www.centfile.com Open in urlscan Pro
207.244.67.158 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.centfile.com/phe4kr438gs9
Submission: On November 23 via manual (November 23rd 2023, 8:09:18 am UTC) from AU — Scanned from AU

Summary HTTP 163 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 28 IPs in 4 countries across 19 domains to perform 163 HTTP transactions. The main IP is 207.244.67.158, located in New Castle, United States and belongs to LEASEWEB-USA-WDC, US. The main domain is www.centfile.com.
TLS certificate: Issued by R3 on November 22nd 2023. Valid for: 3 months.

This is the only time www.centfile.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
25	207.244.67.158 207.244.67.158	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
4	172.217.24.42 172.217.24.42	15169 (GOOGLE) (GOOGLE)
3	104.18.10.207 104.18.10.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.66.234 142.250.66.234	15169 (GOOGLE) (GOOGLE)
29	172.217.24.34 172.217.24.34	15169 (GOOGLE) (GOOGLE)
2	157.240.8.23 157.240.8.23	32934 (FACEBOOK) (FACEBOOK)
1	142.251.221.67 142.251.221.67	15169 (GOOGLE) (GOOGLE)
15	142.250.71.66 142.250.71.66	15169 (GOOGLE) (GOOGLE)
1 2	52.62.225.80 52.62.225.80	16509 (AMAZON-02) (AMAZON-02)
23	172.217.24.33 172.217.24.33	15169 (GOOGLE) (GOOGLE)
3	18.67.93.102 18.67.93.102	16509 (AMAZON-02) (AMAZON-02)
3	34.111.60.239 34.111.60.239	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
9	35.213.89.133 35.213.89.133	15169 (GOOGLE) (GOOGLE)
7	35.208.249.213 35.208.249.213	19527 (GOOGLE-2) (GOOGLE-2)
3 3	142.250.204.2 142.250.204.2	15169 (GOOGLE) (GOOGLE)
1	50.116.239.135 50.116.239.135	() ()
2 4	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	142.250.66.195 142.250.66.195	15169 (GOOGLE) (GOOGLE)
1	64.233.170.157 64.233.170.157	15169 (GOOGLE) (GOOGLE)
1	99.84.203.103 99.84.203.103	16509 (AMAZON-02) (AMAZON-02)
5	3.222.35.246 3.222.35.246	14618 (AMAZON-AES) (AMAZON-AES)
3	35.166.43.136 35.166.43.136	16509 (AMAZON-02) (AMAZON-02)
2	172.217.167.98 172.217.167.98	15169 (GOOGLE) (GOOGLE)
1 2	142.250.66.196 142.250.66.196	15169 (GOOGLE) (GOOGLE)
11	23.38.135.194 23.38.135.194	() ()
1 2	157.240.8.35 157.240.8.35	() ()
1	151.101.1.229 151.101.1.229	() ()
1	204.79.197.204 204.79.197.204	() ()
163	28

25 207.244.67.158 (New Castle, United States)

ASN30633 (LEASEWEB-USA-WDC, US)

www.centfile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
centfile.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.24.42 (United States)

ASN15169 (GOOGLE, US)
PTR: hkg07s23-in-f42.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.66.234 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s15-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 172.217.24.34 (United States)

ASN15169 (GOOGLE, US)
PTR: hkg07s23-in-f34.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.8.23 (Sydney, Australia)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-syd2.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.221.67 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.71.66 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s17-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.62.225.80 (Sydney, Australia) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-62-225-80.ap-southeast-2.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 172.217.24.33 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s20-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.67.93.102 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-67-93-102.syd62.r.cloudfront.net

cdn.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.111.60.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.60.111.34.bc.googleusercontent.com

images.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 35.213.89.133 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 133.89.213.35.bc.googleusercontent.com

trace.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 35.208.249.213 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com

trace.mediago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.204.2 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.116.239.135 (None, )

ASN- ()

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.36.155 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.66.195 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s23-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.170.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f157.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.203.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-203-103.lax3.r.cloudfront.net

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.222.35.246 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-222-35-246.compute-1.amazonaws.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.166.43.136 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-166-43-136.us-west-2.compute.amazonaws.com

ads.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.167.98 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s17-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.66.196 (Plainview, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: syd09s23-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 23.38.135.194 (None, )

ASN- ()

dco-assets.everestads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.8.35 (None, ) 1 redirects

ASN- ()

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.229 (None, )

ASN- ()

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.79.197.204 (None, )

ASN- ()

analyticspixel.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	493 KB
25	centfile.com www.centfile.com centfile.com	110 KB
21	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 245 bid.g.doubleclick.net — Cisco Umbrella Rank: 802 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 439	229 KB
13	mediago.io cdn.mediago.io — Cisco Umbrella Rank: 6166 images.mediago.io — Cisco Umbrella Rank: 2377 trace.mediago.io — Cisco Umbrella Rank: 904	238 KB
11	everestads.net dco-assets.everestads.net	97 KB
9	popin.cc trace.popin.cc — Cisco Umbrella Rank: 3625	931 B
8	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 898 static.adsafeprotected.com — Cisco Umbrella Rank: 587 dt.adsafeprotected.com — Cisco Umbrella Rank: 570	107 KB
7	gstatic.com fonts.gstatic.com www.gstatic.com	64 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	382 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31 ajax.googleapis.com — Cisco Umbrella Rank: 364	34 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625	3 KB
3	everesttech.net ads.everesttech.net — Cisco Umbrella Rank: 5235	24 KB
3	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1137	103 KB
2	facebook.com 1 redirects www.facebook.com	2 KB
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	90 KB
1	microsoft.com analyticspixel.microsoft.com	673 B
1	jsdelivr.net cdn.jsdelivr.net	23 KB
1	turn.com d.turn.com	398 B
163	19

