www.ctfiot.com Open in urlscan Pro
43.254.217.178 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ctfiot.com/87670.html
Effective URL:
https://www.ctfiot.com/87670.html
Submission: On April 11 via manual (April 11th 2023, 12:39:15 am UTC) from AU — Scanned from AU

Summary HTTP 181 Redirects Links 19 Behaviour Indicators

Summary

This website contacted 27 IPs in 10 countries across 27 domains to perform 181 HTTP transactions. The main IP is 43.254.217.178, located in Hong Kong and belongs to CLOUDIE-AS-AP Cloudie Limited, HK. The main domain is www.ctfiot.com.
TLS certificate: Issued by R3 on February 24th 2023. Valid for: 3 months.

This is the only time www.ctfiot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 21	43.254.217.178 43.254.217.178	55933 (CLOUDIE-A...) (CLOUDIE-AS-AP Cloudie Limited)
5	163.181.42.227 163.181.42.227	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
17	59.110.190.229 59.110.190.229	37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.)
22	74.125.24.157 74.125.24.157	15169 (GOOGLE) (GOOGLE)
2	172.67.141.24 172.67.141.24	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	212.64.63.190 212.64.63.190	45090 (TENCENT-N...) (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited)
1	104.21.9.80 104.21.9.80	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	141.95.149.126 141.95.149.126	16276 (OVH) (OVH)
2	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
21	142.251.12.155 142.251.12.155	15169 (GOOGLE) (GOOGLE)
1	172.253.118.156 172.253.118.156	15169 (GOOGLE) (GOOGLE)
3	172.217.194.157 172.217.194.157	15169 (GOOGLE) (GOOGLE)
3	142.251.12.156 142.251.12.156	15169 (GOOGLE) (GOOGLE)
7	74.125.24.94 74.125.24.94	15169 (GOOGLE) (GOOGLE)
4	74.125.200.95 74.125.200.95	15169 (GOOGLE) (GOOGLE)
30	74.125.130.132 74.125.130.132	15169 (GOOGLE) (GOOGLE)
5	74.125.130.154 74.125.130.154	15169 (GOOGLE) (GOOGLE)
1 2	142.251.10.103 142.251.10.103	15169 (GOOGLE) (GOOGLE)
4 12	172.217.194.156 172.217.194.156	15169 (GOOGLE) (GOOGLE)
3 5	139.5.84.243 139.5.84.243	27381 (CASALE-MEDIA) (CASALE-MEDIA)
3 4	104.254.151.120 104.254.151.120	29990 (ASN-APPNEX) (ASN-APPNEX)
3	172.217.194.94 172.217.194.94	15169 (GOOGLE) (GOOGLE)
13	142.251.10.149 142.251.10.149	15169 (GOOGLE) (GOOGLE)
2 2	89.207.22.76 89.207.22.76	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	35.213.12.39 35.213.12.39	15169 (GOOGLE) (GOOGLE)
1 1	185.196.197.130 185.196.197.130	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2 2	185.84.60.30 185.84.60.30	198622 (ADFORM) (ADFORM)
2 2	70.42.32.223 70.42.32.223	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1 2	23.213.141.184 23.213.141.184	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	35.208.249.213 35.208.249.213	19527 (GOOGLE-2) (GOOGLE-2)
2	142.251.10.156 142.251.10.156	15169 (GOOGLE) (GOOGLE)
2	47.246.12.211 47.246.12.211	() ()
181	27

21 43.254.217.178 (Hong Kong) 1 redirects

ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK)

ctfiot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.ctfiot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 163.181.42.227 (Singapore)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

cdn.staticfile.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 59.110.190.229 (Beijing, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)

ctfiot.oss-cn-beijing.aliyuncs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 74.125.24.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f157.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.141.24 (United States)

ASN13335 (CLOUDFLARENET, US)

sdn.geekzu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.64.63.190 (China)

ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN)

iowen.gitee.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.9.80 (None, )

ASN13335 (CLOUDFLARENET, US)

thedfirreport.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.149.126 (France)

ASN16276 (OVH, FR)
PTR: vps-6e5804f3.vps.ovh.net

blog.exatrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 142.251.12.155 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f155.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.253.118.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f156.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.194.157 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f157.1e100.net

adservice.google.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.12.156 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f156.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 74.125.24.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f94.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 74.125.200.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 74.125.130.132 (Nashville, United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f132.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 74.125.130.154 (Nashville, United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f154.1e100.net

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.10.103 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: sd-in-f103.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.217.194.156 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: si-in-f156.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 139.5.84.243 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.254.151.120 (Los Angeles, United States) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.194.94 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.251.10.149 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f149.1e100.net

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.207.22.76 (Singapore) 2 redirects

ASN41041 (VCLK-EU-SE, US)
PTR: sin01-nessy-float2.dotomi.com

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.213.12.39 (Tokyo, Japan) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.196.197.130 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.84.60.30 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 70.42.32.223 (United States) 2 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.213.141.184 (Singapore) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-213-141-184.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.208.249.213 (Council Bluffs, United States) 1 redirects

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com

trace.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.10.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f156.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 47.246.12.211 (None, )

ASN- ()

widget.qweather.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 111 tpc.googlesyndication.com — Cisco Umbrella Rank: 145	1 MB
35	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 cm.g.doubleclick.net — Cisco Umbrella Rank: 228 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 335	194 KB
21	ctfiot.com 1 redirects ctfiot.com www.ctfiot.com	348 KB
17	aliyuncs.com ctfiot.oss-cn-beijing.aliyuncs.com	1 MB
13	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 299	109 KB
10	gstatic.com www.gstatic.com fonts.gstatic.com	145 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 569	4 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 198	244 KB
5	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 90 www.google.com — Cisco Umbrella Rank: 2	937 B
5	staticfile.org cdn.staticfile.org — Cisco Umbrella Rank: 47850	186 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 230	4 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	4 KB
3	google.com.au adservice.google.com.au — Cisco Umbrella Rank: 111070	861 B
2	qweather.net widget.qweather.net	3 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1320	659 B
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 561	1 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 584	1 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 323	2 KB
2	dotomi.com 2 redirects dclk-match.dotomi.com — Cisco Umbrella Rank: 3163	977 B
2	baidu.com hm.baidu.com — Cisco Umbrella Rank: 8013	12 KB
2	geekzu.org sdn.geekzu.org — Cisco Umbrella Rank: 727527	3 KB
1	mediago.io 1 redirects trace.mediago.io — Cisco Umbrella Rank: 1343	494 B
1	uuidksinc.net 1 redirects s.uuidksinc.net — Cisco Umbrella Rank: 11294	335 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 980	602 B
1	exatrack.com blog.exatrack.com	1 MB
1	thedfirreport.com thedfirreport.com	325 KB
1	gitee.io iowen.gitee.io
181	27

	Domain	Requested by
30	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
22	pagead2.googlesyndication.com	www.ctfiot.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
21	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
20	www.ctfiot.com	www.ctfiot.com
17	ctfiot.oss-cn-beijing.aliyuncs.com	www.ctfiot.com
13	s0.2mdn.net	www.ctfiot.com s0.2mdn.net
12	cm.g.doubleclick.net	4 redirects googleads.g.doubleclick.net
7	www.gstatic.com	googleads.g.doubleclick.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	www.googletagservices.com	googleads.g.doubleclick.net
5	cdn.staticfile.org	www.ctfiot.com cdn.staticfile.org
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	fonts.googleapis.com	googleads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.com.au	pagead2.googlesyndication.com
2	widget.qweather.net	www.ctfiot.com widget.qweather.net
2	googleads4.g.doubleclick.net	www.ctfiot.com
2	sync.teads.tv	1 redirects googleads.g.doubleclick.net
2	b1sync.zemanta.com	2 redirects
2	c1.adform.net	2 redirects
2	x.bidswitch.net	2 redirects
2	dclk-match.dotomi.com	2 redirects
2	www.google.com	1 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
2	hm.baidu.com	www.ctfiot.com
2	sdn.geekzu.org	www.ctfiot.com
1	trace.mediago.io	1 redirects
1	s.uuidksinc.net	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	blog.exatrack.com	www.ctfiot.com
1	thedfirreport.com	www.ctfiot.com
1	iowen.gitee.io	www.ctfiot.com
1	ctfiot.com	1 redirects
181	33

This site contains links to these domains. Also see Links.

Domain
www.chamd5.org
ctfiot.oss-cn-beijing.aliyuncs.com

Subject Issuer	Validity	Valid
www.ctfiot.com R3	`2023-02-24` - `2023-05-25`	3 months	crt.sh
*.staticfile.org GeoTrust RSA CN CA G2	`2022-09-05` - `2023-10-03`	a year	crt.sh
*.oss-cn-beijing.aliyuncs.com GlobalSign Organization Validation CA - SHA256 - G3	`2023-02-15` - `2024-03-18`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-07` - `2023-06-06`	a year	crt.sh
*.gitee.io TrustAsia RSA DV TLS CA G3	`2023-02-20` - `2024-03-17`	a year	crt.sh
blog.exatrack.com R3	`2023-03-17` - `2023-06-15`	3 months	crt.sh
baidu.com GlobalSign RSA OV SSL CA 2018	`2022-07-05` - `2023-08-06`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.google.com.au GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-03-20` - `2023-06-12`	3 months	crt.sh
qweather.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-17` - `2023-11-17`	a year	crt.sh

This page contains 18 frames:

Primary Page: https://www.ctfiot.com/87670.html
Frame ID: 95DC90E0A3D0A2024CA805E24A9BF062
Requests: 66 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20190131/zrt_lookup.html
Frame ID: C623F1E3AFEDFE17BF4D57CD77B93106
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5738725703232626&output=html&adk=1812271804&adf=3025194257&lmt=1681173546&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x810_r&format=0x0&url=https%3A%2F%2Fwww.ctfiot.com%2F87670.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681173545191&bpp=5&bdt=1998&idt=1093&shv=r20230405&mjsv=m202304050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5273979297390&frm=20&pv=2&ga_vid=769908017.1681173546&ga_sid=1681173546&ga_hid=163435733&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31071755%2C31073584%2C42531706&oid=2&pvsid=360382840906581&tmod=485068584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1121
Frame ID: 29B6A0E538A97C3DD5818F50309262E6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5738725703232626&output=html&h=187&slotname=1613153004&adk=3108791033&adf=2685228617&pi=t.ma~as.1613153004&w=745&fwrn=4&lmt=1681173546&rafmt=11&format=745x187&url=https%3A%2F%2Fwww.ctfiot.com%2F87670.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681173545196&bpp=2&bdt=2002&idt=1125&shv=r20230405&mjsv=m202304050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5273979297390&frm=20&pv=1&ga_vid=769908017.1681173546&ga_sid=1681173546&ga_hid=163435733&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=295&ady=288&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31071755%2C31073584%2C42531706&oid=2&pvsid=360382840906581&tmod=485068584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=e6tWUwDZtp&p=https%3A//www.ctfiot.com&dtd=1130
Frame ID: 5F362904BF43D06BEEB11A6E91CD2E16
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5738725703232626&output=html&h=447&slotname=6117731570&adk=1968854875&adf=3830709326&pi=t.ma~as.6117731570&w=745&cr_col=4&cr_row=2&fwrn=2&lmt=1681173546&rafmt=9&format=745x447&url=https%3A%2F%2Fwww.ctfiot.com%2F87670.html&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681173545198&bpp=1&bdt=2005&idt=1134&shv=r20230405&mjsv=m202304050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C745x187&nras=1&correlator=5273979297390&frm=20&pv=1&ga_vid=769908017.1681173546&ga_sid=1681173546&ga_hid=163435733&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=295&ady=3530&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31071755%2C31073584%2C42531706&oid=2&pvsid=360382840906581&tmod=485068584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Jdu8nJpLOW&p=https%3A//www.ctfiot.com&dtd=1138
Frame ID: 0E2B32C64B7904B8216E82377101F56D
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5738725703232626&output=html&h=250&slotname=8806081466&adk=277611441&adf=422466837&pi=t.ma~as.8806081466&w=310&fwrn=4&fwrnh=100&lmt=1681173546&rafmt=1&format=310x250&url=https%3A%2F%2Fwww.ctfiot.com%2F87670.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681173545199&bpp=2&bdt=2005&idt=1145&shv=r20230405&mjsv=m202304050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C745x187%2C745x447&nras=1&correlator=5273979297390&frm=20&pv=1&ga_vid=769908017.1681173546&ga_sid=1681173546&ga_hid=163435733&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31071755%2C31073584%2C42531706&oid=2&pvsid=360382840906581&tmod=485068584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=0cVyLFzZ4D&p=https%3A//www.ctfiot.com&dtd=1148
Frame ID: EBBBCE42F230542E6578A4550EF380D1
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5738725703232626&output=html&h=600&adk=3473758137&adf=2980804260&pi=t.aa~a.123497700~rp.4&w=270&fwrn=4&fwrnh=100&lmt=1681173547&rafmt=1&to=qs&pwprc=1516750021&format=270x600&url=https%3A%2F%2Fwww.ctfiot.com%2F87670.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681173547260&bpp=1&bdt=4067&idt=1&shv=r20230405&mjsv=m202304050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc502b709776c267a-22699aa720dd00f3%3AT%3D1681173546%3ART%3D1681173546%3AS%3DALNI_MYBy9SNwpIAWG5X0JbdedNHvG31ug&gpic=UID%3D00000bf26418840a%3AT%3D1681173546%3ART%3D1681173546%3AS%3DALNI_MaS95wXy-jlEhax1sJ1ysfF91zkzw&prev_fmts=0x0%2C745x187%2C745x447%2C310x250&nras=2&correlator=5273979297390&frm=20&pv=1&ga_vid=769908017.1681173546&ga_sid=1681173546&ga_hid=163435733&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1095&ady=1786&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31071755%2C31073584%2C42531706&oid=2&pvsid=360382840906581&tmod=485068584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=865HbLZzyy&p=https%3A//www.ctfiot.com&dtd=7
Frame ID: AA2FE33950DBD68AFEE16F255A377A3D
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1
Frame ID: 5C4B8B848A91A0F5E87A91669BBCBE91
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMiRieICEKm7mO4CGLjA9N4BMAE&v=APEucNUlTGJufUjUyXqfl91d24rLjNGcpEIpraCMe9I52S4IR_REUjKHuu9xAHg4y6UQdKSRQBsK3LSJA9nLRbPFhL1cmrkXvg
Frame ID: 428D33F4F3144EC43734B3F5B2AF78AA
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E54CEC47920441CAF9143779A8D0E9E4
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js
Frame ID: A71B7D964F57AA6FE0BD350A6BEA8499
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 026264015E84509296824002F633B5DB
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js
Frame ID: E3A7AD13E683EC590AE29C68A0A17FCB
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7F3280F1ABCEE3B151A98A57E9F07858
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js
Frame ID: B1B89EB74118F127A0C1F53FF9B9E904
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15356589099931226557/VOREHA0962_Student_SIMO_Offer-160x600/index.html
Frame ID: CCD58EE64A314C0AEEFFCD0C52D30451
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C68DE1024886965C35C6E5CB336AC3C9
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 10FE9AAB13C73C2AA17533E23D112D43
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Patchwork组织新可疑样本分析与追踪 | CTF导航

Page URL History Show full URLs

https://ctfiot.com/87670.html HTTP 301
https://www.ctfiot.com/87670.html Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

Clipboard.js (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

clipboard(?:-([\d.]+))?(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

181
Requests

92 %
HTTPS

0 %
IPv6

27
Domains

33
Subdomains

27
IPs

10
Countries

5242 kB
Transfer

7940 kB
Size

25
Cookies

19 Outgoing links

These are links going to different origins than the main page.

URL: http://www.chamd5.org/
Title: ChaMd5

Search URL Search Domain Scan URL

URL: https://ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2022/12/1-1671860900.png

Search URL Search Domain Scan URL

URL: https://ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2022/12/5-1671860901.png

Search URL Search Domain Scan URL

URL: https://ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2022/12/8-1671860901.png

Search URL Search Domain Scan URL

URL: https://ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2022/12/4-1671860902.png

Search URL Search Domain Scan URL

URL: https://ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2022/12/6-1671860903.png

Search URL Search Domain Scan URL

URL: https://ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2022/12/10-1671860903.png

Search URL Search Domain Scan URL

URL: https://ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2022/12/0-1671860904.png

Search URL Search Domain Scan URL

URL: https://ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2022/12/4-1671860905.png

Search URL Search Domain Scan URL

URL: https://ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2022/12/4-1671860906.png

Search URL Search Domain Scan URL

URL: https://ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2022/12/2-1671860906.png

Search URL Search Domain Scan URL

URL: https://ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2022/12/6-1671860907.png

Search URL Search Domain Scan URL

URL: https://ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2022/12/0-1671860907.png

Search URL Search Domain Scan URL

URL: https://ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2022/12/2-1671860908.png

Search URL Search Domain Scan URL

URL: https://ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2022/12/9-1671860908.png

Search URL Search Domain Scan URL

URL: https://ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2022/12/2-1671860909.png

Search URL Search Domain Scan URL

URL: https://ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2022/12/9-1671860909.png

Search URL Search Domain Scan URL

URL: https://ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2022/12/10-1671860910.png

Search URL Search Domain Scan URL

URL: https://ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2022/12/10-1671860911.png

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ctfiot.com/87670.html HTTP 301
https://www.ctfiot.com/87670.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 130

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFbArhuO4zAKKOgXs2mor3k&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFbArhuO4zAKKOgXs2mor3k&google_cver=1&C=1

Request Chain 131

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZDSsLQXcrFlMxXkVIlSrtQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFbArhuO4zAKKOgXs2mor3k&google_cver=1

Request Chain 132

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEM98Ib9T38s_CJNTfixlnaU&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEM98Ib9T38s_CJNTfixlnaU%26google_cver%3D1

Request Chain 133

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjgwMzEzNjY2OTU2MjMyNTg3MQ%3D%3D

Request Chain 141

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 151

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESECoMutjBtsolbbClyW04po0&google_cver=1&google_push=Aer7DvLBnUg_p-BHAYTKkOB0_9qYw6nMHsnQEsLieSW3Njvx8-QHLZkvI4TUleABezimQaabgRwMP5hoqT_La5JZ_cS_tZEsPGXZTjAH39lRSnymQsh0h3o9xdhjreAE72numltG-rOS6ebuNSpg0u9uSz31ZA HTTP 302
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=107b57c517941b49&is_secure=true&networkId=14000&version=1&google_gid=CAESECoMutjBtsolbbClyW04po0&google_cver=1&google_push=Aer7DvLBnUg_p-BHAYTKkOB0_9qYw6nMHsnQEsLieSW3Njvx8-QHLZkvI4TUleABezimQaabgRwMP5hoqT_La5JZ_cS_tZEsPGXZTjAH39lRSnymQsh0h3o9xdhjreAE72numltG-rOS6ebuNSpg0u9uSz31ZA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAMR9I5T_yZHQNWL5T2AAAAAAA&expiration=1681259950&google_cver=1&is_secure=true&google_gid=CAESECoMutjBtsolbbClyW04po0&google_push=Aer7DvLBnUg_p-BHAYTKkOB0_9qYw6nMHsnQEsLieSW3Njvx8-QHLZkvI4TUleABezimQaabgRwMP5hoqT_La5JZ_cS_tZEsPGXZTjAH39lRSnymQsh0h3o9xdhjreAE72numltG-rOS6ebuNSpg0u9uSz31ZA

Request Chain 152

https://x.bidswitch.net/sync?ssp=google_jp&google_gid=CAESEDMn5QBt2DQmIz0XKSICwd8&google_cver=1&google_push=Aer7DvJ9LxBpRyveD6On00O4dmbwUbs-2q7oWE_-XWWM-_NHbXJIzLXjCdAm2FigtDh5HbrWw6ESCNh1O6XRDLiyqhQ1fLgmzkX_9X-f4jLid9gJYGPySmvVOhcbDqcCVkTWwNWlBqAInWp9e6gqw_T4QeH0ig HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google_jp&google_gid=CAESEDMn5QBt2DQmIz0XKSICwd8&google_cver=1&google_push=Aer7DvJ9LxBpRyveD6On00O4dmbwUbs-2q7oWE_-XWWM-_NHbXJIzLXjCdAm2FigtDh5HbrWw6ESCNh1O6XRDLiyqhQ1fLgmzkX_9X-f4jLid9gJYGPySmvVOhcbDqcCVkTWwNWlBqAInWp9e6gqw_T4QeH0ig HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=Aer7DvJ9LxBpRyveD6On00O4dmbwUbs-2q7oWE_-XWWM-_NHbXJIzLXjCdAm2FigtDh5HbrWw6ESCNh1O6XRDLiyqhQ1fLgmzkX_9X-f4jLid9gJYGPySmvVOhcbDqcCVkTWwNWlBqAInWp9e6gqw_T4QeH0ig&google_hm=wuuQa4yfTuuoRo_lWqVFxg==

Request Chain 153

https://s.uuidksinc.net/match/47/?remote_uid=CAESEGwXO0rYdq-5FKBCXl5-NU4&c_param1=Aer7DvJEQepFsEk_p7cqb2tYQrz9b4F_yjtI_dnCnI2NsI8VCq3kup8SbUo7m5QhqzIlbHbZhxfpU_UD6Nj-8CWSILhnoYBMnjSqFXotqtQtl_5tqtoCbux63FdAVNMj90s2CmpqqjcCVpyDm-ZGN361hlYx9Q&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=Aer7DvJEQepFsEk_p7cqb2tYQrz9b4F_yjtI_dnCnI2NsI8VCq3kup8SbUo7m5QhqzIlbHbZhxfpU_UD6Nj-8CWSILhnoYBMnjSqFXotqtQtl_5tqtoCbux63FdAVNMj90s2CmpqqjcCVpyDm-ZGN361hlYx9Q

Request Chain 154

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEINyGKFKpUPNhP32bkD-ZIA&google_cver=1&google_push=Aer7DvJ6262aEwA5bz61GlUndcnAIM-rcpHb32zM_nurh-Gtl9QC1tPIGnDxkDLvyPpKw6xuGNHBLmznNMqOwdcjDa6jj6kkFFkVINQwNRgw5rRHt--DEXdv1lAW-hcbo6hyMRzYZHsRWpfBZiFERp8MeVZosQ HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEINyGKFKpUPNhP32bkD-ZIA&google_cver=1&google_push=Aer7DvJ6262aEwA5bz61GlUndcnAIM-rcpHb32zM_nurh-Gtl9QC1tPIGnDxkDLvyPpKw6xuGNHBLmznNMqOwdcjDa6jj6kkFFkVINQwNRgw5rRHt--DEXdv1lAW-hcbo6hyMRzYZHsRWpfBZiFERp8MeVZosQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDQ3NzEyODkxNTczODQxOTM4NQ&google_push=Aer7DvJ6262aEwA5bz61GlUndcnAIM-rcpHb32zM_nurh-Gtl9QC1tPIGnDxkDLvyPpKw6xuGNHBLmznNMqOwdcjDa6jj6kkFFkVINQwNRgw5rRHt--DEXdv1lAW-hcbo6hyMRzYZHsRWpfBZiFERp8MeVZosQ

Request Chain 155

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEDdNGZiwFUgopQl9wBvT2iI&google_cver=1&google_push=Aer7DvK1WYHSctVv2VlD1cL9fhmM7EehNlIKDMzL15TOB-AqcivTDqWYmSncxFAy-9kxAtXSAEKCbVZAUJm8r7GqcZzp1rjztyrqqxi7LCgL0djA6PKV6d74BY_cpZOGWanY8CFAyWY2Et8tgc-QasPuqBBZ4Q HTTP 302
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEDdNGZiwFUgopQl9wBvT2iI&google_push=Aer7DvK1WYHSctVv2VlD1cL9fhmM7EehNlIKDMzL15TOB-AqcivTDqWYmSncxFAy-9kxAtXSAEKCbVZAUJm8r7GqcZzp1rjztyrqqxi7LCgL0djA6PKV6d74BY_cpZOGWanY8CFAyWY2Et8tgc-QasPuqBBZ4Q&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=Aer7DvK1WYHSctVv2VlD1cL9fhmM7EehNlIKDMzL15TOB-AqcivTDqWYmSncxFAy-9kxAtXSAEKCbVZAUJm8r7GqcZzp1rjztyrqqxi7LCgL0djA6PKV6d74BY_cpZOGWanY8CFAyWY2Et8tgc-QasPuqBBZ4Q&google_hm=dU1OVGJZSFFiXzZORnNFSGlvdlo=

Request Chain 156

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEKDYVb6DKS6r4Yk397DxU6I&google_cver=1&google_push=Aer7DvKrKBiWQvnk-aQWRRnByWlcwQQ7K3rZM8Y-faadpm7W4ZeyseNKqpZjOjS0L9yh86QQqbCJ7Y71ZWzMKbsm2nX8PGQ3V0bWDUvQYn7AfOLz4dY7VeCiSs-l8AEXaZ7fCs8aMms4-TYO4pzrsWUjhKjIobQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=MzQ1YTFmMGItM2RjYi00YjhjLTgyOGYtNDU1MzU5ZDcxYzhh&google_push=Aer7DvKrKBiWQvnk-aQWRRnByWlcwQQ7K3rZM8Y-faadpm7W4ZeyseNKqpZjOjS0L9yh86QQqbCJ7Y71ZWzMKbsm2nX8PGQ3V0bWDUvQYn7AfOLz4dY7VeCiSs-l8AEXaZ7fCs8aMms4-TYO4pzrsWUjhKjIobQ HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 157

https://trace.mediago.io/cs/google?google_gid=CAESEFc5borQVvx6rzks25MHr6Y&google_cver=1&google_push=Aer7DvJGr2fnE65ctb7gfLoXe92rpNN8NWWm4BcWkn47v4hJmPfRK_BeexUEsoL_ye06iBxcowPNlEbkU7e8yp3aSzud9JweMgFE_kpG4mOSKqCpMLTdPoScKsPFZz-hR6rZWwbECQz881PKNZS7oEoirhsQDw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=Aer7DvJGr2fnE65ctb7gfLoXe92rpNN8NWWm4BcWkn47v4hJmPfRK_BeexUEsoL_ye06iBxcowPNlEbkU7e8yp3aSzud9JweMgFE_kpG4mOSKqCpMLTdPoScKsPFZz-hR6rZWwbECQz881PKNZS7oEoirhsQDw&google_hm=609d12970627194c999dc13a7262285f

181 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 87670.html Show response
www.ctfiot.com/
Redirect Chain

https://ctfiot.com/87670.html
https://www.ctfiot.com/87670.html

73 KB
15 KB

1214ms
1060ms

Document
text/html

43.254.217.178
CLOUDIE-AS-AP Clo...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ctfiot.com/87670.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

43.254.217.178 , Hong Kong, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

aef5e52d48174492b974f6423bd2c2d52c6d9e2df10d4287acb5a53e43e50ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 11 Apr 2023 00:39:02 GMT
server: nginx
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-pingback: https://www.ctfiot.com/xmlrpc.php

