transactions. The main IP is 142.250.4.154, located in United States and belongs to GOOGLE, US. The main domain is googleads.g.doubleclick.net. The Cisco Umbrella rank of the primary domain is 64.
TLS certificate: Issued by GTS CA 1C3 on November 2nd 2022. Valid for: 3 months.
This is the only time googleads.g.doubleclick.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 8 142.250.4.154 15169 (GOOGLE)
4 142.251.10.132 15169 (GOOGLE)
1 172.253.118.95 15169 (GOOGLE)
2 142.251.10.95 15169 (GOOGLE)
3 142.251.208.131 15169 (GOOGLE)
2 142.250.4.94 15169 (GOOGLE)
6 142.251.12.157 15169 (GOOGLE)
1 1 142.251.12.138 15169 (GOOGLE)
2 74.125.152.71 15169 (GOOGLE)
4 172.217.194.156 15169 (GOOGLE)
2 3 139.5.84.243 27381 (CASALE-MEDIA)
1 1 74.125.130.157 15169 (GOOGLE)
32 11
8    142.250.4.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f154.1e100.net
googleads.g.doubleclick.net
bid.g.doubleclick.net
googleads4.g.doubleclick.net
4    142.251.10.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f132.1e100.net
tpc.googlesyndication.com
1    172.253.118.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f95.1e100.net
fonts.googleapis.com
2    142.251.10.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f95.1e100.net
imasdk.googleapis.com
3    142.251.208.131 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s42-in-f3.1e100.net
csi.gstatic.com
2    142.250.4.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f94.1e100.net
fonts.gstatic.com
6    142.251.12.157 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f157.1e100.net
pagead2.googlesyndication.com
1    142.251.12.138 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f138.1e100.net
gcdn.2mdn.net
2    74.125.152.71 (United States)

ASN15169 (GOOGLE, US)
PTR: mel04s04-in-f7.1e100.net
r2---sn-hxa7zn7z.c.2mdn.net
4    172.217.194.156 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f156.1e100.net
ade.googlesyndication.com
3    139.5.84.243 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
1    74.125.130.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f157.1e100.net
cm.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
14 googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 182
pagead2.googlesyndication.com — Cisco Umbrella Rank: 131
ade.googlesyndication.com — Cisco Umbrella Rank: 313
58 KB
9 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 64
bid.g.doubleclick.net — Cisco Umbrella Rank: 859
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 356
cm.g.doubleclick.net — Cisco Umbrella Rank: 271
39 KB
5 gstatic.com
csi.gstatic.com
fonts.gstatic.com
32 KB
3 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 705
2 KB
3 2mdn.net
gcdn.2mdn.net — Cisco Umbrella Rank: 1123
r2---sn-hxa7zn7z.c.2mdn.net
2 MB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 107
imasdk.googleapis.com — Cisco Umbrella Rank: 492
136 KB
32 6
Domain Requested by
6 pagead2.googlesyndication.com googleads.g.doubleclick.net
tpc.googlesyndication.com
6 googleads.g.doubleclick.net 1 redirects googleads.g.doubleclick.net
4 ade.googlesyndication.com
4 tpc.googlesyndication.com googleads.g.doubleclick.net
imasdk.googleapis.com
tpc.googlesyndication.com
3 dsum-sec.casalemedia.com 2 redirects
3 csi.gstatic.com imasdk.googleapis.com
2 r2---sn-hxa7zn7z.c.2mdn.net googleads.g.doubleclick.net
2 fonts.gstatic.com fonts.googleapis.com
2 imasdk.googleapis.com googleads.g.doubleclick.net
1 cm.g.doubleclick.net 1 redirects
1 googleads4.g.doubleclick.net
1 gcdn.2mdn.net 1 redirects
1 bid.g.doubleclick.net imasdk.googleapis.com
1 fonts.googleapis.com googleads.g.doubleclick.net
32 14

This site contains links to these domains. Also see Links.

Domain
adssettings.google.com
Subject Issuer Validity Valid
*.g.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.c.docs.google.com
GTS CA 1C3		 2022-11-08 -
2023-01-17		 2 months crt.sh

This page contains 2 frames:

Primary Page: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0401673461163526&output=html&h=280&slotname=8571202859&adk=4221222081&adf=2689116385&pi=t.ma~as.8571202859&w=730&fwrn=4&fwrnh=100&lmt=1669595032&rafmt=1&format=730x280&url=http%3A%2F%2Fqld.gov.au.getstat.site%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1669595031796&bpp=1&bdt=1331&idt=904&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C350x280&correlator=1840954378210&frm=20&pv=1&ga_vid=1928005960.1669595032&ga_sid=1669595033&ga_hid=669947308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=625&ady=1142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44770881%2C44777948&oid=2&pvsid=3318001616554414&tmod=1194139338&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=6Xcz01mnfM&p=http%3A//qld.gov.au.getstat.site&dtd=907
Frame ID: 802FCF62B286E752F4862B95BEF56AED
Requests: 30 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 17E01F6E01FEEF56C8B88FC7D0DB64F9
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Page Statistics

32
Requests

94 %
HTTPS

0 %
IPv6

6
Domains

14
Subdomains

11
IPs

2
Countries

1969 kB
Transfer

2384 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://gcdn.2mdn.net/videoplayback/id/864587b876ffff16/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1701139446/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/42E75681E7E3A87725D99315F33A5848F60D8ADF.04908E32D24711C6C6666441A0B02D967F58C7AA/key/ck2/file/file.mp4 HTTP 302
  • https://r2---sn-hxa7zn7z.c.2mdn.net/videoplayback/id/864587b876ffff16/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1701139446/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/10970DE6907122AE393A16610F2A9949043D1F1E.5BB7B51E0BB87123977CB18EC3C61DB8E1BF4350/key/cms1/cms_redirect/yes/mh/a3/mip/103.209.254.94/mm/42/mn/sn-hxa7zn7z/ms/onc/mt/1669603040/mv/m/mvi/2/pl/24/file/file.mp4
Request Chain 21
  • https://googleads.g.doubleclick.net/xbbe/pixel?d=CJe6-wEQgZeaAhi_iYbZASABMAE&v=APEucNUXX3P_4dZ9qc-APH81xIFuyFe7V7_vq7O6jvP67AUhYhr7skrHCbX-Jd49aeAyCN7XJqHfaWLMZ2l3gLOwGXdxT4vgmoWi2o30pkDhYBI5eOJSI6k HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4QgeIUtiOnm9tWW.nl4XgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHQqnS-9aL8Qw-NDHVu8fUQ&google_cver=1&google_hm=2