	Domain	Requested by
24	www.centfile.com	www.centfile.com
23	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
23	pagead2.googlesyndication.com	www.centfile.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com fw.adsafeprotected.com www.googletagservices.com
15	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
11	dco-assets.everestads.net	ads.everesttech.net dco-assets.everestads.net
9	trace.popin.cc	googleads.g.doubleclick.net www.centfile.com
7	trace.mediago.io	googleads.g.doubleclick.net
6	www.gstatic.com	googleads.g.doubleclick.net
6	www.googletagservices.com	googleads.g.doubleclick.net
5	dt.adsafeprotected.com	googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	fonts.googleapis.com	www.centfile.com googleads.g.doubleclick.net
3	ads.everesttech.net	fw.adsafeprotected.com ads.everesttech.net dco-assets.everestads.net
3	cm.g.doubleclick.net	3 redirects
3	images.mediago.io	googleads.g.doubleclick.net
3	cdn.mediago.io	googleads.g.doubleclick.net
3	maxcdn.bootstrapcdn.com	www.centfile.com maxcdn.bootstrapcdn.com
2	www.facebook.com	1 redirects connect.facebook.net
2	www.google.com	1 redirects tpc.googlesyndication.com
2	googleads4.g.doubleclick.net	fw.adsafeprotected.com
2	fw.adsafeprotected.com	1 redirects googleads.g.doubleclick.net
2	connect.facebook.net	www.centfile.com connect.facebook.net
1	analyticspixel.microsoft.com
1	cdn.jsdelivr.net	dco-assets.everestads.net
1	static.adsafeprotected.com	googleads.g.doubleclick.net
1	bid.g.doubleclick.net	googleads.g.doubleclick.net
1	d.turn.com	googleads.g.doubleclick.net
1	fonts.gstatic.com	fonts.googleapis.com
1	centfile.com	www.centfile.com
1	ajax.googleapis.com	www.centfile.com
163	30

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
plus.google.com
www.youtube.com

Subject Issuer	Validity	Valid
centfile.com R3	`2023-11-22` - `2024-02-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-12-30` - `2023-12-30`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-09-01` - `2023-11-30`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.mediago.io Amazon RSA 2048 M03	`2023-08-07` - `2024-09-04`	a year	crt.sh
trace.popin.cc GTS CA 1D4	`2023-10-13` - `2024-01-11`	3 months	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M02	`2023-07-07` - `2024-08-04`	a year	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M02	`2023-05-09` - `2024-06-07`	a year	crt.sh
*.everesttech.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-06` - `2024-03-08`	a year	crt.sh
www.adobetag.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-24` - `2024-08-23`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
analyticspixel.microsoft.com Microsoft Azure TLS Issuing CA 02	`2023-11-01` - `2024-04-29`	6 months	crt.sh

This page contains 25 frames:

Primary Page: https://www.centfile.com/phe4kr438gs9
Frame ID: 4881922560B9676D030A5C257603583D
Requests: 40 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html?hello=world
Frame ID: 1B43D5B6ABD1B5DF130F99E7B19F4E41
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8989054117704044&output=html&h=280&slotname=9641227168&adk=1086079764&adf=1972238307&pi=t.ma~as.9641227168&w=336&lmt=1700726954&format=336x280&url=https%3A%2F%2Fwww.centfile.com%2Fphe4kr438gs9&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700726953605&bpp=3&bdt=1145&idt=533&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&correlator=2114039432253&frm=20&pv=2&ga_vid=1330707109.1700726954&ga_sid=1700726954&ga_hid=533254029&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=282&ady=635&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C44809003%2C31078301%2C31079699%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=164840300249874&tmod=1702033654&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=546
Frame ID: 2CBD60B676D8333A19A7E7B4459B1F4E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8989054117704044&output=html&h=280&slotname=4529459148&adk=4201992133&adf=3485233052&pi=t.ma~as.4529459148&w=336&lmt=1700726954&format=336x280&url=https%3A%2F%2Fwww.centfile.com%2Fphe4kr438gs9&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700726953608&bpp=1&bdt=1149&idt=551&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=2114039432253&frm=20&pv=1&ga_vid=1330707109.1700726954&ga_sid=1700726954&ga_hid=533254029&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1042&ady=625&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C44809003%2C31078301%2C31079699%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=164840300249874&tmod=1702033654&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=554
Frame ID: AB2CF39018975ADE476FD42D8D13F962
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8989054117704044&output=html&h=280&slotname=9207920698&adk=1314418388&adf=1883971444&pi=t.ma~as.9207920698&w=336&lmt=1700726954&format=336x280&url=https%3A%2F%2Fwww.centfile.com%2Fphe4kr438gs9&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700726953609&bpp=1&bdt=1149&idt=555&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280&correlator=2114039432253&frm=20&pv=1&ga_vid=1330707109.1700726954&ga_sid=1700726954&ga_hid=533254029&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=640&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C44809003%2C31078301%2C31079699%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=164840300249874&tmod=1702033654&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=559
Frame ID: 8B264BF87CE4C3C8382B969523AA1070
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8989054117704044&output=html&h=280&slotname=9207920698&adk=1314418388&adf=2280487119&pi=t.ma~as.9207920698&w=336&lmt=1700726954&format=336x280&url=https%3A%2F%2Fwww.centfile.com%2Fphe4kr438gs9&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700726953610&bpp=1&bdt=1151&idt=559&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280%2C336x280&correlator=2114039432253&frm=20&pv=1&ga_vid=1330707109.1700726954&ga_sid=1700726954&ga_hid=533254029&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=920&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C44809003%2C31078301%2C31079699%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=164840300249874&tmod=1702033654&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=562
Frame ID: 053C3647F69A955C3214E77310F19A03
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8989054117704044&output=html&adk=1812271804&adf=3025194257&lmt=1700726954&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.centfile.com%2Fphe4kr438gs9&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700726953622&bpp=1&bdt=1162&idt=553&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280%2C336x280%2C336x280&nras=1&correlator=2114039432253&frm=20&pv=1&ga_vid=1330707109.1700726954&ga_sid=1700726954&ga_hid=533254029&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C44809003%2C31078301%2C31079699%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=164840300249874&tmod=1702033654&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=564
Frame ID: 01D22D38BCD244A4F748825A92A1BC5F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEIuDmgEY8t2o7gEwAQ&v=APEucNVLafGC3RCMqgq5s22ASAba5cQJQuADGHCLZ86A3XWqL2vyJbSW-12YTWvBrKFzzJFxJqAfoaI7td98Ame_lcRNJsqfgw
Frame ID: FFEAEA5EBB287607FE734EBC502AC0C2
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: AB33F753BC65158939E849A671E4E01B
Requests: 26 HTTP requests in this frame