Redirect headers

content-type: text/html; charset=UTF-8
date: Tue, 11 Apr 2023 00:39:01 GMT
location: https://www.ctfiot.com/87670.html
server: nginx
strict-transport-security: max-age=31536000
x-pingback: https://www.ctfiot.com/xmlrpc.php
x-redirect-by: WordPress

GET
H2 200 classic-themes.min.css
www.ctfiot.com/wp-includes/css/ 291 B
495 B 279ms
277ms Stylesheet
text/css 43.254.217.178
CLOUDIE-AS-AP Clo...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ctfiot.com/wp-includes/css/classic-themes.min.css?ver=6.2

Requested by

Host: www.ctfiot.com
URL: https://www.ctfiot.com/87670.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

43.254.217.178 , Hong Kong, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ctfiot.com/87670.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 00:39:03 GMT
strict-transport-security: max-age=31536000
last-modified: Sun, 02 Apr 2023 10:30:44 GMT
server: nginx
etag: "64295954-123"
content-type: text/css
cache-control: max-age=43200
accept-ranges: bytes
content-length: 291
expires: Tue, 11 Apr 2023 12:39:03 GMT

GET
H2 200 iconfont.css
www.ctfiot.com/wp-content/themes/onenav/css/ 6 KB
1 KB 280ms
278ms Stylesheet
text/css 43.254.217.178
CLOUDIE-AS-AP Clo...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ctfiot.com/wp-content/themes/onenav/css/iconfont.css?ver=3.1424

Requested by

Host: www.ctfiot.com
URL: https://www.ctfiot.com/87670.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

43.254.217.178 , Hong Kong, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

5d84a57ce0022d737a58075ef1c11bb5d7c0e44f295322af3a2ab44624fa777a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ctfiot.com/87670.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 00:39:03 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 25 Feb 2022 01:01:21 GMT
server: nginx
etag: W/"62182a61-18ce"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Tue, 11 Apr 2023 12:39:03 GMT

GET
H/1.1 200
OK all.min.css
cdn.staticfile.org/font-awesome/5.15.4/css/ 58 KB
14 KB 1022ms
395ms Stylesheet
text/css 163.181.42.227
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.staticfile.org/font-awesome/5.15.4/css/all.min.css?ver=3.1424
Requested by: Host: www.ctfiot.com
URL: https://www.ctfiot.com/87670.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.42.227 , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

X-Log: X-Log
Date: Mon, 10 Apr 2023 07:02:06 GMT
Via: cache27.l2hk2[603,603,304-0,M], cache20.l2hk2[605,0], cache5.sg8[0,0,200-0,H], cache8.sg8[3,0]
Content-Encoding: gzip
X-Svr: IO
Content-Md5: 7NUHsxJe3E0qA6pq5dB9qQ==
X-Reqid: lKEAAABeUtnAgFQX
Age: 63417
X-Swift-CacheTime: 86400
X-Cache: HIT TCP_MEM_HIT dirn:12:849734776
Content-Transfer-Encoding: binary
Content-Disposition: inline; filename="all.min.css"; filename*=utf-8''all.min.css
Connection: keep-alive
X-Swift-SaveTime: Mon, 10 Apr 2023 07:02:06 GMT
Content-Length: 12832
Last-Modified: Thu, 05 Aug 2021 07:49:51 GMT
Server: Tengine
Etag: "FqV-5o0RYBsP2OUDf8JB_2WnVEc8.gz"
Access-Control-Max-Age: 2592000
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Ali-Swift-Global-Savetime: 1681110126
Access-Control-Expose-Headers: X-Log, X-Reqid
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
X-Qiniu-Zone: 0
Timing-Allow-Origin: *
EagleId: a3b52a9c16811735439303520e

GET
H/1.1 200
OK v4-shims.min.css
cdn.staticfile.org/font-awesome/5.15.4/css/ 26 KB
5 KB 832ms
199ms Stylesheet
text/css 163.181.42.227
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.staticfile.org/font-awesome/5.15.4/css/v4-shims.min.css?ver=3.1424
Requested by: Host: www.ctfiot.com
URL: https://www.ctfiot.com/87670.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.42.227 , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 8fe2f1cb7bc41c640ad3ea24449cfa1ba5291e16dbbbab0ef61bfe43f3212910

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

X-Log: X-Log
Date: Mon, 10 Apr 2023 11:14:07 GMT
Via: cache7.l2hk2[0,0,304-0,H], cache23.l2hk2[1,0], cache8.sg8[0,0,200-0,H], cache5.sg8[1,0]
Content-Encoding: gzip
X-Svr: IO
Content-Md5: oDTTxxvuVG9iWHfXkykX+A==
X-Reqid: 9xcAAADVlH-BjlQX
Age: 48296
X-Swift-CacheTime: 86338
X-Cache: HIT TCP_MEM_HIT dirn:12:312086252
Content-Transfer-Encoding: binary
Content-Disposition: inline; filename="v4-shims.min.css"; filename*=utf-8''v4-shims.min.css
Connection: keep-alive
X-Swift-SaveTime: Mon, 10 Apr 2023 11:15:09 GMT
Content-Length: 4163
Last-Modified: Thu, 19 Aug 2021 05:50:20 GMT
Server: Tengine
Etag: "FvIX1N7QvJ94a9m6HAnOiK7brtdu.gz"
Access-Control-Max-Age: 2592000
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Ali-Swift-Global-Savetime: 1681125247
Access-Control-Expose-Headers: X-Log, X-Reqid
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
X-Qiniu-Zone: 0
Timing-Allow-Origin: *
EagleId: a3b52a9916811735439356816e

GET
H2 200 bootstrap.min.css
www.ctfiot.com/wp-content/themes/onenav/css/ 158 KB
29 KB 287ms
285ms Stylesheet
text/css 43.254.217.178
CLOUDIE-AS-AP Clo...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ctfiot.com/wp-content/themes/onenav/css/bootstrap.min.css?ver=3.1424

Requested by

Host: www.ctfiot.com
URL: https://www.ctfiot.com/87670.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

43.254.217.178 , Hong Kong, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

003a5b9f890301ca6d6a16067ba382c677704dbd777962094ceb13cc8e02691f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ctfiot.com/87670.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 00:39:03 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 25 Feb 2022 01:01:21 GMT
server: nginx
etag: W/"62182a61-278ba"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Tue, 11 Apr 2023 12:39:03 GMT

GET
H2 200 jquery.fancybox.min.css
www.ctfiot.com/wp-content/themes/onenav/css/ 12 KB
4 KB 349ms
347ms Stylesheet
text/css 43.254.217.178
CLOUDIE-AS-AP Clo...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ctfiot.com/wp-content/themes/onenav/css/jquery.fancybox.min.css?ver=3.1424

Requested by

Host: www.ctfiot.com
URL: https://www.ctfiot.com/87670.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

43.254.217.178 , Hong Kong, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ctfiot.com/87670.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 00:39:03 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 25 Feb 2022 01:01:21 GMT
server: nginx
etag: W/"62182a61-31fb"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Tue, 11 Apr 2023 12:39:03 GMT

GET
H2 200 style.min.css
www.ctfiot.com/wp-content/themes/onenav/css/ 100 KB
25 KB 411ms
409ms Stylesheet
text/css 43.254.217.178
CLOUDIE-AS-AP Clo...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ctfiot.com/wp-content/themes/onenav/css/style.min.css?ver=3.1424

Requested by

Host: www.ctfiot.com
URL: https://www.ctfiot.com/87670.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

43.254.217.178 , Hong Kong, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

6973024936e5b30b98046977013de466de5de1708457e2ab9cc2bb44dc09ff72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ctfiot.com/87670.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 00:39:03 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 25 Feb 2022 01:01:21 GMT
server: nginx
etag: W/"62182a61-19183"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=43200
expires: Tue, 11 Apr 2023 12:39:03 GMT

GET
H2 200 jquery.min.js Show response
www.ctfiot.com/wp-content/themes/onenav/js/ 85 KB
33 KB 558ms
557ms Script
application/javascript 43.254.217.178
CLOUDIE-AS-AP Clo...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ctfiot.com/wp-content/themes/onenav/js/jquery.min.js?ver=3.1424

Requested by

Host: www.ctfiot.com
URL: https://www.ctfiot.com/87670.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

43.254.217.178 , Hong Kong, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ctfiot.com/87670.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 00:39:03 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 25 Feb 2022 01:01:21 GMT
server: nginx
etag: W/"62182a61-15283"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Tue, 11 Apr 2023 12:39:03 GMT

GET
H/1.1 200
OK %E6%A8%AA%E7%89%88Logo_360x80_%E4%B8%8D%E9%80%8F%E6%98%8E.png
ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2021/10/ 17 KB
17 KB 2935ms
494ms Image
image/png 59.110.190.229
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2021/10/%E6%A8%AA%E7%89%88Logo_360x80_%E4%B8%8D%E9%80%8F%E6%98%8E.png
Requested by: Host: www.ctfiot.com
URL: https://www.ctfiot.com/87670.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 59.110.190.229 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 3b1fa54e2b1020eda18b88565c88b44463adefad297fac2f626d1ee655d95c81

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 11 Apr 2023 00:39:06 GMT
x-oss-request-id: 6434AC2AF326DB3033B255FB
Content-MD5: OO3InPZ1ChyK0kyq1SHnDA==
Content-Disposition: attachment
Connection: keep-alive
Content-Length: 16917
x-oss-object-type: Normal
Last-Modified: Thu, 17 Mar 2022 08:01:17 GMT
Server: AliyunOSS
ETag: "38EDC89CF6750A1C8AD24CAAD521E70C"
Content-Type: image/png
x-oss-ec: 0048-00000104
x-oss-force-download: true
x-oss-storage-class: Standard
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 4884741393747057177
x-oss-server-time: 7

GET
H/1.1 200
OK M-DESIGN-360-x-80-px-1.png
ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2021/10/ 6 KB
7 KB 2941ms
491ms Image
image/png 59.110.190.229
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2021/10/M-DESIGN-360-x-80-px-1.png
Requested by: Host: www.ctfiot.com
URL: https://www.ctfiot.com/87670.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 59.110.190.229 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 9b4516ae3b2534cf72366dc9a08cc2b2b4515bc026ee27b1b9b3ae157eba0f75

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 11 Apr 2023 00:39:06 GMT
x-oss-request-id: 6434AC2AA645AE3330FB4133
Content-MD5: 3ZTfp/pnQ5CbjooEZ7+tdQ==
Content-Disposition: attachment
Connection: keep-alive
Content-Length: 6619
x-oss-object-type: Normal
Last-Modified: Thu, 17 Mar 2022 08:01:14 GMT
Server: AliyunOSS
ETag: "DD94DFA7FA6743909B8E8A0467BFAD75"
Content-Type: image/png
x-oss-ec: 0048-00000104
x-oss-force-download: true
x-oss-storage-class: Standard
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 388601213416782964
x-oss-server-time: 7

GET
H/1.1 200
OK bitbug_favicon-1.ico
ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2021/10/ 4 KB
5 KB 2949ms
491ms Image
image/x-icon 59.110.190.229
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2021/10/bitbug_favicon-1.ico
Requested by: Host: www.ctfiot.com
URL: https://www.ctfiot.com/87670.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 59.110.190.229 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 553300264e11fc1c15eb6c77712247af6f3279dd30635e8e18b908cc27773375

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 11 Apr 2023 00:39:06 GMT
x-oss-request-id: 6434AC2A5B40CC3231DC30DF
Content-MD5: FBY8gO3+vxztTgaFXfizAg==
Content-Disposition: attachment
Connection: keep-alive
Content-Length: 4286
x-oss-object-type: Normal
Last-Modified: Thu, 17 Mar 2022 08:01:09 GMT
Server: AliyunOSS
ETag: "14163C80EDFEBF1CED4E06855DF8B302"
Content-Type: image/x-icon
x-oss-ec: 0048-00000104
x-oss-force-download: true
x-oss-storage-class: Standard
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 7285855754463750460
x-oss-server-time: 5

GET
H/1.1 200
OK Logo_80x80_%E9%80%8F%E6%98%8E.png
ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2021/10/ 4 KB
4 KB 3214ms
499ms Image
image/png 59.110.190.229
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2021/10/Logo_80x80_%E9%80%8F%E6%98%8E.png
Requested by: Host: www.ctfiot.com
URL: https://www.ctfiot.com/87670.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 59.110.190.229 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 69516c5b557bb540ee7689c3dcdd8b8a4e316e491ffbac7a5b68d9122e1b9bdd

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 11 Apr 2023 00:39:07 GMT
x-oss-request-id: 6434AC2B5DFDD136310AB442
Content-MD5: mhSKWM8aX4RcswhaWk2fZQ==
Content-Disposition: attachment
Connection: keep-alive
Content-Length: 3893
x-oss-object-type: Normal
Last-Modified: Thu, 17 Mar 2022 08:01:14 GMT
Server: AliyunOSS
ETag: "9A148A58CF1A5F845CB3085A5A4D9F65"
Content-Type: image/png
x-oss-ec: 0048-00000104
x-oss-force-download: true
x-oss-storage-class: Standard
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 17247182101233306927
x-oss-server-time: 6

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 140 KB
48 KB 599ms
208ms Script
text/javascript 74.125.24.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5738725703232626

Requested by

Host: www.ctfiot.com
URL: https://www.ctfiot.com/87670.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f157.1e100.net

Software

cafe /

Resource Hash

40e8988ecc9dd2636e33fb170bc024558c780e1452d57d17f8cab6488d554d2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ctfiot.com/
Origin: https://www.ctfiot.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 00:39:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48219
x-xss-protection: 0
server: cafe
etag: 9953386242202212605
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 11 Apr 2023 00:39:04 GMT

GET
H2 200 t.png
www.ctfiot.com/wp-content/themes/onenav/images/ 73 B
277 B 461ms
460ms Image
image/png 43.254.217.178
CLOUDIE-AS-AP Clo...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ctfiot.com/wp-content/themes/onenav/images/t.png

Requested by

Host: www.ctfiot.com
URL: https://www.ctfiot.com/87670.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

43.254.217.178 , Hong Kong, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

11b9c95a68e295dddd0ea924647536578ce285b2c8469a223c01df1ff3166af1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ctfiot.com/87670.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 00:39:04 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 25 Feb 2022 01:01:21 GMT
server: nginx
etag: "62182a61-49"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 73
expires: Thu, 11 May 2023 00:39:04 GMT

GET
H2 200 gravatar.jpg
www.ctfiot.com/wp-content/themes/onenav/images/ 2 KB
2 KB 304ms
303ms Image
image/jpeg 43.254.217.178
CLOUDIE-AS-AP Clo...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.ctfiot.com/wp-content/themes/onenav/images/gravatar.jpg

Requested by

Host: www.ctfiot.com
URL: https://www.ctfiot.com/87670.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

43.254.217.178 , Hong Kong, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

4ad66d2fc22f2a561e0519fde0bd5201adb13638c2e915e1a6a6a718a7bf4dad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ctfiot.com/87670.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 00:39:04 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 25 Feb 2022 01:01:21 GMT
server: nginx
etag: "62182a61-7ef"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 2031
expires: Thu, 11 May 2023 00:39:04 GMT

GET
H2 200 clipboard.min.js Show response
www.ctfiot.com/wp-content/themes/onenav/js/ 10 KB
4 KB 278ms
277ms Script
application/javascript 43.254.217.178
CLOUDIE-AS-AP Clo...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ctfiot.com/wp-content/themes/onenav/js/clipboard.min.js?ver=3.1424

Requested by

Host: www.ctfiot.com
URL: https://www.ctfiot.com/87670.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

43.254.217.178 , Hong Kong, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

8a7739925f4c03586479852df840b7061948832a7fda30c8c812d2ea4dd4c4f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ctfiot.com/87670.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 00:39:04 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 25 Feb 2022 01:01:21 GMT
server: nginx
etag: W/"62182a61-28d5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Tue, 11 Apr 2023 12:39:04 GMT

GET
H2 200 echarts.min.js Show response
www.ctfiot.com/wp-content/themes/onenav/js/ 365 KB
142 KB 282ms
282ms Script
application/javascript 43.254.217.178
CLOUDIE-AS-AP Clo...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ctfiot.com/wp-content/themes/onenav/js/echarts.min.js?ver=3.1424

Requested by

Host: www.ctfiot.com
URL: https://www.ctfiot.com/87670.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

43.254.217.178 , Hong Kong, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

801ebc9c46c6ed651e93f00b2fab16e10313285daa06b4379ea2c01b29508306

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ctfiot.com/87670.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 00:39:04 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 25 Feb 2022 01:01:21 GMT
server: nginx
etag: W/"62182a61-5b393"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Tue, 11 Apr 2023 12:39:04 GMT

GET
H2 200 popper.min.js Show response
www.ctfiot.com/wp-content/themes/onenav/js/ 21 KB
8 KB 460ms
458ms Script
application/javascript 43.254.217.178
CLOUDIE-AS-AP Clo...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ctfiot.com/wp-content/themes/onenav/js/popper.min.js?ver=3.1424

Requested by

Host: www.ctfiot.com
URL: https://www.ctfiot.com/87670.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

43.254.217.178 , Hong Kong, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

67bbcec2522f3b5d3e8a265e3057004fe9c9961bdce0646dcbc9c32bf06e5aeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ctfiot.com/87670.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 00:39:04 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 25 Feb 2022 01:01:21 GMT
server: nginx
etag: W/"62182a61-5283"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Tue, 11 Apr 2023 12:39:04 GMT

GET
H2 200 bootstrap.min.js Show response
www.ctfiot.com/wp-content/themes/onenav/js/ 61 KB
18 KB 461ms
459ms Script
application/javascript 43.254.217.178
CLOUDIE-AS-AP Clo...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ctfiot.com/wp-content/themes/onenav/js/bootstrap.min.js?ver=3.1424

Requested by

Host: www.ctfiot.com
URL: https://www.ctfiot.com/87670.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

43.254.217.178 , Hong Kong, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

5112ac3168dcb0f524c0f4b7fe192ba56498cfced86ba0f43e2317fd203f769c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ctfiot.com/87670.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 00:39:04 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 25 Feb 2022 01:01:21 GMT
server: nginx
etag: W/"62182a61-f3c5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Tue, 11 Apr 2023 12:39:04 GMT

GET
H2 200 theia-sticky-sidebar.js Show response
www.ctfiot.com/wp-content/themes/onenav/js/ 15 KB
4 KB 462ms
460ms Script
application/javascript 43.254.217.178
CLOUDIE-AS-AP Clo...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ctfiot.com/wp-content/themes/onenav/js/theia-sticky-sidebar.js?ver=3.1424

Requested by

Host: www.ctfiot.com
URL: https://www.ctfiot.com/87670.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

43.254.217.178 , Hong Kong, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

01e105efa6aa2dac21ed4c473d9e4a2d7a4fa9b75dfbf422492b811a90d23381

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ctfiot.com/87670.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 00:39:04 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 25 Feb 2022 01:01:21 GMT
server: nginx
etag: W/"62182a61-3ca5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Tue, 11 Apr 2023 12:39:04 GMT

GET
H2 200 lazyload.min.js Show response
www.ctfiot.com/wp-content/themes/onenav/js/ 8 KB
3 KB 462ms
460ms Script
application/javascript 43.254.217.178
CLOUDIE-AS-AP Clo...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ctfiot.com/wp-content/themes/onenav/js/lazyload.min.js?ver=3.1424

Requested by

Host: www.ctfiot.com
URL: https://www.ctfiot.com/87670.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

43.254.217.178 , Hong Kong, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

3eabaf6acfbd158fa8f9b6c8e2a7f59a93cd3c19ca45e66c709f2170964541de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ctfiot.com/87670.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 00:39:04 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 25 Feb 2022 01:01:21 GMT
server: nginx
etag: W/"62182a61-20c1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Tue, 11 Apr 2023 12:39:04 GMT

GET
H2 200 jquery.fancybox.min.js Show response
www.ctfiot.com/wp-content/themes/onenav/js/ 67 KB
25 KB 281ms
281ms Script
application/javascript 43.254.217.178
CLOUDIE-AS-AP Clo...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ctfiot.com/wp-content/themes/onenav/js/jquery.fancybox.min.js?ver=3.1424

Requested by

Host: www.ctfiot.com
URL: https://www.ctfiot.com/87670.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

43.254.217.178 , Hong Kong, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

ca2427c5350b6c6ee1acd7342ca166a97be33dbae0dc55901774a4de8c6cd706

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ctfiot.com/87670.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 00:39:04 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 25 Feb 2022 01:01:21 GMT
server: nginx
etag: W/"62182a61-10a94"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Tue, 11 Apr 2023 12:39:04 GMT

GET
H2 200 app.min.js Show response
www.ctfiot.com/wp-content/themes/onenav/js/ 39 KB
13 KB 290ms
290ms Script
application/javascript 43.254.217.178
CLOUDIE-AS-AP Clo...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ctfiot.com/wp-content/themes/onenav/js/app.min.js?ver=3.1424

Requested by

Host: www.ctfiot.com
URL: https://www.ctfiot.com/87670.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

43.254.217.178 , Hong Kong, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

e12c6e6b042870857fb07f66c9fc2358a428a07f1690b4d8af56d0142b340f3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ctfiot.com/87670.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 00:39:04 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 25 Feb 2022 01:01:21 GMT
server: nginx
etag: W/"62182a61-9def"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Tue, 11 Apr 2023 12:39:04 GMT

GET
H2 200 comment-reply.min.js Show response
www.ctfiot.com/wp-includes/js/ 3 KB
2 KB 302ms
302ms Script
application/javascript 43.254.217.178
CLOUDIE-AS-AP Clo...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ctfiot.com/wp-includes/js/comment-reply.min.js?ver=6.2

Requested by

Host: www.ctfiot.com
URL: https://www.ctfiot.com/87670.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

43.254.217.178 , Hong Kong, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ctfiot.com/87670.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 00:39:04 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Sat, 25 Jun 2022 09:18:40 GMT
server: nginx
etag: W/"62b6d2f0-ba5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Tue, 11 Apr 2023 12:39:04 GMT

GET
H2 200 comments-ajax.js Show response
www.ctfiot.com/wp-content/themes/onenav/js/ 2 KB
1 KB 303ms
302ms Script
application/javascript 43.254.217.178
CLOUDIE-AS-AP Clo...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ctfiot.com/wp-content/themes/onenav/js/comments-ajax.js?ver=3.1424

Requested by

Host: www.ctfiot.com
URL: https://www.ctfiot.com/87670.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

43.254.217.178 , Hong Kong, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

d08ce327aecaf9346df404c646d7888923fe28749ed47a094a2dfa7785a77809

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ctfiot.com/87670.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 00:39:04 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 25 Feb 2022 01:01:21 GMT
server: nginx
etag: W/"62182a61-829"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
expires: Tue, 11 Apr 2023 12:39:04 GMT

GET
H/1.1 200
OK fa-brands-400.woff2
cdn.staticfile.org/font-awesome/5.15.4/webfonts/ 75 KB
76 KB 787ms
394ms Font
application/octet-stream 163.181.42.227
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.staticfile.org/font-awesome/5.15.4/webfonts/fa-brands-400.woff2
Requested by: Host: cdn.staticfile.org
URL: https://cdn.staticfile.org/font-awesome/5.15.4/css/all.min.css?ver=3.1424
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.42.227 , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 23cc8f32949c8b6960b1a4ca216ccaff2db4b769f6565bef2ee1fa954e072029

Request headers

Referer: https://cdn.staticfile.org/font-awesome/5.15.4/css/all.min.css?ver=3.1424
Origin: https://www.ctfiot.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

X-Log: X-Log
Date: Mon, 10 Apr 2023 06:44:45 GMT
Via: cache13.l2hk2[0,0,304-0,H], cache17.l2hk2[1,0], cache8.sg8[0,0,200-0,H], cache5.sg8[3,0]
X-Svr: IO
Content-Md5: 7TEcegremnW7Pr9adnDzHQ==
X-Reqid: N_4AAAB4QlzOf1QX
Age: 64459
X-Swift-CacheTime: 85800
X-Cache: HIT TCP_HIT dirn:13:133822533
Content-Transfer-Encoding: binary
Content-Disposition: inline; filename="fa-brands-400.woff2"; filename*=utf-8''fa-brands-400.woff2
Connection: keep-alive
X-Swift-SaveTime: Mon, 10 Apr 2023 06:54:45 GMT
Content-Length: 76736
Last-Modified: Mon, 09 Aug 2021 14:51:14 GMT
Server: Tengine
Etag: "FgYTx-u6Ve5H7zAsD3dmMkaS-Jmn"
Vary: Origin
Access-Control-Max-Age: 2592000
Content-Type: application/octet-stream; charset=utf-8
Access-Control-Allow-Origin: *
Ali-Swift-Global-Savetime: 1681109085
Access-Control-Expose-Headers: X-Log, X-Reqid
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
X-Qiniu-Zone: 0
Timing-Allow-Origin: *
EagleId: a3b52a9916811735447421133e

GET
H/1.1 200
OK fa-solid-900.woff2
cdn.staticfile.org/font-awesome/5.15.4/webfonts/ 76 KB
77 KB 790ms
391ms Font
application/octet-stream 163.181.42.227
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.staticfile.org/font-awesome/5.15.4/webfonts/fa-solid-900.woff2
Requested by: Host: cdn.staticfile.org
URL: https://cdn.staticfile.org/font-awesome/5.15.4/css/all.min.css?ver=3.1424
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.42.227 , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 8f52ae059ebd18fcb45ca5d2f81ab410ade2b54e096aa1284fd4b2b97bf3ddc9

Request headers

Referer: https://cdn.staticfile.org/font-awesome/5.15.4/css/all.min.css?ver=3.1424
Origin: https://www.ctfiot.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

X-Log: X-Log
Date: Mon, 10 Apr 2023 06:30:11 GMT
Via: cache18.l2hk2[622,622,304-0,M], cache15.l2hk2[624,0], cache11.sg8[0,0,200-0,H], cache11.sg8[0,0]
X-Svr: IO
Content-Md5: 2CTffrLiaGJqLdmmp0GsTg==
X-Reqid: o1IAAADPx-8Cf1QX
Age: 65333
X-Swift-CacheTime: 86400
X-Cache: HIT TCP_MEM_HIT dirn:13:874365246
Content-Transfer-Encoding: binary
Content-Disposition: inline; filename="fa-solid-900.woff2"; filename*=utf-8''fa-solid-900.woff2
Connection: keep-alive
X-Swift-SaveTime: Mon, 10 Apr 2023 06:30:11 GMT
Content-Length: 78268
Last-Modified: Thu, 05 Aug 2021 05:48:24 GMT
Server: Tengine
Etag: "FgzLLIFKfkyhLEd4ghYzgJywNh6q"
Vary: Origin
Access-Control-Max-Age: 2592000
Content-Type: application/octet-stream; charset=utf-8
Access-Control-Allow-Origin: *
Ali-Swift-Global-Savetime: 1681108211
Access-Control-Expose-Headers: X-Log, X-Reqid
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
X-Qiniu-Zone: 0
Timing-Allow-Origin: *
EagleId: a3b52a9f16811735447421223e