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request ads
googleads.g.doubleclick.net/pagead/ 		70 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0401673461163526&output=html&h=280&slotname=8571202859&adk=4221222081&adf=2689116385&pi=t.ma~as.8571202859&w=730&fwrn=4&fwrnh=100&lmt=1669595032&rafmt=1&format=730x280&url=http%3A%2F%2Fqld.gov.au.getstat.site%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1669595031796&bpp=1&bdt=1331&idt=904&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C350x280&correlator=1840954378210&frm=20&pv=1&ga_vid=1928005960.1669595032&ga_sid=1669595033&ga_hid=669947308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=625&ady=1142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44770881%2C44777948&oid=2&pvsid=3318001616554414&tmod=1194139338&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=6Xcz01mnfM&p=http%3A//qld.gov.au.getstat.site&dtd=907
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
2a9ce6c2e964a8c7991d3f1f4a43e07e20b83b0b76d8d023f53607949c2035da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
22255
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 28 Nov 2022 02:44:04 GMT
expires
Mon, 28 Nov 2022 02:44:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0401673461163526&output=html&h=280&slotname=8571202859&adk=4221222081&adf=2689116385&pi=t.ma~as.8571202859&w=730&fwrn=4&fwrnh=100&lmt=1669595032&rafmt=1&format=730x280&url=http%3A%2F%2Fqld.gov.au.getstat.site%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1669595031796&bpp=1&bdt=1331&idt=904&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C350x280&correlator=1840954378210&frm=20&pv=1&ga_vid=1928005960.1669595032&ga_sid=1669595033&ga_hid=669947308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=625&ady=1142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44770881%2C44777948&oid=2&pvsid=3318001616554414&tmod=1194139338&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=6Xcz01mnfM&p=http%3A//qld.gov.au.getstat.site&dtd=907
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 07:22:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
69724
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9428
x-xss-protection
0
server
cafe
etag
246362764157784863
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 11 Dec 2022 07:22:01 GMT
css
fonts.googleapis.com/ 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0401673461163526&output=html&h=280&slotname=8571202859&adk=4221222081&adf=2689116385&pi=t.ma~as.8571202859&w=730&fwrn=4&fwrnh=100&lmt=1669595032&rafmt=1&format=730x280&url=http%3A%2F%2Fqld.gov.au.getstat.site%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1669595031796&bpp=1&bdt=1331&idt=904&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C350x280&correlator=1840954378210&frm=20&pv=1&ga_vid=1928005960.1669595032&ga_sid=1669595033&ga_hid=669947308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=625&ady=1142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44770881%2C44777948&oid=2&pvsid=3318001616554414&tmod=1194139338&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=6Xcz01mnfM&p=http%3A//qld.gov.au.getstat.site&dtd=907
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f95.1e100.net
Software
ESF /
Resource Hash
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 28 Nov 2022 02:44:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 28 Nov 2022 02:24:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 28 Nov 2022 02:44:05 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0401673461163526&output=html&h=280&slotname=8571202859&adk=4221222081&adf=2689116385&pi=t.ma~as.8571202859&w=730&fwrn=4&fwrnh=100&lmt=1669595032&rafmt=1&format=730x280&url=http%3A%2F%2Fqld.gov.au.getstat.site%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1669595031796&bpp=1&bdt=1331&idt=904&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C350x280&correlator=1840954378210&frm=20&pv=1&ga_vid=1928005960.1669595032&ga_sid=1669595033&ga_hid=669947308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=625&ady=1142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44770881%2C44777948&oid=2&pvsid=3318001616554414&tmod=1194139338&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=6Xcz01mnfM&p=http%3A//qld.gov.au.getstat.site&dtd=907
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f95.1e100.net
Software
sffe /
Resource Hash
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 21:58:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
449134
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2798
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 11:42:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Nov 2023 21:58:31 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/ 		388 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0401673461163526&output=html&h=280&slotname=8571202859&adk=4221222081&adf=2689116385&pi=t.ma~as.8571202859&w=730&fwrn=4&fwrnh=100&lmt=1669595032&rafmt=1&format=730x280&url=http%3A%2F%2Fqld.gov.au.getstat.site%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1669595031796&bpp=1&bdt=1331&idt=904&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C350x280&correlator=1840954378210&frm=20&pv=1&ga_vid=1928005960.1669595032&ga_sid=1669595033&ga_hid=669947308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=625&ady=1142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44770881%2C44777948&oid=2&pvsid=3318001616554414&tmod=1194139338&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=6Xcz01mnfM&p=http%3A//qld.gov.au.getstat.site&dtd=907
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f95.1e100.net
Software
sffe /
Resource Hash
101b8d837f8e01156fc293db1932eead16c29f9f16da622bfa89f394fbfd1273
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 22:04:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
448776
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
134376
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 11:42:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Nov 2023 22:04:29 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0401673461163526&output=html&h=280&slotname=8571202859&adk=4221222081&adf=2689116385&pi=t.ma~as.8571202859&w=730&fwrn=4&fwrnh=100&lmt=1669595032&rafmt=1&format=730x280&url=http%3A%2F%2Fqld.gov.au.getstat.site%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1669595031796&bpp=1&bdt=1331&idt=904&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C350x280&correlator=1840954378210&frm=20&pv=1&ga_vid=1928005960.1669595032&ga_sid=1669595033&ga_hid=669947308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=625&ady=1142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44770881%2C44777948&oid=2&pvsid=3318001616554414&tmod=1194139338&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=6Xcz01mnfM&p=http%3A//qld.gov.au.getstat.site&dtd=907
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Sun, 27 Nov 2022 07:21:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
69755
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 11 Dec 2022 07:21:30 GMT
csi
csi.gstatic.com/ 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&top=1&puid=1~lb06s84u&c=5764964200617&slotId=2882482100308.5&qqid=CJm208Htz_sCFUkUtwAdVAQANg&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.208.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s42-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 02:44:07 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f94.1e100.net
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 22:15:02 GMT
x-content-type-options
nosniff
age
188944
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Nov 2023 22:15:02 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f94.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Fri, 25 Nov 2022 06:45:20 GMT
x-content-type-options
nosniff
age
244726