Frame: https://cdn.mediago.io/js/template/style/style_banner_6df7b6.css
Frame ID: 657AD129EFDD042096B6DB018DDF0B4B
Requests: 13 HTTP requests in this frame

Frame: https://cdn.mediago.io/js/template/style/style_banner_6df7b6.css
Frame ID: C6E159070B9782494349FCB69BFE2E71
Requests: 14 HTTP requests in this frame

Frame: https://cdn.mediago.io/js/template/style/style_banner_6df7b6.css
Frame ID: D1BC8FF02B8559C32F3CFEFB1031393A
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Frame ID: 5D38AA07A9AF0083DF83020DE6D7F403
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Frame ID: F0E95033BF95E840F4BA32FB930DB136
Requests: 10 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: DAEB893D3CE75947FECBD049AEF52A31
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: E68EE144FC8002320DAC44A7940E532A
Requests: 3 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 6A7A230ED1EC36BF998D2F1F9025377A
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 690091444281EEB48DEB9D10679DE45A
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js
Frame ID: FDE0E03EDF89F3B88523548F726AB723
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js
Frame ID: 06D12B54E42A71E3356B0DF4BCCE31EA
Requests: 1 HTTP requests in this frame

Frame: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=ZV8IrAAAJ5zy0DmH
Frame ID: EFA0B2735AAFA66336CDF81294A43F3C
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%3D1893386844309522%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df1ce008b1104e6%2526domain%253Dwww.centfile.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.centfile.com%25252Ff325720aa36d354%2526relation%253Dparent.parent%26container_width%3D281%26height%3D72%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FCentFile%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dtrue%26tabs%3Dtimeline%26width%3D275
Frame ID: 2C904F1DAFE88344DEF81E8E15AA7E4A
Requests: 1 HTTP requests in this frame

Frame: https://dco-assets.everestads.net/ics-campaign//5031/t/8979/13/300x250.html
Frame ID: 835C17A64D07EB88D77005896E8F9298
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6AF167363938E73FBD89120917D9D9C4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 19CFE30649215394F7C61916078F465D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Download Bookshops Bonedust Travis Baldree epub

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+foundation[^>"]+css
<div [^>]*class="[^"]*(?:small|medium|large)-\d{1,2} columns

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

163
Requests

97 %
HTTPS

0 %
IPv6

19
Domains

30
Subdomains

28
IPs

4
Countries

1995 kB
Transfer

5174 kB
Size

14
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/CentFile/
Title: ??CentFile??

Search URL Search Domain Scan URL

URL: https://www.facebook.com/CentFile
Title: FACEBOOK

Search URL Search Domain Scan URL

URL: https://twitter.com/CentFile
Title: TWITTER

Search URL Search Domain Scan URL

URL: https://plus.google.com/+CentFile
Title: GOOGLE +

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/CentFile
Title: Youtube

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 63

https://cm.g.doubleclick.net/pixel?google_nid=turn_dmp&google_cm HTTP 302
https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/?mpuid=CAESEAvaY6dK44zfoCTKv9gdBks&google_cver=1

Request Chain 64

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKz2CG1-zSml_PiPYxRekyk&google_cver=1

Request Chain 65

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZV8IqxgEiAzYkjtjTxZ7IwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKz2CG1-zSml_PiPYxRekyk&google_cver=1