GET
H/1.1 200
OK fa-regular-400.woff2
cdn.staticfile.org/font-awesome/5.15.4/webfonts/ 13 KB
14 KB 793ms
394ms Font
application/octet-stream 163.181.42.227
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.staticfile.org/font-awesome/5.15.4/webfonts/fa-regular-400.woff2
Requested by: Host: cdn.staticfile.org
URL: https://cdn.staticfile.org/font-awesome/5.15.4/css/all.min.css?ver=3.1424
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.42.227 , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: 3e072a40ac7b8d13ac916ea7414702ef308c98d0b3d53835a361ffff11a4fcaa

Request headers

Referer: https://cdn.staticfile.org/font-awesome/5.15.4/css/all.min.css?ver=3.1424
Origin: https://www.ctfiot.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

X-Log: X-Log
Date: Mon, 10 Apr 2023 06:34:40 GMT
Via: cache22.l2hk2[0,0,304-0,H], cache21.l2hk2[0,0], cache5.sg8[0,0,200-0,H], cache3.sg8[4,0]
X-Svr: IO
Content-Md5: uR03a412RtZxzYIJUNX38Q==
X-Reqid: hNoAAACTZ4BBf1QX
Age: 65064
X-Swift-CacheTime: 85195
X-Cache: HIT TCP_HIT dirn:13:725687843
Content-Transfer-Encoding: binary
Content-Disposition: inline; filename="fa-regular-400.woff2"; filename*=utf-8''fa-regular-400.woff2
Connection: keep-alive
X-Swift-SaveTime: Mon, 10 Apr 2023 06:54:45 GMT
Content-Length: 13224
Last-Modified: Sat, 07 Aug 2021 17:26:33 GMT
Server: Tengine
Etag: "FhNRdSmv-jniWFxZGsrm3DNraqkX"
Vary: Origin
Access-Control-Max-Age: 2592000
Content-Type: application/octet-stream; charset=utf-8
Access-Control-Allow-Origin: *
Ali-Swift-Global-Savetime: 1681108480
Access-Control-Expose-Headers: X-Log, X-Reqid
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
X-Qiniu-Zone: 0
Timing-Allow-Origin: *
EagleId: a3b52a9716811735447385724e

GET
H2 200 iconfont.woff2
www.ctfiot.com/wp-content/themes/onenav/css/fonts/ 18 KB
18 KB 451ms
451ms Font
font/woff2 43.254.217.178
CLOUDIE-AS-AP Clo...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ctfiot.com/wp-content/themes/onenav/css/fonts/iconfont.woff2?t=1627493826118

Requested by

Host: www.ctfiot.com
URL: https://www.ctfiot.com/wp-content/themes/onenav/css/iconfont.css?ver=3.1424

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

43.254.217.178 , Hong Kong, ASN55933 (CLOUDIE-AS-AP Cloudie Limited, HK),

Reverse DNS

Software

nginx /

Resource Hash

b00e1b2de916ebd46dabc76a63345844e4cf92f194552c2657b50f1c11cc2be8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.ctfiot.com/wp-content/themes/onenav/css/iconfont.css?ver=3.1424
Origin: https://www.ctfiot.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 00:39:04 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 25 Feb 2022 01:01:21 GMT
server: nginx
etag: "62182a61-46d8"
content-type: font/woff2
accept-ranges: bytes
content-length: 18136

GET
H2 200 55cbcfe920516e4e54bd3aba2f30e585
sdn.geekzu.org/avatar/ 837 B
1 KB 357ms
111ms Image
image/jpeg 172.67.141.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sdn.geekzu.org/avatar/55cbcfe920516e4e54bd3aba2f30e585?s=20&d=mm&r=g
Requested by: Host: www.ctfiot.com
URL: https://www.ctfiot.com/87670.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.141.24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2b94f353fafcae37092fdd244b0c1af1c80d050c614dc3c1f9bcd7ff2d1bdd6

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 00:39:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 61853
content-disposition: inline; filename="55cbcfe920516e4e54bd3aba2f30e585.png"
geekzu-cache: HIT from JP-HND-1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 837
x-nc: HIT nrt 1
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0LQLAq%2Fb63fa%2Bo4TVHgU5wDW1sAdCgwvRCrN5XmP1RK5q2edrNUIM98dQwhGdDw9QMF7TLojU%2FI5bRDmbB3YEeJuTT8FUO71b2wnU87zG%2FrLKW0K4lYC9LQ5%2BO5CkcBkXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 7b5f2b9dfcc3a88e-SYD
expires: Mon, 24 Apr 2023 07:28:11 GMT

GET
H2 200 55cbcfe920516e4e54bd3aba2f30e585
sdn.geekzu.org/avatar/ 1 KB
2 KB 341ms
112ms Image
image/jpeg 172.67.141.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sdn.geekzu.org/avatar/55cbcfe920516e4e54bd3aba2f30e585?s=80&d=mm&r=g
Requested by: Host: www.ctfiot.com
URL: https://www.ctfiot.com/87670.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.141.24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4faa1d5635283a0d49e1933de318b24491751c9a3ccf2fe404b9137929e3eb86

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 00:39:04 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 61887
content-disposition: inline; filename="55cbcfe920516e4e54bd3aba2f30e585.png"
geekzu-cache: EXPIRED from JP-HND-1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1323
x-nc: HIT nrt 2
last-modified: Wed, 11 Jan 1984 08:00:00 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ibjo4Wn7JJZNLeWUsR2iQj%2FgQtI5AaIbcotXSnWXGXB62zeSTzqrivlDkzNvc30rLNImGA6X2JWuwO3P68s%2Bi3hEfnQUum%2FguSXiEY39sW3WMqIfWK9kDQmjspL0%2Bv5jvA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 7b5f2b9dfcc1a88e-SYD
expires: Mon, 24 Apr 2023 07:27:37 GMT

GET
H/1.1 200
OK 1-1671860900.png
ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2022/12/ 130 KB
131 KB 2873ms
517ms Image
image/png 59.110.190.229
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2022/12/1-1671860900.png
Requested by: Host: www.ctfiot.com
URL: https://www.ctfiot.com/87670.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 59.110.190.229 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 6874c33ef8cabbdb96e07eab57f0c5a501d1deb63a456f19c920f365ffe63a5b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 11 Apr 2023 00:39:07 GMT
x-oss-request-id: 6434AC2BF326DB30331957FB
Content-MD5: VFp7sz3cN9SSAsEMikNwLA==
Content-Disposition: attachment
Connection: keep-alive
Content-Length: 133541
x-oss-object-type: Normal
Last-Modified: Sat, 24 Dec 2022 05:48:21 GMT
Server: AliyunOSS
ETag: "545A7BB33DDC37D49202C10C8A43702C"
Content-Type: image/png
x-oss-ec: 0048-00000104
x-oss-force-download: true
x-oss-storage-class: Standard
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 17767535966176536805
x-oss-server-time: 29

GET
H/1.1 200
OK 5-1671860901.png
ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2022/12/ 10 KB
10 KB 2881ms
519ms Image
image/png 59.110.190.229
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2022/12/5-1671860901.png
Requested by: Host: www.ctfiot.com
URL: https://www.ctfiot.com/87670.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 59.110.190.229 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: fcb3d5f3cced1f23c96a93cbc478f7ec37073835e4d4fac78d01356f0624a55b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 11 Apr 2023 00:39:07 GMT
x-oss-request-id: 6434AC2BA645AE3330DB4333
Content-MD5: +sRrsmlm4NBTVtEdJi9ZSA==
Content-Disposition: attachment
Connection: keep-alive
Content-Length: 10009
x-oss-object-type: Normal
Last-Modified: Sat, 24 Dec 2022 05:48:21 GMT
Server: AliyunOSS
ETag: "FAC46BB26966E0D05356D11D262F5948"
Content-Type: image/png
x-oss-ec: 0048-00000104
x-oss-force-download: true
x-oss-storage-class: Standard
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 10620876003885950266
x-oss-server-time: 31

GET
H/1.1 200
OK 8-1671860901.png
ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2022/12/ 96 KB
96 KB 1251ms
528ms Image
image/png 59.110.190.229
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2022/12/8-1671860901.png
Requested by: Host: www.ctfiot.com
URL: https://www.ctfiot.com/87670.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 59.110.190.229 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: bd18212d15774aedbff514de5d7b92ef663d12a245aa553a9d238d1471417927

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 11 Apr 2023 00:39:06 GMT
x-oss-request-id: 6434AC29A645AE3335073F33
Content-MD5: 2m05IvweuG4San8/THtZ1Q==
Content-Disposition: attachment
Connection: keep-alive
Content-Length: 97915
x-oss-object-type: Normal
Last-Modified: Sat, 24 Dec 2022 05:48:22 GMT
Server: AliyunOSS
ETag: "DA6D3922FC1EB86E126A7F3F4C7B59D5"
Content-Type: image/png
x-oss-ec: 0048-00000104
x-oss-force-download: true
x-oss-storage-class: Standard
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 14415684357944999190
x-oss-server-time: 35

GET
H/1.1 200
OK 4-1671860902.png
ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2022/12/ 81 KB
81 KB 560ms
560ms Image
image/png 59.110.190.229
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2022/12/4-1671860902.png
Requested by: Host: www.ctfiot.com
URL: https://www.ctfiot.com/87670.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 59.110.190.229 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: ebfc3d73e5883965e600462e817bace93f38261e2c3154de7e31ad60d21c2355

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 11 Apr 2023 00:39:07 GMT
x-oss-request-id: 6434AC2B5B40CC32315332DF
Content-MD5: Wpnlyp81McDo1P+NjKUSbg==
Content-Disposition: attachment
Connection: keep-alive
Content-Length: 82483
x-oss-object-type: Normal
Last-Modified: Sat, 24 Dec 2022 05:48:23 GMT
Server: AliyunOSS
ETag: "5A99E5CA9F3531C0E8D4FF8D8CA5126E"
Content-Type: image/png
x-oss-ec: 0048-00000104
x-oss-force-download: true
x-oss-storage-class: Standard
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 2060809572437310671
x-oss-server-time: 73

GET
H/1.1 200
OK 6-1671860903.png
ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2022/12/ 50 KB
51 KB 525ms
524ms Image
image/png 59.110.190.229
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2022/12/6-1671860903.png
Requested by: Host: www.ctfiot.com
URL: https://www.ctfiot.com/87670.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 59.110.190.229 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: a3f17d7ed79897e3f1d5b2c2c4dc033afe1b8308e1ba81bcfdad151345d2f62d

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 11 Apr 2023 00:39:07 GMT
x-oss-request-id: 6434AC2BA645AE3134024433
Content-MD5: Xb1tmUdfASQVySmjWoYe9A==
Content-Disposition: attachment
Connection: keep-alive
Content-Length: 51569
x-oss-object-type: Normal
Last-Modified: Sat, 24 Dec 2022 05:48:23 GMT
Server: AliyunOSS
ETag: "5DBD6D99475F012415C929A35A861EF4"
Content-Type: image/png
x-oss-ec: 0048-00000104
x-oss-force-download: true
x-oss-storage-class: Standard
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 15227541435616502145
x-oss-server-time: 31

GET
H/1.1 404
Not Found wHoOcfQGhqvlUkd.jpg
iowen.gitee.io/ioimg/banner/ 0
0 2530ms
467ms Image
text/html 212.64.63.190
TENCENT-NET-AP Sh...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iowen.gitee.io/ioimg/banner/wHoOcfQGhqvlUkd.jpg
Requested by: Host: www.ctfiot.com
URL: https://www.ctfiot.com/87670.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 212.64.63.190 , China, ASN45090 (TENCENT-NET-AP Shenzhen Tencent Computer Systems Company Limited, CN),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H/1.1 200
OK 2-1681010006.jpeg
ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2023/04/ 60 KB
61 KB 674ms
506ms Image
image/jpeg 59.110.190.229
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2023/04/2-1681010006.jpeg
Requested by: Host: www.ctfiot.com
URL: https://www.ctfiot.com/87670.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 59.110.190.229 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 8728d6499ac82b5f08d7c9a35cc8561de0b1b567bba40f30e2a6287dc94aa688

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 11 Apr 2023 00:39:05 GMT
x-oss-request-id: 6434AC29A645AE3330293D33
Content-MD5: ta7xBoOGQ8Q3F1N5nAgniw==
Content-Disposition: attachment
Connection: keep-alive
Content-Length: 61661
x-oss-object-type: Normal
Last-Modified: Sun, 09 Apr 2023 03:13:27 GMT
Server: AliyunOSS
ETag: "B5AEF106838643C4371753799C08278B"
Content-Type: image/jpeg
x-oss-ec: 0048-00000104
x-oss-force-download: true
x-oss-storage-class: Standard
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 8441348992394032904
x-oss-server-time: 22

GET
H/1.1 200
OK 2-1680830206.jpeg
ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2023/04/ 59 KB
59 KB 676ms
506ms Image
image/jpeg 59.110.190.229
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2023/04/2-1680830206.jpeg
Requested by: Host: www.ctfiot.com
URL: https://www.ctfiot.com/87670.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 59.110.190.229 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 7a67116ce2e6c41be7e8182ef68e47df4597b26b4a21288e83ab9c15210cf747

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 11 Apr 2023 00:39:05 GMT
x-oss-request-id: 6434AC295B40CC32312F2CDF
Content-MD5: LmERMmdNQ60MVUqOiXQdPw==
Content-Disposition: attachment
Connection: keep-alive
Content-Length: 60165
x-oss-object-type: Normal
Last-Modified: Fri, 07 Apr 2023 01:16:46 GMT
Server: AliyunOSS
ETag: "2E611132674D43AD0C554A8E89741D3F"
Content-Type: image/jpeg
x-oss-ec: 0048-00000104
x-oss-force-download: true
x-oss-storage-class: Standard
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 15180643432286548152
x-oss-server-time: 20

GET
H/1.1 200
OK 10-1680701949.jpeg
ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2023/04/ 35 KB
36 KB 675ms
503ms Image
image/jpeg 59.110.190.229
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2023/04/10-1680701949.jpeg
Requested by: Host: www.ctfiot.com
URL: https://www.ctfiot.com/87670.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 59.110.190.229 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 96a901abcc157c61da89715eaeaa8b8ac2f39f5f43edf6a5580bdf5b2eb76c4e

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 11 Apr 2023 00:39:05 GMT
x-oss-request-id: 6434AC29F326DB30332751FB
Content-MD5: iUhORNGg8FF2gBhHw7EfKA==
Content-Disposition: attachment
Connection: keep-alive
Content-Length: 36149
x-oss-object-type: Normal
Last-Modified: Wed, 05 Apr 2023 13:39:10 GMT
Server: AliyunOSS
ETag: "89484E44D1A0F05176801847C3B11F28"
Content-Type: image/jpeg
x-oss-ec: 0048-00000104
x-oss-force-download: true
x-oss-storage-class: Standard
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 6302640549908474244
x-oss-server-time: 14

GET
H/1.1 200
OK 6-1680615170.jpeg
ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2023/04/ 117 KB
117 KB 707ms
524ms Image
image/jpeg 59.110.190.229
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2023/04/6-1680615170.jpeg
Requested by: Host: www.ctfiot.com
URL: https://www.ctfiot.com/87670.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 59.110.190.229 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: dc5e8a99f040f02d2e2ab699236be8de7822cd4bf7cac9815b9c3062c966b79f

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 11 Apr 2023 00:39:05 GMT
x-oss-request-id: 6434AC29A645AE3134323D33
Content-MD5: MOedK2a+CGyUbZmYKMZTgw==
Content-Disposition: attachment
Connection: keep-alive
Content-Length: 119637
x-oss-object-type: Normal
Last-Modified: Tue, 04 Apr 2023 13:32:51 GMT
Server: AliyunOSS
ETag: "30E79D2B66BE086C946D999828C65383"
Content-Type: image/jpeg
x-oss-ec: 0048-00000104
x-oss-force-download: true
x-oss-storage-class: Standard
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 15590694873433835856
x-oss-server-time: 31

GET
H2 200 18041-001.png
thedfirreport.com/wp-content/uploads/2023/04/ 324 KB
325 KB 325ms
109ms Image
image/png 104.21.9.80
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thedfirreport.com/wp-content/uploads/2023/04/18041-001.png
Requested by: Host: www.ctfiot.com
URL: https://www.ctfiot.com/87670.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.9.80 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4a082371175a2b1a8e3107cf7432db9f1746715115f77d247270d62fd6d3382

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 00:39:05 GMT
cf-cache-status: HIT
last-modified: Sun, 02 Apr 2023 19:36:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6421
etag: "50ecc-5f85f8f43912d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WFgqkqBnPyE1k8jt3Jzmqd3NQFUGC%2BI1qG%2Bf%2BVrlbKG1RxjDkm0upalwdBIGO0dzDC3QN%2FZ8IZj7xMJ1rMYFCg29ODXVWW5jH%2FW%2F%2FB6NMnzaK%2BeCfwZ%2FrOuVxLYNM2xynQPJ5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7b5f2ba22b5fa8b0-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 331468

GET
H/1.1 200
OK 6-1680574269.jpeg
ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2023/04/ 38 KB
38 KB 952ms
522ms Image
image/jpeg 59.110.190.229
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2023/04/6-1680574269.jpeg
Requested by: Host: www.ctfiot.com
URL: https://www.ctfiot.com/87670.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 59.110.190.229 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: b5ee11235f12a18e0975434de515929d1e3088caee610c3799342287b21716a8

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 11 Apr 2023 00:39:05 GMT
x-oss-request-id: 6434AC295DFDD1363101AF42
Content-MD5: oX+HGNCKUvfjczkn4MVE+g==
Content-Disposition: attachment
Connection: keep-alive
Content-Length: 38564
x-oss-object-type: Normal
Last-Modified: Tue, 04 Apr 2023 02:11:09 GMT
Server: AliyunOSS
ETag: "A17F8718D08A52F7E3733927E0C544FA"
Content-Type: image/jpeg
x-oss-ec: 0048-00000104
x-oss-force-download: true
x-oss-storage-class: Standard
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 2778179699677156922
x-oss-server-time: 30

GET
H/1.1 200
OK 3-1680438219.png
ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2023/04/ 319 KB
319 KB 523ms
523ms Image
image/png 59.110.190.229
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2023/04/3-1680438219.png
Requested by: Host: www.ctfiot.com
URL: https://www.ctfiot.com/87670.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 59.110.190.229 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 84e94b30d2c6c5ae1f5ff21bc1fde41bc60625abbe8797e4605558af4dceb3e9

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 11 Apr 2023 00:39:07 GMT
x-oss-request-id: 6434AC2B5DFDD136317EB542
Content-MD5: N6QQ91mQR3NIOkGIYKhJ2g==
Content-Disposition: attachment
Connection: keep-alive
Content-Length: 326602
x-oss-object-type: Normal
Last-Modified: Sun, 02 Apr 2023 12:23:39 GMT
Server: AliyunOSS
ETag: "37A410F759904773483A418860A849DA"
Content-Type: image/png
x-oss-ec: 0048-00000104
x-oss-force-download: true
x-oss-storage-class: Standard
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 6771020627127554448
x-oss-server-time: 20

GET
H/1.1 200
OK img_6426389edd5cf.png
ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2023/03/ 118 KB
119 KB 506ms
506ms Image
image/png 59.110.190.229
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2023/03/img_6426389edd5cf.png
Requested by: Host: www.ctfiot.com
URL: https://www.ctfiot.com/87670.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 59.110.190.229 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 9d27d202797566f72096a5cbc159e80d5f24f331aa8b7c70a3004c8e714dd84b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 11 Apr 2023 00:39:07 GMT
x-oss-request-id: 6434AC2BA645AE3330BC4533
Content-MD5: ubWqxYtuQ9uINaNEricODw==
Content-Disposition: attachment
Connection: keep-alive
Content-Length: 120972
x-oss-object-type: Normal
Last-Modified: Fri, 31 Mar 2023 01:34:24 GMT
Server: AliyunOSS
ETag: "B9B5AAC58B6E43DB8835A344AE270E0F"
Content-Type: image/png
x-oss-ec: 0048-00000104
x-oss-force-download: true
x-oss-storage-class: Standard
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 2218815859054210785
x-oss-server-time: 21

GET
H/1.1 200
OK panda.png
blog.exatrack.com/melofee/img/ 1 MB
1 MB 2096ms
385ms Image
image/png 141.95.149.126
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blog.exatrack.com/melofee/img/panda.png
Requested by: Host: www.ctfiot.com
URL: https://www.ctfiot.com/87670.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 141.95.149.126 , France, ASN16276 (OVH, FR),
Reverse DNS: vps-6e5804f3.vps.ovh.net
Software: Apache/2.4.56 (Debian) /
Resource Hash: 5df7a28f63a28dc3d25a21e01ab0a4648815eff53f19594f55a6202e6d8ceba4

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 11 Apr 2023 00:39:06 GMT
Last-Modified: Wed, 29 Mar 2023 15:54:51 GMT
Server: Apache/2.4.56 (Debian)
ETag: "150a91-5f80bff0eb41c"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1378961

GET
H/1.1 200
OK 2-1680226143.jpeg
ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2023/03/ 31 KB
32 KB 533ms
533ms Image
image/jpeg 59.110.190.229
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ctfiot.oss-cn-beijing.aliyuncs.com/uploads/2023/03/2-1680226143.jpeg
Requested by: Host: www.ctfiot.com
URL: https://www.ctfiot.com/87670.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 59.110.190.229 Beijing, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: b6d97057a45fd4a1cc63ab893079dd43db42165c850ea0f781a542a16a5298f9

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 11 Apr 2023 00:39:07 GMT
x-oss-request-id: 6434AC2BA645AE3134104633
Content-MD5: n39o86CoiwMLMbARu5d4Vg==
Content-Disposition: attachment
Connection: keep-alive
Content-Length: 31738
x-oss-object-type: Normal
Last-Modified: Fri, 31 Mar 2023 01:29:03 GMT
Server: AliyunOSS
ETag: "9F7F68F3A0A88B030B31B011BB977856"
Content-Type: image/jpeg
x-oss-ec: 0048-00000104
x-oss-force-download: true
x-oss-storage-class: Standard
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 11229470669793847419
x-oss-server-time: 20

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
12 KB 1255ms
476ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?bfb1bae1f7c3200e814dc48812eadb24

Requested by

Host: www.ctfiot.com
URL: https://www.ctfiot.com/87670.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

4901b1a0736b3e3ec93dfd77c45cadf24a72f251813a3f10f79eb9aa8a300562

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date: Tue, 11 Apr 2023 00:39:06 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=172800
Server: apache
Etag: 839970eccc6eac65becffc646e099a68
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Content-Type: application/javascript
Cache-Control: max-age=0, must-revalidate
Content-Length: 11302

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304050101/ 348 KB
117 KB 611ms
225ms Script
text/javascript 74.125.24.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304050101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5738725703232626

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f157.1e100.net

Software

cafe /

Resource Hash

ae865fb1b1052b661254cbf46b7f04f87f14011e6fedb3cdd92b3eb572651fcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 00:39:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119040
x-xss-protection: 0
server: cafe
etag: 264565538725948215
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Apr 2023 00:39:05 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230405/r20190131/ Frame C623 10 KB
5 KB 581ms
194ms Document
text/html 142.251.12.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230405/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5738725703232626

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f155.1e100.net

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ctfiot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

age: 80003
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Apr 2023 02:25:42 GMT
etag: 2378337311435320485
expires: Mon, 24 Apr 2023 02:25:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
602 B 677ms
194ms Script
text/javascript 172.253.118.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.ctfiot.com&callback=_gfp_s_&client=ca-pub-5738725703232626

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304050101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f156.1e100.net

Software

cafe /

Resource Hash

deea62825d2dcea374d060b619d5a96dceb3e98b15260308ecf089c2b9b4c421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 00:39:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 251
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com.au/adsid/ 107 B
531 B 663ms
197ms Script
application/javascript 172.217.194.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.au/adsid/integrator.js?domain=www.ctfiot.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304050101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f157.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 00:39:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 666ms
195ms Script
application/javascript 142.251.12.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.ctfiot.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304050101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f156.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 00:39:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 196ms
195ms Image
image/gif 74.125.24.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=sidebar&cls=sticky%20sidebar-nav%20fade%20mini-sidebar&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: www.ctfiot.com
URL: https://www.ctfiot.com/87670.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f157.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 00:39:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 196ms
195ms Image
image/gif 74.125.24.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=sidebar&cls=sticky%20sidebar-nav%20fade%20mini-sidebar&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: www.ctfiot.com
URL: https://www.ctfiot.com/87670.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f157.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 00:39:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 29B6 149 KB
42 KB 781ms
779ms Document
text/html 142.251.12.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5738725703232626&output=html&adk=1812271804&adf=3025194257&lmt=1681173546&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x810_r&format=0x0&url=https%3A%2F%2Fwww.ctfiot.com%2F87670.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681173545191&bpp=5&bdt=1998&idt=1093&shv=r20230405&mjsv=m202304050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5273979297390&frm=20&pv=2&ga_vid=769908017.1681173546&ga_sid=1681173546&ga_hid=163435733&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31071755%2C31073584%2C42531706&oid=2&pvsid=360382840906581&tmod=485068584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=1121

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304050101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f155.1e100.net

Software

cafe /

Resource Hash

8718a3de55a4868dc1c60bfba1ccc094dbe218e6028b7346a5479595c283a530

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ctfiot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 43039
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 00:39:06 GMT
expires: Tue, 11 Apr 2023 00:39:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5F36 99 KB
34 KB 892ms
891ms Document
text/html 142.251.12.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5738725703232626&output=html&h=187&slotname=1613153004&adk=3108791033&adf=2685228617&pi=t.ma~as.1613153004&w=745&fwrn=4&lmt=1681173546&rafmt=11&format=745x187&url=https%3A%2F%2Fwww.ctfiot.com%2F87670.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681173545196&bpp=2&bdt=2002&idt=1125&shv=r20230405&mjsv=m202304050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5273979297390&frm=20&pv=1&ga_vid=769908017.1681173546&ga_sid=1681173546&ga_hid=163435733&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=295&ady=288&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31071755%2C31073584%2C42531706&oid=2&pvsid=360382840906581&tmod=485068584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=e6tWUwDZtp&p=https%3A//www.ctfiot.com&dtd=1130

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304050101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f155.1e100.net

Software

cafe /

Resource Hash

ef750ef23c32b4154d1e1436eb7d60eb8be571e453147a7e0e3bbaa7e6e9eca9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ctfiot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 34547
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 00:39:06 GMT
expires: Tue, 11 Apr 2023 00:39:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0E2B 133 KB
29 KB 654ms
654ms Document
text/html 142.251.12.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5738725703232626&output=html&h=447&slotname=6117731570&adk=1968854875&adf=3830709326&pi=t.ma~as.6117731570&w=745&cr_col=4&cr_row=2&fwrn=2&lmt=1681173546&rafmt=9&format=745x447&url=https%3A%2F%2Fwww.ctfiot.com%2F87670.html&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681173545198&bpp=1&bdt=2005&idt=1134&shv=r20230405&mjsv=m202304050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C745x187&nras=1&correlator=5273979297390&frm=20&pv=1&ga_vid=769908017.1681173546&ga_sid=1681173546&ga_hid=163435733&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=295&ady=3530&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31071755%2C31073584%2C42531706&oid=2&pvsid=360382840906581&tmod=485068584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Jdu8nJpLOW&p=https%3A//www.ctfiot.com&dtd=1138