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 25 Nov 2023 06:45:20 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CZ-kddCCEY5msC8mo3LUP1IiAsAO6i4-wbbqF8uj7ENa05bPbNhABIITRphFgpcCjgKQByAEFqQLm8sVxuKamPqgDAcgDmwSqBIMCT9DmHi1eP-LBPBf7xwb66Jns7GNtJkQTqhWglQ9bg7yIgVzalnTHS92QJAqXSpV6NqC90qqgqdXJqx9w3LSwgYuFezXTSNZa_i_qh72i6qNO8y18A9mipNbvlIUippIZvLl1P12EcY1n1nlMtTxK1IYBzLAcOZrl_NDOOrK7ol8r8MEitlGeegULypx1WeFAzarH3nf84vKZYqD9-aBURYHTllSO2BOwzjnvQY_IxHTJXw5Gb4939V5gIVoIGA3aEIz64mpcecmLRwANLd7SKfP6jRHeg3B8_HuyF7pDSjiGnFLu03flLcVdGtHlu1QmonR1MxNGub6VMRlD07eas4CcqMAE1Y2Ms5UE4AQDkAYBoAZ2gAeT5dOhAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgGEQARgfMgKKAjoCgECACgHICwHgCwGADAGwE-mulhHYEwqIFALYFAHQFQH4FgGAFwE&eventType=clickstring&clientTime=1669603446332&ai=CZ-kddCCEY5msC8mo3LUP1IiAsAO6i4-wbbqF8uj7ENa05bPbNhABIITRphFgpcCjgKQByAEFqQLm8sVxuKamPqgDAcgDmwSqBIMCT9DmHi1eP-LBPBf7xwb66Jns7GNtJkQTqhWglQ9bg7yIgVzalnTHS92QJAqXSpV6NqC90qqgqdXJqx9w3LSwgYuFezXTSNZa_i_qh72i6qNO8y18A9mipNbvlIUippIZvLl1P12EcY1n1nlMtTxK1IYBzLAcOZrl_NDOOrK7ol8r8MEitlGeegULypx1WeFAzarH3nf84vKZYqD9-aBURYHTllSO2BOwzjnvQY_IxHTJXw5Gb4939V5gIVoIGA3aEIz64mpcecmLRwANLd7SKfP6jRHeg3B8_HuyF7pDSjiGnFLu03flLcVdGtHlu1QmonR1MxNGub6VMRlD07eas4CcqMAE1Y2Ms5UE4AQDkAYBoAZ2gAeT5dOhAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgGEQARgfMgKKAjoCgECACgHICwHgCwGADAGwE-mulhHYEwqIFALYFAHQFQH4FgGAFwE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0401673461163526&output=html&h=280&slotname=8571202859&adk=4221222081&adf=2689116385&pi=t.ma~as.8571202859&w=730&fwrn=4&fwrnh=100&lmt=1669595032&rafmt=1&format=730x280&url=http%3A%2F%2Fqld.gov.au.getstat.site%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1669595031796&bpp=1&bdt=1331&idt=904&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C350x280&correlator=1840954378210&frm=20&pv=1&ga_vid=1928005960.1669595032&ga_sid=1669595033&ga_hid=669947308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=625&ady=1142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44770881%2C44777948&oid=2&pvsid=3318001616554414&tmod=1194139338&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=6Xcz01mnfM&p=http%3A//qld.gov.au.getstat.site&dtd=907
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 02:44:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ 		28 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-C65JRJbC1f2YcV8b9Ua7jqVS8ez1sPhG7DQCuVe4F0cjxQ6sl74QF7fIoXYI4mL_3I3XqgPs1zIIWD_1MX8CdoUOs9rg&cry=1&dbm_d=AKAmf-DyDOchfGcXsagp0_5L6c0eYs4nrs4Ae-neZoMtECo7RaoGsXWoWhYnD6G3WHKJY2DOmfbSUfXsBK2zXp6jqsM11xbWmW9mMduyCLP2_QFjdpep1-bwMSBVF1wd15Icbx4fkxRzCX_XtkpFXZPe5oAWqxdOeAQrSXwGd4gNB2tM0KLJLi6x5flDxdhNrDg1ixl9N4GUfTVLVz6vZOIMU5tdgG8ZRte65m4VF3Bv9Rt2ESmA7WcelEALVHach0hoxqEfeU6F9lFOyr661sYZR380weSbb3boBcqFxn__KwsvtnqMQnYKWTq5ZzuCwTRyBxujQzujKNGJzpaK-INv1k8Dt4CbEtwlb1giFaD9AUholXYCaefKBxQukwhX5WRkURtTKHguDK9tERijkywC3y0ATmc7qTTfC1BpwR3ypIZ5PNrb5co-WCLlZzdM60K3DvUudroq7GCIO5TZ1BNOpFloP1HuysErh059--6Dpqv1vrYxN88TbVl4_CkG6SBzcQq7LyN3BC19i41qXBrcM477W8DnNsaDhQQEXBZnDFQ9XYcbwavR4R10pL0NTK5A4P-4e6ogVBncUgKxI4HtCjerRvkkQZxCHooj827QEyWWzS2zw6WZAUYkULh3WmUlSeqz97oUUKwIYac4AzYXxr4dOoiKOSwzYKXxoM7F30Do9QEh21NKjdufXtgR2SHmyXxdcK40dF45o4TvhafgLPdHPDy8bNXjlPFMTN6g_gQoxtBumjC2ilwVM4FdkUozJauRxxsX39TaXx7LAMwZURsoseIX1rVrFXzOD9PukXi2AF60tlVq8ZClwa2f4vYBTigvr7ZwItPR2UhP3XEHu_02BbYSQUrPTsRjfnHo1XrEJIkcmHBJBDF70bLS6FBFTH6ex8T9EmBRYDFYEkDPivqTcUpozxiV0N7MYOOv_ceWjBFibkRjU2mYdUl0DBZuG5quPXRQXrqSBZchFobR6CbqPW3V48GkU3UwFG63YlVAYI89SgbhiESv5bm4LUyO1DGucrcPaJfcNfIW6Q7pXpl2g8HFvPgph2z0b-A6HaPqNJL8BErYw57WrD4fES2VdUoZSnPaMMNQ2X9oR3paHRUnWlRK-Wefk77Ns3k3bhJRxVdWN9Zjk2_DnyWdiCtqxdX57VJYiNBgz2XkhTTCgf2tN5MXE-RjT_zHpqXNRXg_If9Mn9Ok_T7gS3ekpEh8Pg033IIg95C7XpXQh31y4T5oaqmmAuRMsTuuMLLdVj6X-j-MeCdbSAVopAFDo3JfJAdhoInMLJZ8quPZ7Q0PmKq6Arg2uFbIwXHZWYcG9YADt8sxmdHTG-NpNH7Wk0XKDL1ebdXEOIGEgyko4J5cKqp4mNP2tFGoWaGsamxzhHm_JHW-GD5_sk3IHmh4Bm9lD7LjmDJnHzwTpTTQnp1lXKaaI2i32RGiuyHXt652S1OHkCVf7oksQ1ePyztDfPjIGyyl2tIb3Ow1Swd0_H_zb0OIDtSd4q43vQYt84btH4k8z56R5F1m8zCIUW7sSVvSCXU7x1uVi-I0ECc8y79Ya0Z9RkE8ALkBVPZ10jbm8tpbziG5euQZ0enVwXsit2X3HMWVKnChB-_dPu5M89j9Xs0SNNcw_auz4Nu4agCJFdkM0tkvOgyo4dHbLNNnqgNorFwH47KK4OgbAWyyn3bZ8Ca4oh2COtX7Cqe0bt8bTmppUDMo5O16soi6TzbSWsPaDwbsO8AQYwCoChrDMCC-19t9HPgZclngIk1Axx5l2Z52YrIvFltD5e7yA5Nq9et-0zxXJmp885gvBLa3Py2OJFMBCORxbgKFVr09HG99AqauRzcGYwQzHZFbHdLB_m11e09x-spb4NKN0rtHqoyLyxJublnSooGKMqrJvwVYdRJHG38SAAlmg93agFW1fRhpl95ZuhLcrM2935GNGXIw8XzLPeRTQH4fudxfC62D2pxartvCtl-VxSP3yP2N2d7UROiTuXPNaqTJezXpGy4qxWNZ3ebxJhClXHCd1MzkCV0XqJFsMR1I98MIpFmLvOtWsTGCj5AAAVyoCsvnV9iDECaEwPYAAydSAGZWntUxPwYTmx7uz3olRQ_E3q_st6srlje_G71HQcKEtmvLVPzJ5icQMiZN1GpuuVvAogKbDxFRS7oXHuhA8E54LNuL95a8e2338spOkJnFY3gb76RjsdS-VhWr4c6bXXIrqAGVdg6ANc0jn0WTOxSJD6lZW8JHFqrFXL5rDdj20wY-loykZSdt4EkENwi66dcKiKBVypHSFLtwSYcs0Q6XB2FrspxPukrNMMXCrxxb4aSr6fDg2uo8F0k2Ow-DTHK2_7xs4lReFm1cdi21gPYFtJsks4jg1JzGr9bUI1jo21vQ366_Q4De56Uc1ESqdzse97tOwe3I8se5m3dwKeVvd-Ti0BVXmG25JZpa_auc2otZuqUFRpenlBofKHoVk5CeO7Cwe6GIhsI-qS29patB5qEIH63WQm4jz28CXIomh-5nnd0wXW7X9y_6aMZJKdhXSWUC7OVUnat31yXSNXztrksUTyLtwT2an_auGQobO17ig2JtyJcZ_Q6AAnAhwD9-5D8gfYSje-C1P_h-wehXjbNwolOIZwD22gIg7B3QstZsoW0964Cg9tCzjdSFBi5SYdx2Asgx5Kx2QvowF2CRtVUY5edUU8XaN2UVsJqwcvRvm3dztbuGfhn47xQIXcbMVmvCONsSLKXFwYZETPbEPOnEdpI9WM3s0cu1pedBviBe7BjAoa6y_9PfZ8IJOOfBtXqBjWJLUeWSHXJ44RJvnn6xAwYQe4Y2aQ7nZ3BDbAKn2_MhgosI94GOxqfwNM9DchjA9ejkRnwl3fjdPOk2yXaoliUW8SnSCpNO8_sBez2wUxTKQnqHge4elEjNS-hIaZS20paeB1GHgfJjFkdprD11GS32fb-SwanlCx7w2VxMSzclBLjIA7knwGH3kHZuGY5ot0oqsJTg0UJtISQbJHrCAp_Vmg0UWqeWB-2RA2f9i_SwqL9MwYD4LZLeZ3tlYBxAp8uKnibm68v_dIYVEPxYFV83tfEY5FwD6ztLeUtFjdY5_DY6zj3Byd42z8_LZJKKd_kBDTemFBD8dLBV6no8khVC-Tg5UoOEuKUHY77ceVXlQW7QPGm8xiFOLEQVXz2-h-fzssKpRMO9DbNkIQf0-pDy6MsNmXGS5Ho2PN04pgJdv5P8UtNnI84GpOsVPqxQ1WrCEwAackNlZ6iRGnbS7KzyON-v84K_Hl99AI2RGOaKmQf0BGSLqKvAhzFu-x_ffAOjLW5f8NwMnezn-np09JUY7ca5Xgd3&cid=CAQSGwDq26N9fWijP-uYwZP23AKy2slWDUDuDaqaCBgBIBM&sdkv=h.0.0.0&osd=2&frm=0&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
fe1e877472a19cf318c8e1a6d560c1177aa4f1671faf56e0c5a833741d3ab952
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Mon, 28 Nov 2022 02:44:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15847
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CWUcddCCEY5msC8mo3LUP1IiAsAO6i4-wbbqF8uj7ENa05bPbNhABIITRphFgpcCjgKQByAEFqQLm8sVxuKamPqgDAaoEgAJP0OYeLV4_4sE8F_vHBvromezsY20mRBOqFaCVD1uDvIiBXNqWdMdL3ZAkCpdKlXo2oL3SqqCp1cmrH3DctLCBi4V7NdNI1lr-L-qHvaLqo07zLXwD2aKk1u-UhSKmkhm8uXU_XYRxjWfWeUy1PErUhgHMsBw5muX80M46sruiXyvwwSK2UZ56BQvKnHVZ4UDNqsfed_zi8plioP35oFRFgdOWVI7YE7DOOe9Bj8jEdMlfDkZvj3f1XmAhWggYDdoQjPrialwhyBGyk59rTEvmOd5i2-4hwHNsy4yPCn3SoJG_WHnZXv2Tf_UkSXc7fQi6-8CbHNYrPrwdAdgpZb5cwATVjYyzlQTgBAOIBfORu41GkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ2gAeT5dOhAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcKEPyTERi_iYbZAdIIDwiAYRABGB8yAooCOgKAQIAKAcgLAbAT6a6WEcgTo4294QPYEwqIFALYFAHQFQGAFwGyFxwKGggAEhRwdWItMDQwMTY3MzQ2MTE2MzUyNhgA&sigh=j3VyzvZsNXY&uach_m=[UACH]&cid=CAQSGwDq26N9fWijP-uYwZP23AKy2slWDUDuDaqaCBgBIBM&vt=10
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0401673461163526&output=html&h=280&slotname=8571202859&adk=4221222081&adf=2689116385&pi=t.ma~as.8571202859&w=730&fwrn=4&fwrnh=100&lmt=1669595032&rafmt=1&format=730x280&url=http%3A%2F%2Fqld.gov.au.getstat.site%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1669595031796&bpp=1&bdt=1331&idt=904&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C350x280&correlator=1840954378210&frm=20&pv=1&ga_vid=1928005960.1669595032&ga_sid=1669595033&ga_hid=669947308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=625&ady=1142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44770881%2C44777948&oid=2&pvsid=3318001616554414&tmod=1194139338&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=6Xcz01mnfM&p=http%3A//qld.gov.au.getstat.site&dtd=907
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0401673461163526&output=html&h=280&slotname=8571202859&adk=4221222081&adf=2689116385&pi=t.ma~as.8571202859&w=730&fwrn=4&fwrnh=100&lmt=1669595032&rafmt=1&format=730x280&url=http%3A%2F%2Fqld.gov.au.getstat.site%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1669595031796&bpp=1&bdt=1331&idt=904&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C350x280&correlator=1840954378210&frm=20&pv=1&ga_vid=1928005960.1669595032&ga_sid=1669595033&ga_hid=669947308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=625&ady=1142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44770881%2C44777948&oid=2&pvsid=3318001616554414&tmod=1194139338&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=6Xcz01mnfM&p=http%3A//qld.gov.au.getstat.site&dtd=907
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 28 Nov 2022 02:44:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Mon, 28 Nov 2022 02:44:06 GMT
truncated
/ 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ea2990a50a498c7dace1b6abb44be4fafd7d5cf630ef3b4c056199fe6365c9d1

