captcha.bot Open in urlscan Pro
104.26.7.110 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://authenticate.captcha-botverify.site/
Effective URL:
https://captcha.bot/
Submission Tags: @phish_report
Submission: On January 10 via api (January 10th 2024, 8:14:30 am UTC) from FI — Scanned from AU

Summary HTTP 256 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 49 IPs in 5 countries across 46 domains to perform 256 HTTP transactions. The main IP is 104.26.7.110, located in and belongs to CLOUDFLARENET, US. The main domain is captcha.bot. The Cisco Umbrella rank of the primary domain is 860813.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 25th 2023. Valid for: a year.

This is the only time captcha.bot was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	172.67.148.127 172.67.148.127	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 26	104.26.7.110 104.26.7.110	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	13.35.147.43 13.35.147.43	16509 (AMAZON-02) (AMAZON-02)
1 2	104.17.3.184 104.17.3.184	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.16.56.101 104.16.56.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	104.99.59.17 104.99.59.17	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	142.250.204.8 142.250.204.8	15169 (GOOGLE) (GOOGLE)
2	18.67.111.22 18.67.111.22	16509 (AMAZON-02) (AMAZON-02)
2 2	13.224.181.126 13.224.181.126	16509 (AMAZON-02) (AMAZON-02)
3	18.67.93.118 18.67.93.118	16509 (AMAZON-02) (AMAZON-02)
3 29	142.250.66.194 142.250.66.194	15169 (GOOGLE) (GOOGLE)
1	142.250.204.14 142.250.204.14	15169 (GOOGLE) (GOOGLE)
1	64.233.170.156 64.233.170.156	15169 (GOOGLE) (GOOGLE)
1	142.250.204.3 142.250.204.3	15169 (GOOGLE) (GOOGLE)
6	104.19.219.90 104.19.219.90	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.67.41.60 172.67.41.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.19.218.90 104.19.218.90	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	130.211.23.194 130.211.23.194	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	104.26.3.70 104.26.3.70	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.71.70 142.250.71.70	15169 (GOOGLE) (GOOGLE)
1	18.67.93.122 18.67.93.122	16509 (AMAZON-02) (AMAZON-02)
13	142.250.66.226 142.250.66.226	15169 (GOOGLE) (GOOGLE)
19	142.250.76.97 142.250.76.97	15169 (GOOGLE) (GOOGLE)
2 4	103.43.90.21 103.43.90.21	29990 (ASN-APPNEX) (ASN-APPNEX)
1	131.153.206.102 131.153.206.102	59210 (PHOENIXNA...) (PHOENIXNAP-AS-SG1 PhoenixNAP)
1	207.65.33.78 207.65.33.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	182.161.73.145 182.161.73.145	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
5	23.106.127.49 23.106.127.49	59253 (LEASEWEB-...) (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd.)
7	52.74.188.57 52.74.188.57	16509 (AMAZON-02) (AMAZON-02)
5	34.149.20.76 34.149.20.76	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.140.185.14 18.140.185.14	16509 (AMAZON-02) (AMAZON-02)
2	142.250.204.4 142.250.204.4	15169 (GOOGLE) (GOOGLE)
2	182.161.73.129 182.161.73.129	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
9	142.251.221.74 142.251.221.74	15169 (GOOGLE) (GOOGLE)
15	142.251.221.67 142.251.221.67	15169 (GOOGLE) (GOOGLE)
8	172.217.167.66 172.217.167.66	15169 (GOOGLE) (GOOGLE)
3	151.101.129.229 151.101.129.229	54113 (FASTLY) (FASTLY)
1	142.250.204.1 142.250.204.1	15169 (GOOGLE) (GOOGLE)
2	182.161.73.136 182.161.73.136	55569 (CRITEO-AS...) (CRITEO-AS-AP Criteo APAC)
1 2	104.18.24.173 104.18.24.173	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	202.232.238.37 202.232.238.37	2497 (IIJ Inter...) (IIJ Internet Initiative Japan Inc.)
2 2	35.227.252.103 35.227.252.103	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2 2	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	183.79.249.124 183.79.249.124	() ()
1 1	35.208.249.213 35.208.249.213	19527 (GOOGLE-2) (GOOGLE-2)
2	172.217.167.98 172.217.167.98	() ()
9	18.67.93.105 18.67.93.105	16509 (AMAZON-02) (AMAZON-02)
2 30	35.71.178.8 35.71.178.8	16509 (AMAZON-02) (AMAZON-02)
1	142.251.221.66 142.251.221.66	15169 (GOOGLE) (GOOGLE)
3 9	23.32.5.94 23.32.5.94	() ()
3	13.35.147.100 13.35.147.100	() ()
2 2	35.71.131.137 35.71.131.137	() ()
1	13.107.42.14 13.107.42.14	() ()
1 1	18.140.152.206 18.140.152.206	() ()
2 3	35.213.12.39 35.213.12.39	() ()
2 2	35.213.93.179 35.213.93.179	() ()
1 1	182.161.73.146 182.161.73.146	() ()
256	49

1 172.67.148.127 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

authenticate.captcha-botverify.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 104.26.7.110 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

captcha.bot	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 13.35.147.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-147-43.syd1.r.cloudfront.net

js.chargebee.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.3.184 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

challenges.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.56.101 (None, )

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.99.59.17 (Sydney, Australia)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-99-59-17.deploy.static.akamaitechnologies.com

cdn.fuseplatform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.204.8 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.67.111.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-111-22.syd62.r.cloudfront.net

privygg.chargebeestaticv2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.181.126 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-181-126.syd1.r.cloudfront.net

cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.67.93.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-118.syd62.r.cloudfront.net

cmp.inmobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 142.250.66.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: syd09s23-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.204.14 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f14.1e100.net

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.170.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.204.3 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f3.1e100.net

www.google.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.19.219.90 (None, )

ASN13335 (CLOUDFLARENET, US)

js.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
newassets.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.41.60 (United States)

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.218.90 (None, )

ASN13335 (CLOUDFLARENET, US)

newassets.hcaptcha.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.26.3.70 (None, )

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.71.70 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s17-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.67.93.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-122.syd62.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.66.226 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s15-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 142.250.76.97 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s24-in-f1.1e100.net

a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 103.43.90.21 (Singapore, Singapore) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 131.153.206.102 (United States)

ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 207.65.33.78 (United States)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.106.127.49 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)

prg8.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.74.188.57 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-188-57.ap-southeast-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.149.20.76 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 76.20.149.34.bc.googleusercontent.com

ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.140.185.14 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-140-185-14.ap-southeast-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.204.4 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.251.221.74 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.251.221.67 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.217.167.66 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s06-in-f2.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.129.229 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.204.1 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f1.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.24.173 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.232.238.37 (Tokyo, Japan) 1 redirects

ASN2497 (IIJ Internet Initiative Japan Inc., JP)

sync.fout.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.64.151.101 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 183.79.249.124 (None, )

ASN- ()

cksync.yahoo.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.208.249.213 (Council Bluffs, United States) 1 redirects

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com

gtrace.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.167.98 (None, )

ASN- ()

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 18.67.93.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-105.syd62.r.cloudfront.net

ib.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 35.71.178.8 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.221.66 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 23.32.5.94 (None, ) 3 redirects

ASN- ()

www.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.35.147.100 (None, )

ASN- ()

img.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (None, ) 2 redirects

ASN- ()

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (None, )

ASN- ()

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.140.152.206 (None, ) 1 redirects

ASN- ()

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.213.12.39 (None, ) 2 redirects

ASN- ()

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.213.93.179 (None, ) 2 redirects

ASN- ()

a.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 182.161.73.146 (None, ) 1 redirects

ASN- ()

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
49	3lift.com 2 redirects tlx.3lift.com — Cisco Umbrella Rank: 991 ib.3lift.com — Cisco Umbrella Rank: 2942 eb2.3lift.com — Cisco Umbrella Rank: 731 img.3lift.com	228 KB
32	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 140 a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 185	528 KB
32	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 269 stats.g.doubleclick.net — Cisco Umbrella Rank: 184 ad.doubleclick.net — Cisco Umbrella Rank: 199 cm.g.doubleclick.net — Cisco Umbrella Rank: 338 googleads.g.doubleclick.net — Cisco Umbrella Rank: 68	332 KB
26	captcha.bot 1 redirects captcha.bot — Cisco Umbrella Rank: 860813	821 KB
15	gstatic.com www.gstatic.com fonts.gstatic.com	234 KB
10	fuseplatform.net cdn.fuseplatform.net — Cisco Umbrella Rank: 19203	139 KB
10	chargebee.com js.chargebee.com — Cisco Umbrella Rank: 42936	217 KB
9	bing.com 3 redirects www.bing.com	83 KB
9	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 115	10 KB
8	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 271	454 KB
7	hcaptcha.com js.hcaptcha.com — Cisco Umbrella Rank: 11127 newassets.hcaptcha.com — Cisco Umbrella Rank: 7636 api.hcaptcha.com — Cisco Umbrella Rank: 7827	498 KB
5	33across.com ssc.33across.com — Cisco Umbrella Rank: 6391	1 KB
5	smartadserver.com prg8.smartadserver.com — Cisco Umbrella Rank: 19977	10 KB
4	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 878 gum.criteo.com — Cisco Umbrella Rank: 597 dis.criteo.com	7 KB
4	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 356	4 KB
4	btloader.com btloader.com — Cisco Umbrella Rank: 1738 api.btloader.com — Cisco Umbrella Rank: 1905	31 KB
3	bidswitch.net 2 redirects x.bidswitch.net	2 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 438	28 KB
3	google.com analytics.google.com — Cisco Umbrella Rank: 266 www.google.com — Cisco Umbrella Rank: 6	1 KB
3	inmobi.com cmp.inmobi.com — Cisco Umbrella Rank: 4373	48 KB
2	sportradarserving.com 2 redirects a.sportradarserving.com	971 B
2	adsrvr.org 2 redirects match.adsrvr.org	714 B
2	googleadservices.com www.googleadservices.com
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 796	2 KB
2	openx.net 2 redirects rtb.openx.net — Cisco Umbrella Rank: 1007	743 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 1559 s.tribalfusion.com — Cisco Umbrella Rank: 3590	1 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 894	55 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1411 bcp.crwdcntrl.net — Cisco Umbrella Rank: 1431	13 KB
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 1774	1 KB
2	quantcast.com 2 redirects cmp.quantcast.com — Cisco Umbrella Rank: 4731	1 KB
2	chargebeestaticv2.com privygg.chargebeestaticv2.com	1 KB
2	cloudflare.com 1 redirects challenges.cloudflare.com — Cisco Umbrella Rank: 4701	12 KB
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com	615 B
1	linkedin.com px.ads.linkedin.com	631 B
1	mediago.io 1 redirects gtrace.mediago.io — Cisco Umbrella Rank: 6276	505 B
1	yahoo.co.jp cksync.yahoo.co.jp	624 B
1	fout.jp 1 redirects sync.fout.jp — Cisco Umbrella Rank: 43256	716 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 2809	173 B
1	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 323	33 KB
1	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 766	110 B
1	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 1119	998 B
1	google.com.au www.google.com.au — Cisco Umbrella Rank: 17400	408 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	78 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1429	7 KB
1	captcha-botverify.site 1 redirects authenticate.captcha-botverify.site	456 B
0	rubiconproject.com Failed fastlane.rubiconproject.com Failed
256	46

	Domain	Requested by
30	eb2.3lift.com	2 redirects captcha.bot ib.3lift.com eb2.3lift.com
26	captcha.bot	1 redirects captcha.bot static.cloudflareinsights.com
21	securepubads.g.doubleclick.net	1 redirects cdn.fuseplatform.net securepubads.g.doubleclick.net captcha.bot a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com www.googletagservices.com
14	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com captcha.bot a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com
13	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com pagead2.googlesyndication.com www.googletagservices.com
10	cdn.fuseplatform.net	captcha.bot cdn.fuseplatform.net
10	js.chargebee.com	captcha.bot js.chargebee.com
9	www.bing.com	3 redirects captcha.bot
9	ib.3lift.com	captcha.bot ib.3lift.com
9	fonts.googleapis.com	a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com captcha.bot ib.3lift.com
8	cm.g.doubleclick.net	2 redirects a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com eb2.3lift.com
8	www.googletagservices.com	captcha.bot securepubads.g.doubleclick.net a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com
8	www.gstatic.com	captcha.bot a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com
7	fonts.gstatic.com	fonts.googleapis.com
7	tlx.3lift.com	cdn.fuseplatform.net captcha.bot
5	ssc.33across.com	cdn.fuseplatform.net
5	prg8.smartadserver.com	cdn.fuseplatform.net
5	a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
5	newassets.hcaptcha.com	js.hcaptcha.com newassets.hcaptcha.com
4	ib.adnxs.com	2 redirects cdn.fuseplatform.net eb2.3lift.com
3	x.bidswitch.net	2 redirects eb2.3lift.com
3	img.3lift.com	captcha.bot ib.3lift.com
3	cdn.jsdelivr.net	securepubads.g.doubleclick.net
3	api.btloader.com	btloader.com
3	cmp.inmobi.com	captcha.bot cmp.quantcast.com
2	a.sportradarserving.com	2 redirects
2	match.adsrvr.org	2 redirects
2	www.googleadservices.com
2	ssum-sec.casalemedia.com	2 redirects
2	rtb.openx.net	2 redirects
2	gum.criteo.com	static.criteo.net gum.criteo.com
2	static.criteo.net	cdn.fuseplatform.net static.criteo.net
2	www.google.com	tpc.googlesyndication.com a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com
2	ad-delivery.net	captcha.bot
2	cmp.quantcast.com	2 redirects
2	privygg.chargebeestaticv2.com	js.chargebee.com
2	challenges.cloudflare.com	1 redirects captcha.bot
1	dis.criteo.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	px.ads.linkedin.com	eb2.3lift.com
1	googleads.g.doubleclick.net	pagead2.googlesyndication.com
1	gtrace.mediago.io	1 redirects
1	cksync.yahoo.co.jp	a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com
1	sync.fout.jp	1 redirects
1	tr.blismedia.com	a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com
1	s.tribalfusion.com	a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com
1	a.tribalfusion.com	1 redirects
1	cdn.ampproject.org	a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	bidder.criteo.com	cdn.fuseplatform.net
1	hbopenbid.pubmatic.com	cdn.fuseplatform.net
1	prebid.a-mo.net	cdn.fuseplatform.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	ad.doubleclick.net	captcha.bot
1	btloader.com	cdn.fuseplatform.net
1	api.hcaptcha.com	newassets.hcaptcha.com
1	js.hcaptcha.com	js.chargebee.com
1	www.google.com.au	captcha.bot
1	stats.g.doubleclick.net	www.googletagmanager.com
1	analytics.google.com	www.googletagmanager.com
1	www.googletagmanager.com	captcha.bot
1	static.cloudflareinsights.com	captcha.bot
1	authenticate.captcha-botverify.site	1 redirects
0	fastlane.rubiconproject.com Failed	cdn.fuseplatform.net
256	64

This site contains links to these domains. Also see Links.

Domain
docs.captcha.bot
privy.gg
discord.com
arcane.bot

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-06-25` - `2024-06-24`	a year	crt.sh
js.chargebee.com Amazon RSA 2048 M01	`2023-03-14` - `2024-04-11`	a year	crt.sh
cdn.fuseplatform.net R3	`2023-12-20` - `2024-03-19`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.chargebeestaticv2.com Amazon RSA 2048 M01	`2023-04-30` - `2024-05-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.com.au GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
btloader.com GTS CA 1P5	`2023-12-17` - `2024-03-16`	3 months	crt.sh
api.btloader.com GTS CA 1D4	`2023-12-08` - `2024-03-07`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
cmp.inmobi.com Sectigo ECC Organization Validation Secure Server CA	`2023-08-18` - `2024-08-17`	a year	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.a-mo.net R3	`2024-01-06` - `2024-04-05`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
ssc.33across.com GTS CA 1D4	`2023-12-25` - `2024-03-24`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-15` - `2024-03-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-12-02` - `2024-03-01`	3 months	crt.sh
edge01.yahoo.co.jp Cybertrust Japan SureServer CA G4	`2023-11-30` - `2024-12-29`	a year	crt.sh
r.bing.com Microsoft Azure ECC TLS Issuing CA 05	`2023-10-18` - `2024-06-27`	8 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.linkedin.com DigiCert SHA2 Secure Server CA	`2023-11-03` - `2024-05-03`	6 months	crt.sh

This page contains 23 frames:

Primary Page: https://captcha.bot/
Frame ID: 07B26A4BA112D39056ECBE71CB0B6BED
Requests: 113 HTTP requests in this frame

Frame: https://js.chargebee.com/assets/cbjs-2024.01.10-07.24/v2/master.html
Frame ID: FE80BDD5CA505BA35550D3A2383107A8
Requests: 9 HTTP requests in this frame

Frame: https://captcha.bot/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
Frame ID: 692FC2287DABC6804E14E5E2CA48AF75
Requests: 2 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/3b797c3/static/hcaptcha.html?_v=t74pdjhwiin
Frame ID: 8366E70E654FBA081904F65357C6D9C3
Requests: 4 HTTP requests in this frame

Frame: https://newassets.hcaptcha.com/captcha/v1/3b797c3/static/hcaptcha.html
Frame ID: 3C128F3B7F00EBD99A0D913C32C6B97D
Requests: 3 HTTP requests in this frame

Frame: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 00CAF16221EBDD3142B31EEF546AEC33
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7916B9068443BAD3FC1F37A1B1FF5DD7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D66B6766F87D40BAB89FD1241FFA696A
Requests: 2 HTTP requests in this frame

Frame: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 904417E543431FA3FEAE15A0FF8440A2
Requests: 5 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/e21910fd923a6283b5d44b2382eabc86.js?tag=client_fast_engine_2019
Frame ID: 8A412A2AEBCBA253D5DCA88D227401E3
Requests: 9 HTTP requests in this frame

Frame: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: BCA67AEF4E7EE52CEFCFFA85C873D168
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuOAhki-COtCha8pD2Rrrf5buMnNVIn3EoBLBX4EvjaSHKU3BUOENv_uivb31Ba2M7R1QcUgIVl-Sp3fEjZJHKRBlpAxBBlxsmY4khjIZe0A87wfRPVUL8FlmKxk3sysRi-8qmwtf5E9Wnl8Ah460ZCd9EZ3H8fq0nzxKmvMBha7aS3p_3N1GiF5LxXYgkn_kvdNIR3Ud4iQOyA7AQ-HIEIlV_hFskjrJSyJKVOdMyamsU24Rj8UXjoC76DvbjUPRYUzrz1Dv4qHYkurqwWWGNxmAC0sYVTTY3Vz9i_M1aaLMVdCXn0yHDH6MSeXzPvq3YoHdOnCv_6LOESofaeUGID-5ezamFKgsDV1ljqiiI5zf6DIgkrT2pQGPR9EYuZf63LrYioNOMgWbupJoM&sai=AMfl-YQG5QIfyUU0G9zJWP0DW7yo62f2OCji85TdIbOJA916HEzUeGlby7DOPf6JKc1sth8pDIZVzx5wG_zFRNheBa8wgCAEiCnAm8icVgVVfkGWWreDvl5a8EqODzjzP-M&sig=Cg0ArKJSzHQ2psM4mVVCEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: AD5402B50297363DB5A3439C4CC8B7D9
Requests: 16 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssweoWYB2QFYvVl330J9_QEWG0KxsjfglyESiNngVMiPecl_OMqGeUUx1vToGUPlAE38cUYXRMeF7eXTF7syugVCW7GO15RcJ2UljMEIqrv02zVh4RGnr9aXvE0hgGlOt_loBfGedQ5ryCnwGfHiwlndkLkBeWkPIlnbu-_vDwbNodi7k1AgWOoMF06o8nT9W1zww2HiB5MbF9HWsUaBhl1A1pfU6ku0HyM_B6Mm1u91mrxFX3H54cZ5B-aW0aoW22zUnZ-l9SFKJXWq7eej_cu0jaZX5blUvwqDS1iJnA3eYTmmYh02BTfAEMoitMITWTMP21kq1mA044Rv1PrWRhUi7gq41CtLhhpzYuwgPNvSIJku379qg7zkkF-vxhdti_mq0RcCcwFbXKmZozWim_JKiLQTVM&sai=AMfl-YSkTRb0HDKWnwGEgRxLAQ99tPUmfH-YrDy7PIky2qQPjbBeaJUypBnHSkJGB0Dc1OU-tNHtqu4pBHyIiI1x0gyfRmKtYeE0Cd5SsNSHkDVXQ9z2s_fyT-BEixk6y5o&sig=Cg0ArKJSzDVX7nk8i7odEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 0A9A58DBF22B7F89EAC8C610BA2CCFB1
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvTMZEV2OB9-yamrMj0T5mAGWr7vOK5opwYtjF4JAL6Frr1wxxTTVTNXMyRn3ua4jCSdLuNXndFj-uH317FDnNhsp-twWZ9-ojx1gCTdpoPSxsSlXZjnvX5uZBlTQo1hRiCkNj8QD0NNDXkR-9YZpb0SjsJNilaz1ayr5HxsuAMs_Qlqmb0LnMauPbmPgauS3a7Rqgb1jneYmzOmurIJpO6ftXs9NefwSUzRx8PZsiqX863so0_Xz38j4RDcjrkJZAHv3QaoUTeG8Qk0IAAsoSrT64c-RgZw828orhXeAkvb3VQ_ominVePY5yum46brPxPpqIfrqkhsks5g5_bAK6AGVP9z5E3WJbfsbZuhpbrVGl8xU0iCk9xBa4Ow8NiwzeaOpUlV2T616fdAFY&sai=AMfl-YQSf5WGxnOTPYe2SagoumwQBtBfLMO2fgq73KVt1VUebm33fBCTCzDy5T6BlbxV3YaR7Zj5W8_cCvJUSdywcvFqt8bD8KjJhS4_FTLfPeiLoN2oyfRz2jHuPEiloR4&sig=Cg0ArKJSzNQtuYsLjeycEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: E3D9D3452B4D12653DEB5CBEC911495E
Requests: 16 HTTP requests in this frame

Frame: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 45A91039196B5AE6F4348E437DBF48F8
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsstFBjcET-nUbbV6m-CrEAhoeLwCG9pgco3LTh4ULId8V4tK0OXf1NTlAIiaOqmQ4Xm049uqdvVfh8EEviNl0b6kf5LuIJ57PdF6MRyOQi0zEvtJPzBmrIy8hu4laiWV7Ey-28XyDnVrvR7Bi5b7imP5fBlwetSenv6e9g9GQAhUjUHNY7FaS7luday4E-mggXXDVJAeFTFZMk0hzBb1TYM9VG2hG-4jwbNtx5QYpBbttsHNc0abTD20AkFD3kCK7eAuP6UxLZBq2gShv-VeCDxupmT0uz0TBZxDlWy1SjCbKKDjZ2cEOu6nh_uUuzH5oLR66UyrXmwOQtmT4E1bAwcidrJKGWddykQeZca7V7EaHkixzyLiSRlI9K4IIeFrpL2jNusMP113Ht6OmA&sai=AMfl-YRmbdT6fggxTu9CUOrT7Y1wD4AxcrPGxbX7-uZqb8aMezK40zRzjJiqly_QqlOtakIJFxG_T6oqLmbpvJ5xt6TpbzTB-n5e_YZG7ryj1KKzPAyi9wdp8xG-C6WBJoo&sig=Cg0ArKJSzKWjzjktJ1dfEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: 6AFB180DA39321BD78A93FF023C312A6
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 49BB7B31C69FA0769EDB6D2FCAC8F95A
Requests: 9 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=captcha.bot&gdpr=0&gdpr_consent=
Frame ID: 5A2643714D37D9A692B8AEC9296A857A
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js
Frame ID: 83EACF6B0DAFE836AED317773C33B708
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240108/r20190131/zrt_lookup_fy2021.html
Frame ID: 6805E893693490B22A2E1484F169DC5D
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssEsARd9UM-NK2XYUFjDFSbFjFUo711oA2DUmC-IAqEty8L48lRdIyVSOg5gQ4obFow7KJlxl0arlFwa2IDrPI8q1CfNrdG-YUGvE904nJxSN8e4FoIBamBwCTiDVUBO8BjhTYo99YigKCj6RGtsMYIcd78tR0QM0Op1L9Eu_CvLbHV5w4vTHyGVBM1Z6S0Fj3LQWeKHCtDXvmQCcvSM1x3ZeT3Q8crVMkJATkBPuBAp_9VSt0JYOyz9xp-wJ7LRnMR6o5mjN3VoCUHtcMlWcx6BHaBjkdLi3ySp558knvdKVaSoEM1Gq8Q6o2rvYA7mE-hi-Giqo_KChUfsF72aMqaMCujYQOcY4Q9mSnQJtwMlng9jRARG1W50qbnPNuTmw7GoKnxPtTLj-7BoSIL3BIpZc3vf0M&sai=AMfl-YSK3ZwXCWVRiEyDl1f25Ii9NN6F1MNpvz7rfOMUIrVEWuumN-EodebeqB1oUovUOIVc0RUtyXsrnr1RzWhiBdVtVSW0sagcEwXgYvah31fohAc8NeRpY5xg_h2_tPs&sig=Cg0ArKJSzGaenEe93qTxEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=
Frame ID: CF01D27738662FF6DDB9438D239E3D58
Requests: 2 HTTP requests in this frame

Frame: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6E8E33BD1C4A5FD2D16A6DA30521C764
Requests: 10 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=30448
Frame ID: 9CD9D1D51AFC1D052DDBA1D8543AA2FA
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Captcha.bot - Verification done right

Page URL History Show full URLs

https://authenticate.captcha-botverify.site/ HTTP 302
https://captcha.bot/ Page URL

Detected technologies

Chargebee (Payment processors) Expand

Overall confidence: 100%
Detected patterns

js\.chargebee\.com/v([\d.]+)

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js
tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

256
Requests

89 %
HTTPS

0 %
IPv6

46
Domains

64
Subdomains

49
IPs

5
Countries

3870 kB
Transfer

10286 kB
Size

34
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://docs.captcha.bot/
Title: Documentation

Search URL Search Domain Scan URL

URL: https://privy.gg/
Title: Privy.gg LLC

Search URL Search Domain Scan URL

URL: https://discord.com/application-directory/512333785338216465
Title: Add to Discord

Search URL Search Domain Scan URL

URL: https://arcane.bot/
Title: Arcane.bot

Search URL Search Domain Scan URL

URL: https://privy.gg/legal
Title: Terms of Service

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://authenticate.captcha-botverify.site/ HTTP 302
https://captcha.bot/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP 302
https://challenges.cloudflare.com/turnstile/v0/b/c8377512/api.js?onload=onloadTurnstileCallback

Request Chain 13

https://captcha.bot/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://captcha.bot/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js

Request Chain 21

https://cmp.quantcast.com/choice/PRrmquD1Ggcb1/captcha.bot/choice.js?tag_version=V2 HTTP 301
https://cmp.inmobi.com/choice/PRrmquD1Ggcb1/captcha.bot/choice.js?tag_version=V2

Request Chain 65

https://cmp.quantcast.com/choice/PRrmquD1Ggcb1/captcha.bot/choice.js?tag_version=V2 HTTP 301
https://cmp.inmobi.com/choice/PRrmquD1Ggcb1/captcha.bot/choice.js?tag_version=V2

Request Chain 155

https://a.tribalfusion.com/i.match?p=b6&u=CAESEBC9Y35N0j0tW4BmufghnkE&google_cver=1&google_push=AXcoOmTECS2q-tSkhOJo8DnVYFEY5of3F9Y29SVA-tSPL9BpHAUMz8uwQZUI3tGXRH39LAMMXXZqOhtUBT2iIC-599jdDznQY5SPJzvyNMcGALSCWKqZtEno_75r7uBMbExHEvOtmp_A-oEuOsJUr4hvHM4&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTECS2q-tSkhOJo8DnVYFEY5of3F9Y29SVA-tSPL9BpHAUMz8uwQZUI3tGXRH39LAMMXXZqOhtUBT2iIC-599jdDznQY5SPJzvyNMcGALSCWKqZtEno_75r7uBMbExHEvOtmp_A-oEuOsJUr4hvHM4%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBC9Y35N0j0tW4BmufghnkE&google_cver=1&google_push=AXcoOmTECS2q-tSkhOJo8DnVYFEY5of3F9Y29SVA-tSPL9BpHAUMz8uwQZUI3tGXRH39LAMMXXZqOhtUBT2iIC-599jdDznQY5SPJzvyNMcGALSCWKqZtEno_75r7uBMbExHEvOtmp_A-oEuOsJUr4hvHM4&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTECS2q-tSkhOJo8DnVYFEY5of3F9Y29SVA-tSPL9BpHAUMz8uwQZUI3tGXRH39LAMMXXZqOhtUBT2iIC-599jdDznQY5SPJzvyNMcGALSCWKqZtEno_75r7uBMbExHEvOtmp_A-oEuOsJUr4hvHM4%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 157

https://sync.fout.jp/sync?xid=googleadex&g_pixel=&sp=1&google_gid=CAESEOnFI0OyWP5HTFJxrg5LO7w&google_cver=1&google_push=AXcoOmTLM5qJ4IWpw9YEPWLbbFjE0J82eHT33R7C_tUbzCOwt4rYTyLRkHYhSLuba9VfB-PoPHGpwmRnZV80W7ABg6xWeydMOrnBzX3Lug3ANZbsk5yCw-gVj3EpZWScVcigIQn8D1t30wqK7j79cEKaanM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmTLM5qJ4IWpw9YEPWLbbFjE0J82eHT33R7C_tUbzCOwt4rYTyLRkHYhSLuba9VfB-PoPHGpwmRnZV80W7ABg6xWeydMOrnBzX3Lug3ANZbsk5yCw-gVj3EpZWScVcigIQn8D1t30wqK7j79cEKaanM&google_hm=VjJzVUo1RnJVRGtWYVdWYWd3dl9qU0I1VC1r&from_google=sp1

Request Chain 158

https://rtb.openx.net/sync/dds?google_gid=CAESEPk9d5omxJFzc-XoN5kWdaY&google_cver=1&google_push=AXcoOmR_BRtR5NhCr0mrPbVRql7WmcIewTHkj-YpTIxg9auri40rneSjPKavOtlVvLcS8brmaS-tLdgZnyqV6UZLuXIANS0bhDh6YGOSgK72rDBRAWhIAwgGD7qj9NsNsZJzKoEXfrIr7SWon7sKGn-2OUk HTTP 302
https://rtb.openx.net/sync/dds?google_cver=1&google_gid=CAESEPk9d5omxJFzc-XoN5kWdaY&google_push=AXcoOmR_BRtR5NhCr0mrPbVRql7WmcIewTHkj-YpTIxg9auri40rneSjPKavOtlVvLcS8brmaS-tLdgZnyqV6UZLuXIANS0bhDh6YGOSgK72rDBRAWhIAwgGD7qj9NsNsZJzKoEXfrIr7SWon7sKGn-2OUk&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmR_BRtR5NhCr0mrPbVRql7WmcIewTHkj-YpTIxg9auri40rneSjPKavOtlVvLcS8brmaS-tLdgZnyqV6UZLuXIANS0bhDh6YGOSgK72rDBRAWhIAwgGD7qj9NsNsZJzKoEXfrIr7SWon7sKGn-2OUk&google_hm=jcqQ1iCGxgYlwMvC1fFJcQ==

Request Chain 159

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENE7SitMZClWGKA75xXmoB0&google_cver=1&google_push=AXcoOmRtotz-KBBoi3uNs5MMoAm7_LpN6Mr-OSGnI9vGQxC5E-NSNgjY5jzqTIw-pBZEk7tgEdxbuPPP-TjR7WnNCLAddXnDeRz_4Apvm9kDRf1Hx-97cmrHSzLF07DqWipKO2uIrSjjdyu-W_gdLYuUlAE HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESENE7SitMZClWGKA75xXmoB0&google_push=AXcoOmRtotz-KBBoi3uNs5MMoAm7_LpN6Mr-OSGnI9vGQxC5E-NSNgjY5jzqTIw-pBZEk7tgEdxbuPPP-TjR7WnNCLAddXnDeRz_4Apvm9kDRf1Hx-97cmrHSzLF07DqWipKO2uIrSjjdyu-W_gdLYuUlAE&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENE7SitMZClWGKA75xXmoB0&google_hm=ZZ5R4DRm0AbOO9m88ZnT4AAAElcAAAAB&google_nid=index&google_push=AXcoOmRtotz-KBBoi3uNs5MMoAm7_LpN6Mr-OSGnI9vGQxC5E-NSNgjY5jzqTIw-pBZEk7tgEdxbuPPP-TjR7WnNCLAddXnDeRz_4Apvm9kDRf1Hx-97cmrHSzLF07DqWipKO2uIrSjjdyu-W_gdLYuUlAE

Request Chain 161

https://gtrace.mediago.io/ju/cs/google?google_gid=CAESECOASoooRor8HYhrG-Urn7g&google_cver=1&google_push=AXcoOmRvDIcJfvWOse_Uir4oR-eoQD95gYXZc3c0y8Ai9nvf0Vg88oGYGrkyZQQI60A6bB2qmr5SNzpanikM7XAvuxfKaV28t7mBtPA4W_LFgJXH2at4LmS96KfEyr5N7soTY1M7dYJBUobZcmSpjaqvel2T HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmRvDIcJfvWOse_Uir4oR-eoQD95gYXZc3c0y8Ai9nvf0Vg88oGYGrkyZQQI60A6bB2qmr5SNzpanikM7XAvuxfKaV28t7mBtPA4W_LFgJXH2at4LmS96KfEyr5N7soTY1M7dYJBUobZcmSpjaqvel2T&google_hm=a02ae86a0888d2ce2eg09f00lr7i8kde