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304050101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f155.1e100.net

Software

cafe /

Resource Hash

45bb5166886262782f9375392fc9960c4d7d04dc498dd4e1fc99ccf0e7a3acbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ctfiot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 29420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 00:39:06 GMT
expires: Tue, 11 Apr 2023 00:39:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EBBB 95 KB
34 KB 449ms
448ms Document
text/html 142.251.12.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5738725703232626&output=html&h=250&slotname=8806081466&adk=277611441&adf=422466837&pi=t.ma~as.8806081466&w=310&fwrn=4&fwrnh=100&lmt=1681173546&rafmt=1&format=310x250&url=https%3A%2F%2Fwww.ctfiot.com%2F87670.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681173545199&bpp=2&bdt=2005&idt=1145&shv=r20230405&mjsv=m202304050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C745x187%2C745x447&nras=1&correlator=5273979297390&frm=20&pv=1&ga_vid=769908017.1681173546&ga_sid=1681173546&ga_hid=163435733&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31071755%2C31073584%2C42531706&oid=2&pvsid=360382840906581&tmod=485068584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=0cVyLFzZ4D&p=https%3A//www.ctfiot.com&dtd=1148

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304050101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f155.1e100.net

Software

cafe /

Resource Hash

fe2a5f6d5a6965e3a53f91d98b21d543b9237e7d0ea84040e3a38275306d2a24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ctfiot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 34501
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 00:39:06 GMT
expires: Tue, 11 Apr 2023 00:39:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 467ms
467ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=1757582146&si=bfb1bae1f7c3200e814dc48812eadb24&v=1.3.0&lv=1&sn=4192&r=0&ww=1600&u=https%3A%2F%2Fwww.ctfiot.com%2F87670.html&tt=Patchwork%E7%BB%84%E7%BB%87%E6%96%B0%E5%8F%AF%E7%96%91%E6%A0%B7%E6%9C%AC%E5%88%86%E6%9E%90%E4%B8%8E%E8%BF%BD%E8%B8%AA%20%7C%20CTF%E5%AF%BC%E8%88%AA

Requested by

Host: www.ctfiot.com
URL: https://www.ctfiot.com/87670.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 11 Apr 2023 00:39:06 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
Server: apache
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

GET
H2 200 0b76a40db5a0e4006fbd6687403ecdcc.js Show response
www.gstatic.com/mysidia/ Frame EBBB 9 KB
4 KB 586ms
193ms Script
text/javascript 74.125.24.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0b76a40db5a0e4006fbd6687403ecdcc.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5738725703232626&output=html&h=250&slotname=8806081466&adk=277611441&adf=422466837&pi=t.ma~as.8806081466&w=310&fwrn=4&fwrnh=100&lmt=1681173546&rafmt=1&format=310x250&url=https%3A%2F%2Fwww.ctfiot.com%2F87670.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681173545199&bpp=2&bdt=2005&idt=1145&shv=r20230405&mjsv=m202304050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C745x187%2C745x447&nras=1&correlator=5273979297390&frm=20&pv=1&ga_vid=769908017.1681173546&ga_sid=1681173546&ga_hid=163435733&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31071755%2C31073584%2C42531706&oid=2&pvsid=360382840906581&tmod=485068584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=0cVyLFzZ4D&p=https%3A//www.ctfiot.com&dtd=1148

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f94.1e100.net

Software

sffe /

Resource Hash

d1c09e80f13f58fa8735352042ae3ee483c8d801c705881cc076b3f39cff3375

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 00:42:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 172570
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4047
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 23:21:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 08 Jul 2023 00:42:57 GMT

GET
H2 200 74ec634574f05197de646cb87f0af1bd.js Show response
www.gstatic.com/mysidia/ Frame EBBB 10 KB
4 KB 605ms
213ms Script
text/javascript 74.125.24.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/74ec634574f05197de646cb87f0af1bd.js?tag=text/vanilla_highlight_ms

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f94.1e100.net

Software

sffe /

Resource Hash

31b4e5121cdc6135c30476d258909c0e815737033f335812ab770213f967b7bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 05:28:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 155410
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4444
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 23:21:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 08 Jul 2023 05:28:57 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame EBBB 4 KB
889 B 589ms
197ms Stylesheet
text/css 74.125.200.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f95.1e100.net

Software

ESF /

Resource Hash

c29facb95f6a1abbbfd201c103e9ff65114fbde2ff61266f9f2f4852ab5a08cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 11 Apr 2023 00:39:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 00:18:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 Apr 2023 00:39:07 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame EBBB 2 KB
799 B 504ms
502ms Script
text/javascript 74.125.130.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.132 Nashville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f132.1e100.net

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 12:37:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43305
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 12:37:22 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/ Frame EBBB 22 KB
9 KB 825ms
430ms Script
text/javascript 74.125.130.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.132 Nashville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f132.1e100.net

Software

cafe /

Resource Hash

8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 17:38:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25219
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8726
x-xss-protection: 0
server: cafe
etag: 308001309495089854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 17:38:48 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame EBBB 3 KB
1 KB 498ms
497ms Script
text/javascript 74.125.130.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.132 Nashville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 01:20:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83920
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 01:20:27 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame EBBB 20 KB
8 KB 784ms
389ms Script
text/javascript 74.125.130.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.132 Nashville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f132.1e100.net

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 11:01:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49064
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 11:01:23 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EBBB 159 KB
49 KB 590ms
195ms Script
text/javascript 74.125.130.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.154 Nashville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f154.1e100.net

Software

sffe /

Resource Hash

c34355356c4f9f8b5e828e584ec960d94c0325893fe0411dc5778a8a584302c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 00:39:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49747
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681125830480664"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Apr 2023 00:39:07 GMT

GET
H2 200 c15427455071565d8097eb04c444439b.js Show response
www.gstatic.com/mysidia/ Frame EBBB 33 KB
14 KB 233ms
232ms Script
text/javascript 74.125.24.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c15427455071565d8097eb04c444439b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f94.1e100.net

Software

sffe /

Resource Hash

02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 13:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 128267
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14106
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 23:21:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 08 Jul 2023 13:01:20 GMT

GET
H2 200 0b76a40db5a0e4006fbd6687403ecdcc.js Show response
www.gstatic.com/mysidia/ Frame 0E2B 9 KB
4 KB 402ms
202ms Script
text/javascript 74.125.24.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0b76a40db5a0e4006fbd6687403ecdcc.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5738725703232626&output=html&h=447&slotname=6117731570&adk=1968854875&adf=3830709326&pi=t.ma~as.6117731570&w=745&cr_col=4&cr_row=2&fwrn=2&lmt=1681173546&rafmt=9&format=745x447&url=https%3A%2F%2Fwww.ctfiot.com%2F87670.html&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681173545198&bpp=1&bdt=2005&idt=1134&shv=r20230405&mjsv=m202304050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C745x187&nras=1&correlator=5273979297390&frm=20&pv=1&ga_vid=769908017.1681173546&ga_sid=1681173546&ga_hid=163435733&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=295&ady=3530&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31071755%2C31073584%2C42531706&oid=2&pvsid=360382840906581&tmod=485068584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Jdu8nJpLOW&p=https%3A//www.ctfiot.com&dtd=1138

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f94.1e100.net

Software

sffe /

Resource Hash

d1c09e80f13f58fa8735352042ae3ee483c8d801c705881cc076b3f39cff3375

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 00:42:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 172570
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4047
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 23:21:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 08 Jul 2023 00:42:57 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0E2B 5 KB
1 KB 395ms
196ms Stylesheet
text/css 74.125.200.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C700

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f95.1e100.net

Software

ESF /

Resource Hash

ad834754e9c3e7fa40374f5500bcaa4fbf71ee193172dd3de0c783c42a26806d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 11 Apr 2023 00:39:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 00:05:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 Apr 2023 00:39:07 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 0E2B 2 KB
846 B 490ms
489ms Script
text/javascript 74.125.130.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.132 Nashville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f132.1e100.net

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 12:37:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43305
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 12:37:22 GMT

GET
H2 200 bd9cd53c36950131c186a44c47bbe7c4.js Show response
www.gstatic.com/mysidia/ Frame 0E2B 22 KB
10 KB 368ms
224ms Script
text/javascript 74.125.24.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/bd9cd53c36950131c186a44c47bbe7c4.js?tag=exit_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f94.1e100.net

Software

sffe /

Resource Hash

ccdc0c214567ca19583d7888e30779fd55cbb71f52d326852d604e7cb284a535

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 04:21:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159447
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9680
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 23:21:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 08 Jul 2023 04:21:40 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/ Frame 0E2B 22 KB
9 KB 510ms
217ms Script
text/javascript 74.125.130.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.132 Nashville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f132.1e100.net

Software

cafe /

Resource Hash

8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 17:38:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25219
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8726
x-xss-protection: 0
server: cafe
etag: 308001309495089854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 17:38:48 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 0E2B 3 KB
1 KB 491ms
490ms Script
text/javascript 74.125.130.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.132 Nashville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 01:20:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83920
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 01:20:27 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 0E2B 20 KB
8 KB 752ms
460ms Script
text/javascript 74.125.130.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.132 Nashville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f132.1e100.net

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 11:01:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49064
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 11:01:23 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0E2B 159 KB
49 KB 773ms
483ms Script
text/javascript 74.125.130.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.154 Nashville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f154.1e100.net

Software

sffe /

Resource Hash

c34355356c4f9f8b5e828e584ec960d94c0325893fe0411dc5778a8a584302c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 00:39:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49747
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681125830480664"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Apr 2023 00:39:07 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 5F36 4 KB
889 B 198ms
198ms Stylesheet
text/css 74.125.200.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5738725703232626&output=html&h=187&slotname=1613153004&adk=3108791033&adf=2685228617&pi=t.ma~as.1613153004&w=745&fwrn=4&lmt=1681173546&rafmt=11&format=745x187&url=https%3A%2F%2Fwww.ctfiot.com%2F87670.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681173545196&bpp=2&bdt=2002&idt=1125&shv=r20230405&mjsv=m202304050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5273979297390&frm=20&pv=1&ga_vid=769908017.1681173546&ga_sid=1681173546&ga_hid=163435733&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=295&ady=288&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31071755%2C31073584%2C42531706&oid=2&pvsid=360382840906581&tmod=485068584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=e6tWUwDZtp&p=https%3A//www.ctfiot.com&dtd=1130

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f95.1e100.net

Software

ESF /

Resource Hash

c29facb95f6a1abbbfd201c103e9ff65114fbde2ff61266f9f2f4852ab5a08cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 11 Apr 2023 00:39:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 10 Apr 2023 23:18:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 Apr 2023 00:39:07 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304050101/ 149 KB
51 KB 207ms
206ms Script
text/javascript 74.125.24.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304050101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304050101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f157.1e100.net

Software

cafe /

Resource Hash

2ee8c0b38ba64f9c4624023257df7af6218c4026ad233fc91c20b6e8a728efae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 00:39:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51890
x-xss-protection: 0
server: cafe
etag: 8747010815391062165
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 Apr 2023 00:39:07 GMT

GET
H2 200 integrator.js Show response
adservice.google.com.au/adsid/ 107 B
165 B 196ms
194ms Script
application/javascript 172.217.194.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.au/adsid/integrator.js?domain=www.ctfiot.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304050101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f157.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 00:39:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 197ms
196ms Script
application/javascript 142.251.12.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.ctfiot.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304050101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f156.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 00:39:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AA2F 18 KB
9 KB 487ms
486ms Document
text/html 142.251.12.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5738725703232626&output=html&h=600&adk=3473758137&adf=2980804260&pi=t.aa~a.123497700~rp.4&w=270&fwrn=4&fwrnh=100&lmt=1681173547&rafmt=1&to=qs&pwprc=1516750021&format=270x600&url=https%3A%2F%2Fwww.ctfiot.com%2F87670.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681173547260&bpp=1&bdt=4067&idt=1&shv=r20230405&mjsv=m202304050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc502b709776c267a-22699aa720dd00f3%3AT%3D1681173546%3ART%3D1681173546%3AS%3DALNI_MYBy9SNwpIAWG5X0JbdedNHvG31ug&gpic=UID%3D00000bf26418840a%3AT%3D1681173546%3ART%3D1681173546%3AS%3DALNI_MaS95wXy-jlEhax1sJ1ysfF91zkzw&prev_fmts=0x0%2C745x187%2C745x447%2C310x250&nras=2&correlator=5273979297390&frm=20&pv=1&ga_vid=769908017.1681173546&ga_sid=1681173546&ga_hid=163435733&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1095&ady=1786&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31071755%2C31073584%2C42531706&oid=2&pvsid=360382840906581&tmod=485068584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=865HbLZzyy&p=https%3A//www.ctfiot.com&dtd=7

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304050101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f155.1e100.net

Software

cafe /

Resource Hash

f29d27fc96e351515d851adb70f2ece2fc70861bcc0535008992ae1fe6dce269

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ctfiot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 8733
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 00:39:07 GMT
expires: Tue, 11 Apr 2023 00:39:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 5F36 2 KB
799 B 638ms
534ms Script
text/javascript 74.125.130.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.132 Nashville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f132.1e100.net

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 12:37:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43305
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 12:37:22 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5F36 0
0 213ms
213ms Fetch
text/html 142.251.12.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CXg5FKqw0ZPvoGvnAz7sPx_SXoA3y4PvhbJibtP7ED9nZHhABILLWqJcBYKWAgICQAaABtdHNzQLIAQmoAwHIA8sEqgTTAU_QO65WLFS_uLp3AlhoHDFGb7Dw0ZGgICBJ_Caf-ouedcXcFl0sQkqyVdjR2i4pnQnEh9iBC1qRA9rIVONzIWRuuLJUYhptADEqdrzotkqgZEIkPTn6zXLy8eEBhgas1m6mDlvtJ7VlEAxc5peL4C2YkI8UgZ8WSVrwKs15Kmx3bw98IrgPHp155xCiXmRcFoQYzi3RqIzEO3lfsQ1yL7ep3QnqluGQE93WQzkhEWAiA46smbX-xN3kznJG1LMRGbBo0_JYjQvn01iBtSnJgqP_6b_ABLqQltDHA5IFBAgEGAGSBQQIBRgEoAYugAezrrKyAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEKvNA9IIDwiAYRABGB8yAooCOgKAQIAKAcgLAdgTDYgUAtAVAZgWAYAXAbIXHAoaCAASFHB1Yi01NzM4NzI1NzAzMjMyNjI2GAA&sigh=elPYlcs8vRw&uach_m=[UACH]&cid=CAQSGwDUE5ymqgPOdCcsjGU-O1Xl0s0dNDnLteIj5BgB&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5738725703232626&output=html&h=187&slotname=1613153004&adk=3108791033&adf=2685228617&pi=t.ma~as.1613153004&w=745&fwrn=4&lmt=1681173546&rafmt=11&format=745x187&url=https%3A%2F%2Fwww.ctfiot.com%2F87670.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681173545196&bpp=2&bdt=2002&idt=1125&shv=r20230405&mjsv=m202304050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5273979297390&frm=20&pv=1&ga_vid=769908017.1681173546&ga_sid=1681173546&ga_hid=163435733&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=295&ady=288&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31071755%2C31073584%2C42531706&oid=2&pvsid=360382840906581&tmod=485068584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=e6tWUwDZtp&p=https%3A//www.ctfiot.com&dtd=1130
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 11 Apr 2023 00:39:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 11 Apr 2023 00:39:07 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/ Frame 5F36 22 KB
9 KB 296ms
194ms Script
text/javascript 74.125.130.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.132 Nashville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f132.1e100.net

Software

cafe /

Resource Hash

8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 17:38:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25219
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8726
x-xss-protection: 0
server: cafe
etag: 308001309495089854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 17:38:48 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 5F36 3 KB
1 KB 593ms
493ms Script
text/javascript 74.125.130.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.132 Nashville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 01:20:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83920
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 01:20:27 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 5F36 20 KB
8 KB 349ms
249ms Script
text/javascript 74.125.130.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.132 Nashville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f132.1e100.net

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 11:01:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49064
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 11:01:23 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5F36 159 KB
49 KB 741ms
641ms Script
text/javascript 74.125.130.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.154 Nashville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f154.1e100.net

Software

sffe /

Resource Hash

c34355356c4f9f8b5e828e584ec960d94c0325893fe0411dc5778a8a584302c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 00:39:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49747
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681125830480664"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Apr 2023 00:39:07 GMT

GET
H2 200 c15427455071565d8097eb04c444439b.js Show response
www.gstatic.com/mysidia/ Frame 5F36 33 KB
14 KB 300ms
300ms Script
text/javascript 74.125.24.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c15427455071565d8097eb04c444439b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f94.1e100.net

Software

sffe /

Resource Hash

02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 13:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 128267
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14106
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 23:21:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 08 Jul 2023 13:01:20 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/9148351480990946164/ Frame 5F36 6 KB
6 KB 591ms
499ms Image
image/png 74.125.130.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9148351480990946164/14763004658117789537?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.132 Nashville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f132.1e100.net

Software

sffe /

Resource Hash

9ee7581111ae33a67567dee9fba759dbcb86181db9e61e7e271adf5aad34f099

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 04:12:56 GMT
x-content-type-options: nosniff
age: 159971
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6067
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 12:29:44 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 08 Apr 2024 04:12:56 GMT

GET
DATA 200
OK truncated
/ Frame 5F36 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 5F36 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/3701831318118515184/ Frame 0E2B 106 KB
106 KB 998ms
992ms Image
image/jpeg 74.125.130.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3701831318118515184/14763004658117789537

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.132 Nashville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f132.1e100.net

Software

sffe /

Resource Hash

967c7dd0e7fbcd7ad614466b9c54e448b214c74f3b9bb879defad5ad849236be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 00:39:07 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 108736
x-xss-protection: 0
last-modified: Sat, 25 Mar 2023 13:02:59 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 10 Apr 2024 00:39:07 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/13701954135802344879/ Frame 0E2B 45 KB
45 KB 926ms
919ms Image
image/png 74.125.130.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13701954135802344879/14763004658117789537

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.132 Nashville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f132.1e100.net

Software

sffe /

Resource Hash

ad62ce70fbf177dbff76f786d8d631088fa978e435eb9fcc60fde6484d58651f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 00:39:07 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46428
x-xss-protection: 0
last-modified: Fri, 12 Aug 2022 04:49:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 10 Apr 2024 00:39:07 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/10505726632710323683/ Frame 0E2B 44 KB
44 KB 969ms
962ms Image
image/jpeg 74.125.130.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10505726632710323683/14763004658117789537

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.132 Nashville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f132.1e100.net

Software

sffe /

Resource Hash

c3da545e517566f545354b834aedd709ce27d90834278556e5685670bdc59af7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 00:39:07 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44917
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 12:47:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 10 Apr 2024 00:39:07 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/6120450543249768390/ Frame 0E2B 124 KB
124 KB 598ms
591ms Image
image/jpeg 74.125.130.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6120450543249768390/14763004658117789537

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.132 Nashville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f132.1e100.net

Software

sffe /

Resource Hash

d7608cdbd7c42256985082203522046cd3c43682e34d7f021792efa4056598b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 19:33:23 GMT
x-content-type-options: nosniff
age: 277544
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127005
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 09:55:11 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 06 Apr 2024 19:33:23 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/9148351480990946164/ Frame 0E2B 100 KB
100 KB 502ms
497ms Image
image/png 74.125.130.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9148351480990946164/14763004658117789537

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.132 Nashville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f132.1e100.net

Software

sffe /

Resource Hash

7d5ed354e0a7182600b3755f9167cf8955e6e136e93e8989f7840561752a12e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 04:01:42 GMT
x-content-type-options: nosniff
age: 160645
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 102682
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 12:29:44 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 08 Apr 2024 04:01:42 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/15086190769297654126/ Frame 0E2B 132 KB
132 KB 1029ms
1023ms Image
image/jpeg 74.125.130.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15086190769297654126/14763004658117789537

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.132 Nashville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f132.1e100.net

Software

sffe /

Resource Hash

891c20ccbb2e72a3203e8a8fbc9749dfcaa968e1e6fea06dba3befa3bfce765e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 00:39:07 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 135142
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 09:29:39 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 10 Apr 2024 00:39:07 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/16381527746229409585/ Frame 0E2B 30 KB
30 KB 889ms
885ms Image
image/png 74.125.130.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16381527746229409585/14763004658117789537

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.132 Nashville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f132.1e100.net

Software

sffe /

Resource Hash

1233cef0451bf9d89f70115c8df655e8d6484664a6f1981a1fcd3b66714a1689

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 00:39:07 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30911
x-xss-protection: 0
last-modified: Tue, 21 Mar 2023 12:27:15 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 10 Apr 2024 00:39:07 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/1306188197403897487/ Frame 0E2B 107 KB
107 KB 1091ms
1088ms Image
image/jpeg 74.125.130.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1306188197403897487/14763004658117789537

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.132 Nashville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f132.1e100.net

Software

sffe /

Resource Hash

b5479c234579da2443239f1515ed9bf65fb9b8a0ca845ca4875d3538b01a5bbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 00:39:07 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 109111
x-xss-protection: 0
last-modified: Sat, 01 Apr 2023 08:15:35 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 10 Apr 2024 00:39:07 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame EBBB 0
0 204ms
204ms Fetch
text/html 142.251.12.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CdA1gKqw0ZL-WHMjwz7sP7cq0CPLg--FsmJu0_sQP2dkeEAEgstaolwFgpYCAgJABoAG10c3NAsgBAagDAcgDywSqBNMBT9DcYA_1Plee1SNuMR6SjeMjG_c8jWToulFTKrJ4CWWkA4WsCtwE0jKrvcWFn8SHR0jkoKgxwtLQs7bmb3GkgBfo4rPQ-71jV_PX2gYVWhuFdQwkIIL2EDD58x7Zo4azu8dkLpSH0LuD2Q2ncWGTknhyKN0LP8uksgxQuQBXNe0KxG7FhylnS2Z4PTIw6G2y3__HICi1NN2WCW7e4Gcd-8cPgePDQcZ9wMv7d6fypNOHDtOrIR1CtXPtyXaNoSJ7WZcfxlKav5o1-aIlIs_APAv7-MAEupCW0McDkgUECAQYAZIFBAgFGASAB7OusrIBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ3oEC0ggPCIBhEAEYHzICigI6AoBAgAoByAsB2BMNiBQC0BUBmBYBgBcBshccChoIABIUcHViLTU3Mzg3MjU3MDMyMzI2MjYYAA&sigh=OcSKilk6_JY&uach_m=[UACH]&cid=CAQSGwDUE5ymTNYN3l5sABtBIbZAq728gAkacl_QUhgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5738725703232626&output=html&h=250&slotname=8806081466&adk=277611441&adf=422466837&pi=t.ma~as.8806081466&w=310&fwrn=4&fwrnh=100&lmt=1681173546&rafmt=1&format=310x250&url=https%3A%2F%2Fwww.ctfiot.com%2F87670.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681173545199&bpp=2&bdt=2005&idt=1145&shv=r20230405&mjsv=m202304050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C745x187%2C745x447&nras=1&correlator=5273979297390&frm=20&pv=1&ga_vid=769908017.1681173546&ga_sid=1681173546&ga_hid=163435733&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31071755%2C31073584%2C42531706&oid=2&pvsid=360382840906581&tmod=485068584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=0cVyLFzZ4D&p=https%3A//www.ctfiot.com&dtd=1148
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 11 Apr 2023 00:39:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 11 Apr 2023 00:39:07 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0E2B 0
0 211ms
211ms Fetch
text/html 142.251.12.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CDVdIKqw0ZOSTG5Xxz7sP04SlmA3R7r7saN2-4b6OEcCNtwEQASCy1qiXASgIYKWAgICQAaAB-LuYzAHIAQaoAwHIAwKqBOIBT9Ce7cDOA74ePYsdh6ZqVUDgeJDWGrynHOGea8llIz0ya1k7gpZHFKrZlZ9hKdv0-6MzXHSDAUM3LkQSLK_ol4a5rD1HjNHZr6K3uEVBysQDVGSPEA6txknubuYF1AyFfSmwaAKIqOf3slIrGAJt4DgNj7anAJn2yQEKDE6WQWb3xYrjbzBI4fIOpHhgg-wMsJMlt2EOmSli9nXJrSAJpD815vdoFKc8o0blwlc-nzd5spCBkTUB2So7Liv869E3-XBP2ysneHg0NDlTUPtpDFPWVdl_m0v3lLLAkdWtGIWHE8AE25S01rUDkgUECAQYAZIFBAgFGASgBjeAB_DD57MCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ8JcD0ggPCIBhEAEYHzICigI6AoBAgAoByAsB2BMK0BUBmBYBgBcBshccChoIABIUcHViLTU3Mzg3MjU3MDMyMzI2MjYYAA&sigh=CgZzN7jfHVo&uach_m=[UACH]&cid=CAQSGwDUE5ymDcAI7EjuHiK3IbSVFlswECB-ySqc7hgB&template_id=492

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5738725703232626&output=html&h=447&slotname=6117731570&adk=1968854875&adf=3830709326&pi=t.ma~as.6117731570&w=745&cr_col=4&cr_row=2&fwrn=2&lmt=1681173546&rafmt=9&format=745x447&url=https%3A%2F%2Fwww.ctfiot.com%2F87670.html&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681173545198&bpp=1&bdt=2005&idt=1134&shv=r20230405&mjsv=m202304050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C745x187&nras=1&correlator=5273979297390&frm=20&pv=1&ga_vid=769908017.1681173546&ga_sid=1681173546&ga_hid=163435733&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=295&ady=3530&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31071755%2C31073584%2C42531706&oid=2&pvsid=360382840906581&tmod=485068584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Jdu8nJpLOW&p=https%3A//www.ctfiot.com&dtd=1138
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 11 Apr 2023 00:39:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0E2B 0
0 235ms
234ms Fetch
text/html 142.251.12.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C2AAFKqw0ZOSTG5Xxz7sP04SlmA3Ctpqibrii0KWMEL_u2Pi5EBACILLWqJcBKAhgpYCAgJABoAHD1vbXA8gBBqkCH_CgxC9Ipj6oAwHIAwKqBNUBT9Cg68jOAL4ePYsdh6ZqVUDgeJDWGrynHOGea8llIz0ya1k7gpZHFKrZlZ9hKdv0-6MzXHSDAUM3LkQSLK_ol4a5rD1HjNHZr6K3uEVBysQDXGRKYNqjKzcPzAzubOxolsiqaAJPQgwskE8rOPdupM0OS0OkgGz1yTQJDHuVQZP0xX_gb8VLwQcNho1jgRkPsGYmtZQNm9xh9oDKrNUKpN8zUYziJQBzgovt4hak1Z97MjOL8b7SP-EFcp5KIn4RR3hn0gU_7Y21TLPuzOlFFKMF7qCewASizIn-vgOSBQQIBBgBkgUECAUYBKAGN4AHpamJKKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEPCXA9IIDwiAYRABGB8yAooCOgKAQIAKAcgLAdgTDYgUCdAVAYAXAbIXHAoaCAASFHB1Yi01NzM4NzI1NzAzMjMyNjI2GAA&sigh=hNNtwU9YPyQ&uach_m=[UACH]&cid=CAQSGwDUE5ymDcAI7EjuHiK3IbSVFlswECB-ySqc7hgB&template_id=492