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Content-Type
image/png
HdsydzJK.js
tpc.googlesyndication.com/sodar/ 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Thu, 24 Nov 2022 16:07:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
297423
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 24 Nov 2023 16:07:03 GMT
file.mp4
r2---sn-hxa7zn7z.c.2mdn.net/videoplayback/id/864587b876ffff16/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1701139446/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,...
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/864587b876ffff16/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1701139446/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signat...
  • https://r2---sn-hxa7zn7z.c.2mdn.net/videoplayback/id/864587b876ffff16/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1701139446/sparams/acao,ctier,expire,id,ip,ipbits,itag...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r2---sn-hxa7zn7z.c.2mdn.net/videoplayback/id/864587b876ffff16/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1701139446/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/10970DE6907122AE393A16610F2A9949043D1F1E.5BB7B51E0BB87123977CB18EC3C61DB8E1BF4350/key/cms1/cms_redirect/yes/mh/a3/mip/103.209.254.94/mm/42/mn/sn-hxa7zn7z/ms/onc/mt/1669603040/mv/m/mvi/2/pl/24/file/file.mp4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0401673461163526&output=html&h=280&slotname=8571202859&adk=4221222081&adf=2689116385&pi=t.ma~as.8571202859&w=730&fwrn=4&fwrnh=100&lmt=1669595032&rafmt=1&format=730x280&url=http%3A%2F%2Fqld.gov.au.getstat.site%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1669595031796&bpp=1&bdt=1331&idt=904&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C350x280&correlator=1840954378210&frm=20&pv=1&ga_vid=1928005960.1669595032&ga_sid=1669595033&ga_hid=669947308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=625&ady=1142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44770881%2C44777948&oid=2&pvsid=3318001616554414&tmod=1194139338&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=6Xcz01mnfM&p=http%3A//qld.gov.au.getstat.site&dtd=907
Protocol
HTTP/1.1
Server
74.125.152.71 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mel04s04-in-f7.1e100.net
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Date
Mon, 28 Nov 2022 02:44:07 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
1743907
Last-Modified
Tue, 15 Nov 2022 01:32:04 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Mon, 28 Nov 2022 02:44:07 GMT