Request Chain 165

https://securepubads.g.doubleclick.net/pagead/adview?ai=Cxd-a31GeZaTWMqzGssUPur-XmAinw6ygdY_G4q7tC9nZHhABINPLzjBgpYCAgJABoAH9kor9A8gBAeACAKgDAcgDCqoEqgJP0I6DgK9tzdFHi3X-E-iKdof4yhirZudDgqtRsBGW8v0nBHgE7OSqiyVAGsNEaSqkGgK6Aixb03DMVvf7CsMLTzsQP3UiIIcFkF1HmxZ1axT2zbZ5czuOzgbwAbOSS-N0FmnUtdBTwOVSgiaB5hrMmsE4Tw7XqFDPoh0v1GKG68E_7GJOuODSVv0yM_2Wy6g1pBQ4laGUSWdK1LATZz9SHfuw19NvafeCq62ELCqB4cTL8fcgXAmVtFovDLIyvin8cMGcahv2lwDqb0mvhEoWU5QfAzkhOPQrRu5y8_SUnz3qMkAba3GwJJ7npJQNml2pLUAw7VIHry9MP0mCrye3DQ6OiKJt7_kiQGNUhX2S2_51kjHO1PtZMhYrJbCJTBUezaLbMHyFQpw_wATOrrHxjgLgBAGIBbL-lrsHkgUECAQYAZIFBAgFGASAB4OyeKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEJ6VBdIIHwiAYRABGB0yAooCOgSAQIBASL39wTpYmY2zprDSgwOaCStodHRwczovL3d3dy5qdXN0YW5zd2VyLmNvbS9zaXAvanVzdGFuc3dlci0xgAoDyAsBogwMKgoKCKy6sQK7u7EC2gwRCgsQ8PeL_YuSkKq3ARICAQPiDRMIweSzprDSgwMVLKOsAh263wWD2BMLiBQE0BUBgBcBshceChwIABIUcHViLTMwMzkxOTk1MDM0MDM2MzQYmdIh&sigh=PISS6X1JWKI&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPAAvHhf_IgPh9BlnFQKq2iG_VB80GUA8BESUhng9qwWLwc3Xurbro8i0X4yyrInhGgMEnZeRRge-W_kqVRgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x577fa12c018f609d0000000000000000%22,%222%22:%220x3e0cf027f1224270000000000000000%22,%223%22:%220x1f97ce4626d15c650000000000000000%22,%224%22:%220x6e34438c719bbf220000000000000000%22,%225%22:%220x838016e60c7494710000000000000000%22},%22debug_key%22:%227208330126607728494%22,%22debug_reporting%22:true,%22destination%22:%22https://justanswer.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221067616637%22],%2222%22:[%22true%22],%224%22:[%2201-10%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217112033280674315217%22}&andc=true

Request Chain 192

https://www.bing.com/api/v1/mediation/tracking?adUnit=11730374&auId=df837a3a-6e08-40d8-9a6a-73b69e3733f2&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=11730374&publisherId=250152235&rId=4a72cfee-aeaf-4eea-9bb1-450ba8933d20&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D87623d350caf4b66ba3531bbf4db44d4%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=346768&trafficGroup=gevcyryvsg_pcz&trafficSubGroup=pbageby&aid=3469462595765001860800-301&wp=0.019 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=87623d350caf4b66ba3531bbf4db44d4&SNR=1&GV=2&med=10

Request Chain 202

https://www.bing.com/api/v1/mediation/tracking?adUnit=11730374&auId=ba8d901b-4cb0-46f1-97fa-bd31b7496255&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=11730374&publisherId=250152235&rId=e8ad5337-3579-408d-b5e4-795375e289c5&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D94c1f4d1866249ebab8bc5de1c6e8608%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=346768&trafficGroup=gevcyryvsg_pcz&trafficSubGroup=zzf%3Agevcyryvsg_pcz_hzf_35&aid=3469462595765001860800-303&wp=0.049 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=94c1f4d1866249ebab8bc5de1c6e8608&SNR=1&GV=2&med=10

Request Chain 212

https://www.bing.com/api/v1/mediation/tracking?adUnit=11730374&auId=7b734bfe-63e3-43cf-9ef0-89ca2620fc9b&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=11730374&publisherId=250152235&rId=21bcce61-0abc-4609-a3cd-2defbaa097d9&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D4e4b20df910844e29c0978022d64b377%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=346768&trafficGroup=gevcyryvsg_pcz&trafficSubGroup=zzf%3Agevcyryvsg_pcz_nhqvg_genpxvat_p&aid=3469462595765001860800-302&wp=0.088 HTTP 303
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=4e4b20df910844e29c0978022d64b377&SNR=1&GV=2&med=10

Request Chain 250

https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=3658&xuid=55eea90f-1f54-44a9-95e2-53834fae37c9&dongle=0cfd&gdpr=0&gdpr_consent=

Request Chain 251

https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NTgzMDA0MTYzNjI5NjUzMDkyNjU%3D HTTP 302
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=

Request Chain 252

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELpZnA5p50kjryCrds1NlJQ&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1

Request Chain 253

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NTgzMDA0MTYzNjI5NjUzMDkyNjU%3D

Request Chain 255

https://pr-bh.ybp.yahoo.com/sync/triplelift/58300416362965309265?gdpr=0&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2662&xuid=y-p3q49udE2oSlncBwuuT5jByAw_TNB1nKbRYBBEpQog--~A&dongle=0883

Request Chain 256

https://x.bidswitch.net/sync?ssp=triplelift&user_id=58300416362965309265&gdpr=0&gdpr_consent=${GDPR_CONSENT} HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=58300416362965309265&gdpr=0&gdpr_consent=${GDPR_CONSENT} HTTP 302
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift HTTP 302
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift HTTP 302
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=e010660f-5b81-42e9-87cd-6dc78a08ec64&ssp=triplelift

Request Chain 257

https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40%40CRITEO_USERID%40%40%26dongle%3D013b HTTP 302
https://eb2.3lift.com/xuid?mid=2711&xuid=2519936a-3d31-4418-bc57-8081e4218728&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 258

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent= HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3335%2526xuid%253D%2524UID%2526dongle%253D4d58%2526gdpr%3D0%2526gdpr_consent%3D HTTP 302
https://eb2.3lift.com/xuid?mid=3335&xuid=2190743206073753920&dongle=4d58&gdpr=0&gdpr_consent=

256 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
captcha.bot/
Redirect Chain

https://authenticate.captcha-botverify.site/
https://captcha.bot/

2 KB
2 KB

1145ms
821ms

Document
text/html

104.26.7.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.7.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 610db3eb6fe53be6867b1a41677d37ccf9cc5585779c9058b22ec04b490a1f01

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84337737cb3ca820-SYD
content-encoding: br
content-type: text/html
date: Wed, 10 Jan 2024 08:14:19 GMT
last-modified: Sat, 30 Dec 2023 05:56:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KnPMfuUfb%2BGqk%2BnIoCVyrdZd0lVYRQfjVQj5Vr24mzdlonJXIWApmxU%2FdQKMdXABfy01OTeCs%2BCKcvId9IKbIjxkOLWTN363osYmRs6vYOhsHSTiOC0uakFn1Yio"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84337732ccb6572d-SYD
content-type: text/html; charset=utf-8
date: Wed, 10 Jan 2024 08:14:18 GMT
location: https://captcha.bot
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Htv3%2B3f3Zeo3Ur%2BVXTM5jnUbEDWsynPayrFpyy84NmjeRyeXa3CBhDwOV1IQR%2FvkGLmz%2FKgXq1RfKcKioXMCdJc%2B4RwcCU9I03Fcn5NC%2FIlf1OovPXCklVreX%2BXLNVQBOJbw4jwUh9YAvc7iF8HUVMscUPvD8A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 chargebee.js Show response
js.chargebee.com/v2/ 270 KB
79 KB 16ms
2ms Script
application/x-javascript 13.35.147.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/v2/chargebee.js

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.147.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-147-43.syd1.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

df3f4de8961c4df2aa3eb26adc82eb002d4ebf83829857ff3457fdad6b940051

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

x-amz-version-id: 2I73_fbf4mnpK3jpBaYLbDFo.xJ7gDeZ
strict-transport-security: max-age=300; includeSubdomains; preload
content-encoding: gzip
date: Wed, 10 Jan 2024 08:13:14 GMT
via: 1.1 54fd8d6cde5c907e8ccf43b943423830.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD1-C1
age: 66
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 10 Jan 2024 07:52:37 GMT
server: AmazonS3
etag: W/"747fe3344d5952b35c3aef402c70c477"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300,public
x-amz-cf-id: tV1HydMdULboHzBcMh2zf9iaM91DTKR2qWTljnQ639pqCj5cbZtGng==

GET
H2

200

api.js Show response
challenges.cloudflare.com/turnstile/v0/b/c8377512/
Redirect Chain

https://challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback
https://challenges.cloudflare.com/turnstile/v0/b/c8377512/api.js?onload=onloadTurnstileCallback

34 KB
12 KB

24ms
23ms

Script
application/javascript

104.17.3.184
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://challenges.cloudflare.com/turnstile/v0/b/c8377512/api.js?onload=onloadTurnstileCallback
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Server: 104.17.3.184 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 850e587a96f9cad84206169720be046f289fa015e4b76b6ae79610c9d73c7eef

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:20 GMT
content-encoding: br
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 8433773f0b2b79d2-SYD
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Wed, 10 Jan 2024 08:14:20 GMT
server: cloudflare
vary: accept-encoding
location: /turnstile/v0/b/c8377512/api.js?onload=onloadTurnstileCallback
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 8433773eeb0279d2-SYD
alt-svc: h3=":443"; ma=86400

GET
H2 200 chunk-vendors.bfc7157a.js Show response
captcha.bot/js/ 150 KB
53 KB 17ms
17ms Script
application/javascript 104.26.7.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://captcha.bot/js/chunk-vendors.bfc7157a.js
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.7.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6026b5e35c99959ff49bb57e086263c3145cf10054c10448b944348d7a3d2ab

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5768
cf-polished: origSize=153350
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sat, 30 Dec 2023 05:56:15 GMT
server: cloudflare
etag: W/"658fb0ff-25706"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tHMMUJ1QNPCY7FuxRU20Kx6kYAswr8SeTqLstTb%2F78JFRk584UvFDmuTBG4iApPRs9o77Jtf38TassdxIt0WnMP3%2FdOcF%2FvBbPfX0%2F5IIeBWSYwq3IUOOtIGXaRe"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=120
cf-ray: 8433773d18e1a820-SYD

GET
H2 200 app.e92fa179.js Show response
captcha.bot/js/ 13 KB
6 KB 15ms
14ms Script
application/javascript 104.26.7.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://captcha.bot/js/app.e92fa179.js
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.7.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 676041459462ccdec93b528297a0e88930e6e29b5e5948c740ceabdae3bb1ac1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5768
cf-polished: origSize=13078
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Sat, 30 Dec 2023 05:56:15 GMT
server: cloudflare
etag: W/"658fb0ff-3316"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=31Ib7QyHT7mAKxjsnW2YkPnhQDr%2FpwUsgELusEB9slKZPuZjNOeBuUrjK7Uqq%2F2UysxVlMYcz%2BdQSFpTruZ59VWyzcZjpbiwTDg%2F%2BZN68%2Fz%2FtbvExteqZW30GjRw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=120
cf-ray: 8433773d3901a820-SYD

GET
H2 200 app.908c6964.css
captcha.bot/css/ 44 KB
9 KB 13ms
12ms Stylesheet
text/css 104.26.7.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://captcha.bot/css/app.908c6964.css
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.7.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9850834b2efcb9d344963e45b78a0483e6a6cedb0c1c36fc224abd7d5cebe2c6

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:19 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
last-modified: Sat, 30 Dec 2023 05:56:15 GMT
server: cloudflare
age: 5829
etag: W/"658fb0ff-b0a9"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OK4WU8mr%2FUU%2BQeU8TxAN3iGWw0T9US6%2BT7J1N%2FQz43M685W49UNct8tgQgSF3FGWzeiKbyXpz314JOZ3LzHRw0qiKlWs%2FDX%2FTuqJdny%2BhaNnJoNwXBRiBFOnwnPW"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=120
cf-ray: 8433773ce8c4a820-SYD
alt-svc: h3=":443"; ma=86400

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 356ms
41ms Script
text/javascript 104.16.56.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.56.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://captcha.bot/
Origin: https://captcha.bot
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:20 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 8433773f3e1da938-SYD

GET
H2 200 190-0f7f7962557c3a672901.js Show response
js.chargebee.com/assets/cbjs-2024.01.10-07.24/v2/ 17 KB
5 KB 3ms
3ms Script
application/x-javascript 13.35.147.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/assets/cbjs-2024.01.10-07.24/v2/190-0f7f7962557c3a672901.js

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/v2/chargebee.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.147.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-147-43.syd1.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c38a928deee5f36605c38fa74f8c0e30a4380a4d98ec80ab023888675e4e24f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

x-amz-version-id: fD6Ydn08PraGiNXjrpJ5VenjJJU6_Kd6
strict-transport-security: max-age=300; includeSubdomains; preload
content-encoding: gzip
date: Wed, 10 Jan 2024 08:14:13 GMT
via: 1.1 54fd8d6cde5c907e8ccf43b943423830.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD1-C1
age: 69
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 10 Jan 2024 07:52:37 GMT
server: AmazonS3
etag: W/"2c943cd3eaa374aa8cc246d0e2e703b9"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300,public
x-amz-cf-id: 1LSpV0bI7BycuPeWlxxz8c1DjQRhyU1L8bhzBDURRdJmeaRxA9il0w==

GET
H2 200 fuse.js Show response
cdn.fuseplatform.net/publift/tags/2/2874/ 244 KB
56 KB 674ms
294ms Script
application/x-javascript 104.99.59.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fuseplatform.net/publift/tags/2/2874/fuse.js
Requested by: Host: captcha.bot
URL: https://captcha.bot/js/app.e92fa179.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.99.59.17 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-99-59-17.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: bf690803e1fc3c3d03595643914712996adb559fb7846cf6c69b8f83275d47b6

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:20 GMT
content-encoding: gzip
last-modified: Fri, 24 Feb 2023 00:40:47 GMT
server: AkamaiNetStorage
etag: "c43b788e3884f4ebc21e0b82c92cfa3f:1677199247.347819"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1800
accept-ranges: bytes
content-length: 57145
expires: Wed, 10 Jan 2024 08:44:20 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 218 KB
78 KB 505ms
107ms Script
application/javascript 142.250.204.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VT1JT14S09&l=dataLayer

Requested by

Host: captcha.bot
URL: https://captcha.bot/js/chunk-vendors.bfc7157a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.8 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

92627d8d36ceaf0497c06d048b7a2bf8b56a26c63674287daf181c6883c3253d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79350
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 10 Jan 2024 08:14:20 GMT

GET
H2 200 609.7460785c.css
captcha.bot/css/ 128 KB
52 KB 829ms
829ms Stylesheet
text/css 104.26.7.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://captcha.bot/css/609.7460785c.css
Requested by: Host: captcha.bot
URL: https://captcha.bot/js/app.e92fa179.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.7.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32b756bfa32d3c2a0a584ebaa8d5050f9db464fe5a7c7ca25bd54ebfea5b15fd

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:20 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Sat, 30 Dec 2023 05:56:15 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
etag: W/"658fb0ff-1801d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FOyQlgD8k7L5XLZm1YcJqRrHMG3urUu4PgesVW2ubV5j1mxLF4s2lrQpksPsc15dpd%2FG4%2F39btNm8rEKBSLeWccXpgjfkCwL6vG50D%2FqAf26D4SCoMIaTeRKpsKn"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=120
cf-ray: 8433773d9964a820-SYD
alt-svc: h3=":443"; ma=86400

GET
H2 200 609.1ded81fc.js Show response
captcha.bot/js/ 19 KB
6 KB 824ms
824ms Script
application/javascript 104.26.7.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://captcha.bot/js/609.1ded81fc.js
Requested by: Host: captcha.bot
URL: https://captcha.bot/js/app.e92fa179.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.7.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ef1fb1258c5ef1d73e6a4325fa9cb17deffb721770edc8c01cc045e3041c5a6

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:20 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Sat, 30 Dec 2023 05:56:15 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=19136
etag: W/"658fb0ff-4ac0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B0%2B4TjEQ7KvxXTwaoLjeZOwso3qOn%2Fwk0FTymgAoqTIZKP0pWdKHwunUY%2FfpzaD2ouhmrtBRjKKwJdYlPKY026Mki894oIg3EQ7uP2IQ4fsNkYqi7GZRrVDA4MAe"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=120
cf-ray: 8433773d9965a820-SYD
alt-svc: h3=":443"; ma=86400

GET
H2 200 animation.css
js.chargebee.com/assets/cbjs-2024.01.10-07.24/v2/ 722 B
1 KB 4ms
4ms Stylesheet
text/css 13.35.147.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/assets/cbjs-2024.01.10-07.24/v2/animation.css

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/v2/chargebee.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.147.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-147-43.syd1.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c8c900ec5cbe9ef18bea37051bc2bf2aa9846c2ce787d248f2451575e2a372fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

x-amz-version-id: qf2DYkYp3NCXUBhrMONlFE20H3K9UIGZ
strict-transport-security: max-age=300; includeSubdomains; preload
via: 1.1 54fd8d6cde5c907e8ccf43b943423830.cloudfront.net (CloudFront)
date: Wed, 10 Jan 2024 08:13:22 GMT
x-amz-cf-pop: SYD1-C1
age: 59
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 722
last-modified: Wed, 10 Jan 2024 07:52:39 GMT
server: AmazonS3
etag: "520016f3fad41f77bb889758ac030aaf"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=300,public
accept-ranges: bytes
x-amz-cf-id: SV_zOnKNmSyOfYi8ouGWJTp6OpycIZ8IKspUBLcmwEImyT151n4vzw==

GET
H2 200 master.html Show response
js.chargebee.com/assets/cbjs-2024.01.10-07.24/v2/ Frame FE80 234 B
718 B 3ms
3ms Document
text/html 13.35.147.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/assets/cbjs-2024.01.10-07.24/v2/master.html

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/assets/cbjs-2024.01.10-07.24/v2/190-0f7f7962557c3a672901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.147.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-147-43.syd1.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

c5cbb783a0de964acf75961ef5652a9972c61b0db504a5f3b4f2e41a64d92177

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

Referer: https://captcha.bot/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 70
cache-control: max-age=300,public
content-length: 234
content-type: text/html
date: Wed, 10 Jan 2024 08:13:12 GMT
etag: "dd8891f13cf90d612cda9b0aa71a9ac4"
last-modified: Wed, 10 Jan 2024 07:52:39 GMT
server: AmazonS3
strict-transport-security: max-age=300; includeSubdomains; preload
vary: Accept-Encoding
via: 1.1 54fd8d6cde5c907e8ccf43b943423830.cloudfront.net (CloudFront)
x-amz-cf-id: K54thuqSLFmJrvV3oK5ewVefSX3PckSQjp7laq8m46I0hKQuQty3wQ==
x-amz-cf-pop: SYD1-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: 6KrdiNTJb4yOvfcKgXzfGjLJv0jJVoXL
x-cache: Hit from cloudfront

GET
H2

200

main.js Show response
captcha.bot/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/ Frame 692F
Redirect Chain

https://captcha.bot/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://captcha.bot/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js

7 KB
4 KB

10ms
10ms

Script
application/javascript

104.26.7.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://captcha.bot/cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Server

104.26.7.110 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be6cc073b6b0e4ee33b62b8449b4ca213a433f2299218ae5f3f6904070e25a2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:20 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pbeDMpe2Fpzlpfw2nmRz8rpywAeHMLKrD0OzeAFg01weeoK0%2BttFnOFMVIwhfRomqxeo95rEN6s4SyQ1ikIJvmdrBsxko1OB5LHa%2FsEjQGNHHWuUBQcP4kyMDTHE"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 8433773fabf5a820-SYD
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Wed, 10 Jan 2024 08:14:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2Fi1YMInMmDKN4CecBSJ2sLFTGvFwk0lZOVAbo7xpNC%2FNQVE5POxSMklvyUtmSru43cRx0YFezh2LRJ4t1KnmVtuxZ2hVg7wDL9xCRb7%2F111%2F%2FiOZyevHyG57AEI"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/c8377512/main.js
cache-control: max-age=300, public
cf-ray: 8433773f9bc8a820-SYD
alt-svc: h3=":443"; ma=86400

GET
H2 200 master-53b7df5894b6cf02ffd7.js Show response
js.chargebee.com/assets/cbjs-2024.01.10-07.24/v2/ Frame FE80 242 KB
69 KB 4ms
3ms Script
application/x-javascript 13.35.147.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/assets/cbjs-2024.01.10-07.24/v2/master-53b7df5894b6cf02ffd7.js

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/assets/cbjs-2024.01.10-07.24/v2/master.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.147.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-147-43.syd1.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

623a9c8ab46ab0183b90f06620f0ff109a8136d2a7f7f864c528fa61b62085ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://js.chargebee.com/assets/cbjs-2024.01.10-07.24/v2/master.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

x-amz-version-id: lYMet._pc30OrfYgwf01WAJpd4wWKM8k
strict-transport-security: max-age=300; includeSubdomains; preload
content-encoding: gzip
date: Wed, 10 Jan 2024 08:13:14 GMT
via: 1.1 54fd8d6cde5c907e8ccf43b943423830.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD1-C1
age: 67
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 10 Jan 2024 07:52:37 GMT
server: AmazonS3
etag: W/"29f1192b27cf523583431c0b75713712"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300,public
x-amz-cf-id: 1xxFywnwApEctDUlDGzxD8M8BTQyO3IWTqM6xHQyF7-CssGJy77F1Q==

POST
H2 200 84337737cb3ca820 Show response
captcha.bot/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 692F 0
445 B 22ms
22ms XHR
text/plain 104.26.7.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://captcha.bot/cdn-cgi/challenge-platform/h/b/jsd/r/84337737cb3ca820
Requested by: Host: captcha.bot
URL: https://captcha.bot/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.7.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 10 Jan 2024 08:14:20 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yVHxq0k%2B7LWv%2BNpArDA0DfFnioQKV%2FqO%2FTHuPVn2%2BN%2FTbv6cLAhGox%2FYW32Dd1vRJwB5jkT2CwxMj153OypnWkQEgOriovZCUEzMmCOoCRjMhzSighbf5wX%2BLZx1"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 843377406cfea820-SYD
alt-svc: h3=":443"; ma=86400

GET
H2 200 206-a322f7f4fc41f5e46890.js Show response
js.chargebee.com/assets/cbjs-2024.01.10-07.24/v2/ Frame FE80 3 KB
2 KB 4ms
4ms Script
application/x-javascript 13.35.147.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/assets/cbjs-2024.01.10-07.24/v2/206-a322f7f4fc41f5e46890.js

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/assets/cbjs-2024.01.10-07.24/v2/master-53b7df5894b6cf02ffd7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.147.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-147-43.syd1.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

ec8333b805167ffc5c8331ddd78bc3b62fb9f7a900e3e90926faff98836264fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://js.chargebee.com/assets/cbjs-2024.01.10-07.24/v2/master.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

x-amz-version-id: zOrbukUfofn85wDjzhM_9GXg82km2aKt
strict-transport-security: max-age=300; includeSubdomains; preload
content-encoding: gzip
date: Wed, 10 Jan 2024 08:13:15 GMT
via: 1.1 54fd8d6cde5c907e8ccf43b943423830.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD1-C1
age: 66
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 10 Jan 2024 07:52:37 GMT
server: AmazonS3
etag: W/"97bcf9117002ac72a0b5e1cf5002a401"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300,public
x-amz-cf-id: 64YNa_gjiTHlQbc6ELmg5plwympZ89v2L-jbdnnynFA1wALFkWJpJg==

GET
H2 200 215-0a82ce2e70d9244d2502.js Show response
js.chargebee.com/assets/cbjs-2024.01.10-07.24/v2/ Frame FE80 3 KB
2 KB 5ms
4ms Script
application/x-javascript 13.35.147.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/assets/cbjs-2024.01.10-07.24/v2/215-0a82ce2e70d9244d2502.js

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/assets/cbjs-2024.01.10-07.24/v2/master-53b7df5894b6cf02ffd7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.147.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-147-43.syd1.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

959d1bd70f469e7a699eb60a68b511ffc143c575d23fa1399da727d3b58bdb08

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://js.chargebee.com/assets/cbjs-2024.01.10-07.24/v2/master.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

x-amz-version-id: 15aXRGkpDEQ_.lKxSmR880DE0z1_D0J_
strict-transport-security: max-age=300; includeSubdomains; preload
content-encoding: gzip
date: Wed, 10 Jan 2024 08:13:15 GMT
via: 1.1 54fd8d6cde5c907e8ccf43b943423830.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD1-C1
age: 66
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 10 Jan 2024 07:52:37 GMT
server: AmazonS3
etag: W/"180c2c7c5e55a599da82c77731c593bb"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300,public
x-amz-cf-id: I3L27P-Vs_wpHAVqhXc_g71fMxAtNPS-LQ9enBwryUbBQSmHY0oSNQ==

GET
H2 200 pi-worker.js
js.chargebee.com/assets/cbjs-2024.01.10-07.24/v2/ Frame FE80 66 KB
22 KB 5ms
4ms Other
application/x-javascript 13.35.147.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/assets/cbjs-2024.01.10-07.24/v2/pi-worker.js

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.147.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-147-43.syd1.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f4a8955b237a8378465ee965e51a783477658b4f7c1cef4e2f3cc955e474b6a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://js.chargebee.com/assets/cbjs-2024.01.10-07.24/v2/master.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

x-amz-version-id: uPhYGK9M45pm8eAKMdIHnBHCsrzjlmML
strict-transport-security: max-age=300; includeSubdomains; preload
content-encoding: gzip
date: Wed, 10 Jan 2024 08:13:15 GMT
via: 1.1 54fd8d6cde5c907e8ccf43b943423830.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD1-C1
age: 66
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 10 Jan 2024 07:52:37 GMT
server: AmazonS3
etag: W/"f8634f802250605e88066c00ded39275"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300,public
x-amz-cf-id: bbdvyNzpdVMh2sWQCcmzDEZQ2KiHO__0_hsvZWB1x15W9Jm552ICMQ==

OPTIONS
H2 202 retrieve_js_info
privygg.chargebeestaticv2.com/api/internal/1704873600/ Frame 0
0 656ms
641ms Preflight 18.67.111.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://privygg.chargebeestaticv2.com/api/internal/1704873600/retrieve_js_info

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.111.22 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-111-22.syd62.r.cloudfront.net

Software

ChargeBee /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: GET
Origin: https://js.chargebee.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, cb-csrf-token, leap.api.version, chargebee-business-entity-id, X-TP-Token
access-control-allow-methods: GET, OPTIONS, POST
access-control-allow-origin: https://js.chargebee.com
cache-control: max-age=0, must-revalidate, public, s-maxage=10800
content-length: 0
date: Wed, 10 Jan 2024 08:14:20 GMT
expires: Thu, 01 Jan 1970 00:00:00 UTC
pragma: no-cache
server: ChargeBee
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 f1add8f4c4c2d3927809bab0bfad9b82.cloudfront.net (CloudFront)
x-amz-cf-id: pKAq7g4rF9ZePob1Ryn7zVv9FXyp5tNzoOsM6rCPVmK5Qhlqa3W_bQ==
x-amz-cf-pop: SYD62-P2
x-cache: Miss from cloudfront
x-content-type-options: nosniff

GET
H2 200 retrieve_js_info Show response
privygg.chargebeestaticv2.com/api/internal/1704873600/ Frame FE80 678 B
1 KB 4ms
4ms XHR
application/json 18.67.111.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://privygg.chargebeestaticv2.com/api/internal/1704873600/retrieve_js_info

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/assets/cbjs-2024.01.10-07.24/v2/master-53b7df5894b6cf02ffd7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.67.111.22 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-67-111-22.syd62.r.cloudfront.net

Software

ChargeBee /

Resource Hash

f3bc1ef86b4e5f5c383b397e2e1f86e7978d0ab7836dab27ae074b6f2760a9cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://js.chargebee.com/
X-Requested-With: XMLHttpRequest
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:01:01 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
via: 1.1 f1add8f4c4c2d3927809bab0bfad9b82.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD62-P2
age: 798
x-cache: Hit from cloudfront
content-length: 678
server: ChargeBee
access-control-allow-methods: GET, OPTIONS, POST
content-type: application/json;charset=utf-8
access-control-allow-origin: https://js.chargebee.com
cache-control: max-age=0, must-revalidate, public, s-maxage=3600
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, cb-csrf-token, leap.api.version, chargebee-business-entity-id, X-TP-Token
x-amz-cf-id: psls2S4jKwKtFC3vk0R01kzNvKFF0lwJ6r9ZYUCsZpIXeXcpxtDSOg==
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2

200

choice.js Show response
cmp.inmobi.com/choice/PRrmquD1Ggcb1/captcha.bot/
Redirect Chain

https://cmp.quantcast.com/choice/PRrmquD1Ggcb1/captcha.bot/choice.js?tag_version=V2
https://cmp.inmobi.com/choice/PRrmquD1Ggcb1/captcha.bot/choice.js?tag_version=V2

4 KB
2 KB

334ms
3ms

XHR
application/javascript

18.67.93.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/choice/PRrmquD1Ggcb1/captcha.bot/choice.js?tag_version=V2
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Server: 18.67.93.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-118.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6c37dd45167098f01b5aa23ce5c21898424c7347c05d34444ca013af9d85c57f

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:13:48 GMT
content-encoding: gzip
via: 1.1 28cc33f6d1fa8bfd0cce12161c7d5e90.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD62-P1
age: 34
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Sun, 19 Nov 2023 22:34:11 GMT
server: AmazonS3
etag: W/"76a3516a731c32c1a6a8f48b54d3d323"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=900
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-amz-cf-id: RTK03bwJnFAPcwIbfEsEsnqHmlPcmm7DMQkhOa7UcmN7lJ_9fpxlrw==

Redirect headers

x-amz-website-redirect-location: https://cmp.inmobi.com/choice/PRrmquD1Ggcb1/captcha.bot/choice.js?tag_version=V2
date: Wed, 10 Jan 2024 08:14:22 GMT
via: 1.1 41f4e34e5d78c923aead0fa16ff91eb8.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD1-C2
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 0
last-modified: Wed, 15 Nov 2023 19:47:35 GMT
server: AmazonS3
etag: "997985d66f999e7c0034a8915419c2cf"
access-control-max-age: 3000
access-control-allow-methods: GET
location: https://cmp.inmobi.com/choice/PRrmquD1Ggcb1/captcha.bot/choice.js?tag_version=V2
access-control-allow-origin: https://captcha.bot
cache-control: max-age=3600
access-control-allow-credentials: true
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: -DTpeQTEsteqI5P3STot92t8wl88S-tkmxhoxotL07DKxd1_uDcbTQ==

GET
H2 200 prebid-407496646b648e67be5f557efe0c7641.js Show response
cdn.fuseplatform.net/prebid/ 261 KB
81 KB 6ms
6ms Script
application/x-javascript 104.99.59.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2874/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.99.59.17 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-99-59-17.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: ac029ed357e9abcb27b7afb2c5e3ffd7b0877924f8707c32c0a094e9a2027b2d

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:20 GMT
content-encoding: gzip
last-modified: Fri, 03 Mar 2023 02:21:08 GMT
server: AkamaiNetStorage
etag: "84cb2005d5697b835da43944b24c79f2:1677810068.706101"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=86400000
accept-ranges: bytes
content-length: 82396
expires: Tue, 06 Oct 2026 08:14:20 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 97 KB
29 KB 533ms
124ms Script
text/javascript 142.250.66.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2874/fuse.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f2.1e100.net

Software

cafe /

Resource Hash

9ca729836c4f15769768874e427b1c546a6994ee4a017106e2757b22b3d52575

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29338
x-xss-protection: 0
server: cafe
etag: 247 / 19732 / m202401030101 / config-hash: 1817704787884296793
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 10 Jan 2024 08:14:20 GMT

GET
H2 200 noconsent Show response
cdn.fuseplatform.net/telemetry/ 1 B
286 B 321ms
5ms Fetch
text/plain 104.99.59.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fuseplatform.net/telemetry/noconsent?v=1&ttm=1704874460458&cookie=true&res=1600x1200&device=desktop&browser=chrome&fuuid=637ed7b8-f4d8-5110-9fba-9979a365c1a7&fid=2874&pubid=5&url=https%3A%2F%2Fcaptcha.bot%2F&sid=89ae67436bc58767184a&srate=100&adserver=gpt&etm=2731&e=fuse-load
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2874/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.99.59.17 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-99-59-17.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:20 GMT
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 11:31:51 GMT
server: AkamaiNetStorage
etag: "9dd4e461268c8034f5c8564e155c67a6:1660131111.248793"
vary: Accept-Encoding, Accept-Encoding, Origin
content-type: text/plain
access-control-allow-origin: https://captcha.bot
cache-control: max-age=1800
accept-ranges: bytes
x-datastream-cache-status: 1
content-length: 21
expires: Wed, 10 Jan 2024 08:44:20 GMT

GET
DATA 200
OK truncated
/ 89 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62d056f363b8b39fd0f85690a31012fcb6f1f0cef642bb247fc8ae627e33ac6d

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 5 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4383437e4c7973582c6fa37a8693ce3d30e4026a462995671533ef885b0a130a