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5738725703232626&output=html&h=447&slotname=6117731570&adk=1968854875&adf=3830709326&pi=t.ma~as.6117731570&w=745&cr_col=4&cr_row=2&fwrn=2&lmt=1681173546&rafmt=9&format=745x447&url=https%3A%2F%2Fwww.ctfiot.com%2F87670.html&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681173545198&bpp=1&bdt=2005&idt=1134&shv=r20230405&mjsv=m202304050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C745x187&nras=1&correlator=5273979297390&frm=20&pv=1&ga_vid=769908017.1681173546&ga_sid=1681173546&ga_hid=163435733&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=295&ady=3530&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31071755%2C31073584%2C42531706&oid=2&pvsid=360382840906581&tmod=485068584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Jdu8nJpLOW&p=https%3A//www.ctfiot.com&dtd=1138
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 11 Apr 2023 00:39:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0E2B 0
0 217ms
216ms Fetch
text/html 142.251.12.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CCba1Kqw0ZOSTG5Xxz7sP04SlmA2M3eicZ824uMHkDq_DqrThHRADILLWqJcBKAhgpYCAgJABoAHR8orCA8gBBqkCf4xjKiI4sj6oAwHIAwKqBNsBT9DrwNTOAb4ePYsdh6ZqVUDgeJDWGrynHOGea8llIz0ya1k7gpZHFKrZlZ9hKdv0-6MzXHSDAUM3LkQSLK_ol4a5rD1HjNHZr6K3wEZB6sSCVLZfaNpJF6MxeWt81QaDLihHg-NVQgzreqTwGupuhDgND7anRJn2ScEKDE6WQab3xYrjbzBIwfIOpnhgo-wMspMltWEOmSli9HXJrCAJpSowUWzkoSX1qqbjBbx4qch5ETsWRbUDPeErV6xbFFYD2YbvxyGKclMsn5bUSX2XhEb4TRa6TRYbJxXcwAS7gJWc5gOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGN4AHl431PagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEPCXA9IIDwiAYRABGB8yAooCOgKAQIAKAcgLAdgTDIgUA9AVAZgWAYAXAbIXHAoaCAASFHB1Yi01NzM4NzI1NzAzMjMyNjI2GAA&sigh=5dX9Bc3vJLI&uach_m=[UACH]&cid=CAQSGwDUE5ymDcAI7EjuHiK3IbSVFlswECB-ySqc7hgB&template_id=492

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5738725703232626&output=html&h=447&slotname=6117731570&adk=1968854875&adf=3830709326&pi=t.ma~as.6117731570&w=745&cr_col=4&cr_row=2&fwrn=2&lmt=1681173546&rafmt=9&format=745x447&url=https%3A%2F%2Fwww.ctfiot.com%2F87670.html&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681173545198&bpp=1&bdt=2005&idt=1134&shv=r20230405&mjsv=m202304050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C745x187&nras=1&correlator=5273979297390&frm=20&pv=1&ga_vid=769908017.1681173546&ga_sid=1681173546&ga_hid=163435733&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=295&ady=3530&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31071755%2C31073584%2C42531706&oid=2&pvsid=360382840906581&tmod=485068584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Jdu8nJpLOW&p=https%3A//www.ctfiot.com&dtd=1138
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 11 Apr 2023 00:39:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0E2B 0
0 216ms
215ms Fetch
text/html 142.251.12.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CkM8PKqw0ZOSTG5Xxz7sP04SlmA2fz4Dwb6GmkLuuEcTQrpbfIhAEILLWqJcBKAhgpYCAgJABoAG59bjPAcgBBqgDAcgDAqoE0wFP0JSJ1s4Gvh49ix2HpmpVQOB4kNYavKcc4Z5ryWUjPTJrWTuClkcUqtmVn2Ep2_T7ozNcdIMBQzcuRBIsr-iXhrmsPUeM0dmvorfARkGKxB5UZLciGaHGSe5u5gXUDIV9KbBoAoio5_eyUisYAm3gOA2PtqcAmfbJAQoMTpZBZvfFiuNvMEjh8g6keGCD7AywkyW3YQ6ZKWL2dcmtIAmkPzWm-xkapzyjRuXiVj6fJnnR-oHpDQHAdRdTF9TgXKRNWmvKwe7nlQa9mszC8Z2YsSRnwASFrrbpmASSBQQIBBgBkgUECAUYBKAGN4AHhuPXugKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDwlwPSCA8IgGEQARgfMgKKAjoCgECACgHICwHYEwyIFAnQFQGYFgGAFwGyFxwKGggAEhRwdWItNTczODcyNTcwMzIzMjYyNhgA&sigh=07JmxSyVk14&uach_m=[UACH]&cid=CAQSGwDUE5ymDcAI7EjuHiK3IbSVFlswECB-ySqc7hgB&template_id=492

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5738725703232626&output=html&h=447&slotname=6117731570&adk=1968854875&adf=3830709326&pi=t.ma~as.6117731570&w=745&cr_col=4&cr_row=2&fwrn=2&lmt=1681173546&rafmt=9&format=745x447&url=https%3A%2F%2Fwww.ctfiot.com%2F87670.html&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681173545198&bpp=1&bdt=2005&idt=1134&shv=r20230405&mjsv=m202304050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C745x187&nras=1&correlator=5273979297390&frm=20&pv=1&ga_vid=769908017.1681173546&ga_sid=1681173546&ga_hid=163435733&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=295&ady=3530&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31071755%2C31073584%2C42531706&oid=2&pvsid=360382840906581&tmod=485068584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Jdu8nJpLOW&p=https%3A//www.ctfiot.com&dtd=1138
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 11 Apr 2023 00:39:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0E2B 0
0 211ms
210ms Fetch
text/html 142.251.12.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CcIL9Kqw0ZOSTG5Xxz7sP04SlmA3y4PvhbJibtP7ED9nZHhAFILLWqJcBKAhgpYCAgJABoAG10c3NAsgBBqgDAcgDAqoE0wFP0Jqbx84Hvh49ix2HpmpVQOB4kNYavKcc4Z5ryWUjPTJrWTuClkcUqtmVn2Ep2_T7ozNcdIMBQzcuRBIsr-iXhrmsPUeM0dmvorfARkGKxARUZJpxQqjGSe5u5gXUDIV9KbBoAoio5_eyUisYAm3gOA2PtqcAmfbJAQoMTpZBZvfFiuNvMEjh8g6keGCD7AywkyW3YQ6ZKWL2dcmtIAmkPzXFuzESpDyjRuXiVj6fJnmslZXIDwGPBTViF9SMX6RNWmvKvIHztAS9mszC8dLokxVnwAS6kJbQxwOSBQQIBBgBkgUECAUYBKAGN4AHs66ysgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDwlwPSCA8IgGEQARgfMgKKAjoCgECACgHICwHYEw2IFALQFQGYFgGAFwGyFxwKGggAEhRwdWItNTczODcyNTcwMzIzMjYyNhgA&sigh=GMY4uritjPc&uach_m=[UACH]&cid=CAQSGwDUE5ymDcAI7EjuHiK3IbSVFlswECB-ySqc7hgB&template_id=492

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5738725703232626&output=html&h=447&slotname=6117731570&adk=1968854875&adf=3830709326&pi=t.ma~as.6117731570&w=745&cr_col=4&cr_row=2&fwrn=2&lmt=1681173546&rafmt=9&format=745x447&url=https%3A%2F%2Fwww.ctfiot.com%2F87670.html&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681173545198&bpp=1&bdt=2005&idt=1134&shv=r20230405&mjsv=m202304050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C745x187&nras=1&correlator=5273979297390&frm=20&pv=1&ga_vid=769908017.1681173546&ga_sid=1681173546&ga_hid=163435733&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=295&ady=3530&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31071755%2C31073584%2C42531706&oid=2&pvsid=360382840906581&tmod=485068584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Jdu8nJpLOW&p=https%3A//www.ctfiot.com&dtd=1138
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 11 Apr 2023 00:39:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0E2B 0
0 235ms
234ms Fetch
text/html 142.251.12.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CCV31Kqw0ZOSTG5Xxz7sP04SlmA2gjqmybujCs8r3DY2A5LbrAhAGILLWqJcBKAhgpYCAgJABoAHc9KX5AsgBBqgDAcgDAqoE0wFP0JbDzc4Evh49ix2HpmpVQOB4kNYavKcc4Z5ryWUjPTJrWTuClkcUqtmVn2Ep2_T7ozNcdIMBQzcuRBIsr-iXhrmsPUeM0dmvorfARkGKxARUZPRdJK_GSe5u5gXUDIV9KbBoAoio5_eyUisYAm3gOA2PtqcAmfbJAQoMTpZBZvfFiuNvMEjh8g6keGCD7AywkyW3YQ6ZKWL2dcmtIAmkPzX8lRwmpDyjRuXiVj6fJnmixe_tDgH9EwNgF9TgXKRNWmvKstGJkQW9mszC8aD-pRdnwATJhuTB4AOSBQQIBBgBkgUECAUYBKAGN4AHjIvahgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDwlwPSCA8IgGEQARgfMgKKAjoCgECACgHICwHYEw2IFALQFQGYFgGAFwGyFxwKGggAEhRwdWItNTczODcyNTcwMzIzMjYyNhgA&sigh=q8RtBm3lfnw&uach_m=[UACH]&cid=CAQSGwDUE5ymDcAI7EjuHiK3IbSVFlswECB-ySqc7hgB&template_id=492

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5738725703232626&output=html&h=447&slotname=6117731570&adk=1968854875&adf=3830709326&pi=t.ma~as.6117731570&w=745&cr_col=4&cr_row=2&fwrn=2&lmt=1681173546&rafmt=9&format=745x447&url=https%3A%2F%2Fwww.ctfiot.com%2F87670.html&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681173545198&bpp=1&bdt=2005&idt=1134&shv=r20230405&mjsv=m202304050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C745x187&nras=1&correlator=5273979297390&frm=20&pv=1&ga_vid=769908017.1681173546&ga_sid=1681173546&ga_hid=163435733&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=295&ady=3530&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31071755%2C31073584%2C42531706&oid=2&pvsid=360382840906581&tmod=485068584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Jdu8nJpLOW&p=https%3A//www.ctfiot.com&dtd=1138
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 11 Apr 2023 00:39:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0E2B 0
0 239ms
238ms Fetch
text/html 142.251.12.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C00TKKqw0ZOSTG5Xxz7sP04SlmA2FpdXxb4Tet86WEfvV9P0IEAcgstaolwEoCGClgICAkAGgAeW1x8sDyAEGqQLaWTLQVHx5PqgDAcgDAqoE0gFP0I7Ho84Fvh49ix2HpmpVQOB4kNYavKcc4Z5ryWUjPTJrWTuClkcUqtmVn2Ep2_T7ozNcdIMBQzcuRBIsr-iXhrmsPUeM0dmvorfARkGKxB5UZKhifM_HSe5u5gXUDIV9KbBoAoio5_eyUisYAm3gOA2PtqcAmfbJAQoMTpZBZvfFiuNvMEjh8g6keGCD7AywkyW3YQ6ZKWL2dcmtIAmkPzWLwE2VaPmrRuWijK62DbPUt-ISJ7rkNhGHFTwCdIZNVn9p-_CcWw6fmsLUI4aIr8XABOLxpOGiBJIFBAgEGAGSBQQIBRgEoAY3gAeDyrg0qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ8JcD0ggPCIBhEAEYHzICigI6AoBAgAoByAsB2BMNiBQF0BUBmBYBgBcBshccChoIABIUcHViLTU3Mzg3MjU3MDMyMzI2MjYYAA&sigh=qb846_TVKUc&uach_m=[UACH]&cid=CAQSGwDUE5ymDcAI7EjuHiK3IbSVFlswECB-ySqc7hgB&template_id=492

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5738725703232626&output=html&h=447&slotname=6117731570&adk=1968854875&adf=3830709326&pi=t.ma~as.6117731570&w=745&cr_col=4&cr_row=2&fwrn=2&lmt=1681173546&rafmt=9&format=745x447&url=https%3A%2F%2Fwww.ctfiot.com%2F87670.html&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681173545198&bpp=1&bdt=2005&idt=1134&shv=r20230405&mjsv=m202304050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C745x187&nras=1&correlator=5273979297390&frm=20&pv=1&ga_vid=769908017.1681173546&ga_sid=1681173546&ga_hid=163435733&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=295&ady=3530&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31071755%2C31073584%2C42531706&oid=2&pvsid=360382840906581&tmod=485068584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Jdu8nJpLOW&p=https%3A//www.ctfiot.com&dtd=1138
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 11 Apr 2023 00:39:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0E2B 0
0 256ms
255ms Fetch
text/html 142.251.12.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C_bu8Kqw0ZOSTG5Xxz7sP04SlmA3iuZjrb8KT1YSsEafv8_0IEAggstaolwEoCGClgICAkAGgAdOXt6IpyAEGqAMByAMCqgTTAU_Q-ozMzgq-Hj2LHYemalVA4HiQ1hq8pxzhnmvJZSM9MmtZO4KWRxSq2ZWfYSnb9PujM1x0gwFDNy5EEiyv6JeGuaw9R4zR2a-it8BGQYrEBlRk_15tmsZJ7m7mBdQMhX0psGgCiKjn97JSKxgCbeA4DY-2pwCZ9skBCgxOlkFm98WK428wSOHyDqR4YIPsDLCTJbdhDpkpYvZ1ya0gCaQ_NZusHgqhPKOJmbspPp8mee-3uYcNAeAGaUIX1JZdpE1aa8r_wOSeBr2azMLxvYj0UGfABJ2Kz7GaBJIFBAgEGAGSBQQIBRgEoAY3gAfTz4eCBKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEPCXA9IIDwiAYRABGB8yAooCOgKAQIAKAcgLAdgTDNAVAYAXAbIXHAoaCAASFHB1Yi01NzM4NzI1NzAzMjMyNjI2GAA&sigh=EEJa9edLFGY&uach_m=[UACH]&cid=CAQSGwDUE5ymDcAI7EjuHiK3IbSVFlswECB-ySqc7hgB&template_id=492

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f155.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5738725703232626&output=html&h=447&slotname=6117731570&adk=1968854875&adf=3830709326&pi=t.ma~as.6117731570&w=745&cr_col=4&cr_row=2&fwrn=2&lmt=1681173546&rafmt=9&format=745x447&url=https%3A%2F%2Fwww.ctfiot.com%2F87670.html&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681173545198&bpp=1&bdt=2005&idt=1134&shv=r20230405&mjsv=m202304050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C745x187&nras=1&correlator=5273979297390&frm=20&pv=1&ga_vid=769908017.1681173546&ga_sid=1681173546&ga_hid=163435733&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=295&ady=3530&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31071755%2C31073584%2C42531706&oid=2&pvsid=360382840906581&tmod=485068584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Jdu8nJpLOW&p=https%3A//www.ctfiot.com&dtd=1138
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 11 Apr 2023 00:39:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com.au/adsid/ 107 B
165 B 196ms
195ms Script
application/javascript 172.217.194.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.au/adsid/integrator.js?domain=www.ctfiot.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304050101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f157.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 00:39:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 200ms
200ms Script
application/javascript 142.251.12.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.ctfiot.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304050101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f156.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 00:39:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/ Frame 5C4B 10 KB
4 KB 219ms
218ms Document
text/html 142.251.12.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304050101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f155.1e100.net

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ctfiot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

age: 79048
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Apr 2023 02:41:39 GMT
etag: 2378337311435320485
expires: Mon, 24 Apr 2023 02:41:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame AA2F 42 B
63 B 202ms
194ms Image
image/gif 74.125.24.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Biip6L98iukD-EdyPsSmZrEjyoo5KGjfKG8__g0Ic5j747uEx-Lk9enxUAHkGyntMG0bpjeBldA0LucadpIxKmOXbe3DabUjIX1bjKKa6A8ws5oR8

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5738725703232626&output=html&h=600&adk=3473758137&adf=2980804260&pi=t.aa~a.123497700~rp.4&w=270&fwrn=4&fwrnh=100&lmt=1681173547&rafmt=1&to=qs&pwprc=1516750021&format=270x600&url=https%3A%2F%2Fwww.ctfiot.com%2F87670.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681173547260&bpp=1&bdt=4067&idt=1&shv=r20230405&mjsv=m202304050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc502b709776c267a-22699aa720dd00f3%3AT%3D1681173546%3ART%3D1681173546%3AS%3DALNI_MYBy9SNwpIAWG5X0JbdedNHvG31ug&gpic=UID%3D00000bf26418840a%3AT%3D1681173546%3ART%3D1681173546%3AS%3DALNI_MaS95wXy-jlEhax1sJ1ysfF91zkzw&prev_fmts=0x0%2C745x187%2C745x447%2C310x250&nras=2&correlator=5273979297390&frm=20&pv=1&ga_vid=769908017.1681173546&ga_sid=1681173546&ga_hid=163435733&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1095&ady=1786&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31071755%2C31073584%2C42531706&oid=2&pvsid=360382840906581&tmod=485068584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=865HbLZzyy&p=https%3A//www.ctfiot.com&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f157.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 00:39:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AA2F 0
20 B 254ms
194ms Image
image/gif 74.125.24.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=4977769806906188492&x=1&ct=76

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f157.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 00:39:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame AA2F 78 KB
27 KB 249ms
199ms Script
text/javascript 74.125.24.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f157.1e100.net

Software

cafe /

Resource Hash

46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 00:39:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28043
x-xss-protection: 0
server: cafe
etag: 15270303690107644053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 11 Apr 2023 00:39:07 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame AA2F 3 KB
1 KB 757ms
687ms Script
text/javascript 74.125.130.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.132 Nashville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 01:20:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83920
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 01:20:27 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame AA2F 20 KB
8 KB 759ms
684ms Script
text/javascript 74.125.130.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.132 Nashville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f132.1e100.net

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 11:01:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49064
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 11:01:23 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame AA2F 0
0 712ms
244ms Image
text/html 142.251.10.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTNn_IKh-lBWY0UUNHSdBYJ-nf2WIS8xcXi2Z5PeZ2qLP8-KDNFKIjK-h7SfXRjFZi1U6ENTeC4EWsAwx1NBeb_Eu5Z9w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5738725703232626&output=html&h=600&adk=3473758137&adf=2980804260&pi=t.aa~a.123497700~rp.4&w=270&fwrn=4&fwrnh=100&lmt=1681173547&rafmt=1&to=qs&pwprc=1516750021&format=270x600&url=https%3A%2F%2Fwww.ctfiot.com%2F87670.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681173547260&bpp=1&bdt=4067&idt=1&shv=r20230405&mjsv=m202304050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc502b709776c267a-22699aa720dd00f3%3AT%3D1681173546%3ART%3D1681173546%3AS%3DALNI_MYBy9SNwpIAWG5X0JbdedNHvG31ug&gpic=UID%3D00000bf26418840a%3AT%3D1681173546%3ART%3D1681173546%3AS%3DALNI_MaS95wXy-jlEhax1sJ1ysfF91zkzw&prev_fmts=0x0%2C745x187%2C745x447%2C310x250&nras=2&correlator=5273979297390&frm=20&pv=1&ga_vid=769908017.1681173546&ga_sid=1681173546&ga_hid=163435733&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1095&ady=1786&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31071755%2C31073584%2C42531706&oid=2&pvsid=360382840906581&tmod=485068584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=865HbLZzyy&p=https%3A//www.ctfiot.com&dtd=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.10.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sd-in-f103.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AA2F 159 KB
49 KB 335ms
265ms Script
text/javascript 74.125.130.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.154 Nashville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f154.1e100.net

Software

sffe /

Resource Hash

c34355356c4f9f8b5e828e584ec960d94c0325893fe0411dc5778a8a584302c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 00:39:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49747
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681125830480664"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Apr 2023 00:39:07 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 428D 624 B
242 B 262ms
198ms Document
text/html 142.251.12.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMiRieICEKm7mO4CGLjA9N4BMAE&v=APEucNUlTGJufUjUyXqfl91d24rLjNGcpEIpraCMe9I52S4IR_REUjKHuu9xAHg4y6UQdKSRQBsK3LSJA9nLRbPFhL1cmrkXvg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f155.1e100.net

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5738725703232626&output=html&h=600&adk=3473758137&adf=2980804260&pi=t.aa~a.123497700~rp.4&w=270&fwrn=4&fwrnh=100&lmt=1681173547&rafmt=1&to=qs&pwprc=1516750021&format=270x600&url=https%3A%2F%2Fwww.ctfiot.com%2F87670.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681173547260&bpp=1&bdt=4067&idt=1&shv=r20230405&mjsv=m202304050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc502b709776c267a-22699aa720dd00f3%3AT%3D1681173546%3ART%3D1681173546%3AS%3DALNI_MYBy9SNwpIAWG5X0JbdedNHvG31ug&gpic=UID%3D00000bf26418840a%3AT%3D1681173546%3ART%3D1681173546%3AS%3DALNI_MaS95wXy-jlEhax1sJ1ysfF91zkzw&prev_fmts=0x0%2C745x187%2C745x447%2C310x250&nras=2&correlator=5273979297390&frm=20&pv=1&ga_vid=769908017.1681173546&ga_sid=1681173546&ga_hid=163435733&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1095&ady=1786&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31071755%2C31073584%2C42531706&oid=2&pvsid=360382840906581&tmod=485068584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=865HbLZzyy&p=https%3A//www.ctfiot.com&dtd=7
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 00:39:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5F36 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 763d01c3ab31f56d74fa9de477eecdcac63bef64a14781d98ca401429ce36b2c

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame 5C4B 8 KB
989 B 200ms
195ms Stylesheet
text/css 74.125.200.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f95.1e100.net

Software

ESF /

Resource Hash

05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 11 Apr 2023 00:39:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 11 Apr 2023 00:36:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 11 Apr 2023 00:39:08 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 5C4B 2 KB
804 B 622ms
616ms Script
text/javascript 74.125.130.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.132 Nashville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f132.1e100.net

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 12:37:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43306
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 12:37:22 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/ Frame 5C4B 22 KB
9 KB 619ms
617ms Script
text/javascript 74.125.130.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.132 Nashville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f132.1e100.net

Software

cafe /

Resource Hash

8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 17:38:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25220
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8726
x-xss-protection: 0
server: cafe
etag: 308001309495089854
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 17:38:48 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 5C4B 3 KB
1 KB 619ms
614ms Script
text/javascript 74.125.130.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.132 Nashville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f132.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 01:20:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 83921
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 01:20:27 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/ Frame 5C4B 20 KB
8 KB 620ms
614ms Script
text/javascript 74.125.130.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230405/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.132 Nashville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f132.1e100.net

Software

cafe /

Resource Hash

df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 11:01:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49065
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8268
x-xss-protection: 0
server: cafe
etag: 8048349561987089234
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 11:01:23 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5C4B 159 KB
49 KB 241ms
240ms Script
text/javascript 74.125.130.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.130.154 Nashville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f154.1e100.net

Software

sffe /

Resource Hash

c34355356c4f9f8b5e828e584ec960d94c0325893fe0411dc5778a8a584302c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 00:39:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49747
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681125830480664"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 11 Apr 2023 00:39:08 GMT

GET
H3 200 c15427455071565d8097eb04c444439b.js Show response
www.gstatic.com/mysidia/ Frame 5C4B 33 KB
14 KB 200ms
199ms Script
text/javascript 74.125.24.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c15427455071565d8097eb04c444439b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f94.1e100.net

Software

sffe /

Resource Hash

02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 13:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 128268
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14106
x-xss-protection: 0
last-modified: Wed, 05 Apr 2023 23:21:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 08 Jul 2023 13:01:20 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E54C 143 B
166 B 194ms
193ms Document
text/html 142.251.12.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f155.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5738725703232626&output=html&h=250&slotname=8806081466&adk=277611441&adf=422466837&pi=t.ma~as.8806081466&w=310&fwrn=4&fwrnh=100&lmt=1681173546&rafmt=1&format=310x250&url=https%3A%2F%2Fwww.ctfiot.com%2F87670.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681173545199&bpp=2&bdt=2005&idt=1145&shv=r20230405&mjsv=m202304050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C745x187%2C745x447&nras=1&correlator=5273979297390&frm=20&pv=1&ga_vid=769908017.1681173546&ga_sid=1681173546&ga_hid=163435733&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1075&ady=183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31071755%2C31073584%2C42531706&oid=2&pvsid=360382840906581&tmod=485068584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=0cVyLFzZ4D&p=https%3A//www.ctfiot.com&dtd=1148
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

age: 645
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 00:28:23 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame EBBB 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ee59719ffe57abd0f4ca90c1a51629ee4cb2ca70af70583625484bd207abd957

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 428D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFbArhuO4zAKKOgXs2mor3k&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFbArhuO4zAKKOgXs2mor3k&google_cver=1&C=1

43 B
632 B

201ms
201ms

Image
image/gif

139.5.84.243
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFbArhuO4zAKKOgXs2mor3k&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMiRieICEKm7mO4CGLjA9N4BMAE&v=APEucNUlTGJufUjUyXqfl91d24rLjNGcpEIpraCMe9I52S4IR_REUjKHuu9xAHg4y6UQdKSRQBsK3LSJA9nLRbPFhL1cmrkXvg
Protocol: HTTP/1.1
Server: 139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 11 Apr 2023 00:39:09 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 11 Apr 2023 00:39:09 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEFbArhuO4zAKKOgXs2mor3k&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 428D
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZDSsLQXcrFlMxXkVIlSrtQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFbArhuO4zAKKOgXs2mor3k&google_cver=1

43 B
632 B

199ms
198ms

Image
image/gif

139.5.84.243
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFbArhuO4zAKKOgXs2mor3k&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMiRieICEKm7mO4CGLjA9N4BMAE&v=APEucNUlTGJufUjUyXqfl91d24rLjNGcpEIpraCMe9I52S4IR_REUjKHuu9xAHg4y6UQdKSRQBsK3LSJA9nLRbPFhL1cmrkXvg
Protocol: HTTP/1.1
Server: 139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 11 Apr 2023 00:39:10 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 11 Apr 2023 00:39:09 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFbArhuO4zAKKOgXs2mor3k&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 428D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEM98Ib9T38s_CJNTfixlnaU&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEM98Ib9T38s_CJNTfixlnaU%26google_cver%3D1