Redirect headers

date
Mon, 28 Nov 2022 02:44:07 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
643
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
location
https://r2---sn-hxa7zn7z.c.2mdn.net/videoplayback/id/864587b876ffff16/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1701139446/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/10970DE6907122AE393A16610F2A9949043D1F1E.5BB7B51E0BB87123977CB18EC3C61DB8E1BF4350/key/cms1/cms_redirect/yes/mh/a3/mip/103.209.254.94/mm/42/mn/sn-hxa7zn7z/ms/onc/mt/1669603040/mv/m/mvi/2/pl/24/file/file.mp4
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://googleads.g.doubleclick.net
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&top=1&puid=2~lb06s859&c=5764964200617&slotId=2882482100308.5&qqid=CJm208Htz_sCFUkUtwAdVAQANg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=729&mt=video%2Fmp4&vs=854x480&ulv=1&cll=0&vast_v=2.0&vmfc=12&vhc=0&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=59&vsrc=web_video_ads&ape=1&met.4=videopreviewvisible.50c9l
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.208.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s42-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 02:44:07 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 17E0 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
441345
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 23 Nov 2022 00:08:22 GMT
expires
Thu, 23 Nov 2023 00:08:22 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
pagead2.googlesyndication.com/bg/ Frame 17E0 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
sffe /
Resource Hash
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

date
Tue, 22 Nov 2022 05:21:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
508948
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 22 Nov 2023 05:21:39 GMT
file.mp4
r2---sn-hxa7zn7z.c.2mdn.net/videoplayback/id/864587b876ffff16/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1701139446/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://r2---sn-hxa7zn7z.c.2mdn.net/videoplayback/id/864587b876ffff16/itag/59/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1701139446/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/10970DE6907122AE393A16610F2A9949043D1F1E.5BB7B51E0BB87123977CB18EC3C61DB8E1BF4350/key/cms1/cms_redirect/yes/mh/a3/mip/103.209.254.94/mm/42/mn/sn-hxa7zn7z/ms/onc/mt/1669603040/mv/m/mvi/2/pl/24/file/file.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.152.71 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mel04s04-in-f7.1e100.net
Software
gvs 1.0 /
Resource Hash
d95156b3fa73dd1195617ffe5275741c8db75f5609ef1ca238d2dc2c0fa19255
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36
Range
bytes=0-