Request Chain 92

https://fw.adsafeprotected.com/rfw/bgd/1525488/72168018/xbbe/creative/adj?p=APEucNUEO23E16aAHkqqIoch7OXRw4BqxqO3MTsnUVG_acVcqcceJA0&d=CokBAKAmf-AS320dZ9UZ0u5hPtwLeTID7huEd0zyM3nT1YZzEXLEH33OhQdTL21EyeTrBPcKFSN5NkSDJ9us9lbhWdviagtLWUONhLYxDC0MLDZ0CoovR3xpwCTBZAUNkhYK_0DM3VDhXkVV5BN2ZIq60GyXtPOrnkNU2QxQmBd4ghY8AjrZkBRnBNQSyRQAoCZ_4CwLHkkYja9yPylN1rbb-G0qLAyWUwkjA4_5-CPfW0X4lz_F2KSCOeU7gcafK2lqNxV_boU6KLCFueuoneYt_4CbuT65re3KokabAhy1bEefVvkLjUu1UnSC3YLgun3hyNzOYcBMqOPEiB-RPlmbzzBr-2KgkE2GEcFxMfjfzGl7lfRnZMnMhLuXyYsqXhlmPLYjdjE-7BOtjslbkPD4rIW2kklPwc9283ss50rUH_P8R3YFcCq9wIPtqNYz2-Zio1zvWqeF9eUh4ErQre5x2ZcOAeMCSQ8gYa--zgNHflyKVYWvcX37sdZl8KSBthKasJ2zUnhOzJOOrswcM0ZlolEsCkNPnPTgHoUxsuujiogu0M8vfHxBLWUzT2jdE3kPX8tVeVXa2T80Wo5NrW4foNvf4_Jx7bKKMGNfKqZtZwDRlfL_X5NCcPQzSVLXuWG4-_5NFcvCmrSaYWPqnREc4vRQB_H2_UIt-ntsPdI1SIQO_YbIGmdNFndTYzlIzFruTD0cGbXmS-dxCkYcKHpd4ERSaTvlq6JxUsvEvikXTVUgjzDD569BEIXzPpTB93xdr8MUfUB7-jPYb1kaEALUmTn6JtPOamWyHKoYC_HRML6GHp4MkY4VIyCzwvY0XaHano6DS84FJlmMx48CaXesIKgO7I_o8JKITF8f5ZH0zHFhXsH0tmS7Ehr5QjZQd8vpLz-A9F0ONSgWyNPCCkYHa7PTtnoavEEMe3fJT5kaUkCKOEl6XSxCH_dJXqIKruRIr3nVMMDggOUoSFaxfSCc4Qcf4uCUHgJPcNJWSs5yAOEg7vESJI9WwsTq6KFsqP6LdDX2YMqz0hKlk-s5trizxhZZjsYofCtPUj3y9nJOD3jEp-4HYAJikDdxp5NLPmRear1EbppwdmLtGB5Y6TMWwS5mdgn_tiGQ0gB_kt3Zb6RKArw-tQqjCBRyWsOQDkrAWXG5jcuwPtEkFcFHnhUIBPMKqGa9VoFnugckkHpodxg_j6sVRsHMMLxCikk1hNfkERhgNCtsKc3Q_Y4OyoueR3MPDdv0c9TbIK9URnFOcVIu9I676QfgRvwKj0A3YDVNhMZQ1PH5pegKO8faWIl7V8sDpRn3Dih5A5u34U4OyedadP9IgC2xyKp9m-3UaDdhQZFuBUYXBCix9SxxsR-MH-pqpwFPfM2bHIajT3poeip7Cr9qnzfrjf_a6dcsyLAjN87AJDVO28okZX5xs1KJaqCAV2SI8WVhH9icpYcik_USeusvV4WWGPnLzv8bN_yzmztXwdfyhVUjJjqWsqUmK7M0U5oDzmhyLIE42c2DaZQRNl1zS2IR3uSjrtGS7FtNfSal2YGSffDsVyw9dSmhpdZpKuE94Libd9-x-1LNjlZWaeSbybIljcbyif1zRim7jrHKUk8cuWx-BoyZLckES21WI2dtQ5qdpmflpOBBm68bj6rKSAy0ozZWPw9nq3sc1VbzRStBcfQe0HJlPVPwMuWSV7gP6pz4mx8SABAVWi91DG0QKHFtyqXMWkTUEcf4uK4cqWIXBGlf97liMIh5jJLqA8o5qzsnudoaX6bm2isX3IypxijqihDcYFXWBAidbuJghK5siGUheLbUqaMMRV-1A9LEHKVLyZQ3Ynr8NGJmAg-nWFQOAYKgpJ1V8dFlrnASYZTaSZhvAWUQABanXyNmGr2P1Imt4GKc8_qx6CRY5v77EvyfSBf7U3ZJMWeTNuDZYBnjvoaSFQW4TGGAfEhVelPllNFLJeRgvRFzCU4XZESV4zHxN6L3xLGyxSBJEneDtGtpWQUvR6VYtfIUnmUlZ5d3Ypg3kqXJEfBDuMwlXQeUJ4PJM72mIdU9OIYMXhFUe_W240TsnAwkKqL1ciihnXkV-mT95P3w7IY3hhFdQWzNrxOqcLl2DUhEZLLMyyiGS2aXzC4d8D4HAkRlLojSpAjYAn8YQfxualBQcDOKiUANrup6Hl_Gdj6-GBzeTDBsU4JAnXCZ09VI7rhma8UzeSwhWMynWOveZlC1IhGkT67zqd3x2X8wI85T1jiJecTq4a4SUBcU7balwo88uWgA2pSCcwNJGMWuo3IL79t61i38JHWw_u6xid1EkqTeGSU52yXIUo7IW9RNlWmCngS6GCFNube97YsAge5s1ozYDfOZ0aGNNk3wTPGCeFZEj43Adg4Y0y2Hnw380dvyvdzDF929PGMnkfkS1Nh_SUEwxnpfx1riCrCWKN-K5mdxoMbloZQ4r0q3Y7LAHt2Lb1j0fpEqVjZxu3D81hPiABwTOSUL4JyTrYLA8bjwQxMF6XI6ekSmco1YbmmWcgOs3xw4pSTyKOmjd9l-LSWYbILvjXHzJLn-59xsW8agBxveFy2oFWnozOpCIGdYZV5MvRL894epcOvBhgYeU0c-VvLaExoTbsVf5BeJz3dyeWenahhiVn9T19geFFR9vHcJVM_n-C1F0dsbAhFkaX1DG7DkRl6CHx9kxqY0Z2pNUZOppxFMEaMb-UVZjftfOICFuOyQuHR3C0xoQMF9HMOBEA58yNBtiP-Orbyv2kUHhR6MfKlutbdBlq9GTxUbwxXcmZcixwerOFILJWWHdwAIauzOP6Rydvx8EMUbkVYoAgJgVo7UDAbgY8pOkfS4tk3ZP1fNQl9EnkjymjR4_wKC-qhwH5HvLxj2qC_1kUYEOMfZyWV2AqhjRwTG07c-z7LOb_hseBO11ScH_3uuHlboVfAGq3XaAR5nVXKcRUCGFtP4wpXpW2XPsmg1Vg9slCR4co5UH3yPRbkhatBYLJ1knhIMHEXmT9Y9L6ggDFKWcNKxwomBOScoijAuzsaAT0y-n5Ak-ap6-DlKQMNJUYbc6sHM2is3VjxP1SKF6r5RfSzNodTbPOD0TRo-717f5gRdyvndImJLk2UQzXYSveZX8kIqdwd-vGdWJq34NImWAK1hMGZXzON8f7cAKAEaYul921PQX9ywBStFxUFj41szh7nZqMGY4zxTHx7EXbhLFwDd_XqVBR_eoJB58DcKil6Ym9YpH4omduSitRHVcaEw2cbFimzdctIA1FYhITaBRkf9Yl1XRty7bHjRzubkHMi1hL844U_naqeinE2vRxM-s_qgp1Bg-EufKXZ5NUM89vdjH3WN1VeN0y4OPSFlcJsK3dQG___SOgt4298-D59y76-juK0_p9OSMwXObq2bT05W6a61ZVOlj5jeGgTrQF1QyGJZHL6S5Rdc3d5joqzQhdndSZFr-nNZyE5uB8vjhw996GW531AtQ4odcQtNz7bXqgasWf-VaFLjKVP55P9uOXUITm1HD19l0vCONDYXubFOLcBD3YAFMSwJP1kdlir_iUrRJ9ItT5lEIJg9ygxdVt1ErEZ8mLbELCtYr2Eq4IxPJoZ1Hq11XMCCMLOISDLiJsuVuf0P0ThuMJodjQGds9n0YdGzAuknus-EJtK-jI3FiOl7WO0SR_kuk0KFadYlUwg6WqQE-pYct5ddt76cAmPq96KiiRpUCAQSTgDICaaNFpV-kX6L0SgU0YpjZU_VPIpX4whB9BimgCGjXOi_zXnt0xDqobn8XHZPGgevAyIIztxK6iYjZtogCBqkWYKAGDQvD1kBTd45BxgBYAE&cry=1&bundleId=&ias_dspID=3&ias_campId=1013045261&ias_pubId=pub-8989054117704044&ias_chanId=1&ias_placementId=20263834769&bidurl=https://www.centfile.com/phe4kr438gs9&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hC2rsy-mqy7ZmpXZgMM0S6&adsafe_url=https%3A%2F%2Fwww.centfile.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.centfile.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-8989054117704044%26output%3Dhtml%26h%3D280%26slotname%3D4529459148%26adk%3D4201992133%26adf%3D3485233052%26pi%3Dt.ma~as.4529459148%26w%3D336%26lmt%3D1700726954%26format%3D336x280%26url%3Dhttps%253A%252F%252Fwww.centfile.com%252Fphe4kr438gs9%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1700726953608%26bpp%3D1%26bdt%3D1149%26idt%3D551%26shv%3Dr20231109%26mjsv%3Dm202311140101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D336x280%26correlator%3D2114039432253%26frm%3D20%26pv%3D1%26ga_vid%3D1330707109.1700726954%26ga_sid%3D1700726954%26ga_hid%3D533254029%26ga_fc%3D0%26u_tz%3D480%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1042%26ady%3D625%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C31079265%252C44809003%252C31078301%252C31079699%252C44807763%252C44808149%252C44808285%252C44809057%26oid%3D2%26pvsid%3D164840300249874%26tmod%3D1702033654%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D2%26uci%3Da!2%26fsb%3D1%26dtd%3D554&adsafe_type=bed&adsafe_jsinfo=,id:f213401f-912b-498c-ed1a-1d421c200017,c:uO7mfb,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-8575fb65d6-4qbtg,rg:au,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:tWq0Z2d+11%7C121%7C131*.1525488-72168018%7C1311%7C141%7C151%7C16%7C17%7C18,idMap:131*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:17,oid:97c15d8e-89d7-11ee-94d7-d6a740cced44,v:19.8.461,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNUEO23E16aAHkqqIoch7OXRw4BqxqO3MTsnUVG_acVcqcceJA0&d=CokBAKAmf-AS320dZ9UZ0u5hPtwLeTID7huEd0zyM3nT1YZzEXLEH33OhQdTL21EyeTrBPcKFSN5NkSDJ9us9lbhWdviagtLWUONhLYxDC0MLDZ0CoovR3xpwCTBZAUNkhYK_0DM3VDhXkVV5BN2ZIq60GyXtPOrnkNU2QxQmBd4ghY8AjrZkBRnBNQSyRQAoCZ_4CwLHkkYja9yPylN1rbb-G0qLAyWUwkjA4_5-CPfW0X4lz_F2KSCOeU7gcafK2lqNxV_boU6KLCFueuoneYt_4CbuT65re3KokabAhy1bEefVvkLjUu1UnSC3YLgun3hyNzOYcBMqOPEiB-RPlmbzzBr-2KgkE2GEcFxMfjfzGl7lfRnZMnMhLuXyYsqXhlmPLYjdjE-7BOtjslbkPD4rIW2kklPwc9283ss50rUH_P8R3YFcCq9wIPtqNYz2-Zio1zvWqeF9eUh4ErQre5x2ZcOAeMCSQ8gYa--zgNHflyKVYWvcX37sdZl8KSBthKasJ2zUnhOzJOOrswcM0ZlolEsCkNPnPTgHoUxsuujiogu0M8vfHxBLWUzT2jdE3kPX8tVeVXa2T80Wo5NrW4foNvf4_Jx7