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 logo.0d11fe46.png
captcha.bot/img/ 15 KB
15 KB 14ms
13ms Image
image/webp 104.26.7.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://captcha.bot/img/logo.0d11fe46.png
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.7.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6227e69f1c3711825b5166ddcbd07539e556ce7068917ad7701a5af5b4814f33

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:20 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6329
cf-polished: origFmt=png, origSize=34020
content-disposition: inline; filename="logo.webp"
alt-svc: h3=":443"; ma=86400
content-length: 14910
cf-bgj: imgq:100,h2pri
last-modified: Sat, 30 Dec 2023 05:56:15 GMT
server: cloudflare
etag: "658fb0ff-84e4"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z533WudztWau8nuCGOnJ4wYf43W9Z5oQicRkAgDt9WIjVlqQdBuNjhX8lZ7CB%2Be6lxoRMv%2FXl%2BcAE5xu0ZPpUnxAbSNBbXjkIf6iI%2Ff%2Br31VaIK9BKrD5mUQSWWm"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 84337743280da820-SYD

GET
H2 200 landing-promo.423c8618.png
captcha.bot/img/ 8 KB
9 KB 841ms
837ms Image
image/webp 104.26.7.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://captcha.bot/img/landing-promo.423c8618.png
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.7.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a87310dacb8e83018f2cbb037552a79868dafb9214613d442581b3f3eeea914

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:21 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=16963
content-disposition: inline; filename="landing-promo.webp"
alt-svc: h3=":443"; ma=86400
content-length: 8702
cf-bgj: imgq:100,h2pri
last-modified: Sat, 30 Dec 2023 05:56:15 GMT
server: cloudflare
etag: "658fb0ff-4243"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jLgHKbRoJYnLro6Jmnm%2FcRqJWslhhaMQTdla7GdhguQu2VnbkoO7K9yylt9j8%2BfAmfJQseogDcvJvR8MiJfVRE30LwaePMaZbYN6LUwxb1Y5KPLzOPf4xGylC%2FL7"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 843377432814a820-SYD

GET
H2 200 bitcoin.png
captcha.bot/promo/crypto/ 8 KB
9 KB 841ms
837ms Image
image/webp 104.26.7.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://captcha.bot/promo/crypto/bitcoin.png
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.7.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9eab613f27dc9efb747630f963208741cc088b586edfbfdaaebf7d733dc2d63

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:21 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=14655
content-disposition: inline; filename="bitcoin.webp"
alt-svc: h3=":443"; ma=86400
content-length: 8608
cf-bgj: imgq:100,h2pri
last-modified: Sat, 30 Dec 2023 05:56:15 GMT
server: cloudflare
etag: "658fb0ff-393f"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RVoOnK%2BEEZYyXevKvnpSsqTIY2FBbrqINQc4%2ByWnRtsbb3qjQdWKRSi%2B%2FnqRntqkzL2FWIAQ3WQJdoZsckL9dH1OwOTJmPvU73Q3MKlHBWamFTcPvSl2hmgytQ2k"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 843377432818a820-SYD

GET
H2 200 doge.png
captcha.bot/promo/crypto/ 190 KB
190 KB 829ms
825ms Image
image/webp 104.26.7.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://captcha.bot/promo/crypto/doge.png
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.7.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08a184bb8e17a3028350b402628040f572e5e6b2a57a5959c5acd78bfb1f5f9a

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:21 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=332322
content-disposition: inline; filename="doge.webp"
alt-svc: h3=":443"; ma=86400
content-length: 194348
cf-bgj: imgq:100,h2pri
last-modified: Sat, 30 Dec 2023 05:56:15 GMT
server: cloudflare
etag: "658fb0ff-51222"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j9R1199OfMET7oRwJmutIOLdGym0EIRfYNIT834n7Vp%2BylA0mA%2BsWeepltEgvXktZuRodsk0jUeY7Qwu%2FPgrfnT624NzU8ttMiF1Q%2FrFJA86%2FxoFjmHU26zzXAI%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 843377432819a820-SYD

GET
H2 200 eth.png
captcha.bot/promo/crypto/ 84 KB
85 KB 835ms
832ms Image
image/png 104.26.7.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://captcha.bot/promo/crypto/eth.png
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.7.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bba3a253608d50cff0174ea1102b3ff4e93993be25d07c0e0223f20f19c37382

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:21 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=86443, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 86302
cf-bgj: imgq:100,h2pri
last-modified: Sat, 30 Dec 2023 05:56:15 GMT
server: cloudflare
etag: "658fb0ff-151ab"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zXm63ZNsE8sNCUVkQjzEpdiNG5Y3NsPeDWJctiyI9Vz%2BwdNBpiGtEcIVW%2FLMvs%2FRZ53EZ9HYXLfYF8eyPCTTVLrLs%2BbNIKCncQuqLIJ%2F%2FP4mET2vNDdfK6FophMu"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 84337743381aa820-SYD

GET
H2 200 ape.webp
captcha.bot/promo/crypto/ 153 KB
153 KB 825ms
822ms Image
image/webp 104.26.7.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://captcha.bot/promo/crypto/ape.webp
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.7.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e424ab30e57e903c77ed203fd48b8e240c9333d18eada751c7a5744ad5ac5f7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:21 GMT
cf-cache-status: REVALIDATED
last-modified: Sat, 30 Dec 2023 05:56:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "658fb0ff-2639a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TieBxLgN1FUaTjIOwFJbRUa0JOq8b%2BHehrKsU3gTMvELTj760ONQxIYFYkgVCE66yVCjOSXKfKvArEeo%2FqX8BSjiLC1jutStikZgFYh%2FNfKrYtxzcJTx3J5hc%2BV8"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 84337743381ba820-SYD
alt-svc: h3=":443"; ma=86400
content-length: 156570

GET
H2 200 boost.png
captcha.bot/promo/discord/ 29 KB
29 KB 837ms
834ms Image
image/webp 104.26.7.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://captcha.bot/promo/discord/boost.png
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.7.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6800d363cb5a534231c868a110cc4762d636d4df062c41a407c1c091e959e96f

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:21 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=67807
content-disposition: inline; filename="boost.webp"
alt-svc: h3=":443"; ma=86400
content-length: 29300
cf-bgj: imgq:100,h2pri
last-modified: Sat, 30 Dec 2023 05:56:15 GMT
server: cloudflare
etag: "658fb0ff-108df"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zYG8%2FRCKt14xj1GNS76MBPYG7HaWheUcMt%2BaqIeSbsR9t%2BTYS%2FtJa4ei7s%2FQxzTd6D9eWN%2BiGPpKgs7J51RKh4cyIVhfpbjFbjpW0bPgarhrg4aHva4NMu5eJpiX"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 84337743381da820-SYD

GET
H2 200 badge.png
captcha.bot/promo/discord/ 4 KB
5 KB 842ms
839ms Image
image/webp 104.26.7.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://captcha.bot/promo/discord/badge.png
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.7.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 45081b381b2448cac81c3cc81ed427d216719a54890a2242e691ab7608a0ada8

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:21 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=8231
content-security-policy-report-only: script-src 'none'; connect-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=hgNy.bvS1BaymrdYrXyvslx4yVhnq8YT.EAiKYNKqPE-1704874461-1-AStQPj-9UWLT6ZcwBJOqoaeGHyg_FDM9d7SnnOpugxRQp_jQ9dc2pAXv7eyEP3rKkvhx9NaZmzjP79eHtbY0HhiCeOWQnSs0iH297sn0VhQOfseh0NYsYmLWlmXEGizI1bu4hX9t7X4tc0ajLqs938k; report-to cf-csp-endpoint
content-disposition: inline; filename="badge.webp"
alt-svc: h3=":443"; ma=86400
content-length: 4252
cf-bgj: imgq:100,h2pri
last-modified: Sat, 30 Dec 2023 05:56:15 GMT
server: cloudflare
etag: "658fb0ff-2027"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ikhKs1umjIu3gNH0St6dg1oFV4czecaRmC8UlF9Uy%2FkjN0k28EWjPPG5CYuSQ9qt3OxegFTXrrk2JYT4AqTNpuFEK2Humc77dRCZDVpqzoE%2FKkRjpzFJbDR8To3K"}],"group":"cf-nel","max_age":604800}, {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=hgNy.bvS1BaymrdYrXyvslx4yVhnq8YT.EAiKYNKqPE-1704874461-1-AStQPj-9UWLT6ZcwBJOqoaeGHyg_FDM9d7SnnOpugxRQp_jQ9dc2pAXv7eyEP3rKkvhx9NaZmzjP79eHtbY0HhiCeOWQnSs0iH297sn0VhQOfseh0NYsYmLWlmXEGizI1bu4hX9t7X4tc0ajLqs938k"}],"group":"cf-csp-endpoint","max_age":86400}
content-type: image/webp
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 84337743381fa820-SYD

GET
H2 200 nitro.webp
captcha.bot/promo/discord/ 14 KB
14 KB 838ms
836ms Image
image/webp 104.26.7.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://captcha.bot/promo/discord/nitro.webp
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.7.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2a0ebb4c1e2bfeb215c6d41bb6c4fb0fac5a228fddf6a4bc77ef08e7f2e7477

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:21 GMT
cf-cache-status: REVALIDATED
last-modified: Sat, 30 Dec 2023 05:56:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "658fb0ff-361c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y3oSDSiLsxyc0PzS9R%2BodXPTUa5hxt15e0RoVrItgw1OUtb9ydql6UEQIOkszYACWS1xrf9cumCsF4wiQkeCZ%2BZtnCEDk0XIr97OFGQ2hcJFJGR2fKRCIvSIZbZz"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 843377433820a820-SYD
alt-svc: h3=":443"; ma=86400
content-length: 13852

GET
H2 200 phishing.png
captcha.bot/promo/ 9 KB
9 KB 837ms
834ms Image
image/webp 104.26.7.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://captcha.bot/promo/phishing.png
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.7.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93dc5afee0d7c64a418ee3804bb76f9855e7ff5a501a26ed29cd544f066bb6d3

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:21 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=13769
content-disposition: inline; filename="phishing.webp"
alt-svc: h3=":443"; ma=86400
content-length: 8860
cf-bgj: imgq:100,h2pri
last-modified: Sat, 30 Dec 2023 05:56:15 GMT
server: cloudflare
etag: "658fb0ff-35c9"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sUGi8m0fBarUjrE9qhsgDRtChMWMQ9YX1FXKMPzsIZBiwhjJLyaatoN97pckcVQbSyRFurVFS50Y6Xwz14fwPYSFgY2o%2F6f6aliDZlWPBrFvnXsn6NZtazixYwCO"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 843377433822a820-SYD

GET
H2 200 sus.png
captcha.bot/promo/ 7 KB
7 KB 837ms
835ms Image
image/webp 104.26.7.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://captcha.bot/promo/sus.png
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.7.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a71902890d932247a4c1a8f83c6f0b8dd7a6e7a12d64524559aa158c9a19f1db

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:21 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=23982
content-disposition: inline; filename="sus.webp"
alt-svc: h3=":443"; ma=86400
content-length: 7104
cf-bgj: imgq:100,h2pri
last-modified: Sat, 30 Dec 2023 05:56:15 GMT
server: cloudflare
etag: "658fb0ff-5dae"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lkZudtZR3SmpFTxTIrtgGO4BAku4UToExnmujCipSIKMp4W3Nii8UJrZDwcDvxlbxETpN9EXtQL6QnrOE1wbIFRnQk%2FuVnXMCd01YuQaU0S7rkiLvIoBLvBkXXfw"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 843377433823a820-SYD

GET
H2 200 accessible.png
captcha.bot/promo/ 16 KB
16 KB 847ms
845ms Image
image/webp 104.26.7.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://captcha.bot/promo/accessible.png
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.7.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7a929bcd8cce2585ea3be49e84b6735c35debe93e48f62f5dd7e4fc4b33825e5

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:21 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=27419
content-disposition: inline; filename="accessible.webp"
alt-svc: h3=":443"; ma=86400
content-length: 16334
cf-bgj: imgq:100,h2pri
last-modified: Sat, 30 Dec 2023 05:56:15 GMT
server: cloudflare
etag: "658fb0ff-6b1b"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZaqxTmV9heoE5dfihSoy8ssTeIFjnDJAq%2BMT%2BDxgUoLh%2F5wFUxOnmZAxcU%2FVtyUiYOpG%2FXdVz5DKmB%2BHiSIbYUbsvfH9hEflXspeQcfEAK6bJd2Dejne4d4mNUH%2F"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 843377433824a820-SYD

GET
H2 200 time-limit.png
captcha.bot/promo/ 6 KB
6 KB 835ms
833ms Image
image/webp 104.26.7.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://captcha.bot/promo/time-limit.png
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.7.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 950487041eb8b857d86436c10b487f194b9b97a4205366978d9b945de8164ccb

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:21 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=11864
content-disposition: inline; filename="time-limit.webp"
alt-svc: h3=":443"; ma=86400
content-length: 5896
cf-bgj: imgq:100,h2pri
last-modified: Sat, 30 Dec 2023 05:56:15 GMT
server: cloudflare
etag: "658fb0ff-2e58"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eCLjL50MXjoGvDoQeisNtDYhoY0b9HTmP%2FK1iw007to%2FtsvAcFE5MJEl2FxNV32XEnnWmsbUrFNAtSVpdU%2BWuhCL6X%2Bu5AS2MvRXTWWH%2B%2BDXZ%2FLPKOIfditL%2FPgC"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 843377433827a820-SYD

GET
H2 200 analytics.png
captcha.bot/promo/ 139 KB
140 KB 848ms
846ms Image
image/webp 104.26.7.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://captcha.bot/promo/analytics.png
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.7.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3dd6334bbbdabc6a816851f5c2c4a71193190a0569359d4f8834e45b57e10dfb

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:21 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=382343
content-disposition: inline; filename="analytics.webp"
alt-svc: h3=":443"; ma=86400
content-length: 142700
cf-bgj: imgq:100,h2pri
last-modified: Sat, 30 Dec 2023 05:56:15 GMT
server: cloudflare
etag: "658fb0ff-5d587"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5SCiUzcARgriKYfirqmihWdKVrA0XjyhfxydtK5B4%2Fj7BBGnMhL3ePEENM0AiIqRtea6yk9Lcj88dPe4fXNiwztyyzPRBf88QhAUmr2pPC0mpXhOhxWIu%2FFcDTXg"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=120
accept-ranges: bytes
cf-ray: 843377433828a820-SYD

GET
H2 200 discord-logo.1bf7c650.svg
captcha.bot/img/ 2 KB
1 KB 834ms
832ms Image
image/svg+xml 104.26.7.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://captcha.bot/img/discord-logo.1bf7c650.svg
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.7.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3cd29fcd28558f2d1a4273dcca8b904b79b4ad2c19c0ce9d096da1e89f292546

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:21 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Sat, 30 Dec 2023 05:56:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"658fb0ff-82e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iyfuf1MO%2BRd269UKPEsRsSeQ2Q0A93oYNHaCtRsB1I2HlQgCtGJXNzUXLl%2FBTgj%2F8wE3URkfh1sZ41sBBSiUTtC%2FesGzl15MD%2Bk9t2ceT4%2FiU6zf560n5KnyJTsq"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=120
cf-ray: 84337743382aa820-SYD
alt-svc: h3=":443"; ma=86400

GET
H2 200 statistics Show response
captcha.bot/api/v1/ 17 B
338 B 288ms
287ms XHR
application/json 104.26.7.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://captcha.bot/api/v1/statistics
Requested by: Host: captcha.bot
URL: https://captcha.bot/js/chunk-vendors.bfc7157a.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.7.110 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 467e89c832bd4acbc1cc19cd70b05c67422797ebffdbff5b2388862b14ee01ba

Request headers

Accept: application/json, text/plain, */*
Referer: https://captcha.bot/
accept-language: en-AU,en;q=0.9
Authorization: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:20 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mnmdc9eTa%2F5xF70Ny3DYoQPxhFkUquhJBBo24w4qf7v9OR6AnMuQ5Xoc1TSgX5tvgnIQKRltJcpyUxyUoyEIQnjKUanrldZgJReSnAI2TKjM5O2p6D%2F82ei92IwX"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 84337743382ba820-SYD
alt-svc: h3=":443"; ma=86400
content-length: 17

POST
H2 204 collect
analytics.google.com/g/ 0
251 B 504ms
102ms Ping
text/plain 142.250.204.14
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-VT1JT14S09&gtm=45je4180v9119558076&_p=1704874459751&_gaz=1&gcd=11l1l1l1l1&dma=0&tcfd=10000&cid=1793440725.1704874461&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dt=Home&dp=%2F&dl=https%3A%2F%2Fcaptcha.bot%2F&sid=1704874460&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2952
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VT1JT14S09&l=dataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.204.14 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: syd09s25-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 08:14:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://captcha.bot
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
251 B 588ms
95ms Ping
text/plain 64.233.170.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-VT1JT14S09&cid=1793440725.1704874461&gtm=45je4180v9119558076&aip=1&dma=0&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VT1JT14S09&l=dataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 64.233.170.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sg-in-f156.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 08:14:21 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://captcha.bot
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com.au/ads/ 42 B
408 B 505ms
105ms Image
image/gif 142.250.204.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-VT1JT14S09&cid=1793440725.1704874461&gtm=45je4180v9119558076&aip=1&dma=0&gcd=11l1l1l1l1&z=1479743689

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.3 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 08:14:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 208-1c5df1aa242f9b1648c6.js Show response
js.chargebee.com/assets/cbjs-2024.01.10-07.24/v2/ Frame FE80 14 KB
4 KB 4ms
4ms Script
application/x-javascript 13.35.147.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/assets/cbjs-2024.01.10-07.24/v2/208-1c5df1aa242f9b1648c6.js

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/assets/cbjs-2024.01.10-07.24/v2/master-53b7df5894b6cf02ffd7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.147.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-147-43.syd1.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

f6646b73882a3660460677646f786840862878746aaeca86dcbaa6bc4b09710b

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://js.chargebee.com/assets/cbjs-2024.01.10-07.24/v2/master.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

x-amz-version-id: J9aMgR_L5KxKj3t1JuGIDPgb7rJZck7T
strict-transport-security: max-age=300; includeSubdomains; preload
content-encoding: gzip
date: Wed, 10 Jan 2024 08:13:18 GMT
via: 1.1 54fd8d6cde5c907e8ccf43b943423830.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD1-C1
age: 63
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 10 Jan 2024 07:52:37 GMT
server: AmazonS3
etag: W/"96554395c2c33fe582d636debf0874b3"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300,public
x-amz-cf-id: d6ao5lO8UYX-Dr2LFNXwKqo71W5ofXWHh1gDL22qk0_AxHcKoOjf8g==

GET
H2 200 211-98494e0f21326235b117.js Show response
js.chargebee.com/assets/cbjs-2024.01.10-07.24/v2/ Frame FE80 98 KB
32 KB 4ms
4ms Script
application/x-javascript 13.35.147.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.chargebee.com/assets/cbjs-2024.01.10-07.24/v2/211-98494e0f21326235b117.js

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/assets/cbjs-2024.01.10-07.24/v2/master-53b7df5894b6cf02ffd7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.35.147.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-35-147-43.syd1.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

8522ad8de41bc66dbdba199c285d7178fde661d615a368095b5d532f59bae4b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://js.chargebee.com/assets/cbjs-2024.01.10-07.24/v2/master.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

x-amz-version-id: 2hC.rYN4Fdines7.lsjdJXWhpYh0yjkS
strict-transport-security: max-age=300; includeSubdomains; preload
content-encoding: gzip
date: Wed, 10 Jan 2024 08:13:18 GMT
via: 1.1 54fd8d6cde5c907e8ccf43b943423830.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD1-C1
age: 62
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 10 Jan 2024 07:52:37 GMT
server: AmazonS3
etag: W/"315d21954c822b8f6912bf6c98543622"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300,public
x-amz-cf-id: TSzsyPCgzGIQ6rL_KhthvEhJWgmjh4eKLBBFteFmbmXejtTNHC7eYQ==

GET
H2 200 api.js Show response
js.hcaptcha.com/1/ Frame FE80 326 KB
92 KB 30ms
16ms Script
application/javascript 104.19.219.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hcaptcha.com/1/api.js?onload=hCaptchaOnLoad

Requested by

Host: js.chargebee.com
URL: https://js.chargebee.com/assets/cbjs-2024.01.10-07.24/v2/211-98494e0f21326235b117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.219.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

319e5a4819a9b54b551ca09ee13f2e9f7f34cc7c3b53369c9fe5e5493dbb32e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://js.chargebee.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 5b475307685b5cecdd0df414286f5438.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-content-type-options: nosniff
x-amz-version-id: hseit97.H306pA6BIbqxKZ.3ehwcD0gP
age: 0
x-amz-cf-pop: SFO20-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 20 Dec 2023 14:33:57 GMT
server: cloudflare
etag: W/"e80b1a7098d3b9624a08a3ac7a13046f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
cf-ray: 84337744d97d6a6c-SYD
x-amz-cf-id: ftL645KcU_b4mTeqn_oW33pJFH5OVD3oG2EK9XBvGi4Efuf4nU6mPg==

GET
H2 200 hcaptcha.html Show response
newassets.hcaptcha.com/captcha/v1/3b797c3/static/ Frame 8366 2 KB
1 KB 17ms
11ms Document
text/html 104.19.219.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/3b797c3/static/hcaptcha.html?_v=t74pdjhwiin

Requested by

Host: js.hcaptcha.com
URL: https://js.hcaptcha.com/1/api.js?onload=hCaptchaOnLoad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.219.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

06a7b410f212b63fd40b0020ca1ea0a21148fea1b31011dfd7b596dea288ad71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.chargebee.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

access-control-allow-origin: *
age: 308646
alt-svc: h3=":443"; ma=86400
cache-control: max-age=1209600
cf-cache-status: HIT
cf-ray: 8433774539d26a6c-SYD
content-encoding: br
content-type: text/html
cross-origin-embedder-policy: credentialless
cross-origin-resource-policy: cross-origin
date: Wed, 10 Jan 2024 08:14:21 GMT
last-modified: Wed, 20 Dec 2023 14:33:57 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 affc2fdf5df0fb7bfb7e10bab49bc714.cloudfront.net (CloudFront)
x-amz-cf-id: SwvNS7koM3PNzWTySU97J-d4eyD9k4nOYFFZBjzDHJ0DnIzgCTRUfA==
x-amz-cf-pop: SFO20-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: zqmRvj.5H3xz3glqyfc6p0MpeMIvCHe2
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 hcaptcha.html Show response
newassets.hcaptcha.com/captcha/v1/3b797c3/static/ Frame 3C12 2 KB
764 B 16ms
12ms Document
text/html 104.19.219.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/3b797c3/static/hcaptcha.html

Requested by

Host: js.hcaptcha.com
URL: https://js.hcaptcha.com/1/api.js?onload=hCaptchaOnLoad

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.219.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2a9421e36647973f38d80cd149c3d4b30211aba44dbb1c28d82927be59e9a224

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.chargebee.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

access-control-allow-origin: *
age: 308646
alt-svc: h3=":443"; ma=86400
cache-control: max-age=1209600
cf-cache-status: HIT
cf-ray: 8433774539d56a6c-SYD
content-encoding: br
content-type: text/html
cross-origin-embedder-policy: credentialless
cross-origin-resource-policy: cross-origin
date: Wed, 10 Jan 2024 08:14:21 GMT
last-modified: Wed, 20 Dec 2023 14:33:57 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 affc2fdf5df0fb7bfb7e10bab49bc714.cloudfront.net (CloudFront)
x-amz-cf-id: SwvNS7koM3PNzWTySU97J-d4eyD9k4nOYFFZBjzDHJ0DnIzgCTRUfA==
x-amz-cf-pop: SFO20-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: zqmRvj.5H3xz3glqyfc6p0MpeMIvCHe2
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/ 436 KB
137 KB 3ms
2ms Script
text/javascript 142.250.66.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f2.1e100.net

Software

cafe /

Resource Hash

292c4b31226660d43c28401602552c41ee62725a14405471e49b069251908026

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 12:17:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71798
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140053
x-xss-protection: 0
server: cafe
etag: 1469350900164882112
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 08 Jan 2025 12:17:43 GMT

GET
H2 200 hcaptcha.js Show response
newassets.hcaptcha.com/captcha/v1/3b797c3/ Frame 8366 326 KB
92 KB 13ms
13ms Script
application/javascript 104.19.219.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/3b797c3/hcaptcha.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/3b797c3/static/hcaptcha.html?_v=t74pdjhwiin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.219.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

319e5a4819a9b54b551ca09ee13f2e9f7f34cc7c3b53369c9fe5e5493dbb32e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newassets.hcaptcha.com/captcha/v1/3b797c3/static/hcaptcha.html?_v=t74pdjhwiin
Origin: https://newassets.hcaptcha.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 5b475307685b5cecdd0df414286f5438.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-content-type-options: nosniff
x-amz-version-id: hseit97.H306pA6BIbqxKZ.3ehwcD0gP
age: 714945
x-amz-cf-pop: SFO20-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 20 Dec 2023 14:33:57 GMT
server: cloudflare
etag: W/"e80b1a7098d3b9624a08a3ac7a13046f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
cf-ray: 8433774569f76a6c-SYD
x-amz-cf-id: ftL645KcU_b4mTeqn_oW33pJFH5OVD3oG2EK9XBvGi4Efuf4nU6mPg==

GET
H2 200 hcaptcha.js Show response
newassets.hcaptcha.com/captcha/v1/3b797c3/ Frame 3C12 326 KB
92 KB 18ms
18ms Script
application/javascript 104.19.219.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/captcha/v1/3b797c3/hcaptcha.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/3b797c3/static/hcaptcha.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.219.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

319e5a4819a9b54b551ca09ee13f2e9f7f34cc7c3b53369c9fe5e5493dbb32e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newassets.hcaptcha.com/captcha/v1/3b797c3/static/hcaptcha.html
Origin: https://newassets.hcaptcha.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 5b475307685b5cecdd0df414286f5438.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-content-type-options: nosniff
x-amz-version-id: hseit97.H306pA6BIbqxKZ.3ehwcD0gP
age: 714945
x-amz-cf-pop: SFO20-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 20 Dec 2023 14:33:57 GMT
server: cloudflare
etag: W/"e80b1a7098d3b9624a08a3ac7a13046f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=1209600
cf-ray: 843377457a006a6c-SYD
x-amz-cf-id: ftL645KcU_b4mTeqn_oW33pJFH5OVD3oG2EK9XBvGi4Efuf4nU6mPg==

GET
DATA 200
OK truncated
/ Frame 3C12 798 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 checksiteconfig Show response
api.hcaptcha.com/ Frame 8366 719 B
889 B 43ms
35ms XHR
application/json 104.19.219.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.hcaptcha.com/checksiteconfig?v=3b797c3&host=js.chargebee.com&sitekey=dc26aa54-4902-437f-80e2-a22947a6c01b&sc=1&swa=1&spst=1

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/3b797c3/hcaptcha.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.19.219.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04072a085b5a1e8fd88ab3ce4e4deda9e28f9804539814e0d821ec89045367b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: application/json
Referer: https://newassets.hcaptcha.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 10 Jan 2024 08:14:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
server: cloudflare
vary: Origin, Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://newassets.hcaptcha.com
access-control-allow-credentials: true
cf-ray: 84337745ea626a6c-SYD
access-control-allow-headers: Cache-Control, Content-Type, DNT, Referer, User-Agent, challenge-bypass-token, cf-chl-bypass, challenge-bypass-token, challenge-bypass-host, challenge-bypass-path
alt-svc: h3=":443"; ma=86400

GET
H2 200 tag Show response
btloader.com/ 112 KB
31 KB 325ms
9ms Script
application/javascript 172.67.41.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5708166709903360&upapi=true
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2874/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.41.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28fd4537f97937a66f5fb708c99aa823bbbbcfac033cbaabd0710422b46d6e92

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:21 GMT
content-encoding: gzip
via: 1.1 google
cf-cache-status: HIT
last-modified: Wed, 10 Jan 2024 07:30:14 GMT
server: cloudflare
age: 2518
etag: "a2eb737d6a7d149e48b3549c563dbae4"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges: bytes
cf-ray: 84337747fcaca977-SYD
content-length: 31599

GET
H3 200 hsw.js Show response
newassets.hcaptcha.com/c/46b8fec/ Frame 8366 507 KB
220 KB 13ms
12ms Script
application/javascript 104.19.218.90
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://newassets.hcaptcha.com/c/46b8fec/hsw.js

Requested by

Host: newassets.hcaptcha.com
URL: https://newassets.hcaptcha.com/captcha/v1/3b797c3/hcaptcha.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.19.218.90 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a72d7b59d499f68ee9814cede398e42fbd87d5c579137f65032123c4f8dd6f47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newassets.hcaptcha.com/captcha/v1/3b797c3/static/hcaptcha.html?_v=t74pdjhwiin
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 366f8b73c917b9815b93f1cf0b9f8e96.cloudfront.net (CloudFront)
cf-cache-status: HIT
content-encoding: br
x-content-type-options: nosniff
x-amz-version-id: LhbIACCIseZhml8Xk2JUrr99P7mYK8d0
age: 97755
x-amz-cf-pop: SFO20-C1
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 26 Dec 2023 18:49:30 GMT
server: cloudflare
etag: W/"d85d85be5bdb20c10f4397e54155215e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3024000
cf-ray: 843377462ec05c0c-SYD
x-amz-cf-id: PAt87XydM7Fkrm_dDaSZILdrXnoa30QB052Xlth6s1qIbM9DYo1_gw==

GET
H2 204 state Show response
api.btloader.com/mw/ 0
101 B 193ms
180ms Fetch 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/mw/state?bt_env=prod
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5708166709903360&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 10 Jan 2024 08:14:21 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 px.gif
ad-delivery.net/ 43 B
914 B 326ms
9ms Image
image/gif 104.26.3.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.3.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 923906
x-guploader-uploadid: ABPtcPpQ5HG145S3ilTrOZs9D44lEEn01HPXZAcY7gPDQzxPDkG0XTmlPH5JLfDBImt9ecbK9u4YJzsz9w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PRw2UGPO3vhBqYnemynav%2Bad9YObN%2BRFpmQZux7OoIoIm1v%2BmlYt%2B%2FoWuQn2fJjEbrLPt941ULIkan11nvSfYv7%2BJmI9bsLEwOEJEuF9pu%2B7SJASrBJeriEuVd%2FAx%2FmkOw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 8433774a0e58a87c-SYD
expires: Sat, 30 Dec 2023 15:58:24 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
571 B 107ms
2ms Image
image/x-icon 142.250.71.70
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.71.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s17-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 23:57:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29809
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 10 Jan 2024 23:57:32 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
330 B 327ms
10ms Image
image/gif 104.26.3.70
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.9710879623602668
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.3.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:21 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 923906
x-guploader-uploadid: ABPtcPpQ5HG145S3ilTrOZs9D44lEEn01HPXZAcY7gPDQzxPDkG0XTmlPH5JLfDBImt9ecbK9u4YJzsz9w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E7XE2%2FZAhQM3YlZYdsuRQh1G3v9s4N9M6fxJyIJOM7v5D9bWmLOJCdIgQ24D4sCY%2F4JqXqDZ%2BqwbGicIH%2FI48BisrN1Oi%2FdtuV6w2WCAqhvDom9C5EKRwsIbEU%2Fll7WpgA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 8433774a0e56a87c-SYD
expires: Sat, 30 Dec 2023 15:58:24 GMT

GET
H2 200 country Show response
api.btloader.com/ 16 B
132 B 183ms
179ms Fetch
application/json 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5708166709903360&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: fa1f876cb70f7a711191b9dab191d9cc1c037ae4f5f5ea032dfe742f51c07f65

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:21 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16

GET
H3 204 pv Show response
api.btloader.com/ 0
12 B 180ms
179ms XHR
text/plain 130.211.23.194
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=9LhsWWfnhu&w=5142342223265792&o=5708166709903360&cv=2.1.27-2-g1727909&widget=false&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fcaptcha.bot%2F&sid=dzN456CVv&pm=true&upapi=true
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5708166709903360&upapi=true
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 10 Jan 2024 08:14:21 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

POST
H2 204 rum Show response
captcha.bot/cdn-cgi/ 0
179 B 8ms
7ms XHR
text/plain 104.26.7.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://captcha.bot/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.26.7.110 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://captcha.bot/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
content-type: application/json

Response headers

date: Wed, 10 Jan 2024 08:14:21 GMT
x-content-type-options: nosniff
server: cloudflare
vary: Origin
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://captcha.bot
x-frame-options: DENY
access-control-allow-credentials: true
cf-ray: 8433774a38afa820-SYD

GET
H2

200

choice.js Show response
cmp.inmobi.com/choice/PRrmquD1Ggcb1/captcha.bot/
Redirect Chain

https://cmp.quantcast.com/choice/PRrmquD1Ggcb1/captcha.bot/choice.js?tag_version=V2
https://cmp.inmobi.com/choice/PRrmquD1Ggcb1/captcha.bot/choice.js?tag_version=V2

4 KB
2 KB

311ms
5ms

Script
application/javascript

18.67.93.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/choice/PRrmquD1Ggcb1/captcha.bot/choice.js?tag_version=V2
Protocol: H2
Server: 18.67.93.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-118.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6c37dd45167098f01b5aa23ce5c21898424c7347c05d34444ca013af9d85c57f

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:13:50 GMT
content-encoding: br
via: 1.1 d565d9b03fa73bc2ae98eaadac0992b6.cloudfront.net (CloudFront)
last-modified: Sun, 19 Nov 2023 22:34:11 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P1
age: 33
x-amz-server-side-encryption: AES256
etag: W/"76a3516a731c32c1a6a8f48b54d3d323"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=900
cross-origin-resource-policy: cross-origin
x-amz-cf-id: ar2wNeMg3N28yp3jlRre6Tna_E3e_EdG6SeksxkBQp9HR5a9SydSSg==