43 B
1 KB

248ms
248ms

Image
image/gif

104.254.151.120
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEM98Ib9T38s_CJNTfixlnaU%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMiRieICEKm7mO4CGLjA9N4BMAE&v=APEucNUlTGJufUjUyXqfl91d24rLjNGcpEIpraCMe9I52S4IR_REUjKHuu9xAHg4y6UQdKSRQBsK3LSJA9nLRbPFhL1cmrkXvg

Protocol

HTTP/1.1

Server

104.254.151.120 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 11 Apr 2023 00:39:09 GMT
AN-X-Request-Uuid: 2448d91f-192c-4178-9b01-e6bae5e18648
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 173.245.209.172; 173.245.209.172; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 11 Apr 2023 00:39:09 GMT
AN-X-Request-Uuid: cf8bde81-b30e-4c02-957a-bc10819ce77e
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEM98Ib9T38s_CJNTfixlnaU%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 173.245.209.172; 173.245.209.172; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 428D
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjgwMzEzNjY2OTU2MjMyNTg3MQ%3D%3D

170 B
188 B

196ms
195ms

Image
image/png

172.217.194.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjgwMzEzNjY2OTU2MjMyNTg3MQ%3D%3D

Requested by

Protocol

Server

172.217.194.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 00:39:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 11 Apr 2023 00:39:09 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 173.245.209.172; 173.245.209.172; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 9d508628-12ca-44da-abcb-02987cfdb747
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjgwMzEzNjY2OTU2MjMyNTg3MQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AA2F 0
20 B 201ms
196ms Ping
image/gif 74.125.24.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9971399880960&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f157.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 00:39:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AA2F 0
20 B 198ms
194ms Ping
image/gif 74.125.24.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9971399880960&version=m202301230201&ct=76&x=1&cor=4977769806906189000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f157.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 00:39:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame AA2F 84 KB
35 KB 244ms
244ms Script
text/javascript 142.251.12.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DGsHsurzU5I3ILNSe1uDsUTABXcbkH8ByI3TKj0qz8wZWldV3IB9eRNBLT_c1E2bZ3PyrDWSiZnofeSp4uOtzDyEIxvw&cry=1&dbm_d=AKAmf-D-D52MhZSpnWBiQVuPUJVAcbti-iCno27n88-2fJhv-JkrI90fqaeNbIo7Xh9MRx_BoUCU5yfmbWlnmUqn7l36sETorNZHQ8BfWjapdFAaixG2zt8OelbLzVWvIyLm-xaW_hhA7Vsmga7_31cwZha22YUo5W1ylV6EgOnURqC5IZgxNVbhVPc3VKgxIOHnmRp6gthuR_JTeXptK_VtWec4853R-_OxU6CYBD72wuiJ8TmvnGT6EuMZPCrUruQlkP2dNym-UQIo7tIsuVNVFCHoWulD2exR-fkVmB0qV23OjF2yWQlsVGhy-Pm4Il_RTVEuFWoYaDl5nV3GuTSQF6rn1QMtVptEO9_PCeqRR9nmGMOHPurLY0GxqLrxTpZD5EdFBnOSt7cnNnJYz__1jHw-VxDnq4DBp0Z_IaQNEKaoPjN43EjQwRJZM_6q0kBymBnTeFmLmRx86DXAiKaL2V2WDqAoF5CEy2vI_eYEA_pj_2IbUMsVFg47FeXSsHNLY00LAniQ1qRvBfTN25AY55o4R32fmQTVze71_b91s8-gyDVZ2l7JTAsfUSg5m-fodO6aSep6lI1Jhl2aHGD1OO2j_JJSVW5JhINY9s1CWM4X_dXi3KlLnAoDSv_ucuPZYx7mW_BlEo0_iLJY7v1-8ivPFtay4GfnCQJGNk1cD2KxdZcpNmYUsebQ5uEVeIvPJ7rrONqFo5vu3oyUrPB-KjZ5pDPWRyavcAg6Poq6kSRImwABaaqJDRAXZiKV3h4A3xYyrMMDudiJmf0qcIw1coHj8yNey41mUcz4jX6aAQI0ZINE5e31bcex2ELlg5RPsM-2JysfbHrG2onGqY3vg8quAU_UTWX7D1dhhxlZWMxkZV7vf-_1V53HK0-8rAi0PY9uBDMrfjCtBrVfE2FsvGdkoAhi1L4vXhAnpGVdJbDttpaAjYSB9qNfZByUZ9i6H6cnzV6evpPTXmhjpjTKucRXhzvCLk_mA-ITEVFwi4bpePdFB_Bs2Ps1pxbMuhlAoAcPyjc17H84Jiaw7CRKg68wiIPc01IO66HBOtZLpf7wzkyvVIlx58PFF1JWKaXXGHmokraf4EcY-Nl3Pq8Ls455e5uHB5x3XNqW5a5zxaVALj1OCQjuzZWjyZU2rkeTn_QT0UF2xl7l3dpAHMoczZ75zh-yyx0zZ79mqYmx7862IegDTPe7EFmeAgRQnyjkE2Cm2-eoCR3Gun2HsGFyqbZno7g-zFh7apCf13wInj80Q-xjqUVsX_nvh0hehHgv5JZvKjVQ-POOtf2_MeQBYaratL5Cy46_IugyZLygsVLpsqBluwtEpRnpVWoLmnBwEf0cRq09s02zSUqM8_l9OhBOJ2Oofz0O0dZKr5Y4Vl5oSV79nG3JPPUeHFHV9xY-bySAYeN1ajd3IUxS8kmDHpU7tce0F6QlIkMziS6vWOJ-TD76MJEer13O2kSRFGmSBOWwWJFl5P_zohyi8vU520l7lfrg-yWGwcBW92TlHnBM0qA21aUB-QP9obvJb5bGjJS8mKYvOBP9BG01OaAPOQem-9z9Lsij9YNJV-tfc6NdXQaL0Ux-jzhwUBUNxt4AllaQpwU-em2yw-0vtrq9l6lG4ZY3UTcaam2irSiB-cdi3EFOUDMsuN0lpus157Nee_q_VhhSdi65NKRoAnBI3Xk2WSStcda-7NfH6WG5oaWMvEEsGqwSNF4EdUb0M-wrzfNk77mv31urkxO5fFe0xGH3xVJAEHRl_ntjFw0kdE7cSZDXtSSXEHksKOtu_JhugqXClfJ7cYsthVsDHeG2h4ScOpmjJuZdhmu8sVNWuDNwW_nmH4hWeiQzHQBBXsxtdePjDvoYkUliiCVx-pCJ-W3PKEwtYSbZFDwzbeOPmIaCs15oMVs6yIMEeuOU39O9gAGdak-y2UQ6UU5ei3DreZIN-vddgYLDoKw0Yoq2PNRrPtH3Md6jYavbQtZlXynXJk4KEy2WXHCNwMLkjMgedvVo5lHnp_oq9BdxsJpxYZMJt-xKzvNC4m1CgQvPKZrpPX1vGR7c13Vby0sbSzOvlMMT4xCRWBS4rNl6_R__QVNaDJIbErmbAHr-3Fu061blcgrUd0DvZCHqZHm0meQVIF3u0o0tAfhTAP26DwHkmSWDgueBFS9yh73MbuSdmJ_RDL3HWvusXs49dVxcpAV6uXekBhhBQfZ3bW4MuWZVAgYbN9ruK3_zecMLuPLAMRYe0B5KHNnv4FvDBIwGzo9ZUd5fCXvhCfu7AcFIK6au17G8h0J-Ju-X7lgBsRD5diIHmSr7Q8xnu6a8ntiu_TncYverN0obuHC6bGTr-y-v8COORivRZnkDLdJZeV_fWYpt-25zrNItDkCVxvc3be8tvzMG3r5Co7L6CdU6ec_aG1HUbekeLh2j05cEJRudQGHq9A_BCA9F4Lhtl9uZggVCUdACUG_gRzuOCU83E_wph3bTPFgWRrCpHSGhhSCUlYjCF8GLvzS-n1shBaTEFVORIWsSkPp1TfQ7zZhniO5C-J6sK-V7ggL_7Tuqf0PLTsW9HfTPCrhfuUssjF-3-By4g_oRi14qveLB5NObVODcZ1qLAhjcC9kropN-T7bMrAnPThRhL49RPna_toO4Mh0y2Q5VzpJDVjhDzkaSYNtOcdsY4MywzzBvZGQODRXqfekUd_Vc7AwGqFqRgVndZJ8XS93CW58qabloSb-INZuhcNLb6A18cKFCs_lSyFTrIY5rl2aOlT6XHkNXMPpQcG37Gi2nr_6e5VtRlsi-2KHdo7EA6ecSeuhd8x8wOGYpTAeOPn28NCMUks-wHYmBAuCv4XSje019andnjegg6a5apKEJ6xkC0ZlxVfhv6TE_hJ4dIYw8kcjvcnvn6P9LKMXKsWw4QvGCwVDNne3vQkWc9z1DHKj9jtHfm6P44QOhQMiulq0naEKEIROjl3SXpIlk42Erm9dlHemu_cNELMLJ-QnGX1Wc1HI1lPIVSzKIdmVdQ_NAWMY-QnwfuC21v25v5WckkEsYUcVDQPrbflLXw_Nw3nzuq7EwqDrt47mDoWmNcTxJOSM7TwT78UGzZeaV02usTly0lrnXoWerRcz7Rx6A6T6woA30IPLLQcWxFolDKIINMMI7dhYo1NvXyhmV6mxfRVPzjVr_Ee0nt5Cst57tuJnjKPP6ygcGjthRyA5XA8zYmfb71c1JnOZhjaMTpgHxRGb-KyR9C0TCH5nGXpFWJorY-hZ4zJIKKZObZB1jTz8lQVuchdLxwbvpWwSx8zoZJQi6sbdt9ztYJ_HrnD-BtezO_jCqd0dk2miN5kqTpjsQxHLIi06SrzI5_iuM0uQ4mTSdAgxymtrKseSNj9_4V3WiM2TRmCp6TtEb5rbez0aN_WfgpJqw1ZqTBUW7u6HPBObrHL4Hdz1yqLZEUVodV7YaCZY&cid=CAQSPADUE5ymtaK0qXIZKii1eCp27cA-7zDdb-gz6JUGbqcf1Fx5pP7ebz8-w5y4kj9k2CfKaFrKTq1mQW2QzRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.ctfiot.com%2F&ds=l&xdt=1&iif=1&cor=4977769806906189000&adk=2228999115&idt=304&cac=0&dtd=27

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f155.1e100.net

Software

cafe /

Resource Hash

acbd00fed4c9a4cb49c8de62f036f62cfc6e0a975b9872d149704c100d04751e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5738725703232626&output=html&h=600&adk=3473758137&adf=2980804260&pi=t.aa~a.123497700~rp.4&w=270&fwrn=4&fwrnh=100&lmt=1681173547&rafmt=1&to=qs&pwprc=1516750021&format=270x600&url=https%3A%2F%2Fwww.ctfiot.com%2F87670.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681173547260&bpp=1&bdt=4067&idt=1&shv=r20230405&mjsv=m202304050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc502b709776c267a-22699aa720dd00f3%3AT%3D1681173546%3ART%3D1681173546%3AS%3DALNI_MYBy9SNwpIAWG5X0JbdedNHvG31ug&gpic=UID%3D00000bf26418840a%3AT%3D1681173546%3ART%3D1681173546%3AS%3DALNI_MaS95wXy-jlEhax1sJ1ysfF91zkzw&prev_fmts=0x0%2C745x187%2C745x447%2C310x250&nras=2&correlator=5273979297390&frm=20&pv=1&ga_vid=769908017.1681173546&ga_sid=1681173546&ga_hid=163435733&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1095&ady=1786&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31071755%2C31073584%2C42531706&oid=2&pvsid=360382840906581&tmod=485068584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=865HbLZzyy&p=https%3A//www.ctfiot.com&dtd=7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 00:39:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35938
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame EBBB 18 KB
19 KB 592ms
193ms Font
font/woff2 172.217.194.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f94.1e100.net

Software

sffe /

Resource Hash

1977d37efc117e675cf21c6d114cf72a98fc3b9f884227aba814f5ad407a03f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 00:44:53 GMT
x-content-type-options: nosniff
age: 604455
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18560
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 16:59:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 00:44:53 GMT

GET
DATA 200
OK truncated
/ Frame 0E2B 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b8df1cb9e81355ed42a3e365529a6f18aebfe827ffd2513fecf6cbad2e7d99a7

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ Frame 0E2B 44 KB
44 KB 760ms
437ms Font
font/woff2 172.217.194.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f94.1e100.net

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 20:46:40 GMT
x-content-type-options: nosniff
age: 13948
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 09 Apr 2024 20:46:40 GMT

GET
H2 200 4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame 5F36 18 KB
18 KB 528ms
252ms Font
font/woff2 172.217.194.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v46/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f94.1e100.net

Software

sffe /

Resource Hash

1977d37efc117e675cf21c6d114cf72a98fc3b9f884227aba814f5ad407a03f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 04 Apr 2023 00:44:53 GMT
x-content-type-options: nosniff
age: 604455
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18560
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 16:59:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 03 Apr 2024 00:44:53 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E54C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

201ms
196ms

Document
text/html

142.251.12.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f155.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 00:39:08 GMT
expires: Tue, 11 Apr 2023 00:39:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 11 Apr 2023 00:39:08 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame AA2F 106 KB
37 KB 597ms
195ms Script
text/javascript 142.251.10.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.ctfiot.com
URL: https://www.ctfiot.com/87670.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f149.1e100.net

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 10:23:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 51346
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 11 Apr 2023 10:23:23 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230405/r20110914/elements/html/ Frame AA2F 11 KB
4 KB 193ms
193ms Script
text/javascript 74.125.24.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230405/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DGsHsurzU5I3ILNSe1uDsUTABXcbkH8ByI3TKj0qz8wZWldV3IB9eRNBLT_c1E2bZ3PyrDWSiZnofeSp4uOtzDyEIxvw&cry=1&dbm_d=AKAmf-D-D52MhZSpnWBiQVuPUJVAcbti-iCno27n88-2fJhv-JkrI90fqaeNbIo7Xh9MRx_BoUCU5yfmbWlnmUqn7l36sETorNZHQ8BfWjapdFAaixG2zt8OelbLzVWvIyLm-xaW_hhA7Vsmga7_31cwZha22YUo5W1ylV6EgOnURqC5IZgxNVbhVPc3VKgxIOHnmRp6gthuR_JTeXptK_VtWec4853R-_OxU6CYBD72wuiJ8TmvnGT6EuMZPCrUruQlkP2dNym-UQIo7tIsuVNVFCHoWulD2exR-fkVmB0qV23OjF2yWQlsVGhy-Pm4Il_RTVEuFWoYaDl5nV3GuTSQF6rn1QMtVptEO9_PCeqRR9nmGMOHPurLY0GxqLrxTpZD5EdFBnOSt7cnNnJYz__1jHw-VxDnq4DBp0Z_IaQNEKaoPjN43EjQwRJZM_6q0kBymBnTeFmLmRx86DXAiKaL2V2WDqAoF5CEy2vI_eYEA_pj_2IbUMsVFg47FeXSsHNLY00LAniQ1qRvBfTN25AY55o4R32fmQTVze71_b91s8-gyDVZ2l7JTAsfUSg5m-fodO6aSep6lI1Jhl2aHGD1OO2j_JJSVW5JhINY9s1CWM4X_dXi3KlLnAoDSv_ucuPZYx7mW_BlEo0_iLJY7v1-8ivPFtay4GfnCQJGNk1cD2KxdZcpNmYUsebQ5uEVeIvPJ7rrONqFo5vu3oyUrPB-KjZ5pDPWRyavcAg6Poq6kSRImwABaaqJDRAXZiKV3h4A3xYyrMMDudiJmf0qcIw1coHj8yNey41mUcz4jX6aAQI0ZINE5e31bcex2ELlg5RPsM-2JysfbHrG2onGqY3vg8quAU_UTWX7D1dhhxlZWMxkZV7vf-_1V53HK0-8rAi0PY9uBDMrfjCtBrVfE2FsvGdkoAhi1L4vXhAnpGVdJbDttpaAjYSB9qNfZByUZ9i6H6cnzV6evpPTXmhjpjTKucRXhzvCLk_mA-ITEVFwi4bpePdFB_Bs2Ps1pxbMuhlAoAcPyjc17H84Jiaw7CRKg68wiIPc01IO66HBOtZLpf7wzkyvVIlx58PFF1JWKaXXGHmokraf4EcY-Nl3Pq8Ls455e5uHB5x3XNqW5a5zxaVALj1OCQjuzZWjyZU2rkeTn_QT0UF2xl7l3dpAHMoczZ75zh-yyx0zZ79mqYmx7862IegDTPe7EFmeAgRQnyjkE2Cm2-eoCR3Gun2HsGFyqbZno7g-zFh7apCf13wInj80Q-xjqUVsX_nvh0hehHgv5JZvKjVQ-POOtf2_MeQBYaratL5Cy46_IugyZLygsVLpsqBluwtEpRnpVWoLmnBwEf0cRq09s02zSUqM8_l9OhBOJ2Oofz0O0dZKr5Y4Vl5oSV79nG3JPPUeHFHV9xY-bySAYeN1ajd3IUxS8kmDHpU7tce0F6QlIkMziS6vWOJ-TD76MJEer13O2kSRFGmSBOWwWJFl5P_zohyi8vU520l7lfrg-yWGwcBW92TlHnBM0qA21aUB-QP9obvJb5bGjJS8mKYvOBP9BG01OaAPOQem-9z9Lsij9YNJV-tfc6NdXQaL0Ux-jzhwUBUNxt4AllaQpwU-em2yw-0vtrq9l6lG4ZY3UTcaam2irSiB-cdi3EFOUDMsuN0lpus157Nee_q_VhhSdi65NKRoAnBI3Xk2WSStcda-7NfH6WG5oaWMvEEsGqwSNF4EdUb0M-wrzfNk77mv31urkxO5fFe0xGH3xVJAEHRl_ntjFw0kdE7cSZDXtSSXEHksKOtu_JhugqXClfJ7cYsthVsDHeG2h4ScOpmjJuZdhmu8sVNWuDNwW_nmH4hWeiQzHQBBXsxtdePjDvoYkUliiCVx-pCJ-W3PKEwtYSbZFDwzbeOPmIaCs15oMVs6yIMEeuOU39O9gAGdak-y2UQ6UU5ei3DreZIN-vddgYLDoKw0Yoq2PNRrPtH3Md6jYavbQtZlXynXJk4KEy2WXHCNwMLkjMgedvVo5lHnp_oq9BdxsJpxYZMJt-xKzvNC4m1CgQvPKZrpPX1vGR7c13Vby0sbSzOvlMMT4xCRWBS4rNl6_R__QVNaDJIbErmbAHr-3Fu061blcgrUd0DvZCHqZHm0meQVIF3u0o0tAfhTAP26DwHkmSWDgueBFS9yh73MbuSdmJ_RDL3HWvusXs49dVxcpAV6uXekBhhBQfZ3bW4MuWZVAgYbN9ruK3_zecMLuPLAMRYe0B5KHNnv4FvDBIwGzo9ZUd5fCXvhCfu7AcFIK6au17G8h0J-Ju-X7lgBsRD5diIHmSr7Q8xnu6a8ntiu_TncYverN0obuHC6bGTr-y-v8COORivRZnkDLdJZeV_fWYpt-25zrNItDkCVxvc3be8tvzMG3r5Co7L6CdU6ec_aG1HUbekeLh2j05cEJRudQGHq9A_BCA9F4Lhtl9uZggVCUdACUG_gRzuOCU83E_wph3bTPFgWRrCpHSGhhSCUlYjCF8GLvzS-n1shBaTEFVORIWsSkPp1TfQ7zZhniO5C-J6sK-V7ggL_7Tuqf0PLTsW9HfTPCrhfuUssjF-3-By4g_oRi14qveLB5NObVODcZ1qLAhjcC9kropN-T7bMrAnPThRhL49RPna_toO4Mh0y2Q5VzpJDVjhDzkaSYNtOcdsY4MywzzBvZGQODRXqfekUd_Vc7AwGqFqRgVndZJ8XS93CW58qabloSb-INZuhcNLb6A18cKFCs_lSyFTrIY5rl2aOlT6XHkNXMPpQcG37Gi2nr_6e5VtRlsi-2KHdo7EA6ecSeuhd8x8wOGYpTAeOPn28NCMUks-wHYmBAuCv4XSje019andnjegg6a5apKEJ6xkC0ZlxVfhv6TE_hJ4dIYw8kcjvcnvn6P9LKMXKsWw4QvGCwVDNne3vQkWc9z1DHKj9jtHfm6P44QOhQMiulq0naEKEIROjl3SXpIlk42Erm9dlHemu_cNELMLJ-QnGX1Wc1HI1lPIVSzKIdmVdQ_NAWMY-QnwfuC21v25v5WckkEsYUcVDQPrbflLXw_Nw3nzuq7EwqDrt47mDoWmNcTxJOSM7TwT78UGzZeaV02usTly0lrnXoWerRcz7Rx6A6T6woA30IPLLQcWxFolDKIINMMI7dhYo1NvXyhmV6mxfRVPzjVr_Ee0nt5Cst57tuJnjKPP6ygcGjthRyA5XA8zYmfb71c1JnOZhjaMTpgHxRGb-KyR9C0TCH5nGXpFWJorY-hZ4zJIKKZObZB1jTz8lQVuchdLxwbvpWwSx8zoZJQi6sbdt9ztYJ_HrnD-BtezO_jCqd0dk2miN5kqTpjsQxHLIi06SrzI5_iuM0uQ4mTSdAgxymtrKseSNj9_4V3WiM2TRmCp6TtEb5rbez0aN_WfgpJqw1ZqTBUW7u6HPBObrHL4Hdz1yqLZEUVodV7YaCZY&cid=CAQSPADUE5ymtaK0qXIZKii1eCp27cA-7zDdb-gz6JUGbqcf1Fx5pP7ebz8-w5y4kj9k2CfKaFrKTq1mQW2QzRgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.ctfiot.com%2F&ds=l&xdt=1&iif=1&cor=4977769806906189000&adk=2228999115&idt=304&cac=0&dtd=27

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f157.1e100.net

Software

cafe /

Resource Hash

6d95ea547b0974a09d61104fa136f5eb6973466b6358fb06d997cc7f20ee71b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 01:41:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82676
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4123
x-xss-protection: 0
server: cafe
etag: 4541610132340792384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 01:41:12 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230405/r20110914/ Frame AA2F 28 KB
11 KB 195ms
194ms Script
text/javascript 74.125.24.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230405/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f157.1e100.net

Software

cafe /

Resource Hash

c4681920200f339999ac3f6d4a6c5214d92e9a0edca00cfb91b28e3494ea03ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 13:03:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41728
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11009
x-xss-protection: 0
server: cafe
etag: 12368014760096651300
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 24 Apr 2023 13:03:40 GMT

GET
H3 200 eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js Show response
pagead2.googlesyndication.com/bg/ Frame A71B 36 KB
14 KB 195ms
195ms Script
text/javascript 74.125.24.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js

Requested by

Host: www.ctfiot.com
URL: https://www.ctfiot.com/87670.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f157.1e100.net

Software

sffe /

Resource Hash

786addb7e1ae880b2d60304114f4651dedfaaaee2e9209d8e8fe9e2a314168db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 08:24:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 144902
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14213
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 08 Apr 2024 08:24:06 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame AA2F 41 KB
15 KB 201ms
197ms Script
text/javascript 74.125.130.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.130.132 Nashville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f132.1e100.net

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Fri, 07 Apr 2023 21:47:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 269514
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 Apr 2024 21:47:14 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0262 1 KB
643 B 201ms
196ms Document
text/html 74.125.24.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f157.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

age: 80834
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 10 Apr 2023 02:11:54 GMT
etag: 48472445140208031
expires: Tue, 11 Apr 2023 02:11:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame AA2F 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3c692d5df95be73152ded45a4299801b89efe12749e24155dd48f1f924612252

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js Show response
pagead2.googlesyndication.com/bg/ Frame E3A7 36 KB
14 KB 200ms
194ms Script
text/javascript 74.125.24.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f157.1e100.net

Software

sffe /

Resource Hash

786addb7e1ae880b2d60304114f4651dedfaaaee2e9209d8e8fe9e2a314168db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 08:24:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 144903
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14213
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 08 Apr 2024 08:24:06 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 7F32 22 KB
8 KB 200ms
195ms Document
text/html 74.125.130.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.130.132 Nashville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f132.1e100.net

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 259038
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 08 Apr 2023 00:41:51 GMT
expires: Sun, 07 Apr 2024 00:41:51 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0262
Redirect Chain

https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESECoMutjBtsolbbClyW04po0&google_cver=1&google_push=Aer7DvLBnUg_p-BHAYTKkOB0_9qYw6nMHsnQEsLieSW3Njvx8-QHLZk...
https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=107b57c517941b49&is_secure=true&networkId=14000&version=1&google_gid=CAESECoMutjBtsolbbClyW04po0&google_cver=1&google_push=Aer7DvLBnUg_...
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAMR9I5T_yZHQNWL5T2AAAAAAA&expiration=1681259950&google_cver=1&is_secure=true&google_gid=CAESECoMutjBtsolbbClyW04p...

170 B
188 B

196ms
196ms

Image
image/png

172.217.194.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAMR9I5T_yZHQNWL5T2AAAAAAA&expiration=1681259950&google_cver=1&is_secure=true&google_gid=CAESECoMutjBtsolbbClyW04po0&google_push=Aer7DvLBnUg_p-BHAYTKkOB0_9qYw6nMHsnQEsLieSW3Njvx8-QHLZkvI4TUleABezimQaabgRwMP5hoqT_La5JZ_cS_tZEsPGXZTjAH39lRSnymQsh0h3o9xdhjreAE72numltG-rOS6ebuNSpg0u9uSz31ZA

Requested by

Protocol

Server

172.217.194.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 00:39:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 11 Apr 2023 00:39:10 GMT
server: nginx
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location: https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAMR9I5T_yZHQNWL5T2AAAAAAA&expiration=1681259950&google_cver=1&is_secure=true&google_gid=CAESECoMutjBtsolbbClyW04po0&google_push=Aer7DvLBnUg_p-BHAYTKkOB0_9qYw6nMHsnQEsLieSW3Njvx8-QHLZkvI4TUleABezimQaabgRwMP5hoqT_La5JZ_cS_tZEsPGXZTjAH39lRSnymQsh0h3o9xdhjreAE72numltG-rOS6ebuNSpg0u9uSz31ZA
cache-control: no-cache, private, max-age=0, no-store
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0262
Redirect Chain

https://x.bidswitch.net/sync?ssp=google_jp&google_gid=CAESEDMn5QBt2DQmIz0XKSICwd8&google_cver=1&google_push=Aer7DvJ9LxBpRyveD6On00O4dmbwUbs-2q7oWE_-XWWM-_NHbXJIzLXjCdAm2FigtDh5HbrWw6ESCNh1O6XRDLiyq...
https://x.bidswitch.net/ul_cb/sync?ssp=google_jp&google_gid=CAESEDMn5QBt2DQmIz0XKSICwd8&google_cver=1&google_push=Aer7DvJ9LxBpRyveD6On00O4dmbwUbs-2q7oWE_-XWWM-_NHbXJIzLXjCdAm2FigtDh5HbrWw6ESCNh1O6X...
https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=Aer7DvJ9LxBpRyveD6On00O4dmbwUbs-2q7oWE_-XWWM-_NHbXJIzLXjCdAm2FigtDh5HbrWw6ESCNh1O6XRDLiyqhQ1fLgmzkX_9X-f4jLid9gJYGPySmvVOhcbD...