bKKMGNfKqZtZwDRlfL_X5NCcPQzSVLXuWG4-_5NFcvCmrSaYWPqnREc4vRQB_H2_UIt-ntsPdI1SIQO_YbIGmdNFndTYzlIzFruTD0cGbXmS-dxCkYcKHpd4ERSaTvlq6JxUsvEvikXTVUgjzDD569BEIXzPpTB93xdr8MUfUB7-jPYb1kaEALUmTn6JtPOamWyHKoYC_HRML6GHp4MkY4VIyCzwvY0XaHano6DS84FJlmMx48CaXesIKgO7I_o8JKITF8f5ZH0zHFhXsH0tmS7Ehr5QjZQd8vpLz-A9F0ONSgWyNPCCkYHa7PTtnoavEEMe3fJT5kaUkCKOEl6XSxCH_dJXqIKruRIr3nVMMDggOUoSFaxfSCc4Qcf4uCUHgJPcNJWSs5yAOEg7vESJI9WwsTq6KFsqP6LdDX2YMqz0hKlk-s5trizxhZZjsYofCtPUj3y9nJOD3jEp-4HYAJikDdxp5NLPmRear1EbppwdmLtGB5Y6TMWwS5mdgn_tiGQ0gB_kt3Zb6RKArw-tQqjCBRyWsOQDkrAWXG5jcuwPtEkFcFHnhUIBPMKqGa9VoFnugckkHpodxg_j6sVRsHMMLxCikk1hNfkERhgNCtsKc3Q_Y4OyoueR3MPDdv0c9TbIK9URnFOcVIu9I676QfgRvwKj0A3YDVNhMZQ1PH5pegKO8faWIl7V8sDpRn3Dih5A5u34U4OyedadP9IgC2xyKp9m-3UaDdhQZFuBUYXBCix9SxxsR-MH-pqpwFPfM2bHIajT3poeip7Cr9qnzfrjf_a6dcsyLAjN87AJDVO28okZX5xs1KJaqCAV2SI8WVhH9icpYcik_USeusvV4WWGPnLzv8bN_yzmztXwdfyhVUjJjqWsqUmK7M0U5oDzmhyLIE42c2DaZQRNl1zS2IR3uSjrtGS7FtNfSal2YGSffDsVyw9dSmhpdZpKuE94Libd9-x-1LNjlZWaeSbybIljcbyif1zRim7jrHKUk8cuWx-BoyZLckES21WI2dtQ5qdpmflpOBBm68bj6rKSAy0ozZWPw9nq3sc1VbzRStBcfQe0HJlPVPwMuWSV7gP6pz4mx8SABAVWi91DG0QKHFtyqXMWkTUEcf4uK4cqWIXBGlf97liMIh5jJLqA8o5qzsnudoaX6bm2isX3IypxijqihDcYFXWBAidbuJghK5siGUheLbUqaMMRV-1A9LEHKVLyZQ3Ynr8NGJmAg-nWFQOAYKgpJ1V8dFlrnASYZTaSZhvAWUQABanXyNmGr2P1Imt4GKc8_qx6CRY5v77EvyfSBf7U3ZJMWeTNuDZYBnjvoaSFQW4TGGAfEhVelPllNFLJeRgvRFzCU4XZESV4zHxN6L3xLGyxSBJEneDtGtpWQUvR6VYtfIUnmUlZ5d3Ypg3kqXJEfBDuMwlXQeUJ4PJM72mIdU9OIYMXhFUe_W240TsnAwkKqL1ciihnXkV-mT95P3w7IY3hhFdQWzNrxOqcLl2DUhEZLLMyyiGS2aXzC4d8D4HAkRlLojSpAjYAn8YQfxualBQcDOKiUANrup6Hl_Gdj6-GBzeTDBsU4JAnXCZ09VI7rhma8UzeSwhWMynWOveZlC1IhGkT67zqd3x2X8wI85T1jiJecTq4a4SUBcU7balwo88uWgA2pSCcwNJGMWuo3IL79t61i38JHWw_u6xid1EkqTeGSU52yXIUo7IW9RNlWmCngS6GCFNube97YsAge5s1ozYDfOZ0aGNNk3wTPGCeFZEj43Adg4Y0y2Hnw380dvyvdzDF929PGMnkfkS1Nh_SUEwxnpfx1riCrCWKN-K5mdxoMbloZQ4r0q3Y7LAHt2Lb1j0fpEqVjZxu3D81hPiABwTOSUL4JyTrYLA8bjwQxMF6XI6ekSmco1YbmmWcgOs3xw4pSTyKOmjd9l-LSWYbILvjXHzJLn-59xsW8agBxveFy2oFWnozOpCIGdYZV5MvRL894epcOvBhgYeU0c-VvLaExoTbsVf5BeJz3dyeWenahhiVn9T19geFFR9vHcJVM_n-C1F0dsbAhFkaX1DG7DkRl6CHx9kxqY0Z2pNUZOppxFMEaMb-UVZjftfOICFuOyQuHR3C0xoQMF9HMOBEA58yNBtiP-Orbyv2kUHhR6MfKlutbdBlq9GTxUbwxXcmZcixwerOFILJWWHdwAIauzOP6Rydvx8EMUbkVYoAgJgVo7UDAbgY8pOkfS4tk3ZP1fNQl9EnkjymjR4_wKC-qhwH5HvLxj2qC_1kUYEOMfZyWV2AqhjRwTG07c-z7LOb_hseBO11ScH_3uuHlboVfAGq3XaAR5nVXKcRUCGFtP4wpXpW2XPsmg1Vg9slCR4co5UH3yPRbkhatBYLJ1knhIMHEXmT9Y9L6ggDFKWcNKxwomBOScoijAuzsaAT0y-n5Ak-ap6-DlKQMNJUYbc6sHM2is3VjxP1SKF6r5RfSzNodTbPOD0TRo-717f5gRdyvndImJLk2UQzXYSveZX8kIqdwd-vGdWJq34NImWAK1hMGZXzON8f7cAKAEaYul921PQX9ywBStFxUFj41szh7nZqMGY4zxTHx7EXbhLFwDd_XqVBR_eoJB58DcKil6Ym9YpH4omduSitRHVcaEw2cbFimzdctIA1FYhITaBRkf9Yl1XRty7bHjRzubkHMi1hL844U_naqeinE2vRxM-s_qgp1Bg-EufKXZ5NUM89vdjH3WN1VeN0y4OPSFlcJsK3dQG___SOgt4298-D59y76-juK0_p9OSMwXObq2bT05W6a61ZVOlj5jeGgTrQF1QyGJZHL6S5Rdc3d5joqzQhdndSZFr-nNZyE5uB8vjhw996GW531AtQ4odcQtNz7bXqgasWf-VaFLjKVP55P9uOXUITm1HD19l0vCONDYXubFOLcBD3YAFMSwJP1kdlir_iUrRJ9ItT5lEIJg9ygxdVt1ErEZ8mLbELCtYr2Eq4IxPJoZ1Hq11XMCCMLOISDLiJsuVuf0P0ThuMJodjQGds9n0YdGzAuknus-EJtK-jI3FiOl7WO0SR_kuk0KFadYlUwg6WqQE-pYct5ddt76cAmPq96KiiRpUCAQSTgDICaaNFpV-kX6L0SgU0YpjZU_VPIpX4whB9BimgCGjXOi_zXnt0xDqobn8XHZPGgevAyIIztxK6iYjZtogCBqkWYKAGDQvD1kBTd45BxgBYAE&cry=1&bundleId=