Redirect headers

x-amz-website-redirect-location: https://cmp.inmobi.com/choice/PRrmquD1Ggcb1/captcha.bot/choice.js?tag_version=V2
date: Wed, 10 Jan 2024 08:13:49 GMT
via: 1.1 98c0260f137c498b550b5ea75d3bc892.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD1-C2
age: 34
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 0
last-modified: Wed, 15 Nov 2023 19:47:35 GMT
server: AmazonS3
etag: "997985d66f999e7c0034a8915419c2cf"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
location: https://cmp.inmobi.com/choice/PRrmquD1Ggcb1/captcha.bot/choice.js?tag_version=V2
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: CIZFqKNGeTxsmQBfTr5OdUKheQ2IeuNKJQ_rv3PlvUUWRqW9T1fxPw==

GET
H2 200 cmp2.js Show response
cmp.inmobi.com/tcfv2/ 158 KB
44 KB 3ms
3ms Script
text/javascript 18.67.93.118
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.inmobi.com/tcfv2/cmp2.js?referer=captcha.bot
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/PRrmquD1Ggcb1/captcha.bot/choice.js?tag_version=V2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-118.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e447ee4df3219da6719b4398eb71308bd05f59452ea6324491e5cc1ff3f707ef

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:04:14 GMT
content-encoding: gzip
via: 1.1 d565d9b03fa73bc2ae98eaadac0992b6.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD62-P1
age: 608
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
cross-origin-resource-policy: cross-origin
last-modified: Wed, 06 Dec 2023 23:27:11 GMT
server: AmazonS3
etag: W/"996d26bedab319e9c7d582033f52619f"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=3600
vary: Accept-Encoding
x-amz-cf-id: hjaRoCswYqCRvB9dIKrU9W6hwpvLwkPU1K-0p605R6E0TP3wcGRVyA==

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 24ms
2ms Script
text/javascript 18.67.93.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-122.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 21:14:22 GMT
content-encoding: gzip
via: 1.1 a63f63c0130cd2db055700cdbe2c6c88.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P1
age: 39649
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: kw8ceel_BXTOMAH_xcKHHnGt0zCYktfSltWzvaPi336aT9H-c1e8sA==

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 221 KB
56 KB 1025ms
1025ms Fetch
text/plain 142.250.66.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1376921308069015&correlator=2048569268641403&eid=31080129%2C21065724&output=ldjh&gdfp_req=1&vrg=202401030101&ptt=17&impl=fifs&gdpr=0&iu_parts=71161633%3A22547762570%2CCAPTCHABOT_captchabot%2Cweb_interstitial&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&didk=4167373516&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1704874462591&lmt=1703915775&adxs=-9&adys=-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcaptcha.bot%2F&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1793440725.1704874461&ga_sid=1704874463&ga_hid=1882849386&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY_Jq_k88xSABSAghk&dlt=1704874459665&idt=1435&cust_params=fuse_profanity%3Dfalse%26fuse_site%3Dcaptcha.bot%26fuse_path%3D%252F%26fuse_query%3D%26fuse_category%3D%26fuse_industry%3DIAB9%26testmode%3Dfalse%26inskin_yes%3Dtrue%26fuse_uuid%3D637ed7b8-f4d8-5110-9fba-9979a365c1a7%26fuse_publication_id%3D5%26GPT_READY_MS%3D3000-3499%26PREBID_READY_MS%3D2500-2999%26UAM_READY_MS%3Ddisabled%26CMP_DETERMINED_MS%3Dnot_ready%26CMP_GDPR_CACHED%3Dfalse%26FUSE_LOADED_MS%3D2500-2999%26CMP_JURISDICTION%3Dunknown%26CMP_ALLOW_PERSONAL%3Dfalse&adks=3794695886&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f2.1e100.net

Software

cafe /

Resource Hash

e1d311a51355f357024cf89be4fa2f85ed23088716747a0df5cc5dc4a2aa6a21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:23 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57294
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://captcha.bot
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 noconsent Show response
cdn.fuseplatform.net/telemetry/ 1 B
286 B 4ms
4ms Fetch
text/plain 104.99.59.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fuseplatform.net/telemetry/noconsent?auid=22801602535&cmpj=unknown&v=1&ttm=1704874462602&cookie=true&res=1600x1200&device=desktop&browser=chrome&fuuid=637ed7b8-f4d8-5110-9fba-9979a365c1a7&fid=2874&pubid=5&url=https%3A%2F%2Fcaptcha.bot%2F&sid=89ae67436bc58767184a&srate=100&adserver=gpt&etm=4874&e=slot-request
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2874/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.99.59.17 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-99-59-17.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:22 GMT
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 11:31:51 GMT
server: AkamaiNetStorage
etag: "9dd4e461268c8034f5c8564e155c67a6:1660131111.248793"
vary: Accept-Encoding, Accept-Encoding, Origin
content-type: text/plain
access-control-allow-origin: https://captcha.bot
cache-control: max-age=1800
accept-ranges: bytes
x-datastream-cache-status: 1
content-length: 21
expires: Wed, 10 Jan 2024 08:44:22 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 535ms
129ms XHR
application/json 142.250.66.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202401030101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

cafe /

Resource Hash

ba3b53fcd0dcfc7b06b53954db5f82cf88d0110922821c7aba8b206fe0d4bb73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12348
x-xss-protection: 0

GET
H2 200 container.html Show response
a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 00CA 6 KB
3 KB 519ms
98ms Document
text/html 142.250.76.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://captcha.bot/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 10 Jan 2024 08:14:23 GMT
expires: Thu, 09 Jan 2025 08:14:23 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/ 40 KB
14 KB 2ms
2ms Script
text/javascript 142.250.66.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f2.1e100.net

Software

cafe /

Resource Hash

43440171b7464e2bfd3b57ca36d5e7292f6ee590f0a29a412d2e78916de4811a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 05:13:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10857
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13837
x-xss-protection: 0
server: cafe
etag: 11327811505681789486
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 09 Jan 2025 05:13:25 GMT

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 592 B
846 B 293ms
95ms XHR
application/json 103.43.90.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.21 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

0a895fa00c0c72f25da83d8c45303cdab4458ec5b3139407dd1385b4162cbf1f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://captcha.bot/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 08:14:22 GMT
content-encoding: gzip
an-x-request-uuid: ef51b0b4-6871-4586-8b8d-343b434c4d98
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary: Accept-Encoding
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://captcha.bot
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 66.203.112.161; 66.203.112.161; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 c Show response
prebid.a-mo.net/a/ 840 B
998 B 298ms
98ms XHR
application/json 131.153.206.102
PHOENIXNAP-AS-SG1...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 131.153.206.102 , United States, ASN59210 (PHOENIXNAP-AS-SG1 PhoenixNAP, SG),
Reverse DNS
Software: envoy /
Resource Hash: 0338790afdb5ac14569cfcaf863ab9834f88bce3b3672f3b0ca6571dbe64fecd

Request headers

Referer: https://captcha.bot/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 10 Jan 2024 08:14:22 GMT
content-encoding: gzip
server: envoy
vary: origin, accept-encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://captcha.bot
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 4
content-length: 437

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
110 B 352ms
100ms XHR
text/plain 207.65.33.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 207.65.33.78 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://captcha.bot/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://captcha.bot
date: Wed, 10 Jan 2024 08:14:22 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
190 B 597ms
101ms XHR
text/plain 182.161.73.145
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.27.0&cb=6547868255

Requested by

Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://captcha.bot/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://captcha.bot
date: Wed, 10 Jan 2024 08:14:22 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H/1.1 200
OK v1 Show response
prg8.smartadserver.com/prebid/ 1 KB
2 KB 1028ms
320ms XHR
application/json 23.106.127.49
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg8.smartadserver.com/prebid/v1
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.106.127.49 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: /
Resource Hash: 2714946bd5d1cd122195fefa5bd29586e8dfb8245aa0100eee4b48c3dd1fdb6b

Request headers

Referer: https://captcha.bot/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 08:14:23 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://captcha.bot
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg8.smartadserver.com/prebid/ 1022 B
2 KB 900ms
192ms XHR
application/json 23.106.127.49
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg8.smartadserver.com/prebid/v1
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.106.127.49 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: /
Resource Hash: 7bdc4d5fedb569e26ee1fa998cae925a0da11a42adeca77f9969c5f273cd4be9

Request headers

Referer: https://captcha.bot/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 08:14:22 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://captcha.bot
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg8.smartadserver.com/prebid/ 976 B
2 KB 980ms
274ms XHR
application/json 23.106.127.49
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg8.smartadserver.com/prebid/v1
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.106.127.49 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: /
Resource Hash: 974068a8dffe11baf7beefd45a0a2edd916092cd9b439005aaddbdfbf4fea805

Request headers

Referer: https://captcha.bot/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 08:14:23 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://captcha.bot
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg8.smartadserver.com/prebid/ 1 KB
2 KB 921ms
215ms XHR
application/json 23.106.127.49
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg8.smartadserver.com/prebid/v1
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.106.127.49 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: /
Resource Hash: e27ad51ace265797733b339746676c69ec249fa468b0fbe9b7e6c8090f967ec9

Request headers

Referer: https://captcha.bot/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 08:14:22 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://captcha.bot
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg8.smartadserver.com/prebid/ 991 B
2 KB 895ms
189ms XHR
application/json 23.106.127.49
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg8.smartadserver.com/prebid/v1
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.106.127.49 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: /
Resource Hash: a417895b88f73f740225feed6dc8bfec65448c9c15a32d31a3499842a69e2eae

Request headers

Referer: https://captcha.bot/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 08:14:22 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://captcha.bot
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H2 200 auction Show response
tlx.3lift.com/header/ 87 KB
12 KB 605ms
407ms XHR
application/json 52.74.188.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=6.27.0&referrer=https%3A%2F%2Fcaptcha.bot%2F&tmax=1000&gdpr=false

Requested by

Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.74.188.57 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-74-188-57.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

15b510fc12717bf7a3d319a1ea834d75bb86558b85297d911daf79ac86232baf

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://captcha.bot/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 08:14:23 GMT
content-encoding: gzip
accept-ch: sec-ch-viewport-width,sec-ch-downlink,sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile
content-type: application/json; charset=utf-8
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin: https://captcha.bot
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
receive-cookie-deprecation: 1; Secure; HttpOnly; Path=/; SameSite=None; Partitioned
content-length: 11641
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET fastlane.json
fastlane.rubiconproject.com/a/api/ 0
0

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 104 B
173 B 264ms
245ms XHR
application/json 34.149.20.76
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=cyMdtyfoer7yk7rkHcnlKl
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: f00ef6ec9d65878a53593ca90dc2e561bfaf3365d3d1ee328dcee6469ce9125d

Request headers

Referer: https://captcha.bot/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 10 Jan 2024 08:14:22 GMT
content-encoding: gzip
via: 1.1 google
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
status: 200 OK
access-control-allow-origin: https://captcha.bot
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 104 B
342 B 250ms
233ms XHR
application/json 34.149.20.76
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=cyMdtyfoer7yk7rkHcnlKl
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: f00ef6ec9d65878a53593ca90dc2e561bfaf3365d3d1ee328dcee6469ce9125d

Request headers

Referer: https://captcha.bot/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 10 Jan 2024 08:14:22 GMT
content-encoding: gzip
via: 1.1 google
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
status: 200 OK
access-control-allow-origin: https://captcha.bot
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 104 B
173 B 259ms
242ms XHR
application/json 34.149.20.76
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=cyMdtyfoer7yk7rkHcnlKl
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: f00ef6ec9d65878a53593ca90dc2e561bfaf3365d3d1ee328dcee6469ce9125d

Request headers

Referer: https://captcha.bot/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 10 Jan 2024 08:14:22 GMT
content-encoding: gzip
via: 1.1 google
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
status: 200 OK
access-control-allow-origin: https://captcha.bot
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 104 B
173 B 282ms
265ms XHR
application/json 34.149.20.76
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=cyMdtyfoer7yk7rkHcnlKl
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: f00ef6ec9d65878a53593ca90dc2e561bfaf3365d3d1ee328dcee6469ce9125d

Request headers

Referer: https://captcha.bot/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 10 Jan 2024 08:14:22 GMT
content-encoding: gzip
via: 1.1 google
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
status: 200 OK
access-control-allow-origin: https://captcha.bot
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 104 B
173 B 260ms
243ms XHR
application/json 34.149.20.76
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=cyMdtyfoer7yk7rkHcnlKl
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: f00ef6ec9d65878a53593ca90dc2e561bfaf3365d3d1ee328dcee6469ce9125d

Request headers

Referer: https://captcha.bot/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 10 Jan 2024 08:14:22 GMT
content-encoding: gzip
via: 1.1 google
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
status: 200 OK
access-control-allow-origin: https://captcha.bot
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 233 B
687 B 298ms
107ms XHR
application/json 18.140.185.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.140.185.14 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-140-185-14.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: ab58cbea97bc4973a8049010a409d27eb1844747cac58fdafd73d5fbfc9a7b68

Request headers

Referer: https://captcha.bot/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 08:14:22 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://captcha.bot
cache-control: no-cache
x-server: 10.42.10.184
access-control-allow-credentials: true
content-length: 233
expires: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 163ms
162ms Script
text/javascript 142.250.76.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 10 Jan 2024 08:14:23 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7916 13 KB
5 KB 2ms
2ms Document
text/html 142.250.76.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://captcha.bot/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 111907
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 09 Jan 2024 01:09:16 GMT
expires: Wed, 08 Jan 2025 01:09:16 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D66B 829 B
1 KB 642ms
101ms Document
text/html 142.250.204.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.4 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f4.1e100.net

Software

GSE /

Resource Hash

2f1d8d1a0ef6f956a7764106dbcc37c69dbf9e71c56147f7ac23b1552e9048c2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-q35LD1F0U4jnDe12PBJeHA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://captcha.bot/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-q35LD1F0U4jnDe12PBJeHA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 10 Jan 2024 08:14:23 GMT
expires: Wed, 10 Jan 2024 08:14:23 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame 7916 39 KB
15 KB 783ms
2ms Script
text/javascript 142.250.66.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 16:35:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 315556
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 05 Jan 2025 16:35:08 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 291 KB
57 KB 666ms
665ms Fetch
text/plain 142.250.66.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1376921308069015&correlator=3906641444746296&eid=31080129%2C21065724&output=ldjh&gdfp_req=1&vrg=202401030101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=71161633%3A22547762570%2CCAPTCHABOT_captchabot%2Chome_header%2Chome_incontent_1%2Cscrolling_sticky_footer%2Chome_incontent_2%2Chome_incontent_3%2Chome_incontent_4&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6%2C%2F0%2F1%2F7&prev_iu_szs=728x90%7C970x90%7C970x250%2C728x90%7C970x90%7C970x250%2C468x60%7C728x90%7C970x90%7C970x250%7C1200x90%2C728x90%7C970x90%7C970x250%2C728x90%7C970x90%7C970x250%2C728x90%7C970x90%7C970x250&ifi=2&didk=907217920~3563266103~3802411025~907161749~907278779~907458070&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1704874463644&lmt=1703915775&adxs=436%2C436%2C566%2C436%2C436%2C436&adys=140%2C1149%2C1200%2C2312%2C3159%2C4373&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C2%7C3%7C4&ucis=2%7C3%7C4%7C5%7C6%7C7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcaptcha.bot%2F&vis=1&psz=0x64%7C0x64%7C0x-1%7C0x64%7C0x64%7C0x64&msz=728x0%7C728x0%7C468x-1%7C728x0%7C728x0%7C728x0&fws=128%2C128%2C644%2C128%2C128%2C128&ohw=0%2C0%2C1600%2C0%2C0%2C0&ga_vid=1793440725.1704874461&ga_sid=1704874463&ga_hid=1882849386&ga_fc=true&a3p=EloKDWNyd2RjbnRybC5uZXQSQDY5OTkyNzNjZGVmZGM5MjRhMGY3NTQxZGM2ZmExODVjYTAyYzUwZGQzYTRiMjBlMjgxNTI1ZGU4Y2QzZjM3NWEYhp6_k88xSAA.&dlt=1704874459665&idt=1435&prev_scp=is_refresh%3Dfalse%26slot_prev_count%3D0%26adunit_prev_count%3D0%7Chb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.01%26hb_adid%3D6608f3156570ccc%26hb_bidder%3Dtriplelift%26is_refresh%3Dfalse%26slot_prev_count%3D0%26adunit_prev_count%3D0%7Chb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.01%26hb_adid%3D652dddc5830e85d%26hb_bidder%3Dtriplelift%26is_refresh%3Dfalse%26slot_prev_count%3D0%26adunit_prev_count%3D0%7Chb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.06%26hb_adid%3D637bcc1acaa230a%26hb_bidder%3Dtriplelift%26is_refresh%3Dfalse%26slot_prev_count%3D0%26adunit_prev_count%3D0%7Cis_refresh%3Dfalse%26slot_prev_count%3D0%26adunit_prev_count%3D0%7Chb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.03%26hb_adid%3D649796ebaf85b95%26hb_bidder%3Dtriplelift%26is_refresh%3Dfalse%26slot_prev_count%3D0%26adunit_prev_count%3D0&cust_params=fuse_profanity%3Dfalse%26fuse_site%3Dcaptcha.bot%26fuse_path%3D%252F%26fuse_query%3D%26fuse_category%3D%26fuse_industry%3DIAB9%26testmode%3Dfalse%26inskin_yes%3Dtrue%26fuse_uuid%3D637ed7b8-f4d8-5110-9fba-9979a365c1a7%26fuse_publication_id%3D5%26GPT_READY_MS%3D3000-3499%26PREBID_READY_MS%3D2500-2999%26UAM_READY_MS%3Ddisabled%26CMP_DETERMINED_MS%3D4000-4999%26CMP_GDPR_CACHED%3Dfalse%26FUSE_LOADED_MS%3D2500-2999%26CMP_JURISDICTION%3Dnone%26CMP_ALLOW_PERSONAL%3Dtrue%26GPT_AUCTION_START_MS%3D5000-5999%26CMP_LOAD_FINISH_MS%3D4000-4999%26FIRST_ZONE_MS%3D4000-4999%26HB_AUCTION_START_MS%3D4000-4999&adks=789855873%2C3730992247%2C3743414737%2C258786273%2C1791281508%2C4107777432&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f2.1e100.net

Software

cafe /

Resource Hash

d8da9e564d17d257722216302812ef528bbb67bb72a634128c3b6bba046b6a4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:24 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57446
x-xss-protection: 0
google-lineitem-id: -1,5936619092,6135256488,5936009191,208234953,5936619308
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,138383374732,138370495160,138383374726,107027453073,138383374723
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://captcha.bot
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 noconsent Show response
cdn.fuseplatform.net/telemetry/ 1 B
286 B 10ms
9ms Fetch
text/plain 104.99.59.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fuseplatform.net/telemetry/noconsent?auid=22801602502&cmpj=none&v=1&ttm=1704874463659&cookie=true&res=1600x1200&device=desktop&browser=chrome&fuuid=637ed7b8-f4d8-5110-9fba-9979a365c1a7&fid=2874&pubid=5&url=https%3A%2F%2Fcaptcha.bot%2F&sid=89ae67436bc58767184a&srate=100&adserver=gpt&etm=5931&e=slot-request
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2874/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.99.59.17 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-99-59-17.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:23 GMT
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 11:31:51 GMT
server: AkamaiNetStorage
etag: "9dd4e461268c8034f5c8564e155c67a6:1660131111.248793"
vary: Accept-Encoding, Accept-Encoding, Origin
content-type: text/plain
access-control-allow-origin: https://captcha.bot
cache-control: max-age=1800
accept-ranges: bytes
x-datastream-cache-status: 1
content-length: 21
expires: Wed, 10 Jan 2024 08:44:23 GMT

GET
H2 200 noconsent Show response
cdn.fuseplatform.net/telemetry/ 1 B
286 B 10ms
9ms Fetch
text/plain 104.99.59.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fuseplatform.net/telemetry/noconsent?auid=22801516488&cmpj=none&v=1&ttm=1704874463660&cookie=true&res=1600x1200&device=desktop&browser=chrome&fuuid=637ed7b8-f4d8-5110-9fba-9979a365c1a7&fid=2874&pubid=5&url=https%3A%2F%2Fcaptcha.bot%2F&sid=89ae67436bc58767184a&srate=100&adserver=gpt&etm=5932&e=slot-request
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2874/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.99.59.17 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-99-59-17.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:23 GMT
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 11:31:51 GMT
server: AkamaiNetStorage
etag: "9dd4e461268c8034f5c8564e155c67a6:1660131111.248793"
vary: Accept-Encoding, Accept-Encoding, Origin
content-type: text/plain
access-control-allow-origin: https://captcha.bot
cache-control: max-age=1800
accept-ranges: bytes
x-datastream-cache-status: 1
content-length: 21
expires: Wed, 10 Jan 2024 08:44:23 GMT

GET
H2 200 noconsent Show response
cdn.fuseplatform.net/telemetry/ 1 B
286 B 10ms
9ms Fetch
text/plain 104.99.59.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fuseplatform.net/telemetry/noconsent?auid=22856109504&cmpj=none&v=1&ttm=1704874463660&cookie=true&res=1600x1200&device=desktop&browser=chrome&fuuid=637ed7b8-f4d8-5110-9fba-9979a365c1a7&fid=2874&pubid=5&url=https%3A%2F%2Fcaptcha.bot%2F&sid=89ae67436bc58767184a&srate=100&adserver=gpt&etm=5933&e=slot-request
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2874/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.99.59.17 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-99-59-17.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:23 GMT
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 11:31:51 GMT
server: AkamaiNetStorage
etag: "9dd4e461268c8034f5c8564e155c67a6:1660131111.248793"
vary: Accept-Encoding, Accept-Encoding, Origin
content-type: text/plain
access-control-allow-origin: https://captcha.bot
cache-control: max-age=1800
accept-ranges: bytes
x-datastream-cache-status: 1
content-length: 21
expires: Wed, 10 Jan 2024 08:44:23 GMT

GET
H2 200 noconsent Show response
cdn.fuseplatform.net/telemetry/ 1 B
286 B 10ms
10ms Fetch
text/plain 104.99.59.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fuseplatform.net/telemetry/noconsent?auid=22801602508&cmpj=none&v=1&ttm=1704874463661&cookie=true&res=1600x1200&device=desktop&browser=chrome&fuuid=637ed7b8-f4d8-5110-9fba-9979a365c1a7&fid=2874&pubid=5&url=https%3A%2F%2Fcaptcha.bot%2F&sid=89ae67436bc58767184a&srate=100&adserver=gpt&etm=5933&e=slot-request
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2874/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.99.59.17 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-99-59-17.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:23 GMT
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 11:31:51 GMT
server: AkamaiNetStorage
etag: "9dd4e461268c8034f5c8564e155c67a6:1660131111.248793"
vary: Accept-Encoding, Accept-Encoding, Origin
content-type: text/plain
access-control-allow-origin: https://captcha.bot
cache-control: max-age=1800
accept-ranges: bytes
x-datastream-cache-status: 1
content-length: 21
expires: Wed, 10 Jan 2024 08:44:23 GMT

GET
H2 200 noconsent Show response
cdn.fuseplatform.net/telemetry/ 1 B
286 B 9ms
8ms Fetch
text/plain 104.99.59.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fuseplatform.net/telemetry/noconsent?auid=22801602505&cmpj=none&v=1&ttm=1704874463662&cookie=true&res=1600x1200&device=desktop&browser=chrome&fuuid=637ed7b8-f4d8-5110-9fba-9979a365c1a7&fid=2874&pubid=5&url=https%3A%2F%2Fcaptcha.bot%2F&sid=89ae67436bc58767184a&srate=100&adserver=gpt&etm=5935&e=slot-request
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2874/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.99.59.17 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-99-59-17.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:23 GMT
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 11:31:51 GMT
server: AkamaiNetStorage
etag: "9dd4e461268c8034f5c8564e155c67a6:1660131111.248793"
vary: Accept-Encoding, Accept-Encoding, Origin
content-type: text/plain
access-control-allow-origin: https://captcha.bot
cache-control: max-age=1800
accept-ranges: bytes
x-datastream-cache-status: 1
content-length: 21
expires: Wed, 10 Jan 2024 08:44:23 GMT

GET
H2 200 noconsent Show response
cdn.fuseplatform.net/telemetry/ 1 B
286 B 9ms
9ms Fetch
text/plain 104.99.59.17
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fuseplatform.net/telemetry/noconsent?auid=22801602511&cmpj=none&v=1&ttm=1704874463663&cookie=true&res=1600x1200&device=desktop&browser=chrome&fuuid=637ed7b8-f4d8-5110-9fba-9979a365c1a7&fid=2874&pubid=5&url=https%3A%2F%2Fcaptcha.bot%2F&sid=89ae67436bc58767184a&srate=100&adserver=gpt&etm=5935&e=slot-request
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2874/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.99.59.17 Sydney, Australia, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-99-59-17.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:23 GMT
content-encoding: gzip
last-modified: Wed, 10 Aug 2022 11:31:51 GMT
server: AkamaiNetStorage
etag: "9dd4e461268c8034f5c8564e155c67a6:1660131111.248793"
vary: Accept-Encoding, Accept-Encoding, Origin
content-type: text/plain
access-control-allow-origin: https://captcha.bot
cache-control: max-age=1800
accept-ranges: bytes
x-datastream-cache-status: 1
content-length: 21
expires: Wed, 10 Jan 2024 08:44:23 GMT

GET
H2 200 container.html Show response
a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9044 6 KB
3 KB 4ms
2ms Document
text/html 142.250.76.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://captcha.bot/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 10 Jan 2024 08:14:23 GMT
expires: Thu, 09 Jan 2025 08:14:23 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 690ms
113ms Script
text/javascript 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-407496646b648e67be5f557efe0c7641.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Apr 2023 09:13:32 GMT
server: nginx
etag: W/"642e8d3c-15c1d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 11 Jan 2024 08:14:24 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 9044 4 KB
1 KB 496ms
97ms Stylesheet
text/css 142.251.221.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com
URL: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f10.1e100.net

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 10 Jan 2024 08:14:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 08:06:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 10 Jan 2024 08:14:24 GMT

GET
H2 200 e21910fd923a6283b5d44b2382eabc86.js Show response
www.gstatic.com/mysidia/ Frame 8A41 9 KB
4 KB 403ms
3ms Script
text/javascript 142.251.221.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e21910fd923a6283b5d44b2382eabc86.js?tag=client_fast_engine_2019

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f3.1e100.net

Software

sffe /

Resource Hash

27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 16:19:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 575709
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4064
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 02 Apr 2024 16:19:15 GMT

GET
H2 200 43280567f396343d5424196559bfbf8c.js Show response
www.gstatic.com/mysidia/ Frame 8A41 146 KB
54 KB 406ms
7ms Script
text/javascript 142.251.221.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/43280567f396343d5424196559bfbf8c.js?tag=video_mra/web_interstitial_raspberry_ms_cta_adjustment

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f3.1e100.net

Software

sffe /

Resource Hash

be779b0e322b81f76bc00f275690c7a6b7f3cb407bdf383874080af920808c5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 15:21:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 579164
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54724
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 02 Apr 2024 15:21:40 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8A41 21 KB
1 KB 477ms
100ms Stylesheet
text/css 142.251.221.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500%2C600

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f10.1e100.net

Software

ESF /

Resource Hash

76740b2a7b0a35eed6ceb509cefd8ddd6955bd5c656b0581f2dcdb48040ced8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 10 Jan 2024 08:14:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 08:14:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 10 Jan 2024 08:14:24 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 8A41 2 KB
903 B 9ms
0ms Script
text/javascript 142.250.76.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f1.1e100.net

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:15:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50315
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Jan 2024 18:15:48 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/ Frame 8A41 23 KB
9 KB 10ms
0ms Script
text/javascript 142.250.76.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/abg_lite_fy2021.js

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f1.1e100.net

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:15:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50314
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Jan 2024 18:15:49 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 8A41 3 KB
1 KB 10ms
0ms Script
text/javascript 142.250.76.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/window_focus_fy2021.js

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:15:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50314
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Jan 2024 18:15:49 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame 8A41 20 KB
9 KB 8ms
0ms Script
text/javascript 142.250.76.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f1.1e100.net

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:15:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50316
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Jan 2024 18:15:47 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8A41 205 KB
65 KB 704ms
299ms Script
text/javascript 172.217.167.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f2.1e100.net

Software

sffe /

Resource Hash

daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704717871404979"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Jan 2024 08:14:24 GMT

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame 8A41 37 KB
15 KB 398ms
6ms Script
text/javascript 142.251.221.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f3.1e100.net

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 13:39:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66890
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 08 Apr 2024 13:39:34 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/ Frame 9044 22 KB
9 KB 8ms
0ms Script
text/javascript 142.250.76.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com
URL: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f1.1e100.net

Software

cafe /

Resource Hash

7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 02:29:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20708
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9422
x-xss-protection: 0
server: cafe
etag: 10624764489894593518
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 24 Jan 2024 02:29:15 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 9044 205 B
295 B 393ms
5ms Image
image/png 142.251.221.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com
URL: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f3.1e100.net

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 09:36:12 GMT
x-content-type-options: nosniff
age: 81492
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 08 Jan 2025 09:36:12 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 9044 604 B
920 B 392ms
5ms Image
image/png 142.251.221.67
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com
URL: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f3.1e100.net

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 06:28:39 GMT
x-content-type-options: nosniff
age: 265545
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 06 Jan 2025 06:28:39 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D66B 0
0 439ms
138ms Image
text/html 142.250.66.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202401030101&jk=1376921308069015&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.66.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: syd15s15-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame 7916 0
40 B 3ms
3ms Image
text/plain 142.250.76.97
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?FgGJUg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.76.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: syd09s24-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:24 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 container.html Show response
a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BCA6 6 KB
3 KB 2ms
2ms Document
text/html 142.250.76.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://captcha.bot/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 10 Jan 2024 08:14:23 GMT
expires: Thu, 09 Jan 2025 08:14:23 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame AD54 0
0 142ms
141ms Fetch
image/gif 142.250.66.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuOAhki-COtCha8pD2Rrrf5buMnNVIn3EoBLBX4EvjaSHKU3BUOENv_uivb31Ba2M7R1QcUgIVl-Sp3fEjZJHKRBlpAxBBlxsmY4khjIZe0A87wfRPVUL8FlmKxk3sysRi-8qmwtf5E9Wnl8Ah460ZCd9EZ3H8fq0nzxKmvMBha7aS3p_3N1GiF5LxXYgkn_kvdNIR3Ud4iQOyA7AQ-HIEIlV_hFskjrJSyJKVOdMyamsU24Rj8UXjoC76DvbjUPRYUzrz1Dv4qHYkurqwWWGNxmAC0sYVTTY3Vz9i_M1aaLMVdCXn0yHDH6MSeXzPvq3YoHdOnCv_6LOESofaeUGID-5ezamFKgsDV1ljqiiI5zf6DIgkrT2pQGPR9EYuZf63LrYioNOMgWbupJoM&sai=AMfl-YQG5QIfyUU0G9zJWP0DW7yo62f2OCji85TdIbOJA916HEzUeGlby7DOPf6JKc1sth8pDIZVzx5wG_zFRNheBa8wgCAEiCnAm8icVgVVfkGWWreDvl5a8EqODzjzP-M&sig=Cg0ArKJSzHQ2psM4mVVCEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 creative.js Show response
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame AD54 26 KB
10 KB 359ms
14ms Script
application/javascript 151.101.129.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 10 Jan 2024 08:14:24 GMT
x-content-type-options: nosniff
content-encoding: br
age: 6931
x-jsd-version: 1.16.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 9365
x-served-by: cache-fra-etou8220028-FRA, cache-bne12529-BNE
x-jsd-version-type: version
etag: W/"6721-FSYTlyriJmmnEqYsq5KQLDRsrFg"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame AD54 205 KB
65 KB 227ms
226ms Script
text/javascript 172.217.167.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f2.1e100.net

Software

sffe /

Resource Hash

daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704717871404979"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Jan 2024 08:14:24 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0A9A 0
0 141ms
140ms Fetch
image/gif 142.250.66.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssweoWYB2QFYvVl330J9_QEWG0KxsjfglyESiNngVMiPecl_OMqGeUUx1vToGUPlAE38cUYXRMeF7eXTF7syugVCW7GO15RcJ2UljMEIqrv02zVh4RGnr9aXvE0hgGlOt_loBfGedQ5ryCnwGfHiwlndkLkBeWkPIlnbu-_vDwbNodi7k1AgWOoMF06o8nT9W1zww2HiB5MbF9HWsUaBhl1A1pfU6ku0HyM_B6Mm1u91mrxFX3H54cZ5B-aW0aoW22zUnZ-l9SFKJXWq7eej_cu0jaZX5blUvwqDS1iJnA3eYTmmYh02BTfAEMoitMITWTMP21kq1mA044Rv1PrWRhUi7gq41CtLhhpzYuwgPNvSIJku379qg7zkkF-vxhdti_mq0RcCcwFbXKmZozWim_JKiLQTVM&sai=AMfl-YSkTRb0HDKWnwGEgRxLAQ99tPUmfH-YrDy7PIky2qQPjbBeaJUypBnHSkJGB0Dc1OU-tNHtqu4pBHyIiI1x0gyfRmKtYeE0Cd5SsNSHkDVXQ9z2s_fyT-BEixk6y5o&sig=Cg0ArKJSzDVX7nk8i7odEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0A9A 205 KB
65 KB 185ms
185ms Script
text/javascript 172.217.167.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f2.1e100.net