170 B
188 B

200ms
198ms

Image
image/png

172.217.194.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=Aer7DvJ9LxBpRyveD6On00O4dmbwUbs-2q7oWE_-XWWM-_NHbXJIzLXjCdAm2FigtDh5HbrWw6ESCNh1O6XRDLiyqhQ1fLgmzkX_9X-f4jLid9gJYGPySmvVOhcbDqcCVkTWwNWlBqAInWp9e6gqw_T4QeH0ig&google_hm=wuuQa4yfTuuoRo_lWqVFxg==

Requested by

Protocol

Server

172.217.194.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 00:39:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=iponweb_japan&google_push=Aer7DvJ9LxBpRyveD6On00O4dmbwUbs-2q7oWE_-XWWM-_NHbXJIzLXjCdAm2FigtDh5HbrWw6ESCNh1O6XRDLiyqhQ1fLgmzkX_9X-f4jLid9gJYGPySmvVOhcbDqcCVkTWwNWlBqAInWp9e6gqw_T4QeH0ig&google_hm=wuuQa4yfTuuoRo_lWqVFxg==
Date: Tue, 11 Apr 2023 00:39:10 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0262
Redirect Chain

https://s.uuidksinc.net/match/47/?remote_uid=CAESEGwXO0rYdq-5FKBCXl5-NU4&c_param1=Aer7DvJEQepFsEk_p7cqb2tYQrz9b4F_yjtI_dnCnI2NsI8VCq3kup8SbUo7m5QhqzIlbHbZhxfpU_UD6Nj-8CWSILhnoYBMnjSqFXotqtQtl_5tqto...
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=Aer7DvJEQepFsEk_p7cqb2tYQrz9b4F_yjtI_dnCnI2NsI8VCq3kup8SbUo7m5QhqzIlbHbZhxfpU_UD6Nj-8CWSILhnoYBMnjSqFXotqtQtl_5tqtoCbux63FdAVNMj90s2C...

170 B
188 B

199ms
199ms

Image
image/png

172.217.194.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=Aer7DvJEQepFsEk_p7cqb2tYQrz9b4F_yjtI_dnCnI2NsI8VCq3kup8SbUo7m5QhqzIlbHbZhxfpU_UD6Nj-8CWSILhnoYBMnjSqFXotqtQtl_5tqtoCbux63FdAVNMj90s2CmpqqjcCVpyDm-ZGN361hlYx9Q

Requested by

Protocol

Server

172.217.194.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 00:39:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=Aer7DvJEQepFsEk_p7cqb2tYQrz9b4F_yjtI_dnCnI2NsI8VCq3kup8SbUo7m5QhqzIlbHbZhxfpU_UD6Nj-8CWSILhnoYBMnjSqFXotqtQtl_5tqtoCbux63FdAVNMj90s2CmpqqjcCVpyDm-ZGN361hlYx9Q
date: Tue, 11 Apr 2023 00:39:10 GMT
server: nginx/1.23.2
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0262
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEINyGKFKpUPNhP32bkD-ZIA&google_cver=1&google_push=Aer7DvJ6262aEwA5bz61GlUndcnAIM-rcpHb32zM_nurh-Gtl9QC1tPIGnDxkDLvyPpKw6xuGNHBLmzn...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEINyGKFKpUPNhP32bkD-ZIA&google_cver=1&google_push=Aer7DvJ6262aEwA5bz61GlUndcnAIM-rcpHb32zM_nurh-Gtl9QC1tPIGnDxkDLvyPpKw6xuGNH...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDQ3NzEyODkxNTczODQxOTM4NQ&google_push=Aer7DvJ6262aEwA5bz61GlUndcnAIM-rcpHb32zM_nurh-Gtl9QC1tPIGnDxkDLvyPpKw6xuGNHBLm...

170 B
188 B

201ms
200ms

Image
image/png

172.217.194.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDQ3NzEyODkxNTczODQxOTM4NQ&google_push=Aer7DvJ6262aEwA5bz61GlUndcnAIM-rcpHb32zM_nurh-Gtl9QC1tPIGnDxkDLvyPpKw6xuGNHBLmznNMqOwdcjDa6jj6kkFFkVINQwNRgw5rRHt--DEXdv1lAW-hcbo6hyMRzYZHsRWpfBZiFERp8MeVZosQ

Requested by

Protocol

Server

172.217.194.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 00:39:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 11 Apr 2023 00:39:10 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDQ3NzEyODkxNTczODQxOTM4NQ&google_push=Aer7DvJ6262aEwA5bz61GlUndcnAIM-rcpHb32zM_nurh-Gtl9QC1tPIGnDxkDLvyPpKw6xuGNHBLmznNMqOwdcjDa6jj6kkFFkVINQwNRgw5rRHt--DEXdv1lAW-hcbo6hyMRzYZHsRWpfBZiFERp8MeVZosQ
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0262
Redirect Chain

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEDdNGZiwFUgopQl9wBvT2iI&google_cver=1&google_push=Aer7DvK1WYHSctVv2VlD1cL9fhmM7EehNlIKDMzL15TOB-AqcivTDqWYmSncxFAy-9kxAtXSAEKCbVZAUJm8r...
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEDdNGZiwFUgopQl9wBvT2iI&google_push=Aer7DvK1WYHSctVv2VlD1cL9fhmM7EehNlIKDMzL15TOB-AqcivTDqWYmSncxFAy-9kxAtXSAEKCbVZAUJm8r...
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=Aer7DvK1WYHSctVv2VlD1cL9fhmM7EehNlIKDMzL15TOB-AqcivTDqWYmSncxFAy-9kxAtXSAEKCbVZAUJm8r7GqcZzp1rjztyrqqxi7LCgL0djA6PKV6d74BY_cpZOGWan...

170 B
188 B

199ms
197ms

Image
image/png

172.217.194.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=Aer7DvK1WYHSctVv2VlD1cL9fhmM7EehNlIKDMzL15TOB-AqcivTDqWYmSncxFAy-9kxAtXSAEKCbVZAUJm8r7GqcZzp1rjztyrqqxi7LCgL0djA6PKV6d74BY_cpZOGWanY8CFAyWY2Et8tgc-QasPuqBBZ4Q&google_hm=dU1OVGJZSFFiXzZORnNFSGlvdlo=

Requested by

Protocol

Server

172.217.194.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 00:39:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 11 Apr 2023 00:39:10 GMT
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=Aer7DvK1WYHSctVv2VlD1cL9fhmM7EehNlIKDMzL15TOB-AqcivTDqWYmSncxFAy-9kxAtXSAEKCbVZAUJm8r7GqcZzp1rjztyrqqxi7LCgL0djA6PKV6d74BY_cpZOGWanY8CFAyWY2Et8tgc-QasPuqBBZ4Q&google_hm=dU1OVGJZSFFiXzZORnNFSGlvdlo=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 294
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2

200

report
sync.teads.tv/um/ Frame 0262
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEKDYVb6DKS6r4Yk397DxU6I&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=MzQ1YTFmMGItM2RjYi00YjhjLTgyOGYtNDU1MzU5ZDcxYzhh&google_push=Aer7DvKrKBiWQvnk-aQWRRnByWlcwQQ7K3rZM8Y-faadpm7W4ZeyseNKqpZjOjS0L9yh8...
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

324ms
324ms

Image
image/gif

23.213.141.184
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5738725703232626&output=html&h=600&adk=3473758137&adf=2980804260&pi=t.aa~a.123497700~rp.4&w=270&fwrn=4&fwrnh=100&lmt=1681173547&rafmt=1&to=qs&pwprc=1516750021&format=270x600&url=https%3A%2F%2Fwww.ctfiot.com%2F87670.html&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681173547260&bpp=1&bdt=4067&idt=1&shv=r20230405&mjsv=m202304050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dc502b709776c267a-22699aa720dd00f3%3AT%3D1681173546%3ART%3D1681173546%3AS%3DALNI_MYBy9SNwpIAWG5X0JbdedNHvG31ug&gpic=UID%3D00000bf26418840a%3AT%3D1681173546%3ART%3D1681173546%3AS%3DALNI_MaS95wXy-jlEhax1sJ1ysfF91zkzw&prev_fmts=0x0%2C745x187%2C745x447%2C310x250&nras=2&correlator=5273979297390&frm=20&pv=1&ga_vid=769908017.1681173546&ga_sid=1681173546&ga_hid=163435733&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1095&ady=1786&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759842%2C44759876%2C31071755%2C31073584%2C42531706&oid=2&pvsid=360382840906581&tmod=485068584&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=865HbLZzyy&p=https%3A//www.ctfiot.com&dtd=7
Protocol: H2
Server: 23.213.141.184 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-213-141-184.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

expires: Tue, 11 Apr 2023 00:39:10 GMT
pragma: no-cache
date: Tue, 11 Apr 2023 00:39:10 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 11 Apr 2023 00:39:10 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0262
Redirect Chain

https://trace.mediago.io/cs/google?google_gid=CAESEFc5borQVvx6rzks25MHr6Y&google_cver=1&google_push=Aer7DvJGr2fnE65ctb7gfLoXe92rpNN8NWWm4BcWkn47v4hJmPfRK_BeexUEsoL_ye06iBxcowPNlEbkU7e8yp3aSzud9JweM...
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=Aer7DvJGr2fnE65ctb7gfLoXe92rpNN8NWWm4BcWkn47v4hJmPfRK_BeexUEsoL_ye06iBxcowPNlEbkU7e8yp3aSzud9JweMgFE_kpG4mOSKqCpMLTdPoScKsPFZ...

170 B
188 B

199ms
199ms

Image
image/png

172.217.194.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=Aer7DvJGr2fnE65ctb7gfLoXe92rpNN8NWWm4BcWkn47v4hJmPfRK_BeexUEsoL_ye06iBxcowPNlEbkU7e8yp3aSzud9JweMgFE_kpG4mOSKqCpMLTdPoScKsPFZz-hR6rZWwbECQz881PKNZS7oEoirhsQDw&google_hm=609d12970627194c999dc13a7262285f

Requested by

Protocol

Server

172.217.194.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 00:39:10 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=Aer7DvJGr2fnE65ctb7gfLoXe92rpNN8NWWm4BcWkn47v4hJmPfRK_BeexUEsoL_ye06iBxcowPNlEbkU7e8yp3aSzud9JweMgFE_kpG4mOSKqCpMLTdPoScKsPFZz-hR6rZWwbECQz881PKNZS7oEoirhsQDw&google_hm=609d12970627194c999dc13a7262285f
date: Tue, 11 Apr 2023 00:39:09 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 304
content-type: text/html; charset=utf-8

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 0262 0
59 B 203ms
194ms Image
text/html 172.217.194.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lbmh1M3AabVkRkiBBNIaZmakW5s4m1s0E2mQWqurT0cZwikTYkgT6Me0uESPdaa4Map0_YDbo

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 00:39:09 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js Show response
pagead2.googlesyndication.com/bg/ Frame B1B8 36 KB
14 KB 194ms
193ms Script
text/javascript 74.125.24.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f157.1e100.net

Software

sffe /

Resource Hash

786addb7e1ae880b2d60304114f4651dedfaaaee2e9209d8e8fe9e2a314168db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 08:24:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 144903
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14213
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 08 Apr 2024 08:24:06 GMT

GET
H3 200 eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js Show response
pagead2.googlesyndication.com/bg/ Frame 7F32 36 KB
14 KB 195ms
195ms Script
text/javascript 74.125.24.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/eGrdt-GuiAstYDBBFPRlHe36qu4ukgnY6P6eKjFBaNs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f157.1e100.net

Software

sffe /

Resource Hash

786addb7e1ae880b2d60304114f4651dedfaaaee2e9209d8e8fe9e2a314168db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Sun, 09 Apr 2023 08:24:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 144903
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14213
x-xss-protection: 0
last-modified: Mon, 03 Apr 2023 13:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 08 Apr 2024 08:24:06 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/15356589099931226557/VOREHA0962_Student_SIMO_Offer-160x600/ Frame CCD5 5 KB
1 KB 591ms
196ms Document
text/html 142.251.10.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15356589099931226557/VOREHA0962_Student_SIMO_Offer-160x600/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f149.1e100.net

Software

sffe /

Resource Hash

a077cd65db48fa5e781e6292bc355cf8dde0fd15e2b01598bfd4813cd557500e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2787
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1459
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 10 Apr 2023 23:52:43 GMT
expires: Tue, 09 Apr 2024 23:52:43 GMT
last-modified: Thu, 19 Jan 2023 06:36:33 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame AA2F 0
0 611ms
207ms Fetch
image/gif 142.251.10.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvyJ80OV5kV8iCXeKegbPuDY433QtBz4gYEFevvvBzBr-DPGUwJt-FIuVrJPE9-N69eTAN5PSDXlxjK77V5b1xqJs-Fxfup3xnZEjRbSZVBt50zckqh-WwrNUSeoVgIMzOsAcHSUv8oBUHPOi9eSKGCoWMGN1Vdy5LiLfvRtVFOWJn442EAbYc5Vna1Cw4A-kgnEA9BRQo_EhNEz9QSxTeW7J5svKP8kEh0FzYySleAMkEdwmtmVuTMi3Z9zlPqDGFWTaNfrpUsNh9x1scWana8krh470i3Rk_ihKFwA0MWVDrM06cR1VK8RPwtdasaELcI5PnFSOC8WA9tSC7DvK-X6sKm1WK9LvbkdSXAnftihpDzPstUFXLBIUX4IJhTAhWklvnw6klZueh46v-Cj7BTohBebW9bSDGWcZniGN6lSd81stP4IovOWmonsOmW4p7AE9-W49NcSEbkZ4aBWUxgwBdxVA30tzXGi7LY-fVkh7IaN6D_Ktf_DrxexgyLlZZQe1d7KuXXdSDZCVaxZ_Jtpx0EVJjntqHkTqkohrdwwZ8J8cLy4g8kBN_31hKKjjCgfyr3QDZA1RUckOE6HU1mZNgOwZI-tpXMKriMp1NMSIneywjks6nYrZlEEF9iZNfYPH_-Nkr_Wd0rjS2Bmy2QUbsmN2ePwer_vzRoTBcQhItU3OauCzY3yXfgDqEHPNLMr5WMkuVLr7KSvB8T3vdKkYgKsQdB0SYDFm4tmU55H8Mj-MNE13k3LixhLFk3LVZtic4lB-zFtSABo_MenI_dhGM6gEdbbXnJbLXp7GbUJ8mcmJT_GCZjop9ljP38tNlg71A5nIV70yrpVwg-4nbWZ6_5lgxUFIVuOIOsN9k57JRHYGpXBK9o9LyR2IQmS0FYJhAsZAO_Nhhsct0dOHdV-vKfvf8yojk1jLPZptM79Gj4Z0MXX_5NJAq2hWsLZieHMRyNL-N9rLyVKCNIvmM5vlKi_jrdF69LIDC0s5SEjIF-iyvJkqM1l2u3fcfoONkjp6tHU8AT2AFfeFaNrimlwMRZ1qsbYYHJjaMOaS5FmKANMch-DUERxxzq4APFQmlPutdr_wTkW0w3XOhlIy_Eq82bpEPHRvWKQB7w2wP-9YLrOuICfRbabgOeKPrayefXS6z3kXNRXBZirpROuF7sbM6COCYGl8GhrfEVgW5Due2VnzUU99_AJRNQEsHwhCEHhFqUslxnL_YQIIaVQTJ-&sai=AMfl-YRvRzb8G3zfmXVarb0q8mKuR5jvUvO8lqkiaxgaGhcpnfkCuHUndjLP7OuhLIOS3pF1GqoqBdYg9U-5prK_NgATqZ339n24ku1rrIAwP8HoNAASTJZgmQ4E04YBWZMeMvHj9Mg7S7GpE_9-laubISZLWiuvdutVZhT9vfr8lzqP7LA1XbqWmZqgD1AsSSm1mjUEqxegykv0EX3cfsck-JP6e48UPT9xTUioKYEfx_5SKqLCKZtMfxltU5_MjgR7qFvJLh0&sig=Cg0ArKJSzLRRFuiZ_HubEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1013&cbvp=1&cstd=1003&cisv=r20230405.23227&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.ctfiot.com
URL: https://www.ctfiot.com/87670.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 11 Apr 2023 00:39:10 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 11 Apr 2023 00:39:10 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7F32 0
20 B 201ms
200ms Image
image/gif 74.125.24.157
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B9vC7LKw0ZLrTGPu84t4P26ah2AIAAAAAOAHgBAI&bg=!RUalRhLNAAYIJb0jKCU7ADkAdvg8WmQDz31nQnxBKD2bGHuZYbWaM6m-dFbl4aImegkTLNNSXTbqo8CSIB1ilUsWbbKZOpV-puACAAAAzVIAAAAMaAEHmQLIkNmE8t0kul1JFwahQipxiMTZxxpKjdXvnvEP93qglqdOp2wuMJuOSyPrAVfZFVXvmJAV6Avxurj6G8XAQ1JtIeJ4U619m3_yj0pfOjtUI8rvdSWphCysKWZqQbY3YGcpMJ4-agV7eL4Pu0v5nyA0I2ateSrr-SKWixhL3viaTMB_PeM3JNga6NWZzUNKDrUQe2aTnExGy-YlXBgGRJGFjLIuUW6y7ohb8di38ObeDsfAUPCMLN_9PrZQqzZqbbJzcLijCxruyDPSx-9876gOuDtB1l4BanP91ZLvxn9Li_NC_mNcz12vdFZY55HMo1aK__75sP5DrRMFgqf-Z62tluk0s0qA9LMgFlH1sxyILTsR-xaC5FuLTA17qLP78hYas1cCcW2M92rWtK1jdktse-vJimpIwnzcftg8RsCWmWenCuUI43kjfeH4QemsJj0aZRwCN06SVArAuojUMxwzrKNMPDUeHCjtjRGluD_299u3tbPi5CNMQvrV8kbDUcdeCihtGFIhNqpaJtnSx7SHZfx12CfcHP7I9unMQhNwcjoyUqKqlU4XWxeqk1R4y9bnYYQEyNkUOpxR_5IXSCOci5MKSzA4DbWe--JT9XkR-KMfDfVHcGuptxE66QUFAG9-8koDT9wHVemcJWk7yJIUlK7SKqp8TUsLOdzz3k4Zu6vJOIhbpNYYdAx5YSvki26muevdKH4AaSpAwtfRW1eaIq5b25RogNx3zAm2qQkcRyoHu-_FNiMOestQT_PzBWixUwAQJNegcVPFNNn2zieGIM7cC6hbznRvWxaM-42lUql4HOsQor2bm_QaqVRNCfDWokJsWgiKUPd-Lr8BQFK33R66IjFDAlYDEiw0MCMtaLtThzUhRj68jpPIbGecs7wV4WwFB01L6V3vNEfUTWla4D774a3oP63wZBA7m_A430SIDalOYq-gpQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f157.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 00:39:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EBBB 42 B
174 B 204ms
199ms Fetch
image/gif 74.125.24.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssUccxr-ZQzEzm05ljEjg932qFVSGY7DdmUiFZI0JYy8kcGORk1tY73-wVJuT0DzmLGtDRE0YfzUNF0JT0RsJIc3bA9XZLN2S-f_9JxT-DdY3vlaM1Ek6EF5CMZG7EDcSAqiRk&sai=AMfl-YTtuMECzKxodnDiVcSKu_Vcynn8gwHdxTSe5LaNKo9SmKpojfzgZYE9w0sA2_jullDugc5j4lT2Vmq0&sig=Cg0ArKJSzNf3760JjvlTEAE&cid=CAQSGwDUE5ymTNYN3l5sABtBIbZAq728gAkacl_QUhgB&id=lidar2&mcvt=1000&p=0,0,250,310&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230410&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=277611441&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1681173546349&rpt=2720&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f157.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 00:39:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5F36 42 B
108 B 200ms
199ms Fetch
image/gif 74.125.24.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstdDRugI6Fc0xrQZIQsWWrIy3Ua2RhXm1URVqf9XyHAknjMw4wOsEg7M3iM4yfV0CRkxvSp36RWvPu0D1w3Wh72cpz-ZCKO7xRHS0hgf2i8kaEq4-S2gCJBSOUpXJysN2tqI7c&sai=AMfl-YSo-SvuGRM2l99pbctrUZii_bKTp5x4f73fGFogBFkFH_Rp6xIrHdbQZYHLumeDrYkIieL6s4-b9qPL&sig=Cg0ArKJSzKqxeWn0YexNEAE&cid=CAQSGwDUE5ymqgPOdCcsjGU-O1Xl0s0dNDnLteIj5BgB&id=lidar2&mcvt=1000&p=0,0,187,745&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230410&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3108791033&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1681173546328&rpt=2896&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f157.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 00:39:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 style.css
s0.2mdn.net/sadbundle/15356589099931226557/VOREHA0962_Student_SIMO_Offer-160x600/ Frame CCD5 2 KB
767 B 201ms
197ms Stylesheet
text/css 142.251.10.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15356589099931226557/VOREHA0962_Student_SIMO_Offer-160x600/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15356589099931226557/VOREHA0962_Student_SIMO_Offer-160x600/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f149.1e100.net

Software

sffe /

Resource Hash

1b29fe64ca41a892e72a6691d974f44c45af338e87f6d27d9aa079c0990f0d80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15356589099931226557/VOREHA0962_Student_SIMO_Offer-160x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 23:52:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2786
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 06:36:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 Apr 2024 23:52:44 GMT

GET
H3 200 terms.png
s0.2mdn.net/sadbundle/15356589099931226557/VOREHA0962_Student_SIMO_Offer-160x600/images/ Frame CCD5 1 KB
1 KB 202ms
197ms Image
image/png 142.251.10.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15356589099931226557/VOREHA0962_Student_SIMO_Offer-160x600/images/terms.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15356589099931226557/VOREHA0962_Student_SIMO_Offer-160x600/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f149.1e100.net

Software

sffe /

Resource Hash

f2a9bff86c1e8b72b9c4cde71850a36a530a5aeb5c020d306046954a6435e3a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15356589099931226557/VOREHA0962_Student_SIMO_Offer-160x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 23:52:44 GMT
x-content-type-options: nosniff
age: 2786
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1216
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 06:36:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 Apr 2024 23:52:44 GMT

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/15356589099931226557/VOREHA0962_Student_SIMO_Offer-160x600/images/ Frame CCD5 1 KB
1 KB 266ms
266ms Image
image/png 142.251.10.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15356589099931226557/VOREHA0962_Student_SIMO_Offer-160x600/images/logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15356589099931226557/VOREHA0962_Student_SIMO_Offer-160x600/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f149.1e100.net

Software

sffe /

Resource Hash

3d2dcfdd84079d02f16dd215d8168559eb3ee5bd2bc8b5313f863feafd1a64a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15356589099931226557/VOREHA0962_Student_SIMO_Offer-160x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 23:52:44 GMT
x-content-type-options: nosniff
age: 2786
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1449
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 06:36:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 Apr 2024 23:52:44 GMT

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/15356589099931226557/VOREHA0962_Student_SIMO_Offer-160x600/images/ Frame CCD5 2 KB
2 KB 272ms
271ms Image
image/png 142.251.10.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15356589099931226557/VOREHA0962_Student_SIMO_Offer-160x600/images/cta.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15356589099931226557/VOREHA0962_Student_SIMO_Offer-160x600/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f149.1e100.net

Software

sffe /

Resource Hash

fc64d53b67a597d98308de0b509902f48c9f31e82e56762f887aef5d0eaa5d5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15356589099931226557/VOREHA0962_Student_SIMO_Offer-160x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 23:52:44 GMT
x-content-type-options: nosniff
age: 2786
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1927
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 06:36:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 Apr 2024 23:52:44 GMT

GET
H3 200 text1.png
s0.2mdn.net/sadbundle/15356589099931226557/VOREHA0962_Student_SIMO_Offer-160x600/images/ Frame CCD5 3 KB
3 KB 283ms
281ms Image
image/png 142.251.10.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15356589099931226557/VOREHA0962_Student_SIMO_Offer-160x600/images/text1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15356589099931226557/VOREHA0962_Student_SIMO_Offer-160x600/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f149.1e100.net

Software

sffe /

Resource Hash

c98b0f3e90dee07da0f729f08d043525968535f8c70d254747250ea0e2c107b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15356589099931226557/VOREHA0962_Student_SIMO_Offer-160x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 23:52:44 GMT
x-content-type-options: nosniff
age: 2786
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3406
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 06:36:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 Apr 2024 23:52:44 GMT

GET
H3 200 line.png
s0.2mdn.net/sadbundle/15356589099931226557/VOREHA0962_Student_SIMO_Offer-160x600/images/ Frame CCD5 380 B
407 B 277ms
275ms Image
image/png 142.251.10.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15356589099931226557/VOREHA0962_Student_SIMO_Offer-160x600/images/line.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15356589099931226557/VOREHA0962_Student_SIMO_Offer-160x600/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f149.1e100.net

Software

sffe /

Resource Hash

bfcfeaac5760a7716094a6ae9c2f949264d27a676204cefc8709146a0b3b9eae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15356589099931226557/VOREHA0962_Student_SIMO_Offer-160x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 23:52:44 GMT
x-content-type-options: nosniff
age: 2786
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 380
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 06:36:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 Apr 2024 23:52:44 GMT

GET
H3 200 text2.png
s0.2mdn.net/sadbundle/15356589099931226557/VOREHA0962_Student_SIMO_Offer-160x600/images/ Frame CCD5 4 KB
4 KB 310ms
309ms Image
image/png 142.251.10.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15356589099931226557/VOREHA0962_Student_SIMO_Offer-160x600/images/text2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15356589099931226557/VOREHA0962_Student_SIMO_Offer-160x600/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f149.1e100.net

Software

sffe /

Resource Hash

7cda9d5d4db6f4fdb51d8447eb5345c119ff0b2aee546111f14b72283bf87832

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15356589099931226557/VOREHA0962_Student_SIMO_Offer-160x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 23:52:44 GMT
x-content-type-options: nosniff
age: 2786
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4561
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 06:36:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 Apr 2024 23:52:44 GMT

GET
H3 200 text3.png
s0.2mdn.net/sadbundle/15356589099931226557/VOREHA0962_Student_SIMO_Offer-160x600/images/ Frame CCD5 3 KB
3 KB 293ms
292ms Image
image/png 142.251.10.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15356589099931226557/VOREHA0962_Student_SIMO_Offer-160x600/images/text3.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15356589099931226557/VOREHA0962_Student_SIMO_Offer-160x600/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f149.1e100.net