Request Chain 122

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 139

https://www.facebook.com/v2.11/plugins/page.php?adapt_container_width=false&app_id=1893386844309522&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1ce008b1104e6%26domain%3Dwww.centfile.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.centfile.com%252Ff325720aa36d354%26relation%3Dparent.parent&container_width=281&height=72&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FCentFile%2F&locale=en_US&sdk=joey&show_facepile=false&small_header=true&tabs=timeline&width=275 HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%3D1893386844309522%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df1ce008b1104e6%2526domain%253Dwww.centfile.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.centfile.com%25252Ff325720aa36d354%2526relation%253Dparent.parent%26container_width%3D281%26height%3D72%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FCentFile%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dtrue%26tabs%3Dtimeline%26width%3D275

163 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request phe4kr438gs9 Show response
www.centfile.com/ 28 KB
28 KB 901ms
494ms Document
text/html 207.244.67.158
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.centfile.com/phe4kr438gs9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.244.67.158 New Castle, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: c7653a747a4955889b1a38dcc8d7c9ec52e4494ebf9b9b5f48546e6e9afcb1ca

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

content-type: text/html ; charset=UTF-8
date: Thu, 23 Nov 2023 08:09:12 GMT
expires: Wed, 22 Nov 2023 08:09:12 GMT
server: nginx
x-powered-by: PleskLin

GET
H2 200 css
fonts.googleapis.com/ 2 KB
889 B 505ms
101ms Stylesheet
text/css 172.217.24.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Changa:400,500

Requested by

Host: www.centfile.com
URL: https://www.centfile.com/phe4kr438gs9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f42.1e100.net

Software

ESF /

Resource Hash

6da091889aacae8de59227b88c99c4b4c841615d3cf74d1f5b107323322ba963

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.centfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 Nov 2023 08:09:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 Nov 2023 08:09:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Nov 2023 08:09:12 GMT

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 118 KB
20 KB 320ms
12ms Stylesheet
text/css 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css

Requested by

Host: www.centfile.com
URL: https://www.centfile.com/phe4kr438gs9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.centfile.com/
Origin: https://www.centfile.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:09:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 852
age: 2288095
cdn-cachedat: 11/06/2022 07:22:11
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:03:59 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"ec3bb52a00e176a7181d454dffaea219"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 08d7d0f60af820fbefb891f02eaa0c72
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 82a7edbedc4aa977-SYD
cdn-requestpullsuccess: True

GET
H2 200 foundation.css
www.centfile.com/css2/ 7 KB
1 KB 213ms
210ms Stylesheet
text/css 207.244.67.158
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.centfile.com/css2/foundation.css
Requested by: Host: www.centfile.com
URL: https://www.centfile.com/phe4kr438gs9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.244.67.158 New Castle, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 89edd9a6e936780813d1ad6bdbc9978796e510cadde6bce7dace025803e2a231

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.centfile.com/phe4kr438gs9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:09:12 GMT
content-encoding: br
last-modified: Sun, 28 Jan 2018 01:37:23 GMT
server: nginx
etag: W/"5a6d2953-1c43"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 319ms
11ms Stylesheet
text/css 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: www.centfile.com
URL: https://www.centfile.com/phe4kr438gs9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.centfile.com/
Origin: https://www.centfile.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:09:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 993
age: 2456069
cdn-cachedat: 07/03/2023 18:12:05
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.03
cdn-requestpullcode: 200
server: cloudflare
etag: W/"269550530cc127b6aa5a35925a7de6ce"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 79669ec3ce23cfa236ff4cc0ed764d81
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 82a7edbedc4ba977-SYD
cdn-requestpullsuccess: True

GET
H2 200 animate.min.css
www.centfile.com/css2/ 54 KB
4 KB 397ms
394ms Stylesheet
text/css 207.244.67.158
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.centfile.com/css2/animate.min.css
Requested by: Host: www.centfile.com
URL: https://www.centfile.com/phe4kr438gs9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.244.67.158 New Castle, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: ebe7a06d126935a51e922a162761342dcb20c937d42870b92ac3f05da1f28a1b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.centfile.com/phe4kr438gs9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:09:12 GMT
content-encoding: br
last-modified: Sun, 28 Jan 2018 01:37:21 GMT
server: nginx
etag: W/"5a6d2951-d9ee"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 morphext.css
www.centfile.com/css2/ 42 B
201 B 398ms
395ms Stylesheet
text/css 207.244.67.158
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.centfile.com/css2/morphext.css
Requested by: Host: www.centfile.com
URL: https://www.centfile.com/phe4kr438gs9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.244.67.158 New Castle, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 4d5002a20956286cc253c9a7db333f698bc2239b7d04c6136712fbd4ae817126