Software

sffe /

Resource Hash

daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704717871404979"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Jan 2024 08:14:24 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame E3D9 0
0 140ms
140ms Fetch
image/gif 142.250.66.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvTMZEV2OB9-yamrMj0T5mAGWr7vOK5opwYtjF4JAL6Frr1wxxTTVTNXMyRn3ua4jCSdLuNXndFj-uH317FDnNhsp-twWZ9-ojx1gCTdpoPSxsSlXZjnvX5uZBlTQo1hRiCkNj8QD0NNDXkR-9YZpb0SjsJNilaz1ayr5HxsuAMs_Qlqmb0LnMauPbmPgauS3a7Rqgb1jneYmzOmurIJpO6ftXs9NefwSUzRx8PZsiqX863so0_Xz38j4RDcjrkJZAHv3QaoUTeG8Qk0IAAsoSrT64c-RgZw828orhXeAkvb3VQ_ominVePY5yum46brPxPpqIfrqkhsks5g5_bAK6AGVP9z5E3WJbfsbZuhpbrVGl8xU0iCk9xBa4Ow8NiwzeaOpUlV2T616fdAFY&sai=AMfl-YQSf5WGxnOTPYe2SagoumwQBtBfLMO2fgq73KVt1VUebm33fBCTCzDy5T6BlbxV3YaR7Zj5W8_cCvJUSdywcvFqt8bD8KjJhS4_FTLfPeiLoN2oyfRz2jHuPEiloR4&sig=Cg0ArKJSzNQtuYsLjeycEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 creative.js Show response
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame E3D9 26 KB
9 KB 321ms
15ms Script
application/javascript 151.101.129.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 10 Jan 2024 08:14:24 GMT
x-content-type-options: nosniff
content-encoding: br
age: 6931
x-jsd-version: 1.16.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 9365
x-served-by: cache-fra-etou8220028-FRA, cache-bne12529-BNE
x-jsd-version-type: version
etag: W/"6721-FSYTlyriJmmnEqYsq5KQLDRsrFg"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame E3D9 205 KB
65 KB 189ms
189ms Script
text/javascript 172.217.167.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f2.1e100.net

Software

sffe /

Resource Hash

daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704717871404979"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Jan 2024 08:14:24 GMT

GET
H2 200 container.html Show response
a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 45A9 6 KB
3 KB 2ms
2ms Document
text/html 142.250.76.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://captcha.bot/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 10 Jan 2024 08:14:23 GMT
expires: Thu, 09 Jan 2025 08:14:23 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6AFB 0
0 141ms
140ms Fetch
image/gif 142.250.66.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsstFBjcET-nUbbV6m-CrEAhoeLwCG9pgco3LTh4ULId8V4tK0OXf1NTlAIiaOqmQ4Xm049uqdvVfh8EEviNl0b6kf5LuIJ57PdF6MRyOQi0zEvtJPzBmrIy8hu4laiWV7Ey-28XyDnVrvR7Bi5b7imP5fBlwetSenv6e9g9GQAhUjUHNY7FaS7luday4E-mggXXDVJAeFTFZMk0hzBb1TYM9VG2hG-4jwbNtx5QYpBbttsHNc0abTD20AkFD3kCK7eAuP6UxLZBq2gShv-VeCDxupmT0uz0TBZxDlWy1SjCbKKDjZ2cEOu6nh_uUuzH5oLR66UyrXmwOQtmT4E1bAwcidrJKGWddykQeZca7V7EaHkixzyLiSRlI9K4IIeFrpL2jNusMP113Ht6OmA&sai=AMfl-YRmbdT6fggxTu9CUOrT7Y1wD4AxcrPGxbX7-uZqb8aMezK40zRzjJiqly_QqlOtakIJFxG_T6oqLmbpvJ5xt6TpbzTB-n5e_YZG7ryj1KKzPAyi9wdp8xG-C6WBJoo&sig=Cg0ArKJSzKWjzjktJ1dfEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 creative.js Show response
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 6AFB 26 KB
9 KB 304ms
15ms Script
application/javascript 151.101.129.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.129.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 10 Jan 2024 08:14:24 GMT
x-content-type-options: nosniff
content-encoding: br
age: 6931
x-jsd-version: 1.16.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 9365
x-served-by: cache-fra-etou8220028-FRA, cache-bne12529-BNE
x-jsd-version-type: version
etag: W/"6721-FSYTlyriJmmnEqYsq5KQLDRsrFg"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6AFB 205 KB
65 KB 159ms
159ms Script
text/javascript 172.217.167.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f2.1e100.net

Software

sffe /

Resource Hash

daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704717871404979"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Jan 2024 08:14:24 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 58 KB
20 KB 444ms
443ms Fetch
text/plain 142.250.66.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1376921308069015&correlator=3906641444746296&eid=31080129%2C21065724&output=ldjh&gdfp_req=1&vrg=202401030101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=71161633%3A22547762570%2CCAPTCHABOT_captchabot%2Cscrolling_sticky_footer&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=468x60%7C728x90%7C970x90%7C970x250%7C1200x90&ifi=8&didk=3802411025&sfv=1-0-40&rcs=1&eri=1&sc=1&cookie=ID%3Deb044de9ea6d0c52%3AT%3D1704874463%3ART%3D1704874463%3AS%3DALNI_MZwx9lR5QQNaUyU_d_qgUDE-2MPxA&gpic=UID%3D00000cd4f24ab035%3AT%3D1704874463%3ART%3D1704874463%3AS%3DALNI_MY26IhANomrGXtNbsl5i5_YHXiwPw&abxe=1&dt=1704874464481&lmt=1703915775&adxs=800&adys=1165&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcaptcha.bot%2F&vis=1&psz=0x-1&msz=0x-1&fws=516&ohw=1600&psts=AOrYGsn4abM9BxBCBtxufoWvazWzECYQYWyfvgd4hHrh1KI2DgpWHH0GfpFb-h6kglO1vPYs7Ugq9vqdaYIR5pC4by8JYJLCKiIeUbc%2CAOrYGsm7sEdI_I3L_eSppVhFeVqmFal6veSUiXBccASr0uq6yuQF1g-vvfIZTElveBwsy0Soy-6YZgRCJaSzmmTzPijjv1-C3dOoUr4%2CAOrYGsmffWbdzCckmK_dH8QW3urUJcLT62nD8zNd_sWLhe5_yOr7wX2xVqISc89_j4Lq6wqpGeaJrlHY9mB0Qq-zm3G-PMp79FQ%2CAOrYGslGCrRBxEYnf9nUUgKBwtaKHG5GW1Flvuju2CF6FScXbaqOTAZcNNs-l5OddTnqknhQm_FTjyzkACLECIT8uxj18DzzfFm6lKA&ga_vid=1793440725.1704874461&ga_sid=1704874463&ga_hid=1882849386&ga_fc=true&a3p=EloKDWNyd2RjbnRybC5uZXQSQDY5OTkyNzNjZGVmZGM5MjRhMGY3NTQxZGM2ZmExODVjYTAyYzUwZGQzYTRiMjBlMjgxNTI1ZGU4Y2QzZjM3NWEYhp6_k88xSAA.&dlt=1704874459665&idt=1435&prev_scp=hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.01%26hb_adid%3D652dddc5830e85d%26hb_bidder%3Dtriplelift%26is_refresh%3Dfalse%26slot_prev_count%3D0%26adunit_prev_count%3D0%26in2w_key%3D66%26in2w_key2%3Dnope%2Coptimization%26in2w_key3%3Dadx1515%26in2w_key4%3D--3---%2C--3---%26in2w_key5%3Doptimization%26in2w_key6%3D--3h--qgz%26in2w_key7%3D1515%26in2w_key8%3D66%252C67%26in2w_key9%3Doptimization_request%26in2w_key12%3Doptimization%26in2w_key15%3Do0%26in2w_key16%3D5%26in2w_keypm%3Dfuse-slot-22856109504-1%26in2w_key9001%3D1&cust_params=fuse_profanity%3Dfalse%26fuse_site%3Dcaptcha.bot%26fuse_path%3D%252F%26fuse_query%3D%26fuse_category%3D%26fuse_industry%3DIAB9%26testmode%3Dfalse%26inskin_yes%3Dtrue%26fuse_uuid%3D637ed7b8-f4d8-5110-9fba-9979a365c1a7%26fuse_publication_id%3D5%26GPT_READY_MS%3D3000-3499%26PREBID_READY_MS%3D2500-2999%26UAM_READY_MS%3Ddisabled%26CMP_DETERMINED_MS%3D4000-4999%26CMP_GDPR_CACHED%3Dfalse%26FUSE_LOADED_MS%3D2500-2999%26CMP_JURISDICTION%3Dnone%26CMP_ALLOW_PERSONAL%3Dtrue%26GPT_AUCTION_START_MS%3D5000-5999%26CMP_LOAD_FINISH_MS%3D4000-4999%26FIRST_ZONE_MS%3D4000-4999%26HB_AUCTION_START_MS%3D4000-4999&adks=3743414737&frm=20

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f2.1e100.net

Software

cafe /

Resource Hash

bb1e68e15b6346876f4303c1c018c75bf54dedac3900cd09b254869cc40e29cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:24 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20585
x-xss-protection: 0
google-lineitem-id: 6135185025
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138376945794
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://captcha.bot
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 e21910fd923a6283b5d44b2382eabc86.js Show response
www.gstatic.com/mysidia/ Frame BCA6 9 KB
4 KB 3ms
2ms Script
text/javascript 142.251.221.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e21910fd923a6283b5d44b2382eabc86.js?tag=client_fast_engine_2019

Requested by

Host: a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com
URL: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f3.1e100.net

Software

sffe /

Resource Hash

27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 03 Jan 2024 16:19:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 575709
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4064
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 02 Apr 2024 16:19:15 GMT

GET
H2 200 eca8f43f04ace2cb887c6c133446ca43.js Show response
www.gstatic.com/mysidia/ Frame BCA6 11 KB
5 KB 5ms
4ms Script
text/javascript 142.251.221.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/eca8f43f04ace2cb887c6c133446ca43.js?tag=text/vanilla_highlight_ms

Requested by

Host: a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com
URL: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f3.1e100.net

Software

sffe /

Resource Hash

a2366f8ceefa49f15dbf946bb02a4cf52b6d2999f71712d3f52e8bd5f56e1988

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:44:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91818
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4745
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 08 Apr 2024 06:44:06 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame BCA6 14 KB
1 KB 101ms
100ms Stylesheet
text/css 142.251.221.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com
URL: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f10.1e100.net

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 10 Jan 2024 08:14:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 06:29:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 10 Jan 2024 08:14:24 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/v0/ Frame BCA6 110 KB
33 KB 554ms
139ms Script
text/javascript 142.250.204.1
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-analytics-0.1.js

Requested by

Host: a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com
URL: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.204.1 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s25-in-f1.1e100.net

Software

sffe /

Resource Hash

5a0b8fa938af334bce5a350b66110d0b21be7630c46e6fe32fd0f00d877e1e6f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 10 Jan 2024 08:14:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32198
x-xss-protection: 0
server: sffe
etag: "adb7489d39d466fa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 10 Jan 2024 08:14:24 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame BCA6 2 KB
856 B 4ms
2ms Script
text/javascript 142.250.76.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com
URL: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f1.1e100.net

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:15:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50316
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Jan 2024 18:15:48 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/ Frame BCA6 23 KB
9 KB 6ms
4ms Script
text/javascript 142.250.76.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/abg_lite_fy2021.js

Requested by

Host: a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com
URL: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f1.1e100.net

Software

cafe /

Resource Hash

428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:15:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50315
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9276
x-xss-protection: 0
server: cafe
etag: 3558958386372919956
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Jan 2024 18:15:49 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame BCA6 3 KB
1 KB 7ms
5ms Script
text/javascript 142.250.76.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/window_focus_fy2021.js

Requested by

Host: a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com
URL: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:15:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50315
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Jan 2024 18:15:49 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/ Frame BCA6 20 KB
8 KB 2ms
2ms Script
text/javascript 142.250.76.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240108/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com
URL: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f1.1e100.net

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 18:15:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50317
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Jan 2024 18:15:47 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame BCA6 0
0 139ms
137ms Image
text/html 142.250.204.4
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSvsP_YSTRX5pWfQr9lcMIbeHUHNP61TyjLvA2NLU4QM2qgvrGTeCoXdmZwBwhkRhgwltDfTO7icpLur-8EtT0Nlmv7gg
Requested by: Host: a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com
URL: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.204.4 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: syd09s25-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

GET
H2 200 f9d9b65dbd646119ce96bad0f484d579.js Show response
www.gstatic.com/mysidia/ Frame BCA6 37 KB
15 KB 8ms
7ms Script
text/javascript 142.251.221.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com
URL: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f3.1e100.net

Software

sffe /

Resource Hash

457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 13:39:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66890
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15460
x-xss-protection: 0
last-modified: Thu, 07 Dec 2023 22:13:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 08 Apr 2024 13:39:34 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 45A9 24 KB
6 KB 2ms
2ms Script
text/javascript 142.250.76.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com
URL: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f1.1e100.net

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 00:59:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 285311
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 06 Jan 2025 00:59:13 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 45A9 26 KB
11 KB 128ms
127ms Script
text/javascript 142.250.66.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com
URL: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

cafe /

Resource Hash

b0d79e78ec34688897f59213dcf33c0a9eae3c0552e5ebe7f3b43b86923c0020

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10649
x-xss-protection: 0
server: cafe
etag: 14154713784388246432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 10 Jan 2024 08:14:24 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 45A9 205 KB
65 KB 211ms
210ms Script
text/javascript 172.217.167.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com
URL: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f2.1e100.net

Software

sffe /

Resource Hash

daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704717871404979"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Jan 2024 08:14:24 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 49BB 1 KB
739 B 3ms
2ms Document
text/html 142.250.66.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com
URL: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

age: 57923
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 Jan 2024 16:09:01 GMT
etag: 48472445140208031
expires: Wed, 10 Jan 2024 16:09:01 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame BCA6 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 757b0d15cc98f2df0856454f8648da555685ba9f0d591936e76a8a78f5d88c67

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 45A9 0
0 141ms
140ms Fetch
image/gif 142.250.66.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss34eHomE9hhAdgyh9M18q9Y9EmDlP8PDfduzjAL6oMAKO_L-2BS3Y1q4e6397qpaaB5EaPy23dXxx08hETPeAJJrDG0stUg-7UTWXLVPxjV4Ru9EASJQOnz1xC5NIAZarJMQG-tI0ORc3CZR-sEONNG7mOOLkcYiimqBlFrDAfcTYCvptee8xFxFklv949w5UM8SOkq5RIP5kkzDe0KWriANhw19pgeAug8UdbNi4vvt2zRvyrhX2kX5eplGorkY63NTXIHO7QhMatRk5Cm2wcwcPhGSjEAtN5BeclOuaiMCEnbLZSeS9p_fLePqt28HutFcRLc5Fu7e4c83d6UI7ytW8pkzKOiu3NWa5bdOp9t7cpuQHxubzn6pafnbyVW5avGQdIWarGdR0&sai=AMfl-YT2BENrba63SLfSJg7TyKxmFT6II_hY6xA6zqJfrU5t_FNra9R27Er66xCJDfb8BbgXNEIxMqZCWie0P8ozZ_sO2zSawNJB-LyCI3fK0pDFC22mrwKamws05mO3K10&sig=Cg0ArKJSzI2P887Z9CDNEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com
URL: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:24 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 5A26 14 KB
6 KB 613ms
102ms Document
text/html 182.161.73.136
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=captcha.bot&gdpr=0&gdpr_consent=

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

78a76789395b2c33306cdf5f6109561c6b7fc09b9414790e8fdb809b9c08242f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://captcha.bot/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 10 Jan 2024 08:14:25 GMT
server: Kestrel
server-processing-duration-in-ticks: 368472
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
x-robots-tag: noindex

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 693ms
183ms XHR
text/javascript 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 06 Apr 2023 09:13:32 GMT
server: nginx
etag: W/"642e8d3c-15c1d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 11 Jan 2024 08:14:25 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 49BB
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEBC9Y35N0j0tW4BmufghnkE&google_cver=1&google_push=AXcoOmTECS2q-tSkhOJo8DnVYFEY5of3F9Y29SVA-tSPL9BpHAUMz8uwQZUI3tGXRH39LAMMXXZqOhtUBT2iIC-599jdDznQY5SPJ...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBC9Y35N0j0tW4BmufghnkE&google_cver=1&google_push=AXcoOmTECS2q-tSkhOJo8DnVYFEY5of3F9Y29SVA-tSPL9BpHAUMz8uwQZUI3tGXRH39LAMMXXZqOhtUBT2iIC-599jdDznQY5S...

43 B
432 B

175ms
168ms

Image
image/gif

104.18.24.173
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBC9Y35N0j0tW4BmufghnkE&google_cver=1&google_push=AXcoOmTECS2q-tSkhOJo8DnVYFEY5of3F9Y29SVA-tSPL9BpHAUMz8uwQZUI3tGXRH39LAMMXXZqOhtUBT2iIC-599jdDznQY5SPJzvyNMcGALSCWKqZtEno_75r7uBMbExHEvOtmp_A-oEuOsJUr4hvHM4&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTECS2q-tSkhOJo8DnVYFEY5of3F9Y29SVA-tSPL9BpHAUMz8uwQZUI3tGXRH39LAMMXXZqOhtUBT2iIC-599jdDznQY5SPJzvyNMcGALSCWKqZtEno_75r7uBMbExHEvOtmp_A-oEuOsJUr4hvHM4%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com
URL: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 104.18.24.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 08:14:25 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 8433775ecf1ca868-SYD
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 10 Jan 2024 08:14:25 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 621
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBC9Y35N0j0tW4BmufghnkE&google_cver=1&google_push=AXcoOmTECS2q-tSkhOJo8DnVYFEY5of3F9Y29SVA-tSPL9BpHAUMz8uwQZUI3tGXRH39LAMMXXZqOhtUBT2iIC-599jdDznQY5SPJzvyNMcGALSCWKqZtEno_75r7uBMbExHEvOtmp_A-oEuOsJUr4hvHM4&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmTECS2q-tSkhOJo8DnVYFEY5of3F9Y29SVA-tSPL9BpHAUMz8uwQZUI3tGXRH39LAMMXXZqOhtUBT2iIC-599jdDznQY5SPJzvyNMcGALSCWKqZtEno_75r7uBMbExHEvOtmp_A-oEuOsJUr4hvHM4%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 8433775dae09a868-SYD
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 49BB 0
173 B 120ms
95ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEIjFq0DoY-QBmYNT-zcwoIE&google_cver=1&google_push=AXcoOmRSqUEvP0js3M6eU7rLnUejxIwyrlhxl4jidFR9tOQsF16jmnAQWf85TmoF1IcH-1tHQCX4yaRd6JeapAB4aIZi2XgRTnnZmW1hJ9LDacVM5s4-Usbsb35dKEdQUusQMOCTimKHYof9jHTeg6DLfdw
Requested by: Host: a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com
URL: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:24 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 49BB
Redirect Chain

https://sync.fout.jp/sync?xid=googleadex&g_pixel=&sp=1&google_gid=CAESEOnFI0OyWP5HTFJxrg5LO7w&google_cver=1&google_push=AXcoOmTLM5qJ4IWpw9YEPWLbbFjE0J82eHT33R7C_tUbzCOwt4rYTyLRkHYhSLuba9VfB-PoPHGpw...
https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmTLM5qJ4IWpw9YEPWLbbFjE0J82eHT33R7C_tUbzCOwt4rYTyLRkHYhSLuba9VfB-PoPHGpwmRnZV80W7ABg6xWeydMOrnBzX3Lug3ANZbsk5yCw-gVj3EpZWScVc...

170 B
188 B

101ms
101ms

Image
image/png

142.250.66.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmTLM5qJ4IWpw9YEPWLbbFjE0J82eHT33R7C_tUbzCOwt4rYTyLRkHYhSLuba9VfB-PoPHGpwmRnZV80W7ABg6xWeydMOrnBzX3Lug3ANZbsk5yCw-gVj3EpZWScVcigIQn8D1t30wqK7j79cEKaanM&google_hm=VjJzVUo1RnJVRGtWYVdWYWd3dl9qU0I1VC1r&from_google=sp1

Protocol

Server

142.250.66.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 08:14:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 10 Jan 2024 08:14:25 GMT
Strict-Transport-Security: max-age=15768000
Server: nginx
Transfer-Encoding: chunked
P3P: CP="ADM NOI OUR"
Location: https://cm.g.doubleclick.net/pixel?google_nid=freakout&google_push=AXcoOmTLM5qJ4IWpw9YEPWLbbFjE0J82eHT33R7C_tUbzCOwt4rYTyLRkHYhSLuba9VfB-PoPHGpwmRnZV80W7ABg6xWeydMOrnBzX3Lug3ANZbsk5yCw-gVj3EpZWScVcigIQn8D1t30wqK7j79cEKaanM&google_hm=VjJzVUo1RnJVRGtWYVdWYWd3dl9qU0I1VC1r&from_google=sp1
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection: keep-alive

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 49BB
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEPk9d5omxJFzc-XoN5kWdaY&google_cver=1&google_push=AXcoOmR_BRtR5NhCr0mrPbVRql7WmcIewTHkj-YpTIxg9auri40rneSjPKavOtlVvLcS8brmaS-tLdgZnyqV6UZLuXIANS0bhDh6Y...
https://rtb.openx.net/sync/dds?google_cver=1&google_gid=CAESEPk9d5omxJFzc-XoN5kWdaY&google_push=AXcoOmR_BRtR5NhCr0mrPbVRql7WmcIewTHkj-YpTIxg9auri40rneSjPKavOtlVvLcS8brmaS-tLdgZnyqV6UZLuXIANS0bhDh6Y...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmR_BRtR5NhCr0mrPbVRql7WmcIewTHkj-YpTIxg9auri40rneSjPKavOtlVvLcS8brmaS-tLdgZnyqV6UZLuXIANS0bhDh6YGOSgK72rDBRAWhIAwgGD7qj9NsNsZJzKo...

170 B
243 B

106ms
102ms

Image
image/png

142.250.66.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmR_BRtR5NhCr0mrPbVRql7WmcIewTHkj-YpTIxg9auri40rneSjPKavOtlVvLcS8brmaS-tLdgZnyqV6UZLuXIANS0bhDh6YGOSgK72rDBRAWhIAwgGD7qj9NsNsZJzKoEXfrIr7SWon7sKGn-2OUk&google_hm=jcqQ1iCGxgYlwMvC1fFJcQ==

Requested by

Host: a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com
URL: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.66.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 08:14:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 10 Jan 2024 08:14:24 GMT
via: 1.1 google
content-type: text/html; charset=utf-8
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AXcoOmR_BRtR5NhCr0mrPbVRql7WmcIewTHkj-YpTIxg9auri40rneSjPKavOtlVvLcS8brmaS-tLdgZnyqV6UZLuXIANS0bhDh6YGOSgK72rDBRAWhIAwgGD7qj9NsNsZJzKoEXfrIr7SWon7sKGn-2OUk&google_hm=jcqQ1iCGxgYlwMvC1fFJcQ==
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 284

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 49BB
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENE7SitMZClWGKA75xXmoB0&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESENE7SitMZClWGKA75xXmoB0&google_push=AX...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENE7SitMZClWGKA75xXmoB0&google_hm=ZZ5R4DRm0AbOO9m88ZnT4AAAElcAAAAB&google_nid=index&google_push=AXcoOmRtotz-KBBoi3uNs5MMoAm7_LpN6Mr-O...

170 B
232 B

102ms
102ms

Image
image/png

142.250.66.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENE7SitMZClWGKA75xXmoB0&google_hm=ZZ5R4DRm0AbOO9m88ZnT4AAAElcAAAAB&google_nid=index&google_push=AXcoOmRtotz-KBBoi3uNs5MMoAm7_LpN6Mr-OSGnI9vGQxC5E-NSNgjY5jzqTIw-pBZEk7tgEdxbuPPP-TjR7WnNCLAddXnDeRz_4Apvm9kDRf1Hx-97cmrHSzLF07DqWipKO2uIrSjjdyu-W_gdLYuUlAE

Requested by

Host: a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com
URL: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.66.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 08:14:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 10 Jan 2024 08:14:24 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t54Pooy9TsGWkqOGlbWQnb7elw8Xi8K2XDZRj0qtMrMcdBI6lZZ3mP9dUWUP7E8eeCqc7v%2FzsGrSJwLHxCZExHYpfl52BNnGcKv3sYIMjf%2Fb6C7Wu3XsDPII%2FIrbXZdtoArqAoiBLZdsJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESENE7SitMZClWGKA75xXmoB0&google_hm=ZZ5R4DRm0AbOO9m88ZnT4AAAElcAAAAB&google_nid=index&google_push=AXcoOmRtotz-KBBoi3uNs5MMoAm7_LpN6Mr-OSGnI9vGQxC5E-NSNgjY5jzqTIw-pBZEk7tgEdxbuPPP-TjR7WnNCLAddXnDeRz_4Apvm9kDRf1Hx-97cmrHSzLF07DqWipKO2uIrSjjdyu-W_gdLYuUlAE
cache-control: no-cache
cf-ray: 8433775ccb1fa959-SYD
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 400 sspsync
cksync.yahoo.co.jp/ Frame 49BB 35 B
624 B 1063ms
209ms Image
image/gif 183.79.249.124

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cksync.yahoo.co.jp/sspsync?ptr=12703&google_gid=CAESEO6GBnEo9nOsnEDVb6tc-zY&google_cver=1&google_push=AXcoOmTHk3sDJvAAvSCePh8eisq3lmdNVuzPGzljPKhpplXUaxa2001muCNHLrpSENmkH0kjyrhgiK0kZYPqgK4LVRMpP3vFgiKywUx6XW4DE9PF8jxnKJNC_3Jt7PSDdm9wgofb0GwJ6Kwyb8RaC6LmBV7w

Requested by

Host: a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com
URL: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

183.79.249.124 -, , ASN (),

Reverse DNS

Software

nghttpx /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:25 GMT
x-content-type-options: nosniff
server: nghttpx
age: 0
x-frame-options: SAMEORIGIN
content-type: image/gif
cache-control: private, no-store, no-cache
cross-origin-resource-policy: cross-origin
content-length: 35
x-xss-protection: 1; mode=block

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 49BB
Redirect Chain

https://gtrace.mediago.io/ju/cs/google?google_gid=CAESECOASoooRor8HYhrG-Urn7g&google_cver=1&google_push=AXcoOmRvDIcJfvWOse_Uir4oR-eoQD95gYXZc3c0y8Ai9nvf0Vg88oGYGrkyZQQI60A6bB2qmr5SNzpanikM7XAvuxfKa...
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmRvDIcJfvWOse_Uir4oR-eoQD95gYXZc3c0y8Ai9nvf0Vg88oGYGrkyZQQI60A6bB2qmr5SNzpanikM7XAvuxfKaV28t7mBtPA4W_LFgJXH2at4LmS96KfEy...

170 B
188 B

101ms
101ms

Image
image/png

142.250.66.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmRvDIcJfvWOse_Uir4oR-eoQD95gYXZc3c0y8Ai9nvf0Vg88oGYGrkyZQQI60A6bB2qmr5SNzpanikM7XAvuxfKaV28t7mBtPA4W_LFgJXH2at4LmS96KfEyr5N7soTY1M7dYJBUobZcmSpjaqvel2T&google_hm=a02ae86a0888d2ce2eg09f00lr7i8kde

Protocol

Server

142.250.66.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 08:14:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 10 Jan 2024 08:14:25 GMT
via: 1.1 google
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8
location: https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AXcoOmRvDIcJfvWOse_Uir4oR-eoQD95gYXZc3c0y8Ai9nvf0Vg88oGYGrkyZQQI60A6bB2qmr5SNzpanikM7XAvuxfKaV28t7mBtPA4W_LFgJXH2at4LmS96KfEyr5N7soTY1M7dYJBUobZcmSpjaqvel2T&google_hm=a02ae86a0888d2ce2eg09f00lr7i8kde
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 49BB 0
76 B 106ms
91ms Image
text/html 142.250.66.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JvXLqLfd4Na8b0jPseAfIdS84s2f2WNPyhtsrS65PMAIXwu82LnU78JPhqvD7vSEdRI4rjFmE

Requested by

Host: a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com
URL: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:24 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame BCA6 33 KB
34 KB 459ms
4ms Font
font/woff2 142.251.221.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f3.1e100.net

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 08:01:53 GMT
x-content-type-options: nosniff
age: 87152
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jan 2025 08:01:53 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 45A9 146 KB
50 KB 116ms
116ms Script
text/javascript 142.250.66.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

cafe /

Resource Hash

bb5479b00d16ae308714a6412ce7b6ccd0c7283747257c23cf6065ac7039c37b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51119
x-xss-protection: 0
server: cafe
etag: 16854913167100164351
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 10 Jan 2024 08:14:24 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame BCA6
Redirect Chain

https://securepubads.g.doubleclick.net/pagead/adview?ai=Cxd-a31GeZaTWMqzGssUPur-XmAinw6ygdY_G4q7tC9nZHhABINPLzjBgpYCAgJABoAH9kor9A8gBAeACAKgDAcgDCqoEqgJP0I6DgK9tzdFHi3X-E-iKdof4yhirZudDgqtRsBGW8v0n...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x577fa12c018f609d0000000000000000%22,%222%22:%220x3e0cf027f1224270000000000000000%22,%223%22:%220x1f97ce4...