Response headers

expires
Mon, 28 Nov 2022 02:44:07 GMT
date
Mon, 28 Nov 2022 02:44:07 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-1743906/1743907
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
1743907
last-modified
Tue, 15 Nov 2022 01:32:04 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://googleads.g.doubleclick.net
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://googleads.g.doubleclick.net
client-protocol
quic
dc_oe=ChMIo83dwu3P-wIVAy-PCh2hxQdXEAAYACDC1ORWQhMImbbTwe3P-wIVSRS3AB1UBAA2;met=1;acvw=sv%3D941%26v%3D20221114%26cb%3Dout%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D135,40,989,1560%26tos%3D0,0,0,0,0%26mtos%3...
ade.googlesyndication.com/ddm/activity/ 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIo83dwu3P-wIVAy-PCh2hxQdXEAAYACDC1ORWQhMImbbTwe3P-wIVSRS3AB1UBAA2;met=1;acvw=sv%3D941%26v%3D20221114%26cb%3Dout%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D135,40,989,1560%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D1600,1200%26scs%3D1600,1200%26bs%3D1600,1200%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15061%26vmtime%3D4%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26avms%3Dgeo%26qi%3D484618474%26psm%3D1%26psv%3D1%26psfv%3D1%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.67%26t%3D1669603447910;dc_rfl=[URL_SIGNALS];ecn1=1;etm1=0;eid1=11;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 02:44:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CZ-kddCCEY5msC8mo3LUP1IiAsAO6i4-wbbqF8uj7ENa05bPbNhABIITRphFgpcCjgKQByAEFqQLm8sVxuKamPqgDAcgDmwSqBIMCT9DmHi1eP-LBPBf7xwb66Jns7GNtJkQTqhWglQ9bg7yIgVzalnTHS92QJAqXSpV6NqC90qqgqdXJqx9w3LSwgYuFezXTSNZa_i_qh72i6qNO8y18A9mipNbvlIUippIZvLl1P12EcY1n1nlMtTxK1IYBzLAcOZrl_NDOOrK7ol8r8MEitlGeegULypx1WeFAzarH3nf84vKZYqD9-aBURYHTllSO2BOwzjnvQY_IxHTJXw5Gb4939V5gIVoIGA3aEIz64mpcecmLRwANLd7SKfP6jRHeg3B8_HuyF7pDSjiGnFLu03flLcVdGtHlu1QmonR1MxNGub6VMRlD07eas4CcqMAE1Y2Ms5UE4AQDkAYBoAZ2gAeT5dOhAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgGEQARgfMgKKAjoCgECACgHICwHgCwGADAGwE-mulhHYEwqIFALYFAHQFQH4FgGAFwE&sigh=QnfbO0WmPMo&label=part2viewed&ad_mt=4&acvw=sv%3D941%26v%3D20221114%26cb%3Dout%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D135,40,989,1560%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D1600,1200%26scs%3D1600,1200%26bs%3D1600,1200%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15061%26vmtime%3D4%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26avms%3Dgeo%26qi%3D484618474%26psm%3D1%26psv%3D1%26psfv%3D1%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.67%26t%3D1669603447910
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0401673461163526&output=html&h=280&slotname=8571202859&adk=4221222081&adf=2689116385&pi=t.ma~as.8571202859&w=730&fwrn=4&fwrnh=100&lmt=1669595032&rafmt=1&format=730x280&url=http%3A%2F%2Fqld.gov.au.getstat.site%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1669595031796&bpp=1&bdt=1331&idt=904&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C350x280&correlator=1840954378210&frm=20&pv=1&ga_vid=1928005960.1669595032&ga_sid=1669595033&ga_hid=669947308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=625&ady=1142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44770881%2C44777948&oid=2&pvsid=3318001616554414&tmod=1194139338&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=6Xcz01mnfM&p=http%3A//qld.gov.au.getstat.site&dtd=907
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 02:44:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ 		0
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvnxrA22YkJNYbXF5mRC-ZqxiKas-HpsIRUmgySZcd00Pr_ojQ9-WNb2LH3xaKxa5kPKxK-k-HU_a3TdzbeXcH-ViRC1Cf4cFOcnLATxmYzpfs327GteQMyTgNM842H8aceKLTx1d9r3wGBSRo6ehtpd1rTYdDKXay96rZY5uRNgRYQBnU3WawsOMymx69wvsP4j7ndohub7-Eaucj8S4uysqB0BTfqpmZ96G-XVaNYryepqEU7qrC_FaQN4YwjkPxwSEkLyHhVrmDy3fk-27FxjF-Ue8jAPprlE4ikgbCY2ooenPaM-j-f6DpjTdvMnTBJ67qG7q0aseuP4NW8EYK1mrNnRFGBwzZnx3OBQ_HMi0VE5lPdFmITD6fzhpNgCH33B6j956FVBnvbsmsWklojBglrOpqOpKtE4SEFxPLUYMWWHCD0L4zj9GS7NsAKx-dsT3AazbLCitoLy913cxuABpfdZEZSjEyBlA9UtFgiRanRHAn9BXT3l7MttYzFRBHEP1cQA4-KlQdKzB18Ogu7P8I_o1R2_gAkWld8p6fD2CehU1J6FurGfAh2wSyDcP7vzSy6Mm8b0RVG8FAKefeajR9vvNgUkkOMmvjk2cjanMd0zJBu7sONMBmDokh5JRZQ6eOPg7fKIyfbBsE5G8AXtprvDbtxoiQIMh45c3gaazO490bJmca7ufpALNPYOAS8a7-1C59IV5HR-YpNm3Y-5Yy_0Yu9OshdYWRLcx6PvOkKIg5yQLu3W2stunYLAzPobV8y6FTYUIFwyOm08l2m8xLcI8jnbOYrZyXQltdkDQSPdv9B6yolAJFd1eTqPlwm21yhLiMKIPL7k9KQ9Ihz7oAfZGwKdS1aWcr660_FnkaOjK_FHg_NX8SAJ2LrYTXtpphXCB-7ztsEr7ExrbH9kji0mVk3YGuus7AmSbetp5HNCE5agUXBqdnZkitKBRgea6ofKE0HTTESkB4YO2uqvlIGFwDYHQkAQ68Ri1vtNxXgmxswtmtTf79NZB-I0rysItu8FHPCcAoMgj3txheLHz_HPxdHyWo3xQVI2evJWP3QBhHR7k0RUg6r383Gm0Rsud9I_IDGyTzVRHdRzFUJMkJphMhyYI7kgwkk9QnRduHyYmWNJA_F40S6dV-cLoDmzN7bx3QFP5XlP7NtWVfXV8JK_AjjMufRn-b5_w&sai=AMfl-YQI1w2yzUuiknQI5R6cngFeUcx9wMdBSHxYyRZUruInIRJT3LCd2XFnnrr6DvR0T0X0A-njPqtJ-fb3RdQwq8Wwgz-rbUvJmFbE4qy6N0TiFlHV-VvregUkSqmmSJFRS93ty0HQXti-uW-J5h7ksI9kBhEZq3RRpb3gUQhbkTA8nUza98O506QYsw&sig=Cg0ArKJSzKsB7qIRB5zoEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 28 Nov 2022 02:44:08 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
rum
dsum-sec.casalemedia.com/
Redirect Chain
  • https://googleads.g.doubleclick.net/xbbe/pixel?d=CJe6-wEQgZeaAhi_iYbZASABMAE&v=APEucNUXX3P_4dZ9qc-APH81xIFuyFe7V7_vq7O6jvP67AUhYhr7skrHCbX-Jd49aeAyCN7XJqHfaWLMZ2l3gLOwGXdxT4vgmoWi2o30pkDhYBI5eOJSI6k
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y4QgeIUtiOnm9tWW.nl4XgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHQqnS-9aL8Qw-NDHVu8fUQ&google_cver=1&google_hm=2
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHQqnS-9aL8Qw-NDHVu8fUQ&google_cver=1&google_hm=2
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 28 Nov 2022 02:44:10 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 28 Nov 2022 02:44:09 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHQqnS-9aL8Qw-NDHVu8fUQ&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 02:44:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIo83dwu3P-wIVAy-PCh2hxQdXEAAYACDC1ORWQhMImbbTwe3P-wIVSRS3AB1UBAA2;met=1;acvw=sv%3D941%26v%3D20221114%26cb%3Dout%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D135,40,989,1560%26tos%3D0,0,0,0,0%26mtos%...
ade.googlesyndication.com/ddm/activity/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIo83dwu3P-wIVAy-PCh2hxQdXEAAYACDC1ORWQhMImbbTwe3P-wIVSRS3AB1UBAA2;met=1;acvw=sv%3D941%26v%3D20221114%26cb%3Dout%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D135,40,989,1560%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D1600,1200%26scs%3D1600,1200%26bs%3D1600,1200%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15061%26vmtime%3D4%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26avms%3Dgeo%26qi%3D484618474%26psm%3D1%26psv%3D1%26psfv%3D1%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.67%26t%3D1669603447910;ecn1=1;etm1=0;eid1=200101;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 02:44:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuzAX_D9ROdDyHM9tybPmHPRi-9dk5CcWoceIRFR74yEUcAH36WEfqrXKC14yqo1S_K9djebXoa6p7rWRhz82h-JNfdekgZsYZLGa0S5X5aLRs8Y7DlCU-NRQ&sai=AMfl-YQlL37Xg5dMzo_Jq0AVlmrHzpCb1wvJVffWF9282qd1OL5oHkYS3pqqu8O16y8zPGhNULAyRyZNv8Q18Pg&sig=Cg0ArKJSzPLYgd2GhOuxEAE&cid=CAQSGwDq26N9fWijP-uYwZP23AKy2slWDUDuDaqaCBgBIBM&id=lidarv&acvw=sv%3D941%26v%3D20221114%26cb%3Dout%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D135,40,989,1560%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D1600,1200%26scs%3D1600,1200%26bs%3D1600,1200%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15061%26vmtime%3D4%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26avms%3Dgeo%26qi%3D484618474%26psm%3D1%26psv%3D1%26psfv%3D1%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.67%26t%3D1669603447910&avm=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 02:44:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CZ-kddCCEY5msC8mo3LUP1IiAsAO6i4-wbbqF8uj7ENa05bPbNhABIITRphFgpcCjgKQByAEFqQLm8sVxuKamPqgDAcgDmwSqBIMCT9DmHi1eP-LBPBf7xwb66Jns7GNtJkQTqhWglQ9bg7yIgVzalnTHS92QJAqXSpV6NqC90qqgqdXJqx9w3LSwgYuFezXTSNZa_i_qh72i6qNO8y18A9mipNbvlIUippIZvLl1P12EcY1n1nlMtTxK1IYBzLAcOZrl_NDOOrK7ol8r8MEitlGeegULypx1WeFAzarH3nf84vKZYqD9-aBURYHTllSO2BOwzjnvQY_IxHTJXw5Gb4939V5gIVoIGA3aEIz64mpcecmLRwANLd7SKfP6jRHeg3B8_HuyF7pDSjiGnFLu03flLcVdGtHlu1QmonR1MxNGub6VMRlD07eas4CcqMAE1Y2Ms5UE4AQDkAYBoAZ2gAeT5dOhAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgGEQARgfMgKKAjoCgECACgHICwHgCwGADAGwE-mulhHYEwqIFALYFAHQFQH4FgGAFwE&sigh=QnfbO0WmPMo&label=vast_creativeview&ad_mt=4&acvw=sv%3D941%26v%3D20221114%26cb%3Dout%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D135,40,989,1560%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D1600,1200%26scs%3D1600,1200%26bs%3D1600,1200%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D15061%26vmtime%3D4%26is%3D275%26i0%3D275%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26avms%3Dgeo%26qi%3D484618474%26psm%3D1%26psv%3D1%26psfv%3D1%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.67%26t%3D1669603447910