Software

sffe /

Resource Hash

a6ae389d3aa57c66b768ebe82e445af27fc9057137694a8d12b1fee1a41b41aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15356589099931226557/VOREHA0962_Student_SIMO_Offer-160x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 23:52:44 GMT
x-content-type-options: nosniff
age: 2786
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2902
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 06:36:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 Apr 2024 23:52:44 GMT

GET
H3 200 bg.png
s0.2mdn.net/sadbundle/15356589099931226557/VOREHA0962_Student_SIMO_Offer-160x600/images/ Frame CCD5 30 KB
30 KB 326ms
325ms Image
image/png 142.251.10.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15356589099931226557/VOREHA0962_Student_SIMO_Offer-160x600/images/bg.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15356589099931226557/VOREHA0962_Student_SIMO_Offer-160x600/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f149.1e100.net

Software

sffe /

Resource Hash

d1b33849880da5df434951429bda73a20e0855d4c98e585da0c3aea04c4597cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15356589099931226557/VOREHA0962_Student_SIMO_Offer-160x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 23:52:44 GMT
x-content-type-options: nosniff
age: 2786
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30347
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 06:36:33 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 Apr 2024 23:52:44 GMT

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame CCD5 60 KB
24 KB 195ms
195ms Script
text/javascript 142.251.10.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15356589099931226557/VOREHA0962_Student_SIMO_Offer-160x600/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f149.1e100.net

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15356589099931226557/VOREHA0962_Student_SIMO_Offer-160x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 00:39:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 11 Apr 2023 00:39:10 GMT

GET
H3 200 scripts.js Show response
s0.2mdn.net/sadbundle/15356589099931226557/VOREHA0962_Student_SIMO_Offer-160x600/ Frame CCD5 2 KB
862 B 193ms
193ms Script
application/x-javascript 142.251.10.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15356589099931226557/VOREHA0962_Student_SIMO_Offer-160x600/scripts.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15356589099931226557/VOREHA0962_Student_SIMO_Offer-160x600/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f149.1e100.net

Software

sffe /

Resource Hash

b436d1a364badbda7f5bb1e850cc9e4ca66706366799c41e442100b2dd3fa147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15356589099931226557/VOREHA0962_Student_SIMO_Offer-160x600/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 23:52:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2786
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 833
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 06:36:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 Apr 2024 23:52:44 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame AA2F 0
0 206ms
201ms Fetch
image/gif 142.251.10.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvyJ80OV5kV8iCXeKegbPuDY433QtBz4gYEFevvvBzBr-DPGUwJt-FIuVrJPE9-N69eTAN5PSDXlxjK77V5b1xqJs-Fxfup3xnZEjRbSZVBt50zckqh-WwrNUSeoVgIMzOsAcHSUv8oBUHPOi9eSKGCoWMGN1Vdy5LiLfvRtVFOWJn442EAbYc5Vna1Cw4A-kgnEA9BRQo_EhNEz9QSxTeW7J5svKP8kEh0FzYySleAMkEdwmtmVuTMi3Z9zlPqDGFWTaNfrpUsNh9x1scWana8krh470i3Rk_ihKFwA0MWVDrM06cR1VK8RPwtdasaELcI5PnFSOC8WA9tSC7DvK-X6sKm1WK9LvbkdSXAnftihpDzPstUFXLBIUX4IJhTAhWklvnw6klZueh46v-Cj7BTohBebW9bSDGWcZniGN6lSd81stP4IovOWmonsOmW4p7AE9-W49NcSEbkZ4aBWUxgwBdxVA30tzXGi7LY-fVkh7IaN6D_Ktf_DrxexgyLlZZQe1d7KuXXdSDZCVaxZ_Jtpx0EVJjntqHkTqkohrdwwZ8J8cLy4g8kBN_31hKKjjCgfyr3QDZA1RUckOE6HU1mZNgOwZI-tpXMKriMp1NMSIneywjks6nYrZlEEF9iZNfYPH_-Nkr_Wd0rjS2Bmy2QUbsmN2ePwer_vzRoTBcQhItU3OauCzY3yXfgDqEHPNLMr5WMkuVLr7KSvB8T3vdKkYgKsQdB0SYDFm4tmU55H8Mj-MNE13k3LixhLFk3LVZtic4lB-zFtSABo_MenI_dhGM6gEdbbXnJbLXp7GbUJ8mcmJT_GCZjop9ljP38tNlg71A5nIV70yrpVwg-4nbWZ6_5lgxUFIVuOIOsN9k57JRHYGpXBK9o9LyR2IQmS0FYJhAsZAO_Nhhsct0dOHdV-vKfvf8yojk1jLPZptM79Gj4Z0MXX_5NJAq2hWsLZieHMRyNL-N9rLyVKCNIvmM5vlKi_jrdF69LIDC0s5SEjIF-iyvJkqM1l2u3fcfoONkjp6tHU8AT2AFfeFaNrimlwMRZ1qsbYYHJjaMOaS5FmKANMch-DUERxxzq4APFQmlPutdr_wTkW0w3XOhlIy_Eq82bpEPHRvWKQB7w2wP-9YLrOuICfRbabgOeKPrayefXS6z3kXNRXBZirpROuF7sbM6COCYGl8GhrfEVgW5Due2VnzUU99_AJRNQEsHwhCEHhFqUslxnL_YQIIaVQTJ-&sai=AMfl-YRvRzb8G3zfmXVarb0q8mKuR5jvUvO8lqkiaxgaGhcpnfkCuHUndjLP7OuhLIOS3pF1GqoqBdYg9U-5prK_NgATqZ339n24ku1rrIAwP8HoNAASTJZgmQ4E04YBWZMeMvHj9Mg7S7GpE_9-laubISZLWiuvdutVZhT9vfr8lzqP7LA1XbqWmZqgD1AsSSm1mjUEqxegykv0EX3cfsck-JP6e48UPT9xTUioKYEfx_5SKqLCKZtMfxltU5_MjgR7qFvJLh0&sig=Cg0ArKJSzLRRFuiZ_HubEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2302&vt=11&dtpt=1289&dett=3&cstd=1003&cisv=r20230405.23227&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.ctfiot.com
URL: https://www.ctfiot.com/87670.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f156.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 00:39:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 11 Apr 2023 00:39:11 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AA2F 0
20 B 206ms
201ms Ping
image/gif 74.125.24.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9971399880960&version=m202301230201&ct=76&x=1&cor=4977769806906189000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f157.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 11 Apr 2023 00:39:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 he-simple-common.js Show response
widget.qweather.net/simple/static/js/ 400 B
986 B 618ms
200ms Script
application/javascript 47.246.12.211

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.qweather.net/simple/static/js/he-simple-common.js?v=2.0
Requested by: Host: www.ctfiot.com
URL: https://www.ctfiot.com/87670.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 47.246.12.211 -, , ASN (),
Reverse DNS
Software: Tengine /
Resource Hash: 89204a080269f635d11ee5d9954f75a059304b0c63447563d7af8f5703100620

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 03:01:42 GMT
via: cache4.l2sg2[1364,1365,304-0,M], cache18.l2sg2[1366,0], cache7.my2[0,0,200-0,H], cache2.my2[3,0]
x-oss-request-id: 64337C1653C2BD3733CA432E
content-md5: NF7XU9uyKG/OHjNNbTHykw==
age: 77852
x-swift-cachetime: 604800
x-cache: HIT TCP_MEM_HIT dirn:11:213156822
x-oss-cdn-auth: success
x-swift-savetime: Mon, 10 Apr 2023 03:01:42 GMT
content-length: 400
x-oss-object-type: Normal
last-modified: Fri, 20 May 2022 02:31:21 GMT
server: Tengine
etag: "345ED753DBB2286FCE1E334D6D31F293"
ali-swift-global-savetime: 1681095702
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 7812729354021640612
eagleid: 2ff60c9616811735546186058e
x-oss-server-time: 2

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 199ms
199ms XHR
application/json 74.125.24.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230405&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304050101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f157.1e100.net

Software

cafe /

Resource Hash

7ec29dc3756099fd304364b9277d4823f63e7e6dd8ba70b6637c2b15b316b75b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 00:39:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11174
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 754ms
753ms Script
text/javascript 74.125.130.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304050101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.130.132 Nashville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sb-in-f132.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Tue, 11 Apr 2023 00:39:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 11 Apr 2023 00:39:14 GMT

GET
H2 200 he-simple.css
widget.qweather.net/simple/static/css/ 9 KB
2 KB 201ms
201ms Stylesheet
text/css 47.246.12.211

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.qweather.net/simple/static/css/he-simple.css?v=1.4.0
Requested by: Host: widget.qweather.net
URL: https://widget.qweather.net/simple/static/js/he-simple-common.js?v=2.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 47.246.12.211 -, , ASN (),
Reverse DNS
Software: Tengine /
Resource Hash: 555a32719a765814ed74707dab579134cbc81165f78cda3d4b18384db9fb1dad

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.ctfiot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date: Mon, 10 Apr 2023 02:59:23 GMT
via: cache18.l2sg2[2130,2130,304-0,M], cache9.l2sg2[2132,0], cache6.my2[0,0,200-0,H], cache2.my2[2,0]
content-encoding: gzip
x-oss-request-id: 64337B8BAF0A5F373780FF17
content-md5: pgP9B04rMTmmqhQNCgZ6oQ==
age: 77990
x-swift-cachetime: 604800
x-cache: HIT TCP_MEM_HIT dirn:10:298955968
x-oss-cdn-auth: success
x-swift-savetime: Mon, 10 Apr 2023 02:59:24 GMT
content-length: 1942
x-oss-object-type: Normal
last-modified: Sun, 26 Dec 2021 02:47:24 GMT
server: Tengine
etag: "A603FD074E2B3139A6AA140D0A067AA1"
vary: Accept-Encoding
ali-swift-global-savetime: 1681095564
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
x-oss-storage-class: Standard
accept-ranges: bytes
timing-allow-origin: *
x-oss-hash-crc64ecma: 5991946234440923657
eagleid: 2ff60c9616811735548226917e
x-oss-server-time: 2

GET he-simple.js
widget.qweather.net/simple/static/js/ 0
0

GET runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C68D 0
0

GET aframe
www.google.com/recaptcha/api2/ Frame 10FE 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: widget.qweather.net
URL: https://widget.qweather.net/simple/static/js/he-simple.js?v=1.4.0

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Domain: www.google.com
URL: https://www.google.com/recaptcha/api2/aframe

Verdicts & Comments Add Verdict or Comment

91 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

25 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ctfiot.com/	1970-01-20 20:35:33	Name: X_CACHE_KEY Value: fdf8a919a5213a666eacb665277a99c6
www.ctfiot.com/	1970-01-20 20:35:33	Name: X_CACHE_KEY Value: 31ed0fd5315fd4b27a7d3d20e065a4fb
.hm.baidu.com/	1970-01-20 20:35:33	Name: HMACCOUNT_BFESS Value: 1B3CA91D7454D5F0
.ctfiot.com/	1970-01-20 19:45:09	Name: Hm_lvt_bfb1bae1f7c3200e814dc48812eadb24 Value: 1681173547
.ctfiot.com/	1969-12-31 23:59:59	Name: Hm_lpvt_bfb1bae1f7c3200e814dc48812eadb24 Value: 1681173547
.ctfiot.com/	1970-01-20 20:21:09	Name: __gads Value: ID=c502b709776c267a-22699aa720dd00f3:T=1681173546:RT=1681173546:S=ALNI_MYBy9SNwpIAWG5X0JbdedNHvG31ug
.ctfiot.com/	1970-01-20 20:21:09	Name: __gpi Value: UID=00000bf26418840a:T=1681173546:RT=1681173546:S=ALNI_MaS95wXy-jlEhax1sJ1ysfF91zkzw
.doubleclick.net/	1970-01-20 20:35:33	Name: IDE Value: AHWqTUmqo8FWRanvskl8NSRDqEAsEcAhGNK85eJo-xyRhWSaOX2N1oZTouulqG9pYzY
.doubleclick.net/	1970-01-20 10:59:37	Name: DSID Value: NO_DATA
.casalemedia.com/	1970-01-20 19:45:09	Name: CMID Value: ZDSsLQXcrFlMxXkVIlSrtQAA
.casalemedia.com/	1970-01-20 13:09:09	Name: CMPS Value: 5005
.casalemedia.com/	1970-01-20 13:09:09	Name: CMPRO Value: 5005
.adnxs.com/	1970-01-20 13:09:09	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E><du_Jg!]tbPl1M>e)ZlrFUfJ+tGXxpGZ4nUJEZiX`IT2[ICZ#D7:<D2z[81..UTUpz3If)y3KL9D3I?+5UTQD[
.adnxs.com/	1970-01-20 13:09:09	Name: uuid2 Value: 1791570782158286591
.adform.net/	1970-01-20 11:42:45	Name: C Value: 1
.dotomi.com/	1970-01-20 10:59:33	Name: DotomiTest Value: 107b57c517941b49
.mediago.io/	1970-01-20 19:45:09	Name: __mguid_ Value: 609d12970627194c999dc13a7262285f
.adform.net/	1970-01-20 12:25:57	Name: uid Value: 4477128915738419385
.teads.tv/	1970-01-20 19:43:43	Name: tt_viewer Value: 345a1f0b-3dcb-4b8c-828f-455359d71c8a
.bidswitch.net/	1970-01-20 19:45:09	Name: tuuid Value: c2eb906b-8c9f-4eeb-a846-8fe55aa545c6
.bidswitch.net/	1970-01-20 19:45:09	Name: c Value: 1681173550
.bidswitch.net/	1970-01-20 19:45:09	Name: tuuid_lu Value: 1681173550
.uuidksinc.net/	1970-01-20 19:45:09	Name: jcsuuid Value: djRcIchAGTQCNG97pNUd
.zemanta.com/	1970-01-20 19:45:09	Name: zuid Value: uMNTbYHQb_6NFsEHiovZ
.bidswitch.net/	1970-01-20 10:59:33	Name: google_push Value: Aer7DvJ9LxBpRyveD6On00O4dmbwUbs-2q7oWE_-XWWM-_NHbXJIzLXjCdAm2FigtDh5HbrWw6ESCNh1O6XRDLiyqhQ1fLgmzkX_9X-f4jLid9gJYGPySmvVOhcbDqcCVkTWwNWlBqAInWp9e6gqw_T4QeH0ig

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://www.ctfiot.com/87670.html(Line 527) Message: Mixed Content: The page at 'https://www.ctfiot.com/87670.html' was loaded over a secure connection, but contains a form that targets an insecure endpoint 'http://www.ctfiot.com/wp-comments-post.php'. This endpoint should be made available over a secure connection.
network	error	URL: https://iowen.gitee.io/ioimg/banner/wHoOcfQGhqvlUkd.jpg Message: Failed to load resource: the server responded with a status of 404 (Not Found)
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20110914/zrt_lookup.html?fsb=1#RS-0-&adk=1812271804&client=ca-pub-5738725703232626&fa=4&ifi=6&uci=a!6&btvi=3&xpc=ZDeNFKkYyQ&p=https%3A//www.ctfiot.com Message: The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.com.au
b1sync.zemanta.com
blog.exatrack.com
c1.adform.net
cdn.staticfile.org
cm.g.doubleclick.net
ctfiot.com
ctfiot.oss-cn-beijing.aliyuncs.com
dclk-match.dotomi.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hm.baidu.com
ib.adnxs.com
iowen.gitee.io
pagead2.googlesyndication.com
partner.googleadservices.com
s.uuidksinc.net
s0.2mdn.net
sdn.geekzu.org
sync.teads.tv
thedfirreport.com
tpc.googlesyndication.com
trace.mediago.io
widget.qweather.net
www.ctfiot.com
www.google.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
tpc.googlesyndication.com
widget.qweather.net
www.google.com
103.235.46.191
104.21.9.80
104.254.151.120
139.5.84.243
141.95.149.126
142.251.10.103
142.251.10.149
142.251.10.156
142.251.12.155
142.251.12.156
163.181.42.227
172.217.194.156
172.217.194.157
172.217.194.94
172.253.118.156
172.67.141.24
185.196.197.130
185.84.60.30
212.64.63.190
23.213.141.184
35.208.249.213
35.213.12.39
43.254.217.178
47.246.12.211
59.110.190.229
70.42.32.223
74.125.130.132
74.125.130.154
74.125.200.95
74.125.24.157
74.125.24.94
89.207.22.76
003a5b9f890301ca6d6a16067ba382c677704dbd777962094ceb13cc8e02691f
01e105efa6aa2dac21ed4c473d9e4a2d7a4fa9b75dfbf422492b811a90d23381
02fb5a960b6817695b363d2294c0945cc75bf10cd17e5a03b3ff68229b9f0d77
05ee926cc9bf2039ad93af941a67d23d84bd78ecd9d6ef53ff85eeaf744cbd89
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
11b9c95a68e295dddd0ea924647536578ce285b2c8469a223c01df1ff3166af1
1233cef0451bf9d89f70115c8df655e8d6484664a6f1981a1fcd3b66714a1689
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1977d37efc117e675cf21c6d114cf72a98fc3b9f884227aba814f5ad407a03f0
1b29fe64ca41a892e72a6691d974f44c45af338e87f6d27d9aa079c0990f0d80
23cc8f32949c8b6960b1a4ca216ccaff2db4b769f6565bef2ee1fa954e072029
2ee8c0b38ba64f9c4624023257df7af6218c4026ad233fc91c20b6e8a728efae
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b4e5121cdc6135c30476d258909c0e815737033f335812ab770213f967b7bd
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
3b1fa54e2b1020eda18b88565c88b44463adefad297fac2f626d1ee655d95c81
3c692d5df95be73152ded45a4299801b89efe12749e24155dd48f1f924612252
3d2dcfdd84079d02f16dd215d8168559eb3ee5bd2bc8b5313f863feafd1a64a1
3e072a40ac7b8d13ac916ea7414702ef308c98d0b3d53835a361ffff11a4fcaa
3eabaf6acfbd158fa8f9b6c8e2a7f59a93cd3c19ca45e66c709f2170964541de
40e8988ecc9dd2636e33fb170bc024558c780e1452d57d17f8cab6488d554d2a
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
45bb5166886262782f9375392fc9960c4d7d04dc498dd4e1fc99ccf0e7a3acbc
46b3e081067e631f9a1049fbfa37844da854f741b7f9a45900dc02a19a4ef143
4901b1a0736b3e3ec93dfd77c45cadf24a72f251813a3f10f79eb9aa8a300562
4ad66d2fc22f2a561e0519fde0bd5201adb13638c2e915e1a6a6a718a7bf4dad
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4faa1d5635283a0d49e1933de318b24491751c9a3ccf2fe404b9137929e3eb86
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5112ac3168dcb0f524c0f4b7fe192ba56498cfced86ba0f43e2317fd203f769c
553300264e11fc1c15eb6c77712247af6f3279dd30635e8e18b908cc27773375
555a32719a765814ed74707dab579134cbc81165f78cda3d4b18384db9fb1dad
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
5d84a57ce0022d737a58075ef1c11bb5d7c0e44f295322af3a2ab44624fa777a
5df7a28f63a28dc3d25a21e01ab0a4648815eff53f19594f55a6202e6d8ceba4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
67bbcec2522f3b5d3e8a265e3057004fe9c9961bdce0646dcbc9c32bf06e5aeb
6874c33ef8cabbdb96e07eab57f0c5a501d1deb63a456f19c920f365ffe63a5b
69516c5b557bb540ee7689c3dcdd8b8a4e316e491ffbac7a5b68d9122e1b9bdd
6973024936e5b30b98046977013de466de5de1708457e2ab9cc2bb44dc09ff72
6d95ea547b0974a09d61104fa136f5eb6973466b6358fb06d997cc7f20ee71b2
763d01c3ab31f56d74fa9de477eecdcac63bef64a14781d98ca401429ce36b2c
786addb7e1ae880b2d60304114f4651dedfaaaee2e9209d8e8fe9e2a314168db
7a67116ce2e6c41be7e8182ef68e47df4597b26b4a21288e83ab9c15210cf747
7cda9d5d4db6f4fdb51d8447eb5345c119ff0b2aee546111f14b72283bf87832
7d5ed354e0a7182600b3755f9167cf8955e6e136e93e8989f7840561752a12e3
7ec29dc3756099fd304364b9277d4823f63e7e6dd8ba70b6637c2b15b316b75b
801ebc9c46c6ed651e93f00b2fab16e10313285daa06b4379ea2c01b29508306
84e94b30d2c6c5ae1f5ff21bc1fde41bc60625abbe8797e4605558af4dceb3e9
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8718a3de55a4868dc1c60bfba1ccc094dbe218e6028b7346a5479595c283a530
8728d6499ac82b5f08d7c9a35cc8561de0b1b567bba40f30e2a6287dc94aa688
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
891c20ccbb2e72a3203e8a8fbc9749dfcaa968e1e6fea06dba3befa3bfce765e
89204a080269f635d11ee5d9954f75a059304b0c63447563d7af8f5703100620
8a7739925f4c03586479852df840b7061948832a7fda30c8c812d2ea4dd4c4f2
8f52ae059ebd18fcb45ca5d2f81ab410ade2b54e096aa1284fd4b2b97bf3ddc9
8fe2f1cb7bc41c640ad3ea24449cfa1ba5291e16dbbbab0ef61bfe43f3212910
8ff527ee82438d6ee7270d862f3310845cf433f8ef5a900e527d4c9e7fbd006a
967c7dd0e7fbcd7ad614466b9c54e448b214c74f3b9bb879defad5ad849236be
96a901abcc157c61da89715eaeaa8b8ac2f39f5f43edf6a5580bdf5b2eb76c4e
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b4516ae3b2534cf72366dc9a08cc2b2b4515bc026ee27b1b9b3ae157eba0f75
9d27d202797566f72096a5cbc159e80d5f24f331aa8b7c70a3004c8e714dd84b
9ee7581111ae33a67567dee9fba759dbcb86181db9e61e7e271adf5aad34f099
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a077cd65db48fa5e781e6292bc355cf8dde0fd15e2b01598bfd4813cd557500e
a3f17d7ed79897e3f1d5b2c2c4dc033afe1b8308e1ba81bcfdad151345d2f62d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6ae389d3aa57c66b768ebe82e445af27fc9057137694a8d12b1fee1a41b41aa
acbd00fed4c9a4cb49c8de62f036f62cfc6e0a975b9872d149704c100d04751e
ad62ce70fbf177dbff76f786d8d631088fa978e435eb9fcc60fde6484d58651f
ad834754e9c3e7fa40374f5500bcaa4fbf71ee193172dd3de0c783c42a26806d
ae865fb1b1052b661254cbf46b7f04f87f14011e6fedb3cdd92b3eb572651fcc
aef5e52d48174492b974f6423bd2c2d52c6d9e2df10d4287acb5a53e43e50ae0
b00e1b2de916ebd46dabc76a63345844e4cf92f194552c2657b50f1c11cc2be8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b436d1a364badbda7f5bb1e850cc9e4ca66706366799c41e442100b2dd3fa147
b5479c234579da2443239f1515ed9bf65fb9b8a0ca845ca4875d3538b01a5bbd
b5ee11235f12a18e0975434de515929d1e3088caee610c3799342287b21716a8
b6d97057a45fd4a1cc63ab893079dd43db42165c850ea0f781a542a16a5298f9
b8df1cb9e81355ed42a3e365529a6f18aebfe827ffd2513fecf6cbad2e7d99a7
bd18212d15774aedbff514de5d7b92ef663d12a245aa553a9d238d1471417927
bfcfeaac5760a7716094a6ae9c2f949264d27a676204cefc8709146a0b3b9eae
c29facb95f6a1abbbfd201c103e9ff65114fbde2ff61266f9f2f4852ab5a08cb
c34355356c4f9f8b5e828e584ec960d94c0325893fe0411dc5778a8a584302c9
c3da545e517566f545354b834aedd709ce27d90834278556e5685670bdc59af7
c4681920200f339999ac3f6d4a6c5214d92e9a0edca00cfb91b28e3494ea03ff
c98b0f3e90dee07da0f729f08d043525968535f8c70d254747250ea0e2c107b4
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
ca2427c5350b6c6ee1acd7342ca166a97be33dbae0dc55901774a4de8c6cd706
ccdc0c214567ca19583d7888e30779fd55cbb71f52d326852d604e7cb284a535
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d08ce327aecaf9346df404c646d7888923fe28749ed47a094a2dfa7785a77809
d1b33849880da5df434951429bda73a20e0855d4c98e585da0c3aea04c4597cf
d1c09e80f13f58fa8735352042ae3ee483c8d801c705881cc076b3f39cff3375
d7608cdbd7c42256985082203522046cd3c43682e34d7f021792efa4056598b0
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
dc5e8a99f040f02d2e2ab699236be8de7822cd4bf7cac9815b9c3062c966b79f
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
deea62825d2dcea374d060b619d5a96dceb3e98b15260308ecf089c2b9b4c421
df24ebf60aaa54667cae78dd6098d226d14eaafd714b536dd1ee6445003c2d99
e12c6e6b042870857fb07f66c9fc2358a428a07f1690b4d8af56d0142b340f3a
e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789
e2b94f353fafcae37092fdd244b0c1af1c80d050c614dc3c1f9bcd7ff2d1bdd6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e4a082371175a2b1a8e3107cf7432db9f1746715115f77d247270d62fd6d3382
ebfc3d73e5883965e600462e817bace93f38261e2c3154de7e31ad60d21c2355
ee59719ffe57abd0f4ca90c1a51629ee4cb2ca70af70583625484bd207abd957
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef750ef23c32b4154d1e1436eb7d60eb8be571e453147a7e0e3bbaa7e6e9eca9
f29d27fc96e351515d851adb70f2ece2fc70861bcc0535008992ae1fe6dce269
f2a9bff86c1e8b72b9c4cde71850a36a530a5aeb5c020d306046954a6435e3a1
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
fc64d53b67a597d98308de0b509902f48c9f31e82e56762f887aef5d0eaa5d5e
fcb3d5f3cced1f23c96a93cbc478f7ec37073835e4d4fac78d01356f0624a55b
fe2a5f6d5a6965e3a53f91d98b21d543b9237e7d0ea84040e3a38275306d2a24

www.ctfiot.com Open in urlscan Pro 43.254.217.178 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

181 Requests

92 %HTTPS

0 %IPv6

27 Domains

33 Subdomains

27 IPs

10 Countries

5242 kBTransfer

7940 kBSize

25 Cookies

19 Outgoing links

Page URL History

Redirected requests

181 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.ctfiot.com Open in urlscan Pro
43.254.217.178 Public Scan

Screenshot
Live screenshot

Full Image

181
Requests

92 %
HTTPS

0 %
IPv6

27
Domains

33
Subdomains

27
IPs

10
Countries

5242 kB
Transfer

7940 kB
Size

25
Cookies

181 HTTP transactions
6 data transactions