0
0

261ms
138ms

Fetch
text/css

172.217.167.98

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x577fa12c018f609d0000000000000000%22,%222%22:%220x3e0cf027f1224270000000000000000%22,%223%22:%220x1f97ce4626d15c650000000000000000%22,%224%22:%220x6e34438c719bbf220000000000000000%22,%225%22:%220x838016e60c7494710000000000000000%22},%22debug_key%22:%227208330126607728494%22,%22debug_reporting%22:true,%22destination%22:%22https://justanswer.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%221067616637%22],%2222%22:[%22true%22],%224%22:[%2201-10%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2217112033280674315217%22}&andc=true

Protocol

Server

172.217.167.98 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:26 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x577fa12c018f609d0000000000000000","2":"0x3e0cf027f1224270000000000000000","3":"0x1f97ce4626d15c650000000000000000","4":"0x6e34438c719bbf220000000000000000","5":"0x838016e60c7494710000000000000000"},"debug_key":"7208330126607728494","debug_reporting":true,"destination":"https://justanswer.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1067616637"],"22":["true"],"4":["01-10"],"6":["true"]},"priority":"500","source_event_id":"17112033280674315217"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: null
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 10 Jan 2024 08:14:26 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 10 Jan 2024 08:14:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x577fa12c018f609d0000000000000000","2":"0x3e0cf027f1224270000000000000000","3":"0x1f97ce4626d15c650000000000000000","4":"0x6e34438c719bbf220000000000000000","5":"0x838016e60c7494710000000000000000"},"debug_key":"7208330126607728494","debug_reporting":true,"destination":"https://justanswer.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["1067616637"],"22":["true"],"4":["01-10"],"6":["true"]},"priority":"500","source_event_id":"17112033280674315217"}&andc=true
access-control-allow-origin: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H2 204 adview
securepubads.g.doubleclick.net/pagead/ Frame 0
0 838ms
139ms Preflight
text/html 142.250.66.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/adview?ai=Cxd-a31GeZaTWMqzGssUPur-XmAinw6ygdY_G4q7tC9nZHhABINPLzjBgpYCAgJABoAH9kor9A8gBAeACAKgDAcgDCqoEqgJP0I6DgK9tzdFHi3X-E-iKdof4yhirZudDgqtRsBGW8v0nBHgE7OSqiyVAGsNEaSqkGgK6Aixb03DMVvf7CsMLTzsQP3UiIIcFkF1HmxZ1axT2zbZ5czuOzgbwAbOSS-N0FmnUtdBTwOVSgiaB5hrMmsE4Tw7XqFDPoh0v1GKG68E_7GJOuODSVv0yM_2Wy6g1pBQ4laGUSWdK1LATZz9SHfuw19NvafeCq62ELCqB4cTL8fcgXAmVtFovDLIyvin8cMGcahv2lwDqb0mvhEoWU5QfAzkhOPQrRu5y8_SUnz3qMkAba3GwJJ7npJQNml2pLUAw7VIHry9MP0mCrye3DQ6OiKJt7_kiQGNUhX2S2_51kjHO1PtZMhYrJbCJTBUezaLbMHyFQpw_wATOrrHxjgLgBAGIBbL-lrsHkgUECAQYAZIFBAgFGASAB4OyeKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEJ6VBdIIHwiAYRABGB0yAooCOgSAQIBASL39wTpYmY2zprDSgwOaCStodHRwczovL3d3dy5qdXN0YW5zd2VyLmNvbS9zaXAvanVzdGFuc3dlci0xgAoDyAsBogwMKgoKCKy6sQK7u7EC2gwRCgsQ8PeL_YuSkKq3ARICAQPiDRMIweSzprDSgwMVLKOsAh263wWD2BMLiBQE0BUBgBcBshceChwIABIUcHViLTMwMzkxOTk1MDM0MDM2MzQYmdIh&sigh=PISS6X1JWKI&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSPAAvHhf_IgPh9BlnFQKq2iG_VB80GUA8BESUhng9qwWLwc3Xurbro8i0X4yyrInhGgMEnZeRRge-W_kqVRgB&cbvp=2&vis=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 10 Jan 2024 08:14:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET view
securepubads.g.doubleclick.net/pcs/ Frame 0A9A 0
0

GET
H2 200 bundle.js Show response
ib.3lift.com/rev/ad1dbd3a8781de1e73e9043e5e128ab350203732/dist/ Frame AD54 196 KB
61 KB 318ms
3ms Script
text/javascript 18.67.93.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/rev/ad1dbd3a8781de1e73e9043e5e128ab350203732/dist/bundle.js
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-105.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7019c81112576afa12ece5f1412d4833387a4e58454d0a3b4843169bc948deb0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 19:54:55 GMT
content-encoding: gzip
via: 1.1 909f00169c0be43b0eae99ab8e7a6126.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD62-P1
age: 2377170
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 61556
last-modified: Wed, 13 Dec 2023 19:53:52 GMT
server: AmazonS3
etag: "7ca2f58432437b00c4247750bfb764cb"
content-type: text/javascript
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: x09kn1OIvpSD2r5swOm1cxxzYjE7f_J2e68k31ablj3aN1gCdzbeKg==

GET
H2 200 notify
tlx.3lift.com/header/ Frame AD54 37 B
220 B 96ms
95ms Image
image/gif 52.74.188.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tlx.3lift.com/header/notify?px=1&pr=0.013&ts=1704874462&aid=34694625957650018608001&ec=5563_66529_OADD2.7559550346793_15OFPY2U4ICOCLJTY0&n=Gs8CaHR0cHM6Ly93d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MTE3MzAzNzQmYXVJZD00YTcyY2ZlZS1hZWFmLTRlZWEtOWJiMS00NTBiYTg5MzNkMjAmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMiZvQWRVbml0PTExNzMwMzc0JnB1Ymxpc2hlcklkPTI1MDE1MjIzNSZySWQ9NGE3MmNmZWUtYWVhZi00ZWVhLTliYjEtNDUwYmE4OTMzZDIwJnJ0eXBlPW51cmwmdGFnSWQ9MzQ2NzY4JnRyYWZmaWNHcm91cD1nZXZjeXJ5dnNnX3BjeiZ0cmFmZmljU3ViR3JvdXA9cGJhZ2VieSZhaWQ9MzQ2OTQ2MjU5NTc2NTAwMTg2MDgwMC0zMDEmd3A9MC4wMTnyAqACCAASFzM0Njk0NjI1OTU3NjUwMDE4NjA4MDAxGAAgASi7KzDhhwRAAUgAUAFgEmgKcIH7IZABAJgBAKgBALgBBcABDcgBE%2FABkssM%2BAETgAINkQIAAAAAAADwP5kC16NwPQrX0z%2BoAgCwAgPIAgLYAgD4AqY7kAMAmAMAoAMAuAOYwNUByAMA0gMmT0FERDIuNzU1OTU1MDM0Njc5M18xNU9GUFkyVTRJQ09DTEpUWTDgA%2Bz6nmLpAwAAAAAAAAAA8AMT%2BQMAAAAAAAAAAIAECYkE9ihcj8L12D%2FABK0CygQdCAMZAAAAAAAAAAAhAAAAAAAAAAApexSuR%2BF6tL%2FQBADaBBkzNDY5NDYyNTk1NzY1MDAxODYwODAwMSAz4AQA%2BAIMiAMBkgMEOTg5NZgDAKADkJUVqAMA
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.74.188.57 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-74-188-57.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 10 Jan 2024 08:14:24 GMT
cache-control: no-cache, no-store, must-revalidate, no-cache, no-store, must-revalidate
content-length: 37
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 pe
eb2.3lift.com/ Frame AD54 37 B
139 B 336ms
96ms Image
image/gif 35.71.178.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/pe?fid=18&peid=0&aid=34694625957650018608001
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ade9ecc7904667038.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
DATA 200
OK truncated
/ Frame AD54 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3c39c868603e7ea71f8b067b1a9319121d7cb4e8276202a3e0b56a39424ac525

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 bundle.js Show response
ib.3lift.com/rev/ad1dbd3a8781de1e73e9043e5e128ab350203732/dist/ Frame E3D9 196 KB
61 KB 303ms
7ms Script
text/javascript 18.67.93.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/rev/ad1dbd3a8781de1e73e9043e5e128ab350203732/dist/bundle.js
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-105.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7019c81112576afa12ece5f1412d4833387a4e58454d0a3b4843169bc948deb0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 19:54:55 GMT
content-encoding: gzip
via: 1.1 909f00169c0be43b0eae99ab8e7a6126.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD62-P1
age: 2377170
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 61556
last-modified: Wed, 13 Dec 2023 19:53:52 GMT
server: AmazonS3
etag: "7ca2f58432437b00c4247750bfb764cb"
content-type: text/javascript
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: yai5b11gv9XSmIRRf2Zhhczi1IYWj-hfRbW7XLbV-Se4nJimA9pE2A==

GET
H2 200 notify
tlx.3lift.com/header/ Frame E3D9 37 B
220 B 96ms
95ms Image
image/gif 52.74.188.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tlx.3lift.com/header/notify?px=1&pr=0.061&ts=1704874462&aid=34694625957650018608002&ec=5563_66529_OADD2.9964453792767_1PR34WPZCDLI65UYFV&n=Gu0CaHR0cHM6Ly93d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MTE3MzAzNzQmYXVJZD0yMWJjY2U2MS0wYWJjLTQ2MDktYTNjZC0yZGVmYmFhMDk3ZDkmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMyZvQWRVbml0PTExNzMwMzc0JnB1Ymxpc2hlcklkPTI1MDE1MjIzNSZySWQ9MjFiY2NlNjEtMGFiYy00NjA5LWEzY2QtMmRlZmJhYTA5N2Q5JnJ0eXBlPW51cmwmdGFnSWQ9MzQ2NzY4JnRyYWZmaWNHcm91cD1nZXZjeXJ5dnNnX3BjeiZ0cmFmZmljU3ViR3JvdXA9enpmJTNBZ2V2Y3lyeXZzZ19wY3pfbmhxdmdfZ2VucHh2YXRfcCZhaWQ9MzQ2OTQ2MjU5NTc2NTAwMTg2MDgwMC0zMDImd3A9MC4wODjyAp0CCAASFzM0Njk0NjI1OTU3NjUwMDE4NjA4MDAyGAAgASi7KzDhhwRAAUgAUAFgEmgKcIH7IZABAJgBAKgBALgBBcABPcgBWPABkssM%2BAFYgAI9kQIAAAAAAADwP5kC16NwPQrX0z%2BoAgCwAgHIAgLYAgD4AqY7kAMAmAMAoAMAuAMAyAMA0gMmT0FERDIuOTk2NDQ1Mzc5Mjc2N18xUFIzNFdQWkNETEk2NVVZRlbgA8S86GfpAwAAAAAAAAAA8ANY%2BQMAAAAAAAAAAIAECYkE9ihcj8L12D%2FABK4CygQdCAMZAAAAAAAAAAAhAAAAAAAAAAApexSuR%2BF6tL%2FQBADaBBkzNDY5NDYyNTk1NzY1MDAxODYwODAwMiAx4AQA%2BAIMiAMBkgMEOTg5NZgDAKADkJUVqAMA
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.74.188.57 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-74-188-57.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 10 Jan 2024 08:14:24 GMT
cache-control: no-cache, no-store, must-revalidate, no-cache, no-store, must-revalidate
content-length: 37
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 pe
eb2.3lift.com/ Frame E3D9 37 B
140 B 315ms
95ms Image
image/gif 35.71.178.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/pe?fid=18&peid=0&aid=34694625957650018608002
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ade9ecc7904667038.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
DATA 200
OK truncated
/ Frame E3D9 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 55e20b413a8c958a4d50fce6a449d7bd3edb8102e36f9057a1910038607dcf80

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 bundle.js Show response
ib.3lift.com/rev/ad1dbd3a8781de1e73e9043e5e128ab350203732/dist/ Frame 6AFB 196 KB
61 KB 276ms
5ms Script
text/javascript 18.67.93.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ib.3lift.com/rev/ad1dbd3a8781de1e73e9043e5e128ab350203732/dist/bundle.js
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-105.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7019c81112576afa12ece5f1412d4833387a4e58454d0a3b4843169bc948deb0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 13 Dec 2023 19:54:55 GMT
content-encoding: gzip
via: 1.1 909f00169c0be43b0eae99ab8e7a6126.cloudfront.net (CloudFront)
x-amz-cf-pop: SYD62-P1
age: 2377170
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 61556
last-modified: Wed, 13 Dec 2023 19:53:52 GMT
server: AmazonS3
etag: "7ca2f58432437b00c4247750bfb764cb"
content-type: text/javascript
cache-control: max-age=31536000, immutable
accept-ranges: bytes
x-amz-cf-id: OPNcFEedsAnKLMQBF6e9K_nwzipYy7uD9a1kyaklmeDrGTtjQzMxBQ==

GET
H2 200 notify
tlx.3lift.com/header/ Frame 6AFB 37 B
220 B 99ms
95ms Image
image/gif 52.74.188.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tlx.3lift.com/header/notify?px=1&pr=0.034&ts=1704874462&aid=34694625957650018608004&ec=5563_66529_OADD2.9964453785252_11NAMVNXKAH704Q4U7&n=GuMCaHR0cHM6Ly93d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MTE3MzAzNzQmYXVJZD1lOGFkNTMzNy0zNTc5LTQwOGQtYjVlNC03OTUzNzVlMjg5YzUmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMyZvQWRVbml0PTExNzMwMzc0JnB1Ymxpc2hlcklkPTI1MDE1MjIzNSZySWQ9ZThhZDUzMzctMzU3OS00MDhkLWI1ZTQtNzk1Mzc1ZTI4OWM1JnJ0eXBlPW51cmwmdGFnSWQ9MzQ2NzY4JnRyYWZmaWNHcm91cD1nZXZjeXJ5dnNnX3BjeiZ0cmFmZmljU3ViR3JvdXA9enpmJTNBZ2V2Y3lyeXZzZ19wY3pfaHpmXzM1JmFpZD0zNDY5NDYyNTk1NzY1MDAxODYwODAwLTMwMyZ3cD0wLjA0OfICoAIIABIXMzQ2OTQ2MjU5NTc2NTAwMTg2MDgwMDQYACABKLsrMOGHBEABSABQAWASaApwgfshkAEAmAEAqAEAuAEFwAEiyAEx8AGSywz4ATGAAiKRAgAAAAAAAPA%2FmQLXo3A9CtfTP6gCALACAsgCAtgCAPgCpjuQAwCYAwCgAwC4A9r89AHIAwDSAyZPQUREMi45OTY0NDUzNzg1MjUyXzExTkFNVk5YS0FINzA0UTRVN%2BADtv%2BGaOkDAAAAAAAAAADwAzH5AwAAAAAAAAAAgAQJiQT2KFyPwvXYP8AErwLKBB0IAxkAAAAAAAAAACEAAAAAAAAAACl7FK5H4Xq0v9AEANoEGTM0Njk0NjI1OTU3NjUwMDE4NjA4MDA0IDLgBAD4AgyIAwGSAwQ5ODk1mAMAoAOQlRWoAwA%3D
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.74.188.57 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-74-188-57.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 10 Jan 2024 08:14:24 GMT
cache-control: no-cache, no-store, must-revalidate, no-cache, no-store, must-revalidate
content-length: 37
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 pe
eb2.3lift.com/ Frame 6AFB 37 B
139 B 291ms
96ms Image
image/gif 35.71.178.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/pe?fid=18&peid=0&aid=34694625957650018608004
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ade9ecc7904667038.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
DATA 200
OK truncated
/ Frame 6AFB 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 602a628b9a821a5d2a1ab95aeab4efb288a5994b06d972f9ac99482c5af766ff

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js Show response
pagead2.googlesyndication.com/bg/ Frame 83EA 50 KB
19 KB 5ms
3ms Script
text/javascript 142.250.66.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Fq6oDGdSocwEj5ustB2bn5Kla54CG7w9cuWyRfTyGJI.js

Requested by

Host: a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com
URL: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

sffe /

Resource Hash

16aea80c6752a1cc048f9bacb41d9b9f92a56b9e021bbc3d72e5b245f4f21892

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Fri, 05 Jan 2024 02:13:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 453677
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19690
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Jan 2025 02:13:07 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 142ms
141ms Image
text/html 142.250.66.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202401030101&jk=1376921308069015&bg=!LS6lLmHNAAaumcC-jpk7ADQBe5WfOFl02Ceer-GcHEiLw7hzX8__t0iXzYg_2_zLa5s1rqKZTgbSGdXDqTQM4-ZB51_-AgAAAFBSAAAAAmgBBwoAddLg7UFESsEnS4GkqWkiDN_PAWEW4-EQqKNu1IVQ8dzVl80A88ERyKc2YdzmYfPdkY-dDcL8jhLcDkqkQWqmRD85Ciij4XDlgpbctKBysyjPhtUV9i2oOTnd4fyik6xiVp6OGzXE_CkI0GMQv5ean1v0eoh_v5kCsrv8lxavF-SDtxm3l-ep0Udb6IpWdhWCNDrkk2w2dNnqxgjDw_0b0YoWELqYjdsv-l_lJLVkfZSZwybLpjbwKyC0pLXxM7f7JqskWdFAW1NqJW8C02Wj9Gmqoh0GHBDIxA2JTdYcWGoeomkKg5rd0UQ9aFBVzmijsyJvsLAFQtcNbEUcXhNIgCgZs3WHke0_vgPoqkVjmkAkgHdaryGEaOXEUworY9Y8Gay4NE-U5igigiOVvtM4LfhzSDlB3woJDTaZZ8JTVIp4CdPtVYYJlGzDHwSJt5eEpPeMkYE2flq2OG53cv5tG4rdVj-DeDCVd9TLtENOqLZ1dEy-_ceB7yFSNolwZ6ZgEU4UDCFUXIO4hkwNPBRfMLoeVySvOZvFNqfFbjlmn1sGLzIlt1yGxwmNTadyef9vdoKozFaGa5Txm2dVSv9Rt27RUxSUwwvOB1LlmXQl0w-zqCiSPUtqWjW6YIksSEzB8MQL8JvrU8hybMTvgNDZPFDRiUdAuIkazuQcGMFRiucQRNz1FFvf_-gW_8x23-tzid0EUoNB9iEbK8nmsfY4pR7wywiVl4KPVZ7raXKqxSx96aAIr2EtXnnlXdZia5rJNsHJCxnvcmFvDkViOw-W42Fl84fUS-RzWTAUshNR43enbbYUZQQP7127niTtnvi-aM77EPoAJ_LC-1yySiZCuNevERERFsdm4dq1thncB-of64jr8YJY0gxG3BhINv_w2Ezh1NFAu7y9kyDydFU01aTM3aUI_29WsnAjknh2vnQppnUE6cJQM4xEh1YnAf9b6HciAdMAibOPxbvNZ7D-v2_440nFJxiWt6crgyKhaE314ufGE7ntLnK3gzNaZIEhtKt1RHIRpvqZuJhylM742Wdfls58i616WGohaLnimsNFxeGvQcfkL7E5HQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.66.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: syd15s15-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401040101/ Frame 45A9 401 KB
136 KB 184ms
183ms Script
text/javascript 142.250.66.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401040101/show_ads_impl_fy2021.js?bust=31080323

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

cafe /

Resource Hash

c7908fb4a1c5f98e8c3609a9533a09ae26b6e29c0b8518c53e69cc2e09e0a125

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139113
x-xss-protection: 0
server: cafe
etag: 1678245146923345703
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Jan 2024 08:14:25 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240108/r20190131/ Frame 6805 9 KB
4 KB 400ms
2ms Document
text/html 142.251.221.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240108/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f2.1e100.net

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

age: 47337
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 09 Jan 2024 19:05:28 GMT
etag: 9219409622527106327
expires: Tue, 23 Jan 2024 19:05:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 45A9 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 233c67c5a16665bfbfebd33a1ac2fc41792e9684b13fdf592380610562774b0a

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

Content-Type: image/png

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 0A9A 0
0

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame CF01 0
0 140ms
140ms Fetch
image/gif 142.250.66.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssEsARd9UM-NK2XYUFjDFSbFjFUo711oA2DUmC-IAqEty8L48lRdIyVSOg5gQ4obFow7KJlxl0arlFwa2IDrPI8q1CfNrdG-YUGvE904nJxSN8e4FoIBamBwCTiDVUBO8BjhTYo99YigKCj6RGtsMYIcd78tR0QM0Op1L9Eu_CvLbHV5w4vTHyGVBM1Z6S0Fj3LQWeKHCtDXvmQCcvSM1x3ZeT3Q8crVMkJATkBPuBAp_9VSt0JYOyz9xp-wJ7LRnMR6o5mjN3VoCUHtcMlWcx6BHaBjkdLi3ySp558knvdKVaSoEM1Gq8Q6o2rvYA7mE-hi-Giqo_KChUfsF72aMqaMCujYQOcY4Q9mSnQJtwMlng9jRARG1W50qbnPNuTmw7GoKnxPtTLj-7BoSIL3BIpZc3vf0M&sai=AMfl-YSK3ZwXCWVRiEyDl1f25Ii9NN6F1MNpvz7rfOMUIrVEWuumN-EodebeqB1oUovUOIVc0RUtyXsrnr1RzWhiBdVtVSW0sagcEwXgYvah31fohAc8NeRpY5xg_h2_tPs&sig=Cg0ArKJSzGaenEe93qTxEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame CF01 146 KB
0 223ms
222ms Script
text/javascript 172.217.167.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f2.1e100.net

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704717871404979"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Jan 2024 08:14:25 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
12 KB 304ms
303ms Fetch
text/plain 142.250.66.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1376921308069015&correlator=3906641444746296&eid=31080129%2C21065724&output=ldjh&gdfp_req=1&vrg=202401030101&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=71161633%3A22547762570%2CCAPTCHABOT_captchabot%2Cscrolling_sticky_footer&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=468x60|728x90|970x90|970x250|1200x90&ifi=9&didk=3802411025&sfv=1-0-40&rcs=2&eri=1&sc=1&cookie=ID%3Deb044de9ea6d0c52%3AT%3D1704874463%3ART%3D1704874463%3AS%3DALNI_MZwx9lR5QQNaUyU_d_qgUDE-2MPxA&gpic=UID%3D00000cd4f24ab035%3AT%3D1704874463%3ART%3D1704874463%3AS%3DALNI_MY26IhANomrGXtNbsl5i5_YHXiwPw&abxe=1&dt=1704874464989&lmt=1703915775&adxs=800&adys=1074&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=480&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fcaptcha.bot%2F&vis=1&psz=0x-1&msz=0x-1&fws=516&ohw=1600&psts=AOrYGsn4abM9BxBCBtxufoWvazWzECYQYWyfvgd4hHrh1KI2DgpWHH0GfpFb-h6kglO1vPYs7Ugq9vqdaYIR5pC4by8JYJLCKiIeUbc%2CAOrYGsm7sEdI_I3L_eSppVhFeVqmFal6veSUiXBccASr0uq6yuQF1g-vvfIZTElveBwsy0Soy-6YZgRCJaSzmmTzPijjv1-C3dOoUr4%2CAOrYGsmffWbdzCckmK_dH8QW3urUJcLT62nD8zNd_sWLhe5_yOr7wX2xVqISc89_j4Lq6wqpGeaJrlHY9mB0Qq-zm3G-PMp79FQ%2CAOrYGslGCrRBxEYnf9nUUgKBwtaKHG5GW1Flvuju2CF6FScXbaqOTAZcNNs-l5OddTnqknhQm_FTjyzkACLECIT8uxj18DzzfFm6lKA&ga_vid=1793440725.1704874461&ga_sid=1704874463&ga_hid=1882849386&ga_fc=true&a3p=EloKDWNyd2RjbnRybC5uZXQSQDY5OTkyNzNjZGVmZGM5MjRhMGY3NTQxZGM2ZmExODVjYTAyYzUwZGQzYTRiMjBlMjgxNTI1ZGU4Y2QzZjM3NWEYhp6_k88xSAASHQoOZXNwLmNyaXRlby5jb20Ytqq_k88xSABSAghk&dlt=1704874459665&idt=1435&prev_scp=hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.01%26hb_adid%3D652dddc5830e85d%26hb_bidder%3Dtriplelift%26is_refresh%3Dfalse%26slot_prev_count%3D0%26adunit_prev_count%3D0%26cmp_allow_personal%3Dtrue%26cmp_determined_ms%3D4000-4999%26cmp_gdpr_cached%3Dfalse%26cmp_jurisdiction%3Dnone%26cmp_load_finish_ms%3D4000-4999%26first_zone_ms%3D4000-4999%26fuse_industry%3DIAB9%26fuse_loaded_ms%3D2500-2999%26fuse_path%3D%252F%26fuse_profanity%3Dfalse%26fuse_publication_id%3D5%26fuse_site%3Dcaptcha.bot%26fuse_uuid%3D637ed7b8-f4d8-5110-9fba-9979a365c1a7%26gpt_auction_start_ms%3D5000-5999%26gpt_ready_ms%3D3000-3499%26hb_auction_start_ms%3D4000-4999%26in2w_key%3D67%26in2w_key12%3Doptimization%26in2w_key15%3Do0%26in2w_key16%3D1%2C1%26in2w_key2%3Dnope%2Coptimization%26in2w_key3%3Dadx1515%26in2w_key4%3D--38gz%26in2w_key5%3Doptimization%26in2w_key6%3D--3h--qgz%26in2w_key7%3D1515%26in2w_key8%3D66%2C67%26in2w_key9001%3D2%26in2w_keypm%3Dfuse-slot-22856109504-1%26inskin_yes%3Dtrue%26prebid_ready_ms%3D2500-2999%26testmode%3Dfalse%26uam_ready_ms%3Ddisabled&cust_params=fuse_profanity%3Dfalse%26fuse_site%3Dcaptcha.bot%26fuse_path%3D%252F%26fuse_query%3D%26fuse_category%3D%26fuse_industry%3DIAB9%26testmode%3Dfalse%26inskin_yes%3Dtrue%26fuse_uuid%3D637ed7b8-f4d8-5110-9fba-9979a365c1a7%26fuse_publication_id%3D5%26GPT_READY_MS%3D3000-3499%26PREBID_READY_MS%3D2500-2999%26UAM_READY_MS%3Ddisabled%26CMP_DETERMINED_MS%3D4000-4999%26CMP_GDPR_CACHED%3Dfalse%26FUSE_LOADED_MS%3D2500-2999%26CMP_JURISDICTION%3Dnone%26CMP_ALLOW_PERSONAL%3Dtrue%26GPT_AUCTION_START_MS%3D5000-5999%26CMP_LOAD_FINISH_MS%3D4000-4999%26FIRST_ZONE_MS%3D4000-4999%26HB_AUCTION_START_MS%3D4000-4999&adks=3743414737&frm=20

Requested by

Host: captcha.bot
URL: https://captcha.bot/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f2.1e100.net

Software

cafe /

Resource Hash

fca15defad7c975c936cd4f568adb2b1fd620383862027f7fcf457383c60679f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:25 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12259
x-xss-protection: 0
google-lineitem-id: 208234953
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 107027454753
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://captcha.bot
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dyn
eb2.3lift.com/ 37 B
139 B 95ms
95ms Image
image/gif 35.71.178.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/dyn?long1=20230221&string1=34694625957650018608001&cb=87489
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ade9ecc7904667038.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 notify
tlx.3lift.com/header/ 37 B
220 B 96ms
94ms Image
image/gif 52.74.188.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tlx.3lift.com/header/notify?px=1&pr=0.013&ts=1704874462&aid=34694625957650018608001&ec=5563_66529_OADD2.7559550346793_15OFPY2U4ICOCLJTY0&n=Gs8CaHR0cHM6Ly93d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MTE3MzAzNzQmYXVJZD00YTcyY2ZlZS1hZWFmLTRlZWEtOWJiMS00NTBiYTg5MzNkMjAmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMiZvQWRVbml0PTExNzMwMzc0JnB1Ymxpc2hlcklkPTI1MDE1MjIzNSZySWQ9NGE3MmNmZWUtYWVhZi00ZWVhLTliYjEtNDUwYmE4OTMzZDIwJnJ0eXBlPW51cmwmdGFnSWQ9MzQ2NzY4JnRyYWZmaWNHcm91cD1nZXZjeXJ5dnNnX3BjeiZ0cmFmZmljU3ViR3JvdXA9cGJhZ2VieSZhaWQ9MzQ2OTQ2MjU5NTc2NTAwMTg2MDgwMC0zMDEmd3A9MC4wMTnyAqACCAASFzM0Njk0NjI1OTU3NjUwMDE4NjA4MDAxGAAgASi7KzDhhwRAAUgAUAFgEmgKcIH7IZABAJgBAKgBALgBBcABDcgBE%2FABkssM%2BAETgAINkQIAAAAAAADwP5kC16NwPQrX0z%2BoAgCwAgPIAgLYAgD4AqY7kAMAmAMAoAMAuAOYwNUByAMA0gMmT0FERDIuNzU1OTU1MDM0Njc5M18xNU9GUFkyVTRJQ09DTEpUWTDgA%2Bz6nmLpAwAAAAAAAAAA8AMT%2BQMAAAAAAAAAAIAECYkE9ihcj8L12D%2FABK0CygQdCAMZAAAAAAAAAAAhAAAAAAAAAAApexSuR%2BF6tL%2FQBADaBBkzNDY5NDYyNTk1NzY1MDAxODYwODAwMSAz4AQA%2BAIMiAMBkgMEOTg5NZgDAKADkJUVqAMA&b=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.74.188.57 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-74-188-57.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 10 Jan 2024 08:14:25 GMT
cache-control: no-cache, no-store, must-revalidate, no-cache, no-store, must-revalidate
content-length: 37
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 r
eb2.3lift.com/ 37 B
139 B 97ms
96ms Image
image/gif 35.71.178.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/r?inv_code=Captcha_StandardDisplay&aid=34694625957650018608001&rev=ad1dbd3&pr=un&bc=0.019&bmid=5563&biid=7590&sid=66529&brid=556417&adid=&crid=206028140&ts=1704874462&bcud=19&ss=12&unid=0&domain=captcha.bot&ref=https%253A%252F%252Fcaptcha.bot%252F&rr=creative&fid=18&rb=10&g=0&tmplid=206226&cb=14731
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ade9ecc7904667038.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2

200

c.gif
www.bing.com/aes/
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=11730374&auId=df837a3a-6e08-40d8-9a6a-73b69e3733f2&bidId=15000&bidderId=4&cmExpId=LV2&oAdUnit=11730374&publisherId=250152235&rId=4a72cfee-aeaf-...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=87623d350caf4b66ba3531bbf4db44d4&SNR=1&GV=2&med=10

0
547 B

231ms
231ms

Image
text/plain

23.32.5.94

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=87623d350caf4b66ba3531bbf4db44d4&SNR=1&GV=2&med=10
Protocol: H2
Server: 23.32.5.94 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 08:14:25 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 4B89179F7E8345BEA68F56B7C5383DD7 Ref B: SYD03EDGE0906 Ref C: 2024-01-10T08:14:25Z
x-cdn-traceid: 0.5a052017.1704874465.af29978
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Wed, 10 Jan 2024 08:14:25 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 47B360FB50DF42899DBB638F9F58BA5D Ref B: SYD03EDGE1612 Ref C: 2024-01-10T08:14:25Z
x-cdn-traceid: 0.5a052017.1704874465.af298a7
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=87623d350caf4b66ba3531bbf4db44d4&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 154
expires: 0

GET
H2 200 dyn
eb2.3lift.com/ 37 B
139 B 96ms
95ms Image
image/gif 35.71.178.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/dyn?long1=230710&string1=34694625957650018608001&string2=tc_new&cb=92041
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ade9ecc7904667038.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 th
www.bing.com/ Frame AD54 14 KB
15 KB 353ms
19ms Image
image/jpeg 23.32.5.94

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.7559550346793_15OFPY2U4ICOCLJTY0&pid=21.2&c=16&roil=0.2167&roit=0&roir=0.7833&roib=1&w=300&h=300&dynsize=1&qlt=90
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.5.94 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f367dc03b1a727d2cb92bef0290287e9420fffc1e43ca2fad06a75d049a4f5fa

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:25 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.5a052017.1704874465.af298a8
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 14787
alt-svc: h3=":443"; ma=93600

GET
H2 200 blank
img.3lift.com/ Frame AD54 908 B
1 KB 319ms
3ms Image
image/png 13.35.147.100

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.3lift.com/blank?width=300&height=300
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.147.100 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e5256bea79dd64abe02ec0b6031a5cf9e93ace05957297b59ffb42e21782297f

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 08:28:21 GMT
via: 1.1 3fb80f1162ff0374e396394904e92ee4.cloudfront.net (CloudFront)
last-modified: Mon, 08 Jan 2024 08:28:21 GMT
x-amz-cf-pop: SYD1-C1
age: 171964
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=604800
alt-svc: h3=":443"; ma=86400
content-length: 908
x-amz-cf-id: NLP6VIBbnwhIuzcjq20u8hrRrLbS4mR9pEZyiKxkFSyknFKV9MMO1w==

GET
H2 200 OBA_TRANS.png
ib.3lift.com/static/buttons/edaa/ Frame AD54 3 KB
3 KB 6ms
2ms Image
image/png 18.67.93.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.3lift.com/static/buttons/edaa/OBA_TRANS.png
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-105.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 09:12:24 GMT
via: 1.1 909f00169c0be43b0eae99ab8e7a6126.cloudfront.net (CloudFront)
last-modified: Thu, 05 Aug 2021 17:23:36 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P1
age: 505867
etag: "ddf020e069f1706b72b7698b28fede09"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800,s-maxage=604800,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 3125
x-amz-cf-id: KIKdwxoqHuVVofOehcFho4yktrQIRyS8xr3TYvGAP7zoXPfjYuoa9Q==

GET
H2 200 OBA_UK.png
ib.3lift.com/static/buttons/edaa/ Frame AD54 3 KB
4 KB 6ms
2ms Image
image/png 18.67.93.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.3lift.com/static/buttons/edaa/OBA_UK.png
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-105.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 21:00:50 GMT
via: 1.1 909f00169c0be43b0eae99ab8e7a6126.cloudfront.net (CloudFront)
last-modified: Thu, 05 Aug 2021 17:23:31 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P1
age: 299838
etag: "7ceab27af00fa466072a3c3360041755"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800,s-maxage=604800,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 3518
x-amz-cf-id: oRSryS6dG3KqkTIc9elTZRjConLBwzgQz_ZFnHBFtTwYhxWkYB47mQ==

GET
H2 200 ctar
eb2.3lift.com/ 37 B
139 B 97ms
95ms Image
image/gif 35.71.178.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/ctar?inv_code=Captcha_StandardDisplay&aid=34694625957650018608001&rev=ad1dbd3&cta_render_method=2&cta_render_text=Learn%20more&cb=24821
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ade9ecc7904667038.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 dyn
eb2.3lift.com/ 37 B
139 B 96ms
95ms Image
image/gif 35.71.178.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/dyn?long1=20230221&string1=34694625957650018608004&cb=93164
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ade9ecc7904667038.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 notify
tlx.3lift.com/header/ 37 B
220 B 97ms
95ms Image
image/gif 52.74.188.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tlx.3lift.com/header/notify?px=1&pr=0.034&ts=1704874462&aid=34694625957650018608004&ec=5563_66529_OADD2.9964453785252_11NAMVNXKAH704Q4U7&n=GuMCaHR0cHM6Ly93d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MTE3MzAzNzQmYXVJZD1lOGFkNTMzNy0zNTc5LTQwOGQtYjVlNC03OTUzNzVlMjg5YzUmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMyZvQWRVbml0PTExNzMwMzc0JnB1Ymxpc2hlcklkPTI1MDE1MjIzNSZySWQ9ZThhZDUzMzctMzU3OS00MDhkLWI1ZTQtNzk1Mzc1ZTI4OWM1JnJ0eXBlPW51cmwmdGFnSWQ9MzQ2NzY4JnRyYWZmaWNHcm91cD1nZXZjeXJ5dnNnX3BjeiZ0cmFmZmljU3ViR3JvdXA9enpmJTNBZ2V2Y3lyeXZzZ19wY3pfaHpmXzM1JmFpZD0zNDY5NDYyNTk1NzY1MDAxODYwODAwLTMwMyZ3cD0wLjA0OfICoAIIABIXMzQ2OTQ2MjU5NTc2NTAwMTg2MDgwMDQYACABKLsrMOGHBEABSABQAWASaApwgfshkAEAmAEAqAEAuAEFwAEiyAEx8AGSywz4ATGAAiKRAgAAAAAAAPA%2FmQLXo3A9CtfTP6gCALACAsgCAtgCAPgCpjuQAwCYAwCgAwC4A9r89AHIAwDSAyZPQUREMi45OTY0NDUzNzg1MjUyXzExTkFNVk5YS0FINzA0UTRVN%2BADtv%2BGaOkDAAAAAAAAAADwAzH5AwAAAAAAAAAAgAQJiQT2KFyPwvXYP8AErwLKBB0IAxkAAAAAAAAAACEAAAAAAAAAACl7FK5H4Xq0v9AEANoEGTM0Njk0NjI1OTU3NjUwMDE4NjA4MDA0IDLgBAD4AgyIAwGSAwQ5ODk1mAMAoAOQlRWoAwA%3D&b=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.74.188.57 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-74-188-57.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 10 Jan 2024 08:14:25 GMT
cache-control: no-cache, no-store, must-revalidate, no-cache, no-store, must-revalidate
content-length: 37
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 r
eb2.3lift.com/ 37 B
139 B 97ms
93ms Image
image/gif 35.71.178.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/r?inv_code=Captcha_StandardDisplay&aid=34694625957650018608004&rev=ad1dbd3&pr=un&bc=0.049&bmid=5563&biid=7590&sid=66529&brid=556417&adid=&crid=218218422&ts=1704874462&bcud=49&ss=12&unid=0&domain=captcha.bot&ref=https%253A%252F%252Fcaptcha.bot%252F&rr=creative&fid=18&rb=10&g=0&tmplid=206226&cb=93708
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ade9ecc7904667038.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2