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0401673461163526&output=html&h=280&slotname=8571202859&adk=4221222081&adf=2689116385&pi=t.ma~as.8571202859&w=730&fwrn=4&fwrnh=100&lmt=1669595032&rafmt=1&format=730x280&url=http%3A%2F%2Fqld.gov.au.getstat.site%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1669595031796&bpp=1&bdt=1331&idt=904&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C350x280&correlator=1840954378210&frm=20&pv=1&ga_vid=1928005960.1669595032&ga_sid=1669595033&ga_hid=669947308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=625&ady=1142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44770881%2C44777948&oid=2&pvsid=3318001616554414&tmod=1194139338&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=6Xcz01mnfM&p=http%3A//qld.gov.au.getstat.site&dtd=907
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 02:44:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&top=1&puid=3~lb06s8ex&c=5764964200617&slotId=2882482100308.5&qqid=CJm208Htz_sCFUkUtwAdVAQANg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=729&mt=video%2Fmp4&vs=854x480&dm=15000&ple=1&umsem=0&event_name=first_play&asset_bytes=197429&video_bytes=300&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=9&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=0&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=ff.50d81~videopreviewstarted.50d82
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.208.131 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s42-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 02:44:08 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 17E0 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B0Y3zdiCEY6O6G4PevAShi5-4BQAAAAA4AeAEAg&bg=!o6CloOTNAAbvMpMzzzI7ACkAdvg8WhT0bsetBfWuUEiO5O0ezX7qv1sjm3XHdltjDI9oQXYg2SyStQIAAAB1UgAAAAJoAQeZArgV8cv-XN6yMIrmkG0TzTNqmBK7yl6eFGl812nw7gpdvpTZ4625W_xrhlDhIyQpZAgbPoUXyE7PMOTuoYv7XxhTffenXOJdbf8j5euXDKbfnTT9s0iP59dGUwmuS5pVBhiZbWhKk8yGCBKRQBpcmxvjbAKiOUe26dqVqUWFJrKGviAiHB7a_pfoCOBpl8ZdmTLyaOwelEPYRL7kgyHhGg87HO4kvV45IUHQQy_ezPoIYbMmlP7US-3Pko84sGGBfWtsyyOYS30CEEzrtCrJ3cUHpkQc5NrHJL5t8xC2McU5ByQDx-ykLD_hlQXhpIhlMco1-qGYUSYQa0NR7OYF822XDIvgwqwg0bbZnd3pqYJH4ibdCNPmP8fKVcm3waxK7ITiya_GnMYrUewMkckI7As_Yj7r4UH5ldPvADcCzcsWy01qhe5R_ExFb_gf8tvIjXybkjq0vD9wN7jeoYR630nAm1YALjVGK-vLHyR3y4lle6mVpyb6r_FZ0iar9_AFL4eqzzJBWHaKw6z2Hb2fR90inb2D5Yo8xie9pWJGkV07iFp0zPd5WdczpPfsuHoVlhwIp-vXWoi7T2lepbZdsUfAeGnlZllNwGZOosk93UOkMnou_PTUZLY3ubKCzIGT7qnoY-dftdwCtxv0DYLY4uhhhzU2Z2ACn8omnqLZBwpk-ZEVfsru55o6r_-FEv1FWyv3m2SawsrVDywib_YdN5e7cm4hO7HDYJm8HhDfWfEFA_tyoaOMwqqQx4iE3Wx4X67EeBPp76kb6P0MievDCcOIVus9eHvW6LtQtRMUOiEKqKu0ISLW03zyM2i91mJVB24yI-8xar0suneUH4cWfdwDzVD_C9_re7LLGp5PWLEKnIKmEUZU9fsSbT3B6JobMzhNR5TV8hIsky1bhEY70fwn5xxzNfwiRfY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 02:44:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIo83dwu3P-wIVAy-PCh2hxQdXEAAYACDC1ORWQhMImbbTwe3P-wIVSRS3AB1UBAA2;met=1;acvw=sv%3D941%26v%3D20221114%26cb%3Dout%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D135,40,989,1560%26tos%3D2167,0,0,0,0%26mto...
ade.googlesyndication.com/ddm/activity/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIo83dwu3P-wIVAy-PCh2hxQdXEAAYACDC1ORWQhMImbbTwe3P-wIVSRS3AB1UBAA2;met=1;acvw=sv%3D941%26v%3D20221114%26cb%3Dout%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D135,40,989,1560%26tos%3D2167,0,0,0,0%26mtos%3D2167,2167,2167,2167,2167%26amtos%3D0,0,0,0,0%26mcvt%3D2167%26ps%3D1600,1200%26scs%3D1600,1200%26bs%3D1600,1200%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2167%26gmm%3D4%26efpf%3D2%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D42%26pst%3D201%26dur%3D15061%26vmtime%3D2174%26dtos%3D2167%26dtoss%3D1%26dvs%3D2167%26dfvs%3D2167%26dvpt%3D2167%26is%3D275%26i0%3D275%26ic%3D16777217%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26avms%3Dgeo%26qi%3D484618474%26psm%3D7%26psv%3D7%26psfv%3D7%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,2167,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.67%26t%3D1669603447910;ecn1=1;etm1=0;eid1=200000;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 02:44:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuzAX_D9ROdDyHM9tybPmHPRi-9dk5CcWoceIRFR74yEUcAH36WEfqrXKC14yqo1S_K9djebXoa6p7rWRhz82h-JNfdekgZsYZLGa0S5X5aLRs8Y7DlCU-NRQ&sai=AMfl-YQlL37Xg5dMzo_Jq0AVlmrHzpCb1wvJVffWF9282qd1OL5oHkYS3pqqu8O16y8zPGhNULAyRyZNv8Q18Pg&sig=Cg0ArKJSzPLYgd2GhOuxEAE&cid=CAQSGwDq26N9fWijP-uYwZP23AKy2slWDUDuDaqaCBgBIBM&id=lidarv&acvw=sv%3D941%26v%3D20221114%26cb%3Dout%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D135,40,989,1560%26tos%3D2167,0,0,0,0%26mtos%3D2167,2167,2167,2167,2167%26amtos%3D0,0,0,0,0%26mcvt%3D2167%26ps%3D1600,1200%26scs%3D1600,1200%26bs%3D1600,1200%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2167%26gmm%3D4%26efpf%3D2%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D42%26pst%3D201%26dur%3D15061%26vmtime%3D2174%26dtos%3D2167%26dtoss%3D1%26dvs%3D2167%26dfvs%3D2167%26dvpt%3D2167%26is%3D275%26i0%3D275%26ic%3D16777217%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26avms%3Dgeo%26qi%3D484618474%26psm%3D7%26psv%3D7%26psfv%3D7%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,2167,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.67%26t%3D1669603447910
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 02:44:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMIo83dwu3P-wIVAy-PCh2hxQdXEAAYACDC1ORWQhMImbbTwe3P-wIVSRS3AB1UBAA2;met=1;acvw=sv%3D941%26v%3D20221114%26cb%3Dout%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D135,40,989,1560%26tos%3D3908,0,0,0,0%26mto...
ade.googlesyndication.com/ddm/activity/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIo83dwu3P-wIVAy-PCh2hxQdXEAAYACDC1ORWQhMImbbTwe3P-wIVSRS3AB1UBAA2;met=1;acvw=sv%3D941%26v%3D20221114%26cb%3Dout%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D135,40,989,1560%26tos%3D3908,0,0,0,0%26mtos%3D3908,3908,3908,3908,3908%26amtos%3D0,0,0,0,0%26mcvt%3D3908%26ps%3D1600,1200%26scs%3D1600,1200%26bs%3D1600,1200%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3908%26gmm%3D4%26efpf%3D2%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D46%26pst%3D201%26dur%3D15061%26vmtime%3D3918%26dtos%3D1741%26dtoss%3D2%26dvs%3D1741%26dfvs%3D1741%26dvpt%3D1741%26is%3D275%26i0%3D275%26i1%3D275%26ic%3D0%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D3908,3908,3908,3908,3908%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26avms%3Dgeo%26qi%3D484618474%26psm%3D15%26psv%3D15%26psfv%3D15%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,3908,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.67%26t%3D1669603447910;ecn1=1;etm1=0;eid1=960584;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 02:44:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CZ-kddCCEY5msC8mo3LUP1IiAsAO6i4-wbbqF8uj7ENa05bPbNhABIITRphFgpcCjgKQByAEFqQLm8sVxuKamPqgDAcgDmwSqBIMCT9DmHi1eP-LBPBf7xwb66Jns7GNtJkQTqhWglQ9bg7yIgVzalnTHS92QJAqXSpV6NqC90qqgqdXJqx9w3LSwgYuFezXTSNZa_i_qh72i6qNO8y18A9mipNbvlIUippIZvLl1P12EcY1n1nlMtTxK1IYBzLAcOZrl_NDOOrK7ol8r8MEitlGeegULypx1WeFAzarH3nf84vKZYqD9-aBURYHTllSO2BOwzjnvQY_IxHTJXw5Gb4939V5gIVoIGA3aEIz64mpcecmLRwANLd7SKfP6jRHeg3B8_HuyF7pDSjiGnFLu03flLcVdGtHlu1QmonR1MxNGub6VMRlD07eas4CcqMAE1Y2Ms5UE4AQDkAYBoAZ2gAeT5dOhAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgGEQARgfMgKKAjoCgECACgHICwHgCwGADAGwE-mulhHYEwqIFALYFAHQFQH4FgGAFwE&sigh=QnfbO0WmPMo&label=videoplaytime25&ad_mt=3919&acvw=sv%3D941%26v%3D20221114%26cb%3Dout%26e%3D1%26nas%3D1%26sdk%3Dh%26p%3D135,40,989,1560%26tos%3D3908,0,0,0,0%26mtos%3D3908,3908,3908,3908,3908%26amtos%3D0,0,0,0,0%26mcvt%3D3908%26ps%3D1600,1200%26scs%3D1600,1200%26bs%3D1600,1200%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3908%26gmm%3D4%26efpf%3D2%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D46%26pst%3D201%26dur%3D15061%26vmtime%3D3918%26dtos%3D1741%26dtoss%3D2%26dvs%3D1741%26dfvs%3D1741%26dvpt%3D1741%26is%3D275%26i0%3D275%26i1%3D275%26ic%3D0%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D3908,3908,3908,3908,3908%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26avms%3Dgeo%26qi%3D484618474%26psm%3D15%26psv%3D15%26psfv%3D15%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1,fmd%3A0%26ssb%3D0,0,0,0,3908,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.67%26t%3D1669603447910
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0401673461163526&output=html&h=280&slotname=8571202859&adk=4221222081&adf=2689116385&pi=t.ma~as.8571202859&w=730&fwrn=4&fwrnh=100&lmt=1669595032&rafmt=1&format=730x280&url=http%3A%2F%2Fqld.gov.au.getstat.site%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1669595031796&bpp=1&bdt=1331&idt=904&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x280%2C350x280&correlator=1840954378210&frm=20&pv=1&ga_vid=1928005960.1669595032&ga_sid=1669595033&ga_hid=669947308&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=625&ady=1142&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44770881%2C44777948&oid=2&pvsid=3318001616554414&tmod=1194139338&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=6Xcz01mnfM&p=http%3A//qld.gov.au.getstat.site&dtd=907
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.121 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 28 Nov 2022 02:44:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