200

c.gif
www.bing.com/aes/
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=11730374&auId=ba8d901b-4cb0-46f1-97fa-bd31b7496255&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=11730374&publisherId=250152235&rId=e8ad5337-3579-...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=94c1f4d1866249ebab8bc5de1c6e8608&SNR=1&GV=2&med=10

0
545 B

180ms
179ms

Image
text/plain

23.32.5.94

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=94c1f4d1866249ebab8bc5de1c6e8608&SNR=1&GV=2&med=10
Protocol: H2
Server: 23.32.5.94 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 08:14:25 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 3695E62BB7654FB2831D3410091562E7 Ref B: SYD03EDGE2111 Ref C: 2024-01-10T08:14:25Z
x-cdn-traceid: 0.5a052017.1704874465.af2995f
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Wed, 10 Jan 2024 08:14:25 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 64F4DB61935E4CA6A811548D804B4B5E Ref B: SYD03EDGE2010 Ref C: 2024-01-10T08:14:25Z
x-cdn-traceid: 0.5a052017.1704874465.af298a5
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=94c1f4d1866249ebab8bc5de1c6e8608&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 154
expires: 0

GET
H2 200 dyn
eb2.3lift.com/ 37 B
139 B 97ms
94ms Image
image/gif 35.71.178.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/dyn?long1=230710&string1=34694625957650018608004&string2=tc_new&cb=95003
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ade9ecc7904667038.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 blank
img.3lift.com/ Frame 6AFB 908 B
1 KB 296ms
4ms Image
image/png 13.35.147.100

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.3lift.com/blank?width=300&height=300
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/ad1dbd3a8781de1e73e9043e5e128ab350203732/dist/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.147.100 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e5256bea79dd64abe02ec0b6031a5cf9e93ace05957297b59ffb42e21782297f

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 08:28:21 GMT
via: 1.1 3fb80f1162ff0374e396394904e92ee4.cloudfront.net (CloudFront)
last-modified: Mon, 08 Jan 2024 08:28:21 GMT
x-amz-cf-pop: SYD1-C1
age: 171964
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=604800
alt-svc: h3=":443"; ma=86400
content-length: 908
x-amz-cf-id: GVEx-7MnuXqwhRvHJtVUViumZVz6mDjIrPLK8mJ_vJXRCpJ1ICHaNw==

GET
H2 200 OBA_TRANS.png
ib.3lift.com/static/buttons/edaa/ Frame 6AFB 3 KB
3 KB 5ms
0ms Image
image/png 18.67.93.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.3lift.com/static/buttons/edaa/OBA_TRANS.png
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/ad1dbd3a8781de1e73e9043e5e128ab350203732/dist/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-105.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 09:12:24 GMT
via: 1.1 909f00169c0be43b0eae99ab8e7a6126.cloudfront.net (CloudFront)
last-modified: Thu, 05 Aug 2021 17:23:36 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P1
age: 505867
etag: "ddf020e069f1706b72b7698b28fede09"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800,s-maxage=604800,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 3125
x-amz-cf-id: HV6r6iAIrRJqmZBr9G5A_aoJ9eU619H3EV687yQd6hw4xv9VxbKURQ==

GET
H2 200 OBA_UK.png
ib.3lift.com/static/buttons/edaa/ Frame 6AFB 3 KB
4 KB 5ms
0ms Image
image/png 18.67.93.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.3lift.com/static/buttons/edaa/OBA_UK.png
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/ad1dbd3a8781de1e73e9043e5e128ab350203732/dist/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-105.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 21:00:50 GMT
via: 1.1 909f00169c0be43b0eae99ab8e7a6126.cloudfront.net (CloudFront)
last-modified: Thu, 05 Aug 2021 17:23:31 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P1
age: 299838
etag: "7ceab27af00fa466072a3c3360041755"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800,s-maxage=604800,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 3518
x-amz-cf-id: vKHElR-b-wN_KgPbJ8mSn_oX9HyLvXd6LjzAT5R7hoCeO2i_Vv_rEQ==

GET
H2 200 th
www.bing.com/ Frame 6AFB 31 KB
31 KB 447ms
140ms Image
image/jpeg 23.32.5.94

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.9964453785252_11NAMVNXKAH704Q4U7&pid=21.2&c=16&roil=0.1667&roit=0&roir=0.8333&roib=1&w=300&h=300&dynsize=1&qlt=90
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.5.94 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e7ca79756513c7c4624bed7297d5f60f36a14685102b71fb47670c43920989e3

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:25 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.5a052017.1704874465.af298a6
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 31787
alt-svc: h3=":443"; ma=93600

GET
H2 200 ctar
eb2.3lift.com/ 37 B
139 B 99ms
94ms Image
image/gif 35.71.178.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/ctar?inv_code=Captcha_StandardDisplay&aid=34694625957650018608004&rev=ad1dbd3&cta_render_method=2&cta_render_text=Learn%20more&cb=31390
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ade9ecc7904667038.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 dyn
eb2.3lift.com/ 37 B
139 B 96ms
96ms Image
image/gif 35.71.178.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/dyn?long1=20230221&string1=34694625957650018608002&cb=92207
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ade9ecc7904667038.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 notify
tlx.3lift.com/header/ 37 B
220 B 96ms
95ms Image
image/gif 52.74.188.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tlx.3lift.com/header/notify?px=1&pr=0.061&ts=1704874462&aid=34694625957650018608002&ec=5563_66529_OADD2.9964453792767_1PR34WPZCDLI65UYFV&n=Gu0CaHR0cHM6Ly93d3cuYmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MTE3MzAzNzQmYXVJZD0yMWJjY2U2MS0wYWJjLTQ2MDktYTNjZC0yZGVmYmFhMDk3ZDkmYmlkSWQ9MTUwMDAmYmlkZGVySWQ9NCZjbUV4cElkPUxWMyZvQWRVbml0PTExNzMwMzc0JnB1Ymxpc2hlcklkPTI1MDE1MjIzNSZySWQ9MjFiY2NlNjEtMGFiYy00NjA5LWEzY2QtMmRlZmJhYTA5N2Q5JnJ0eXBlPW51cmwmdGFnSWQ9MzQ2NzY4JnRyYWZmaWNHcm91cD1nZXZjeXJ5dnNnX3BjeiZ0cmFmZmljU3ViR3JvdXA9enpmJTNBZ2V2Y3lyeXZzZ19wY3pfbmhxdmdfZ2VucHh2YXRfcCZhaWQ9MzQ2OTQ2MjU5NTc2NTAwMTg2MDgwMC0zMDImd3A9MC4wODjyAp0CCAASFzM0Njk0NjI1OTU3NjUwMDE4NjA4MDAyGAAgASi7KzDhhwRAAUgAUAFgEmgKcIH7IZABAJgBAKgBALgBBcABPcgBWPABkssM%2BAFYgAI9kQIAAAAAAADwP5kC16NwPQrX0z%2BoAgCwAgHIAgLYAgD4AqY7kAMAmAMAoAMAuAMAyAMA0gMmT0FERDIuOTk2NDQ1Mzc5Mjc2N18xUFIzNFdQWkNETEk2NVVZRlbgA8S86GfpAwAAAAAAAAAA8ANY%2BQMAAAAAAAAAAIAECYkE9ihcj8L12D%2FABK4CygQdCAMZAAAAAAAAAAAhAAAAAAAAAAApexSuR%2BF6tL%2FQBADaBBkzNDY5NDYyNTk1NzY1MDAxODYwODAwMiAx4AQA%2BAIMiAMBkgMEOTg5NZgDAKADkJUVqAMA&b=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.74.188.57 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-74-188-57.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 10 Jan 2024 08:14:25 GMT
cache-control: no-cache, no-store, must-revalidate, no-cache, no-store, must-revalidate
content-length: 37
expires: Thu, 15 Oct 1992 20:10:00 GMT

GET
H2 200 r
eb2.3lift.com/ 37 B
139 B 96ms
95ms Image
image/gif 35.71.178.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/r?inv_code=Captcha_StandardDisplay&aid=34694625957650018608002&rev=ad1dbd3&pr=un&bc=0.088&bmid=5563&biid=7590&sid=66529&brid=556417&adid=&crid=217718340&ts=1704874462&bcud=88&ss=12&unid=0&domain=captcha.bot&ref=https%253A%252F%252Fcaptcha.bot%252F&rr=creative&fid=18&rb=10&g=0&tmplid=206226&cb=50433
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ade9ecc7904667038.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2

200

c.gif
www.bing.com/aes/
Redirect Chain

https://www.bing.com/api/v1/mediation/tracking?adUnit=11730374&auId=7b734bfe-63e3-43cf-9ef0-89ca2620fc9b&bidId=15000&bidderId=4&cmExpId=LV3&oAdUnit=11730374&publisherId=250152235&rId=21bcce61-0abc-...
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=4e4b20df910844e29c0978022d64b377&SNR=1&GV=2&med=10

0
547 B

168ms
167ms

Image
text/plain

23.32.5.94

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=4e4b20df910844e29c0978022d64b377&SNR=1&GV=2&med=10
Protocol: H2
Server: 23.32.5.94 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 08:14:25 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6DEC514BA8B4451286AE454FCCB3B3F0 Ref B: SYD03EDGE1308 Ref C: 2024-01-10T08:14:25Z
x-cdn-traceid: 0.5a052017.1704874465.af299a1
vary: Origin
p3p: CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control: private,no-store
alt-svc: h3=":443"; ma=93600
content-length: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=15724800; includeSubDomains
date: Wed, 10 Jan 2024 08:14:25 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: E7C9D0C740B348BDA98C1D22FD9C2F26 Ref B: SYD03EDGE1912 Ref C: 2024-01-10T08:14:25Z
x-cdn-traceid: 0.5a052017.1704874465.af298a9
vary: Origin
content-type: text/html; charset=utf-8
location: https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=4e4b20df910844e29c0978022d64b377&SNR=1&GV=2&med=10
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=93600
content-length: 154
expires: 0

GET
H2 200 dyn
eb2.3lift.com/ 37 B
139 B 137ms
137ms Image
image/gif 35.71.178.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/dyn?long1=230710&string1=34694625957650018608002&string2=tc_new&cb=63771
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ade9ecc7904667038.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 blank
img.3lift.com/ Frame E3D9 908 B
1 KB 279ms
3ms Image
image/png 13.35.147.100

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.3lift.com/blank?width=300&height=300
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/ad1dbd3a8781de1e73e9043e5e128ab350203732/dist/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.147.100 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e5256bea79dd64abe02ec0b6031a5cf9e93ace05957297b59ffb42e21782297f

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 08:28:21 GMT
via: 1.1 3fb80f1162ff0374e396394904e92ee4.cloudfront.net (CloudFront)
last-modified: Mon, 08 Jan 2024 08:28:21 GMT
x-amz-cf-pop: SYD1-C1
age: 171964
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=604800
alt-svc: h3=":443"; ma=86400
content-length: 908
x-amz-cf-id: 8F72rTwd2JY378k2XJFjk8q4V5AD-KFwUjdq-wF9OBAEzitBc05atg==

GET
H2 200 OBA_TRANS.png
ib.3lift.com/static/buttons/edaa/ Frame E3D9 3 KB
3 KB 3ms
2ms Image
image/png 18.67.93.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.3lift.com/static/buttons/edaa/OBA_TRANS.png
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/ad1dbd3a8781de1e73e9043e5e128ab350203732/dist/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-105.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 09:12:24 GMT
via: 1.1 909f00169c0be43b0eae99ab8e7a6126.cloudfront.net (CloudFront)
last-modified: Thu, 05 Aug 2021 17:23:36 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P1
age: 505867
etag: "ddf020e069f1706b72b7698b28fede09"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800,s-maxage=604800,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 3125
x-amz-cf-id: 8c7Ug5iVYCxiE3HGR8iEwTWM_y7i3oBR99aDzeemfWwt5O0OQTWcdQ==

GET
H2 200 OBA_UK.png
ib.3lift.com/static/buttons/edaa/ Frame E3D9 3 KB
4 KB 3ms
3ms Image
image/png 18.67.93.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.3lift.com/static/buttons/edaa/OBA_UK.png
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/ad1dbd3a8781de1e73e9043e5e128ab350203732/dist/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-105.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Sat, 06 Jan 2024 21:00:50 GMT
via: 1.1 909f00169c0be43b0eae99ab8e7a6126.cloudfront.net (CloudFront)
last-modified: Thu, 05 Aug 2021 17:23:31 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P1
age: 299838
etag: "7ceab27af00fa466072a3c3360041755"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=604800,s-maxage=604800,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 3518
x-amz-cf-id: mhV-Hstd2u_ZakIAYWeLPcHZPYrCyLrZyCrM3jRajDvANcQVkqw0yQ==

GET
H2 200 th
www.bing.com/ Frame E3D9 33 KB
33 KB 301ms
10ms Image
image/jpeg 23.32.5.94

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.bing.com/th?id=OADD2.9964453792767_1PR34WPZCDLI65UYFV&pid=21.2&c=16&roil=0.2392&roit=0&roir=0.7617&roib=1&w=300&h=300&dynsize=1&qlt=90
Requested by: Host: captcha.bot
URL: https://captcha.bot/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.5.94 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a8113aece20c548673db6616a1c0a527a4d4f1a33d42e3abeca3179f94222648

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:25 GMT
nel: {"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
x-cdn-traceid: 0.5a052017.1704874465.af298aa
report-to: {"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: image/jpeg
cache-control: public, max-age=2592000
timing-allow-origin: *
access-control-allow-headers: *
content-length: 33454
alt-svc: h3=":443"; ma=93600

GET
H2 200 ctar
eb2.3lift.com/ 37 B
139 B 136ms
136ms Image
image/gif 35.71.178.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/ctar?inv_code=Captcha_StandardDisplay&aid=34694625957650018608002&rev=ad1dbd3&cta_render_method=2&cta_render_text=Learn%20more&cb=20540
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ade9ecc7904667038.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame 5A26 428 B
555 B 96ms
96ms Fetch
application/json 182.161.73.136
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=publishertag&domain=captcha.bot&sn=ChromeSyncframe&so=0&topUrl=captcha.bot&cw=1&lsw=1&topicsavail=0&fledgeavail=0

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=captcha.bot&gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

9d7d098067ab5c2cdae2055dd0a629b46adc780de88214835b9665f54d969859

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=captcha.bot&gdpr=0&gdpr_consent=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 08:14:24 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1116188
expires: 0

GET
H2 200 container.html Show response
a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6E8E 6 KB
3 KB 2ms
2ms Document
text/html 142.250.76.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202401030101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f1.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://captcha.bot/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 10 Jan 2024 08:14:23 GMT
expires: Thu, 09 Jan 2025 08:14:23 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 6E8E 24 KB
6 KB 6ms
1ms Script
text/javascript 142.250.76.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com
URL: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.76.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s24-in-f1.1e100.net

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Sun, 07 Jan 2024 00:59:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 285312
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 06 Jan 2025 00:59:13 GMT

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 6E8E 25 KB
10 KB 109ms
106ms Script
text/javascript 142.250.66.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com
URL: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

cafe /

Resource Hash

a3fcca2e8a63bcdab43132a25541f2039a01da108155feba225286e287c10fb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10296
x-xss-protection: 0
server: cafe
etag: 7350516576476694065
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 10 Jan 2024 08:14:25 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6E8E 205 KB
65 KB 184ms
181ms Script
text/javascript 172.217.167.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com
URL: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s06-in-f2.1e100.net

Software

sffe /

Resource Hash

daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704717871404979"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 10 Jan 2024 08:14:25 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6E8E 0
0 140ms
140ms Fetch
image/gif 142.250.66.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv0EPk12a7LsQ-71ceJ7MVfrO_D7YZhovSzXlC2Wo3dTml-F0ivSxqNMJPl5A0NjdWLr1e87MqOlzkhk2seZlPIAu-EyeavCuhn4kBpxXoMRZcd93R5uemkQ6yDYwkLOl1ZMB-OHecz1gopBUedKr1L9E992MwO0HiX1gvBLpykD8737s-3HtTkPiWrXLooL09LW4Z7F7HWqd6pJzFPnhKxuA1rWTjch8tUEphRBJKFyJI0gZibz28mXJ6D73m7p9rrSaf6aUSZ4qRtduxCeaOW9ruMuWh4cKUcYn243NLQiC4U_LERGtfHJ1P81o3-s0AM8ygR6KxNCmtI6c00AYB1CQsyuXZNwoZQIx1b9vQN8JZWSiBu9emLQcojxIAZZiQy0lh2ngpCUGKk-fvnr0lV&sai=AMfl-YRLbAWPq-TAESOugu39scDtB9pzaoY9HzSVkK5SrsUjX9LK99s-CJ-eW4egqjUZOZX8_VH4f1KxKSgjWt4f_8Tx2BMWkKtFG2hsxoPOagBsFe8X2dovw8jTOVnNEHw&sig=Cg0ArKJSzOLve5ww_XFgEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Requested by

Host: a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com
URL: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 6E8E 146 KB
50 KB 258ms
258ms Script
text/javascript 142.250.66.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

cafe /

Resource Hash

43701a26e8c6f1b7014df3e3aeb248a9ca653ce654087d4b8e3f447269204fdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51186
x-xss-protection: 0
server: cafe
etag: 9358653929109271646
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 10 Jan 2024 08:14:25 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 45A9 0
0 140ms
139ms Fetch
image/gif 142.250.66.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuKVIWGgSoyWpJGnBq32qXAi8d96bsMaKMi_Thv5k_hTZ5ojcm7RuSypBYDENUsOSYLXV37v8_lC8hcQM4UKszDopm_IzBCe-UDOZROscEOPBsRSEtCXV8Zbf0kuzKQBcbTb3FDR6V19H4WCBnOlzlMpf6gP-O_vkUMDZu_6f_S2hWyyXw9O1Y9ifpUFLFMjGhwzzIeAzdxw22UQP1kz46Da7dLokucDRjQDhOiZPKcX0maIANoHVj2tCe-iIK-KrZvTMM4ZY5c_QHGkCfQe-nHEo08pcldJ2Xqac0VBRg89LkdtDz7dFezWA1bjQnxTjfWXRdt9OEczeKUazBU2UMNIKfzbJm06AmleXVXxy8EuGGPqtcRFZOqn4CrDG7Ghf6H4C3OIwLAeJK87w&sai=AMfl-YRcQnUrfU6PxpfYAh28haFQIjcygCOiSMrCUZTF5TKzzxVmVk35jfPcxjv5k0hp0LWiFmwwnexlOXLqFR76OYFy3stU_Ln8Llk6ToXVIWR8Fw7IT-QQU8y3I-GtYdQ&sig=Cg0ArKJSzAD-RsLdX37lEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 10 Jan 2024 08:14:25 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E3D9 2 KB
683 B 96ms
96ms Stylesheet
text/css 142.251.221.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:600,900&display=swap

Requested by

Host: ib.3lift.com
URL: https://ib.3lift.com/rev/ad1dbd3a8781de1e73e9043e5e128ab350203732/dist/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f10.1e100.net

Software

ESF /

Resource Hash

0b9ffac16148c8938c6d9f2df28a17207f62a7f92d3401a48a58c0b22f17b0b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 10 Jan 2024 08:14:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 08:14:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 10 Jan 2024 08:14:25 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E3D9 6 KB
2 KB 101ms
100ms Stylesheet
text/css 142.251.221.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans&display=swap

Requested by

Host: ib.3lift.com
URL: https://ib.3lift.com/rev/ad1dbd3a8781de1e73e9043e5e128ab350203732/dist/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f10.1e100.net

Software

ESF /

Resource Hash

98f6f0be59cf33c961bbde1efce215467edbe4a02e110c3c28f1cf1d8adce530

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 10 Jan 2024 08:14:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 08:05:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 10 Jan 2024 08:14:25 GMT

GET
H2 200 aop
eb2.3lift.com/ 37 B
139 B 96ms
96ms Image
image/gif 35.71.178.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/aop?inv_code=Captcha_StandardDisplay&aid=34694625957650018608002&rev=ad1dbd3&pr=un&bc=0.088&bmid=5563&biid=7590&sid=66529&brid=556417&adid=&crid=217718340&ts=1704874462&bcud=88&ss=12&unid=0&domain=captcha.bot&ref=https%253A%252F%252Fcaptcha.bot%252F&rr=creative&fid=18&rb=10&g=0&tmplid=206226&cb=18907
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ade9ecc7904667038.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 dr
eb2.3lift.com/ 37 B
139 B 96ms
96ms Image
image/gif 35.71.178.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/dr?inv_code=Captcha_StandardDisplay&aid=34694625957650018608002&rev=ad1dbd3&disclosure_render_method=3&disclosure_render_text=Sponsored%20By&cb=99711
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ade9ecc7904667038.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 css
fonts.googleapis.com/ Frame AD54 2 KB
637 B 98ms
97ms Stylesheet
text/css 142.251.221.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:600,900&display=swap

Requested by

Host: ib.3lift.com
URL: https://ib.3lift.com/rev/ad1dbd3a8781de1e73e9043e5e128ab350203732/dist/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f10.1e100.net

Software

ESF /

Resource Hash

0b9ffac16148c8938c6d9f2df28a17207f62a7f92d3401a48a58c0b22f17b0b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 10 Jan 2024 08:14:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 08:14:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 10 Jan 2024 08:14:25 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame AD54 6 KB
2 KB 102ms
102ms Stylesheet
text/css 142.251.221.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans&display=swap

Requested by

Host: ib.3lift.com
URL: https://ib.3lift.com/rev/ad1dbd3a8781de1e73e9043e5e128ab350203732/dist/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f10.1e100.net

Software

ESF /

Resource Hash

98f6f0be59cf33c961bbde1efce215467edbe4a02e110c3c28f1cf1d8adce530

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 10 Jan 2024 08:14:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 08:14:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 10 Jan 2024 08:14:25 GMT

GET
H2 200 aop
eb2.3lift.com/ 37 B
139 B 96ms
96ms Image
image/gif 35.71.178.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/aop?inv_code=Captcha_StandardDisplay&aid=34694625957650018608001&rev=ad1dbd3&pr=un&bc=0.019&bmid=5563&biid=7590&sid=66529&brid=556417&adid=&crid=206028140&ts=1704874462&bcud=19&ss=12&unid=0&domain=captcha.bot&ref=https%253A%252F%252Fcaptcha.bot%252F&rr=creative&fid=18&rb=10&g=0&tmplid=206226&cb=24735
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ade9ecc7904667038.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 dr
eb2.3lift.com/ 37 B
139 B 95ms
95ms Image
image/gif 35.71.178.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/dr?inv_code=Captcha_StandardDisplay&aid=34694625957650018608001&rev=ad1dbd3&disclosure_render_method=3&disclosure_render_text=Sponsored%20By&cb=55016
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ade9ecc7904667038.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
DATA 200
OK truncated
/ Frame 6E8E 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 77c66c51b6ec9676e45badf172083abede756633dda703bd22843af44b71b16b

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

Content-Type: image/png

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 289ms
143ms Preflight
text/html 172.217.167.98

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.98 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: null
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 10 Jan 2024 08:14:25 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame E3D9 15 KB
15 KB 4ms
1ms Font
font/woff2 142.251.221.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:600,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f3.1e100.net

Software

sffe /

Resource Hash

7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://captcha.bot
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 23:34:58 GMT
x-content-type-options: nosniff
age: 31167
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15752
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jan 2025 23:34:58 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/ Frame E3D9 18 KB
18 KB 4ms
2ms Font
font/woff2 142.251.221.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f3.1e100.net

Software

sffe /

Resource Hash

e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://captcha.bot
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 19:34:21 GMT
x-content-type-options: nosniff
age: 477604
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18668
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:00:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jan 2025 19:34:21 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame E3D9 0
0 140ms
140ms Fetch
image/gif 142.250.66.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstIEqlYm1llCdeds3i9Mo9p6uU1pxkVYd8ourpwVVFAL7zgBVUmDOrBu2qxXAV0r8mehIii1-_nCmOWoSOtKCr0VxsCWWr82BBw2l-QY77lqnZmau51VxdYdqoGnoR3GxpD2yvZgKEfI43aOCEgn6_-RonNZ3Pv4E1Po0vFbk7ElGF7QF4BTnTqqb5aEI-LrlMwCEiBWWumON5uzcrPfDOKOHlNWsMYEY45Rc6C8b1fEXvJk9gjLcZ_mOa43SGjQ2NpLm0UArBjFT0xSd7Ik20HqwyXD58MoAWcaqdt9sKhJzWjrxUeTXEUHjY_5s-9TWLww4_rQkMdbboZNUQ6NNExyCBXRxrUjLahNxJlEtuf9EjmrI6ej7Umwx-xGNq3-jV6K7SVIszacpChpkHSKg&sai=AMfl-YRTMKbLxFg_XHvtwmvcz8pxG07dbbhklHbpfOq4UoXLrKx8aLWe2JTweXv4GX_-d6WQoXcVa9dpe_QITbZTmI8Dyi-tvafCi5NwvjSivgdzapfW9JNHHlloarQ41dE&sig=Cg0ArKJSzAA1rFIo-lGwEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 10 Jan 2024 08:14:25 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame AD54 15 KB
15 KB 2ms
2ms Font
font/woff2 142.251.221.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:600,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f3.1e100.net

Software

sffe /

Resource Hash

7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://captcha.bot
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 23:34:58 GMT
x-content-type-options: nosniff
age: 31167
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15752
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jan 2025 23:34:58 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/ Frame AD54 18 KB
18 KB 2ms
2ms Font
font/woff2 142.251.221.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f3.1e100.net

Software

sffe /

Resource Hash

e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://captcha.bot
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 19:34:21 GMT
x-content-type-options: nosniff
age: 477604
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18668
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:00:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jan 2025 19:34:21 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame AD54 0
0 141ms
141ms Fetch
image/gif 142.250.66.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu35QS8rxkdXb5ECrvD8uyAMe9C7b7YXWvobaTUistQ_7fobjQMTTB9EKQXjBiIPrXBrhw3aK_5TDgHO1V6QRfNXgp3bZdAPIXhYOhUNIvBoYtbie0H2cAsEWB5hKHxm9uHlQO35IChbCBOAYPaNowBhsWdYOLrFgote46D__mFdTY7fbshJRWN6uItcSxfEL_rBGUorW4XqqcwsJFmmQPNadJe23FYNeyBgLkldFSkB6MMqE2xiGMhpAiSBr0qvYEovQ1NnY2ws7SyYnr282LsP-c1kYmACjKUIJ0m98uR5vMN_cDf50u0stQ2Y1l_FcfjguVwPvE6_J2jCyjrEf-Rpaa409-G3vj-KcSniAPXk9edl6yeEZAfEObQ8kiRNKLvU0_Cii9LsAb53XM6vw&sai=AMfl-YT2uD8aCIVvKsKOPfTvelxA651OgrHvyIaALjKD-QrU0RO2HIky-TvGksi7B6nd3NZUpI1u02fT3CKrjQ_I9YXL9azIU4l9J1a6LOWNmIhmzAVuEgwvWqByaQyAWFs&sig=Cg0ArKJSzHbHvUXK2nGeEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 10 Jan 2024 08:14:25 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/ Frame 6E8E 402 KB
136 KB 133ms
133ms Script
text/javascript 142.250.66.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js?bust=31080324

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

cafe /

Resource Hash

196f395f7364fcd9cd921f8b1827fef18614a31dce7937888818277a24057baf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139354
x-xss-protection: 0
server: cafe
etag: 16270951054153457919
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 10 Jan 2024 08:14:25 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6AFB 2 KB
637 B 97ms
96ms Stylesheet
text/css 142.251.221.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:600,900&display=swap

Requested by

Host: ib.3lift.com
URL: https://ib.3lift.com/rev/ad1dbd3a8781de1e73e9043e5e128ab350203732/dist/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f10.1e100.net

Software

ESF /

Resource Hash

0b9ffac16148c8938c6d9f2df28a17207f62a7f92d3401a48a58c0b22f17b0b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 10 Jan 2024 08:14:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 08:14:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 10 Jan 2024 08:14:25 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6AFB 6 KB
2 KB 194ms
194ms Stylesheet
text/css 142.251.221.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans&display=swap

Requested by

Host: ib.3lift.com
URL: https://ib.3lift.com/rev/ad1dbd3a8781de1e73e9043e5e128ab350203732/dist/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f10.1e100.net

Software

ESF /

Resource Hash

98f6f0be59cf33c961bbde1efce215467edbe4a02e110c3c28f1cf1d8adce530

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 10 Jan 2024 08:14:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 10 Jan 2024 08:14:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 10 Jan 2024 08:14:25 GMT

GET
H2 200 aop
eb2.3lift.com/ 37 B
139 B 95ms
95ms Image
image/gif 35.71.178.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/aop?inv_code=Captcha_StandardDisplay&aid=34694625957650018608004&rev=ad1dbd3&pr=un&bc=0.049&bmid=5563&biid=7590&sid=66529&brid=556417&adid=&crid=218218422&ts=1704874462&bcud=49&ss=12&unid=0&domain=captcha.bot&ref=https%253A%252F%252Fcaptcha.bot%252F&rr=creative&fid=18&rb=10&g=0&tmplid=206226&cb=55253
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ade9ecc7904667038.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 dr
eb2.3lift.com/ 37 B
139 B 96ms
96ms Image
image/gif 35.71.178.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/dr?inv_code=Captcha_StandardDisplay&aid=34694625957650018608004&rev=ad1dbd3&disclosure_render_method=3&disclosure_render_text=Sponsored%20By&cb=58764
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ade9ecc7904667038.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 200 sync Show response
eb2.3lift.com/ Frame 9CD9 1 KB
2 KB 96ms
96ms Document
text/html 35.71.178.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=30448
Requested by: Host: ib.3lift.com
URL: https://ib.3lift.com/rev/ad1dbd3a8781de1e73e9043e5e128ab350203732/dist/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ade9ecc7904667038.awsglobalaccelerator.com
Software: /
Resource Hash: 38c8d5008b2aa6adef6f892d272e73f2af4d0b5c8181ab6aec9091de053a5a83

Request headers

Referer: https://captcha.bot/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 1335
content-type: text/html; charset=utf-8
date: Wed, 10 Jan 2024 08:14:25 GMT
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 6AFB 15 KB
15 KB 3ms
2ms Font
font/woff2 142.251.221.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:600,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f3.1e100.net

Software

sffe /

Resource Hash

7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://captcha.bot
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 23:34:58 GMT
x-content-type-options: nosniff
age: 31167
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15752
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Jan 2025 23:34:58 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 9CD9
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=3658&xuid=55eea90f-1f54-44a9-95e2-53834fae37c9&dongle=0cfd&gdpr=0&gdpr_consent=

37 B
353 B

97ms
96ms

Image
image/gif

35.71.178.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3658&xuid=55eea90f-1f54-44a9-95e2-53834fae37c9&dongle=0cfd&gdpr=0&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=30448
Protocol: H2
Server: 35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ade9ecc7904667038.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 10 Jan 2024 08:14:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://eb2.3lift.com/xuid?mid=3658&xuid=55eea90f-1f54-44a9-95e2-53834fae37c9&dongle=0cfd&gdpr=0&gdpr_consent=
date: Wed, 10 Jan 2024 08:14:25 GMT
server: Kestrel
content-length: 251

GET
H2

200

ebda
eb2.3lift.com/ Frame 9CD9
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NTgzMDA0MTYzNjI5NjUzMDkyNjU%3D
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=

37 B
139 B

95ms
95ms

Image
image/gif

35.71.178.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=30448
Protocol: H2
Server: 35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ade9ecc7904667038.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:26 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 10 Jan 2024 08:14:26 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 9CD9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELpZnA5p50kjryCrds1NlJQ&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1

37 B
353 B

98ms
97ms

Image
image/gif

35.71.178.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELpZnA5p50kjryCrds1NlJQ&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=30448
Protocol: H2
Server: 35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ade9ecc7904667038.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 10 Jan 2024 08:14:26 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Wed, 10 Jan 2024 08:14:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELpZnA5p50kjryCrds1NlJQ&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9CD9
Redirect Chain

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NTgzMDA0MTYzNjI5NjUzMDkyNjU%3D

170 B
188 B

99ms
98ms

Image
image/png

142.250.66.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NTgzMDA0MTYzNjI5NjUzMDkyNjU%3D

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=30448

Protocol

Server

142.250.66.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 08:14:26 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NTgzMDA0MTYzNjI5NjUzMDkyNjU%3D
date: Wed, 10 Jan 2024 08:14:25 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 setuid
px.ads.linkedin.com/ Frame 9CD9 0
631 B 502ms
191ms Image
text/plain 13.107.42.14

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=58300416362965309265&dbredirect=true&gdpr=0&consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=30448
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.107.42.14 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:25 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: EBC651EA38804CC59DC099CDF8DED471 Ref B: SYD03EDGE1010 Ref C: 2024-01-10T08:14:26Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYOkwTzLVbpKyj37uaXKQ==

GET
H2

200

xuid
eb2.3lift.com/ Frame 9CD9
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/triplelift/58300416362965309265?gdpr=0&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2662&xuid=y-p3q49udE2oSlncBwuuT5jByAw_TNB1nKbRYBBEpQog--~A&dongle=0883

37 B
353 B

98ms
97ms

Image
image/gif

35.71.178.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2662&xuid=y-p3q49udE2oSlncBwuuT5jByAw_TNB1nKbRYBBEpQog--~A&dongle=0883
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=30448
Protocol: H2
Server: 35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ade9ecc7904667038.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 10 Jan 2024 08:14:26 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Wed, 10 Jan 2024 08:14:26 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://eb2.3lift.com/xuid?mid=2662&xuid=y-p3q49udE2oSlncBwuuT5jByAw_TNB1nKbRYBBEpQog--~A&dongle=0883
content-length: 0

GET
H/1.1

200
OK

sync
x.bidswitch.net/ Frame 9CD9
Redirect Chain

https://x.bidswitch.net/sync?ssp=triplelift&user_id=58300416362965309265&gdpr=0&gdpr_consent=${GDPR_CONSENT}
https://x.bidswitch.net/ul_cb/sync?ssp=triplelift&user_id=58300416362965309265&gdpr=0&gdpr_consent=${GDPR_CONSENT}
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=triplelift
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=e010660f-5b81-42e9-87cd-6dc78a08ec64&ssp=triplelift

43 B
235 B

102ms
101ms

Image
image/gif

35.213.12.39

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=e010660f-5b81-42e9-87cd-6dc78a08ec64&ssp=triplelift
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=30448
Protocol: HTTP/1.1
Server: 35.213.12.39 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

Date: Wed, 10 Jan 2024 08:14:27 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

location: https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=e010660f-5b81-42e9-87cd-6dc78a08ec64&ssp=triplelift
date: Wed, 10 Jan 2024 08:14:27 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

xuid
eb2.3lift.com/ Frame 9CD9
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=44&p=75&cp=triplelift&cu=1&gdpr=0&gdpr_consent=&us_privacy=&gpp=${GPP_STRING_28}&gpp_sid=&url=https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D2711%26xuid%3D%40...
https://eb2.3lift.com/xuid?mid=2711&xuid=2519936a-3d31-4418-bc57-8081e4218728&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=

37 B
353 B

97ms
96ms

Image
image/gif

35.71.178.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=2519936a-3d31-4418-bc57-8081e4218728&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=30448
Protocol: H2
Server: 35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ade9ecc7904667038.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 10 Jan 2024 08:14:26 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Wed, 10 Jan 2024 08:14:26 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://eb2.3lift.com/xuid?mid=2711&xuid=2519936a-3d31-4418-bc57-8081e4218728&dongle=013b&gdpr=0&gdpr_consent=&us_privacy=
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 991998
content-length: 0
expires: Wed, 10 Jan 2024 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame 9CD9
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=0%26gdpr_consent=
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3335%2526xuid%253D%2524UID%2526dongle%253D4d58%2526gdpr%3D0%2526gdpr_consent%3D
https://eb2.3lift.com/xuid?mid=3335&xuid=2190743206073753920&dongle=4d58&gdpr=0&gdpr_consent=

37 B
353 B

97ms
97ms

Image
image/gif

35.71.178.8
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=3335&xuid=2190743206073753920&dongle=4d58&gdpr=0&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=30448
Protocol: H2
Server: 35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ade9ecc7904667038.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

content-type: image/gif
date: Wed, 10 Jan 2024 08:14:26 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Wed, 10 Jan 2024 08:14:26 GMT
an-x-request-uuid: afe66663-e20d-49bb-b274-dcc0a04faea9
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://eb2.3lift.com/xuid?mid=3335&xuid=2190743206073753920&dongle=4d58&gdpr=0&gdpr_consent=
x-proxy-origin: 66.203.112.161; 66.203.112.161; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 setuid
ib.adnxs.com/prebid/ Frame 9CD9 43 B
959 B 123ms
122ms Image
image/gif 103.43.90.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=0&gdpr_consent=&uid=58300416362965309265

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?max=10&gdpr=false&cb=30448

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

103.43.90.21 Singapore, Singapore, ASN29990 (ASN-APPNEX, US),

Reverse DNS

597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 08:14:25 GMT
an-x-request-uuid: e1bbd799-9099-4241-9e46-2fe92c226a3e
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 66.203.112.161; 66.203.112.161; 597.bm-nginx-loadbalancer.mgmt.sin3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v40/ Frame 6AFB 18 KB
18 KB 3ms
2ms Font
font/woff2 142.251.221.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f3.1e100.net

Software

sffe /

Resource Hash

e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://captcha.bot
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Thu, 04 Jan 2024 19:34:21 GMT
x-content-type-options: nosniff
age: 477604
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18668
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:00:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Jan 2025 19:34:21 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6E8E 0
0 140ms
139ms Fetch
image/gif 142.250.66.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuJYHXyB7Fql4SmhV_arqSJ4K2IjFwhrQvX2nmB1R0DOx9c9nG3DNLGjXX86yjCFR4u1ZXNX1d3kJ0sHXZKrtxyUOzatJYoPFLCLUxxV5uQXqykq2UlLxiucip6Gu3KiDWv1SaQvvelXw5cBYMqzIkzcFde8Ohdzl4mMtcwLBvT8YEFAiVhIQrcgeNTYm5QDJsZ7UlAYcpJmlwlTvVdGo7_7z9CA3QH5qvIlfa8hJJvKLf0MHicHDmWJIRw3cXoG0hB1vckKztvaXbzJfemeoj1s31Y1Elfd7Li26PxTixwVn2zd6L4AHops4XTCg23uvk5xAUVaPi3hPgoIsOwJjOPkyHqlCVbVwkz2T1YvSCAJSUVfe1h9BV6p9XTE2ItTjXDp3tD0z2mtuyWBSR6d49O4_I&sai=AMfl-YSqzO8hmapJ7nMrKBSLan2EBXOvGA2XJZ35LmZUxMjqYZfuddRWz87AZYxsgSPRGPTsihmqP26QwEbu_o1ruKzS9qXtz_rTzZo59ZYghmzrtIEPH2tdSlYFwpSJGpk&sig=Cg0ArKJSzFg4ErfJtKuwEAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:26 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 10 Jan 2024 08:14:26 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6E8E 42 B
108 B 140ms
140ms Fetch
image/gif 142.250.66.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssLJHs-cezZSbMZUb7WVUAIqBypOL1J3pFnb1jn5UtAkF7rEiInez6ItBBXOp8ZlH5J0ftw0dMiebnwnMO8nQpYQ78PjscE-DAQgi0vYZ74W8IqOpgqCzGmJGQbDdHE1aBln6JEJmGDgRqNxGu6mq1J79MR&sig=Cg0ArKJSzH7aK3aLZRoAEAE&id=lidar2&mcvt=1000&p=1074,315,1324,1285&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20240108&bin=7&avms=nio&bs=0,0&mc=0.5&if=1&vu=1&app=0&itpl=19&adk=3743414737&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1704874465304&rpt=909&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 10 Jan 2024 08:14:27 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6AFB 0
0 141ms
141ms Fetch
image/gif 142.250.66.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvajYw-vzaFAGbSBKcmDtH8Qk1fBPxSOTveDrrafttqGKryxXS-Vr3ZRwdFDwYwnOaRC0mlSWdqYoor1BDlaDkcSEEUuogqaZQA1BgaZuKdBAVjW3cr6hKY8yfonemep6wL-y8JX6mzvI1Hkv1Of_tqHH1WcvbnDDT9CHJgUDc2GnD4MOaZmnW27jTCMTx5gjXmDJsxQBsjxXlaTZnThHEUQXHAbaRIxvCcbvtbaz5YN0nGm3rSGkJUSP_eOLKg4FAWUUdTzMmouvHdvAo3jh8CWmjJws6sPIl_Zvy982Ut9VSpWooUvW-yhbW9BQZrJHw601JT91iK_FL-8PVB7w-E0FKzzh3oLaohj5AmIxH5bXmto___R4brO3fhOo0KS3ztriIFWnS0Dvr9VE-pRg&sai=AMfl-YRXyeG12WOrnfV-aysZJidrg7AqMg2SvpBPuBqK6VBEQfPhXc8iNcrwq8jk3obZ0NdkuBzHuaa-GtURClZzP54iprsAMRDnwnbYzJE8HK0isOQJwbe-kMzOPhrGw3U&sig=Cg0ArKJSzOOy-UCbwVO6EAE&uach_m=%5BUACH%5D&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://captcha.bot/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36

Response headers

date: Wed, 10 Jan 2024 08:14:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 10 Jan 2024 08:14:27 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fastlane.rubiconproject.com
URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20884&site_id=439790&zone_id=2524990&size_id=2&alt_size_ids=55%2C57&gdpr=0&rp_schain=1.0,1!publift.com,01G9X9W32T5HFRDEPNY0KHCQEH,1,,,&rf=https%3A%2F%2Fcaptcha.bot%2F&tk_flint=pbjs_lite_v6.27.0&x_source.tid=b2720971-8f0b-45ad-83d9-6b669699eab2&l_pb_bid_id=5116a9b3e1fcfa5&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3045378696824077

Domain: fastlane.rubiconproject.com
URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20884&site_id=439790&zone_id=2524990&size_id=2&alt_size_ids=55%2C57&gdpr=0&rp_schain=1.0,1!publift.com,01G9X9W32T5HFRDEPNY0KHCQEH,1,,,&rf=https%3A%2F%2Fcaptcha.bot%2F&tk_flint=pbjs_lite_v6.27.0&x_source.tid=7c6bb375-d564-4e12-bdf6-fca11c722b67&l_pb_bid_id=52f9861bd9b5f4a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.13828486126212103

Domain: fastlane.rubiconproject.com
URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20884&site_id=439790&zone_id=2524990&size_id=2&alt_size_ids=55%2C57&gdpr=0&rp_schain=1.0,1!publift.com,01G9X9W32T5HFRDEPNY0KHCQEH,1,,,&rf=https%3A%2F%2Fcaptcha.bot%2F&tk_flint=pbjs_lite_v6.27.0&x_source.tid=05a126a1-b667-4436-8606-ae7a73897bec&l_pb_bid_id=531c187fe66f40e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8403594166473973

Domain: fastlane.rubiconproject.com
URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20884&site_id=439790&zone_id=2524990&size_id=2&alt_size_ids=55%2C57&gdpr=0&rp_schain=1.0,1!publift.com,01G9X9W32T5HFRDEPNY0KHCQEH,1,,,&rf=https%3A%2F%2Fcaptcha.bot%2F&tk_flint=pbjs_lite_v6.27.0&x_source.tid=4c175cba-c251-459f-b260-f766db4c4978&l_pb_bid_id=5488043edb34505&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8835244283140731

Domain: fastlane.rubiconproject.com
URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20884&site_id=439790&zone_id=2524990&size_id=2&alt_size_ids=55%2C57&gdpr=0&rp_schain=1.0,1!publift.com,01G9X9W32T5HFRDEPNY0KHCQEH,1,,,&rf=https%3A%2F%2Fcaptcha.bot%2F&tk_flint=pbjs_lite_v6.27.0&x_source.tid=f8efa760-4d33-4de1-90b1-7bb08d2d3bd9&l_pb_bid_id=55f75780c69717a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.14460755141494808

Domain: fastlane.rubiconproject.com
URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20884&site_id=439790&zone_id=2524990&size_id=2&alt_size_ids=1%2C55%2C57&gdpr=0&rp_schain=1.0,1!publift.com,01G9X9W32T5HFRDEPNY0KHCQEH,1,,,&rf=https%3A%2F%2Fcaptcha.bot%2F&tk_flint=pbjs_lite_v6.27.0&x_source.tid=c63e30b8-4381-4d98-b9f1-a40680f9bf3c&l_pb_bid_id=567cb83007d7631&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.23278891886689057

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst_kcZXtB9aBtkjaRsvle-tZ2w0dmeSo3AYmHhPkRflmXZZdZBWrKB9S3XWC6WMO8A-eRGQMeUeVNMO0EbHvWIRDLEQDhL0zlJm9sgmHf4IghueDw_lp8Uja1_LgCW0z25c2NKkVCcW45ZuVIkcrh4-tmMkpOJA7Vzqc8vdTy9IDTMeOUyA1ob6fKgwlH5ozZ1dQ1vVoeDpMsoKOxnqC5hZV_7SIAPxqG7Uld-GdyQN03pfBPSMg_UDnhlCeR1zvCT41_Z72KwWAZ2EMNCO-wVBjxRVqMIPI0h9KpXcmCohsl1_EbOHQE5qnHjzE1FPm0iiTXrL9Qnn9RM0NtqFQgPwhldFlDqVWe8pEEMqJ1g_Zjb1Rf60Qac6bJPT3QJR-VAcUBx_jY3ziQaSrue0WF_jVU1MBh-VHg&sai=AMfl-YTOp_vNP5wJatfd-lXWsQRJOzUSam63Qlp5ntN1YYh74VcKkMcQMEB7AseMkNyP6uJUjWwsp2pbvelzJ6TYKJZEx4TfnI4mFoJL3KX1L0f6cDlNsaA6TMlyG6SBfMs&sig=Cg0ArKJSzAr5EuFdfOnoEAE&uach_m=%5BUACH%5D&urlfix=1&adurl=

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvT3pd-R-saJ9hc8vODXRS2qaozICA8t_FqWTzGQtKilGoFKSlFXroOQGEf0gpdKlFD4uopeR56XqfTYj8HPU3jrcSLNu3lIIepLf0UvhqbUI63Pbg0F9sZboloq4iJyI2xynwIG7A_jJ6H4HF3Y91RNCiT&sig=Cg0ArKJSzNbsIayS5EIZEAE&id=lidartos&mcvt=0&p=0,0,0,0&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20240108&bin=7&avms=nio&bs=1600,1200&mc=0&vu=1&app=0&itpl=19&adk=3743414737&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=3&r=b&rst=1704874464404&rpt=347&isd=0&lsd=0&ec=1&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Verdicts & Comments Add Verdict or Comment

188 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.captcha.bot/	1970-01-21 02:20:10	Name: cf_clearance Value: s0Knb3rqXNO_1xfmp77Z4gOjK9I1d_ftXR9CSK_Qu40-1704874460-0-2-df4eb5ae.18b9c155.884fea4e-0.2.1704874460
cdn.fuseplatform.net/	1970-01-20 18:17:46	Name: akacd_captchabot Value: 1707466460~rv=25~id=8c337a15b238426eae4b9f76b64df4ad
.captcha.bot/	1970-01-21 03:10:34	Name: _ga_VT1JT14S09 Value: GS1.1.1704874460.1.0.1704874460.60.0.0
.captcha.bot/	1970-01-21 03:10:34	Name: _ga Value: GA1.1.1793440725.1704874461
.prebid.a-mo.net/	1970-01-21 02:20:10	Name: __amc Value: 1_1704874462_1704874462
.a-mo.net/	1970-01-21 02:20:10	Name: amuid2 Value: 08ead260-5ed4-47f4-a447-ce22c75185b8
.prebid.a-mo.net/	1970-01-21 02:20:10	Name: sd_amuid2 Value: 08ead260-5ed4-47f4-a447-ce22c75185b8
.crwdcntrl.net/	1970-01-21 00:03:22	Name: _cc_dc Value: 2
.crwdcntrl.net/	1970-01-21 00:03:22	Name: _cc_id Value: e65cbc16a42175e79d7f4002806bee8
.captcha.bot/	1970-01-21 00:03:22	Name: _cc_id Value: e65cbc16a42175e79d7f4002806bee8
.captcha.bot/	1970-01-20 17:44:39	Name: panoramaId_expiry Value: 1705479262919
.captcha.bot/	1970-01-20 17:44:39	Name: panoramaId Value: 6999273cdefdc924a0f7541dc6fa185ca02c50dd3a4b20e281525de8cd3f375a
.captcha.bot/	1970-01-20 17:44:39	Name: panoramaIdType Value: panoDevice
.3lift.com/	1970-01-20 19:44:10	Name: tluid Value: 58300416362965309265
.smartadserver.com/	1970-01-21 02:21:36	Name: pbw Value: %24b%3d16920%3b%24o%3d11100
.smartadserver.com/	1969-12-31 23:59:59	Name: vs Value: 536838=5797934
.smartadserver.com/	1969-12-31 23:59:59	Name: TestIfCookie Value: ok
.smartadserver.com/	1970-01-21 02:21:36	Name: TestIfCookieP Value: ok
.smartadserver.com/	1970-01-20 17:36:00	Name: sasd Value: %24qc%3D1500031789%3B%24ql%3DUnknown%3B%24qt%3D164_0_0t%3B%24dma%3D0
.smartadserver.com/	1970-01-21 02:21:36	Name: pid Value: 3887011713422110439
.smartadserver.com/	1970-01-20 17:36:00	Name: sasd2 Value: q=%24qc%3D1500031789%3B%24ql%3DUnknown%3B%24qt%3D164_0_0t%3B%24dma%3D0&c=1&l=1855253503&lo=1861189178&lt=638404712634332194&o=1
.doubleclick.net/	1970-01-21 03:10:34	Name: IDE Value: AHWqTUll-ts-Ccer_kuOOrdmkgJT8M_0ZkUuNnVPz3vLq_CQNzC-FoliFf7XwEA2Umk
.captcha.bot/	1970-01-21 02:56:10	Name: __gads Value: ID=eb044de9ea6d0c52:T=1704874463:RT=1704874463:S=ALNI_MZwx9lR5QQNaUyU_d_qgUDE-2MPxA
.captcha.bot/	1970-01-21 02:56:10	Name: __gpi Value: UID=00000cd4f24ab035:T=1704874463:RT=1704874463:S=ALNI_MY26IhANomrGXtNbsl5i5_YHXiwPw
.blismedia.com/	1970-01-21 02:20:14	Name: b Value: 659E51E0D5D81114B8FAA8FABLIS
.openx.net/	1970-01-21 02:20:10	Name: i Value: 813025b3-2087-40df-9962-4f9d62cf4036%7C1704874464
.casalemedia.com/	1970-01-21 02:20:10	Name: CMID Value: ZZ5R4DRm0AbOO9m88ZnT4AAA
.casalemedia.com/	1970-01-20 19:44:10	Name: CMPS Value: 4695
.casalemedia.com/	1970-01-20 19:44:10	Name: CMPRO Value: 4695
.mediago.io/	1970-01-21 02:20:10	Name: __mguid_ Value: a02ae86a0888d2ce2eg09f00lr7i8kde
.criteo.com/	1970-01-21 02:56:10	Name: uid Value: 2519936a-3d31-4418-bc57-8081e4218728
.tribalfusion.com/	1970-01-20 19:44:10	Name: ANON_ID Value: ajnt6ZaOleq9PZabpryMqnuRYVBYIaZbHKFQqiZc9G1F3hHc7q1EZdrTCmSQSpoobRYwxcLaZd9YEqaLnLeQXUUxQbM0IeU6rM
.captcha.bot/	1970-01-21 02:56:10	Name: cto_bundle Value: D2pVCV9ESGFWbkFpUHRaM1lMZkdRRmFhOGdlWENoS05EUTI3REprVjlIOElOOEdsUUlsZmNOUHpPMEZzaGxaWVpnRXU0NVBuJTJGZmpKQU1qZ2tEJTJCMjlYVGZpc1hPVVdaSW5jM21QdlVRaTNNaTB3a1B4b2RGZTJleWslMkZZVm5RVUQwJTJCVEZzWld1MlR5MGxDVk92MDd2dUVmd1p5QSUzRCUzRA
.fout.jp/	1970-01-21 03:10:34	Name: uid Value: V2sUJ5FrUDkVaWVagwv_jSB5T-k

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cksync.yahoo.co.jp/sspsync?ptr=12703&google_gid=CAESEO6GBnEo9nOsnEDVb6tc-zY&google_cver=1&google_push=AXcoOmTHk3sDJvAAvSCePh8eisq3lmdNVuzPGzljPKhpplXUaxa2001muCNHLrpSENmkH0kjyrhgiK0kZYPqgK4LVRMpP3vFgiKywUx6XW4DE9PF8jxnKJNC_3Jt7PSDdm9wgofb0GwJ6Kwyb8RaC6LmBV7w Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.sportradarserving.com
a.tribalfusion.com
a3db0f547c1ae9d1b107b0597777746b.safeframe.googlesyndication.com
ad-delivery.net
ad.doubleclick.net
analytics.google.com
api.btloader.com
api.hcaptcha.com
authenticate.captcha-botverify.site
bcp.crwdcntrl.net
bidder.criteo.com
btloader.com
captcha.bot
cdn.ampproject.org
cdn.fuseplatform.net
cdn.jsdelivr.net
challenges.cloudflare.com
cksync.yahoo.co.jp
cm.g.doubleclick.net
cmp.inmobi.com
cmp.quantcast.com
dis.criteo.com
eb2.3lift.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gtrace.mediago.io
gum.criteo.com
hbopenbid.pubmatic.com
ib.3lift.com
ib.adnxs.com
img.3lift.com
js.chargebee.com
js.hcaptcha.com
match.adsrvr.org
newassets.hcaptcha.com
pagead2.googlesyndication.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prg8.smartadserver.com
privygg.chargebeestaticv2.com
px.ads.linkedin.com
rtb.openx.net
s.tribalfusion.com
securepubads.g.doubleclick.net
ssc.33across.com
ssum-sec.casalemedia.com
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
sync.fout.jp
tags.crwdcntrl.net
tlx.3lift.com
tpc.googlesyndication.com
tr.blismedia.com
www.bing.com
www.google.com
www.google.com.au
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
fastlane.rubiconproject.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
103.43.90.21
104.16.56.101
104.17.3.184
104.18.24.173
104.19.218.90
104.19.219.90
104.26.3.70
104.26.7.110
104.99.59.17
13.107.42.14
13.224.181.126
13.35.147.100
13.35.147.43
130.211.23.194
131.153.206.102
142.250.204.1
142.250.204.14
142.250.204.3
142.250.204.4
142.250.204.8
142.250.66.194
142.250.66.226
142.250.71.70
142.250.76.97
142.251.221.66
142.251.221.67
142.251.221.74
151.101.129.229
172.217.167.66
172.217.167.98
172.64.151.101
172.67.148.127
172.67.41.60
18.140.152.206
18.140.185.14
18.67.111.22
18.67.93.105
18.67.93.118
18.67.93.122
182.161.73.129
182.161.73.136
182.161.73.145
182.161.73.146
183.79.249.124
202.232.238.37
207.65.33.78
23.106.127.49
23.32.5.94
34.149.20.76
34.96.105.8
35.208.249.213
35.213.12.39
35.213.93.179
35.227.252.103
35.71.131.137
35.71.178.8
52.74.188.57
64.233.170.156
0338790afdb5ac14569cfcaf863ab9834f88bce3b3672f3b0ca6571dbe64fecd
04072a085b5a1e8fd88ab3ce4e4deda9e28f9804539814e0d821ec89045367b6
06a7b410f212b63fd40b0020ca1ea0a21148fea1b31011dfd7b596dea288ad71
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08285afd2f0c11a2a9d89f00dce769479e4d164e62caa39eceea9f1eb551afa9
08a184bb8e17a3028350b402628040f572e5e6b2a57a5959c5acd78bfb1f5f9a
0a895fa00c0c72f25da83d8c45303cdab4458ec5b3139407dd1385b4162cbf1f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b9ffac16148c8938c6d9f2df28a17207f62a7f92d3401a48a58c0b22f17b0b4
15b510fc12717bf7a3d319a1ea834d75bb86558b85297d911daf79ac86232baf
16aea80c6752a1cc048f9bacb41d9b9f92a56b9e021bbc3d72e5b245f4f21892
196f395f7364fcd9cd921f8b1827fef18614a31dce7937888818277a24057baf
1a87310dacb8e83018f2cbb037552a79868dafb9214613d442581b3f3eeea914
1ef1fb1258c5ef1d73e6a4325fa9cb17deffb721770edc8c01cc045e3041c5a6
233c67c5a16665bfbfebd33a1ac2fc41792e9684b13fdf592380610562774b0a
2714946bd5d1cd122195fefa5bd29586e8dfb8245aa0100eee4b48c3dd1fdb6b
27d5ba2175dc395614adb2c69fe9f4bff9abddef3a7c6e3e30a68587f428a37b
28fd4537f97937a66f5fb708c99aa823bbbbcfac033cbaabd0710422b46d6e92
292c4b31226660d43c28401602552c41ee62725a14405471e49b069251908026
2a9421e36647973f38d80cd149c3d4b30211aba44dbb1c28d82927be59e9a224
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881
2f1d8d1a0ef6f956a7764106dbcc37c69dbf9e71c56147f7ac23b1552e9048c2
2fd4c3ae6afc2b4026d9f0b64b8ff1110ecfcf47b90bc988c06e844b3921cbf6
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
319e5a4819a9b54b551ca09ee13f2e9f7f34cc7c3b53369c9fe5e5493dbb32e7
32b756bfa32d3c2a0a584ebaa8d5050f9db464fe5a7c7ca25bd54ebfea5b15fd
38c8d5008b2aa6adef6f892d272e73f2af4d0b5c8181ab6aec9091de053a5a83
3c39c868603e7ea71f8b067b1a9319121d7cb4e8276202a3e0b56a39424ac525
3cd29fcd28558f2d1a4273dcca8b904b79b4ad2c19c0ce9d096da1e89f292546
3dd6334bbbdabc6a816851f5c2c4a71193190a0569359d4f8834e45b57e10dfb
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
428f4d59e61cdf9887ad4cd7c4592a24b214d2d9c0ba09db01c4cfde66a3cd11
43440171b7464e2bfd3b57ca36d5e7292f6ee590f0a29a412d2e78916de4811a
43701a26e8c6f1b7014df3e3aeb248a9ca653ce654087d4b8e3f447269204fdc
4383437e4c7973582c6fa37a8693ce3d30e4026a462995671533ef885b0a130a
45081b381b2448cac81c3cc81ed427d216719a54890a2242e691ab7608a0ada8
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
467e89c832bd4acbc1cc19cd70b05c67422797ebffdbff5b2388862b14ee01ba
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55e20b413a8c958a4d50fce6a449d7bd3edb8102e36f9057a1910038607dcf80
57cafa49fb677c3f09d6e90b051917d10e7bb54e83102a25f3d32b06e8fa59a7
5a0b8fa938af334bce5a350b66110d0b21be7630c46e6fe32fd0f00d877e1e6f
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
602a628b9a821a5d2a1ab95aeab4efb288a5994b06d972f9ac99482c5af766ff
610db3eb6fe53be6867b1a41677d37ccf9cc5585779c9058b22ec04b490a1f01
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6227e69f1c3711825b5166ddcbd07539e556ce7068917ad7701a5af5b4814f33
623a9c8ab46ab0183b90f06620f0ff109a8136d2a7f7f864c528fa61b62085ab
62d056f363b8b39fd0f85690a31012fcb6f1f0cef642bb247fc8ae627e33ac6d
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
676041459462ccdec93b528297a0e88930e6e29b5e5948c740ceabdae3bb1ac1
6800d363cb5a534231c868a110cc4762d636d4df062c41a407c1c091e959e96f
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c37dd45167098f01b5aa23ce5c21898424c7347c05d34444ca013af9d85c57f
7019c81112576afa12ece5f1412d4833387a4e58454d0a3b4843169bc948deb0
757b0d15cc98f2df0856454f8648da555685ba9f0d591936e76a8a78f5d88c67
76740b2a7b0a35eed6ceb509cefd8ddd6955bd5c656b0581f2dcdb48040ced8f
77c66c51b6ec9676e45badf172083abede756633dda703bd22843af44b71b16b
78a76789395b2c33306cdf5f6109561c6b7fc09b9414790e8fdb809b9c08242f
78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093
7a519c62e734157227e61ce5209158e1b7b484b5f2b68e3ccaed1ffe444de36d
7a929bcd8cce2585ea3be49e84b6735c35debe93e48f62f5dd7e4fc4b33825e5
7bdc4d5fedb569e26ee1fa998cae925a0da11a42adeca77f9969c5f273cd4be9
7e262106f82cc52663e403f5b73795bbeab9ca0630c33c03579354fbcd4fae1e
7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0
850e587a96f9cad84206169720be046f289fa015e4b76b6ae79610c9d73c7eef
8522ad8de41bc66dbdba199c285d7178fde661d615a368095b5d532f59bae4b5
92627d8d36ceaf0497c06d048b7a2bf8b56a26c63674287daf181c6883c3253d
93dc5afee0d7c64a418ee3804bb76f9855e7ff5a501a26ed29cd544f066bb6d3
950487041eb8b857d86436c10b487f194b9b97a4205366978d9b945de8164ccb
959d1bd70f469e7a699eb60a68b511ffc143c575d23fa1399da727d3b58bdb08
974068a8dffe11baf7beefd45a0a2edd916092cd9b439005aaddbdfbf4fea805
9850834b2efcb9d344963e45b78a0483e6a6cedb0c1c36fc224abd7d5cebe2c6
98f6f0be59cf33c961bbde1efce215467edbe4a02e110c3c28f1cf1d8adce530
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ca729836c4f15769768874e427b1c546a6994ee4a017106e2757b22b3d52575
9d7d098067ab5c2cdae2055dd0a629b46adc780de88214835b9665f54d969859
9e424ab30e57e903c77ed203fd48b8e240c9333d18eada751c7a5744ad5ac5f7
a2366f8ceefa49f15dbf946bb02a4cf52b6d2999f71712d3f52e8bd5f56e1988
a3fcca2e8a63bcdab43132a25541f2039a01da108155feba225286e287c10fb0
a417895b88f73f740225feed6dc8bfec65448c9c15a32d31a3499842a69e2eae
a71902890d932247a4c1a8f83c6f0b8dd7a6e7a12d64524559aa158c9a19f1db
a72d7b59d499f68ee9814cede398e42fbd87d5c579137f65032123c4f8dd6f47
a8113aece20c548673db6616a1c0a527a4d4f1a33d42e3abeca3179f94222648
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ab58cbea97bc4973a8049010a409d27eb1844747cac58fdafd73d5fbfc9a7b68
ac029ed357e9abcb27b7afb2c5e3ffd7b0877924f8707c32c0a094e9a2027b2d
b0d79e78ec34688897f59213dcf33c0a9eae3c0552e5ebe7f3b43b86923c0020
b9eab613f27dc9efb747630f963208741cc088b586edfbfdaaebf7d733dc2d63
ba3b53fcd0dcfc7b06b53954db5f82cf88d0110922821c7aba8b206fe0d4bb73
bb1e68e15b6346876f4303c1c018c75bf54dedac3900cd09b254869cc40e29cf
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb5479b00d16ae308714a6412ce7b6ccd0c7283747257c23cf6065ac7039c37b
bba3a253608d50cff0174ea1102b3ff4e93993be25d07c0e0223f20f19c37382
be6cc073b6b0e4ee33b62b8449b4ca213a433f2299218ae5f3f6904070e25a2c
be779b0e322b81f76bc00f275690c7a6b7f3cb407bdf383874080af920808c5c
bf690803e1fc3c3d03595643914712996adb559fb7846cf6c69b8f83275d47b6
c38a928deee5f36605c38fa74f8c0e30a4380a4d98ec80ab023888675e4e24f6
c5cbb783a0de964acf75961ef5652a9972c61b0db504a5f3b4f2e41a64d92177
c6026b5e35c99959ff49bb57e086263c3145cf10054c10448b944348d7a3d2ab
c7908fb4a1c5f98e8c3609a9533a09ae26b6e29c0b8518c53e69cc2e09e0a125
c8c900ec5cbe9ef18bea37051bc2bf2aa9846c2ce787d248f2451575e2a372fd
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d8da9e564d17d257722216302812ef528bbb67bb72a634128c3b6bba046b6a4e
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
daab8a66fad84e54d32b62c10a996179c4d17efc15fc7aa77a5927dbb6cd10a8
df3f4de8961c4df2aa3eb26adc82eb002d4ebf83829857ff3457fdad6b940051
e1d311a51355f357024cf89be4fa2f85ed23088716747a0df5cc5dc4a2aa6a21
e27ad51ace265797733b339746676c69ec249fa468b0fbe9b7e6c8090f967ec9
e2a0ebb4c1e2bfeb215c6d41bb6c4fb0fac5a228fddf6a4bc77ef08e7f2e7477
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e447ee4df3219da6719b4398eb71308bd05f59452ea6324491e5cc1ff3f707ef
e5256bea79dd64abe02ec0b6031a5cf9e93ace05957297b59ffb42e21782297f
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
e7ca79756513c7c4624bed7297d5f60f36a14685102b71fb47670c43920989e3
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
ec8333b805167ffc5c8331ddd78bc3b62fb9f7a900e3e90926faff98836264fd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f00ef6ec9d65878a53593ca90dc2e561bfaf3365d3d1ee328dcee6469ce9125d
f367dc03b1a727d2cb92bef0290287e9420fffc1e43ca2fad06a75d049a4f5fa
f3bc1ef86b4e5f5c383b397e2e1f86e7978d0ab7836dab27ae074b6f2760a9cb
f4a8955b237a8378465ee965e51a783477658b4f7c1cef4e2f3cc955e474b6a1
f6646b73882a3660460677646f786840862878746aaeca86dcbaa6bc4b09710b
fa1f876cb70f7a711191b9dab191d9cc1c037ae4f5f5ea032dfe742f51c07f65
fca15defad7c975c936cd4f568adb2b1fd620383862027f7fcf457383c60679f

captcha.bot Open in urlscan Pro 104.26.7.110 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

256 Requests

89 %HTTPS

0 %IPv6

46 Domains

64 Subdomains

49 IPs

5 Countries

3870 kBTransfer

10286 kBSize

34 Cookies

5 Outgoing links

Page URL History

Redirected requests

256 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

captcha.bot Open in urlscan Pro
104.26.7.110 Public Scan

Screenshot
Live screenshot

Full Image

256
Requests

89 %
HTTPS

0 %
IPv6

46
Domains

64
Subdomains

49
IPs

5
Countries

3870 kB
Transfer

10286 kB
Size

34
Cookies

256 HTTP transactions
9 data transactions