32 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 string| jscVersion object| google_casm object| google_js_reporting_queue number| google_srt object| google_logging_queue undefined| goog_delegate_deferred_token function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator object| ima function| AFMA_AddEventListener function| AFMA_RemoveEventListener function| AFMA_AddObserver function| AFMA_RemoveObserver function| AFMA_ReceiveMessage function| AFMA_SendMessage object| AFMA_Communicator object| studio function| OutstreamViewController object| dicnf object| viewReq function| vu object| google_image_requests object| closure_lm_861760 object| outstreamViewController_ object| googqscp object| GoogleTyFxhY

4 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: IDE
Value: AHWqTUl5ZKgt32Kz7lwAdogh0h4R5m_TLfh0Iq0MBAHZuOuob6Dxl01ss8JNXg0OIMU
.casalemedia.com/ Name: CMID
Value: Y4QgeIUtiOnm9tWW.nl4XgAA
.casalemedia.com/ Name: CMPS
Value: 4937
.casalemedia.com/ Name: CMPRO
Value: 4937

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ade.googlesyndication.com
bid.g.doubleclick.net
cm.g.doubleclick.net
csi.gstatic.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
imasdk.googleapis.com
pagead2.googlesyndication.com
r2---sn-hxa7zn7z.c.2mdn.net
tpc.googlesyndication.com
139.5.84.243
142.250.4.154
142.250.4.94
142.251.10.132
142.251.10.95
142.251.12.138
142.251.12.157
142.251.208.131
172.217.194.156
172.253.118.95
74.125.130.157
74.125.152.71
101b8d837f8e01156fc293db1932eead16c29f9f16da622bfa89f394fbfd1273
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
2a9ce6c2e964a8c7991d3f1f4a43e07e20b83b0b76d8d023f53607949c2035da
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
d95156b3fa73dd1195617ffe5275741c8db75f5609ef1ca238d2dc2c0fa19255
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea2990a50a498c7dace1b6abb44be4fafd7d5cf630ef3b4c056199fe6365c9d1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fe1e877472a19cf318c8e1a6d560c1177aa4f1671faf56e0c5a833741d3ab952