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.centfile.com/phe4kr438gs9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:09:12 GMT
content-encoding: br
last-modified: Sun, 28 Jan 2018 01:37:24 GMT
x-accel-version: 0.01
server: nginx
etag: W/"2a-563cc2bddfd00"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 slicknav.css
www.centfile.com/css2/ 2 KB
699 B 397ms
395ms Stylesheet
text/css 207.244.67.158
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.centfile.com/css2/slicknav.css
Requested by: Host: www.centfile.com
URL: https://www.centfile.com/phe4kr438gs9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.244.67.158 New Castle, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 75ffe10b4af164fdaaac762fa4683b89d55276b84d9c30c367f6ecf511eff17a

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.centfile.com/phe4kr438gs9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:09:12 GMT
content-encoding: br
last-modified: Sun, 28 Jan 2018 01:37:28 GMT
server: nginx
etag: W/"5a6d2958-8dc"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 tablesaw.stackonly.css
www.centfile.com/css2/ 13 KB
2 KB 398ms
396ms Stylesheet
text/css 207.244.67.158
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.centfile.com/css2/tablesaw.stackonly.css
Requested by: Host: www.centfile.com
URL: https://www.centfile.com/phe4kr438gs9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.244.67.158 New Castle, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: d591993fff1e403d90f99552fe21bda328cb09645815c4dc764cb64db259c702

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.centfile.com/phe4kr438gs9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:09:12 GMT
content-encoding: br
last-modified: Sun, 28 Jan 2018 01:37:32 GMT
server: nginx
etag: W/"5a6d295c-32f5"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 style.css
www.centfile.com/css2/ 76 KB
14 KB 396ms
394ms Stylesheet
text/css 207.244.67.158
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.centfile.com/css2/style.css
Requested by: Host: www.centfile.com
URL: https://www.centfile.com/phe4kr438gs9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.244.67.158 New Castle, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: dd52bf70f2854bf2ba647794ec459ffbff7aecfa012761521e5058f2b343ef6a

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.centfile.com/phe4kr438gs9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:09:12 GMT
content-encoding: br
last-modified: Wed, 31 Jan 2018 19:30:24 GMT
server: nginx
etag: W/"5a721950-1309f"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 ticker.css
www.centfile.com/css2/ 1 KB
516 B 398ms
396ms Stylesheet
text/css 207.244.67.158
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.centfile.com/css2/ticker.css
Requested by: Host: www.centfile.com
URL: https://www.centfile.com/phe4kr438gs9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.244.67.158 New Castle, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 2d04f8e9406176b4114c84f81c2bad9c219345dac0cda7d584cc9aeae46f85d7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.centfile.com/phe4kr438gs9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:09:12 GMT
content-encoding: br
last-modified: Sun, 28 Jan 2018 01:37:33 GMT
server: nginx
etag: W/"5a6d295d-59f"
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ 85 KB
30 KB 406ms
3ms Script
text/javascript 142.250.66.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js

Requested by

Host: www.centfile.com
URL: https://www.centfile.com/phe4kr438gs9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.234 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s15-in-f10.1e100.net

Software

sffe /

Resource Hash

85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.centfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 22:06:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122558
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30244
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Nov 2024 22:06:34 GMT

GET
H2 200 jquery.paging.js Show response
www.centfile.com/js/ 19 KB
4 KB 398ms
397ms Script
application/javascript 207.244.67.158
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.centfile.com/js/jquery.paging.js
Requested by: Host: www.centfile.com
URL: https://www.centfile.com/phe4kr438gs9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.244.67.158 New Castle, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: c8ecfe747c979fbd87624913200a9237343679923b495885bced089b80fc84f6

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.centfile.com/phe4kr438gs9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:09:12 GMT
content-encoding: br
last-modified: Wed, 27 Dec 2017 03:59:54 GMT
server: nginx
etag: W/"5a431aba-4ba5"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 jquery.cookie.js Show response
www.centfile.com/js/ 3 KB
1 KB 398ms
397ms Script
application/javascript 207.244.67.158
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.centfile.com/js/jquery.cookie.js
Requested by: Host: www.centfile.com
URL: https://www.centfile.com/phe4kr438gs9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.244.67.158 New Castle, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: c4fb91befcf134b81ecfa1c586e1f9d6426c8f4fc1f6c130ac1fddb49ab5df96

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.centfile.com/phe4kr438gs9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:09:12 GMT
content-encoding: br
last-modified: Wed, 27 Dec 2017 03:59:51 GMT
server: nginx
etag: W/"5a431ab7-c31"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 paging.js Show response
www.centfile.com/js/ 2 KB
701 B 399ms
398ms Script
application/javascript 207.244.67.158
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.centfile.com/js/paging.js
Requested by: Host: www.centfile.com
URL: https://www.centfile.com/phe4kr438gs9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.244.67.158 New Castle, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: e8a4ec002545486fb475c977fc9d53ac48a77cfb3d36ac91042c14dc688d5657

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.centfile.com/phe4kr438gs9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:09:12 GMT
content-encoding: br
last-modified: Wed, 27 Dec 2017 04:00:10 GMT
server: nginx
etag: W/"5a431aca-6ad"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 logo.png
www.centfile.com/images/ 5 KB
5 KB 399ms
398ms Image
image/png 207.244.67.158
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.centfile.com/images/logo.png
Requested by: Host: www.centfile.com
URL: https://www.centfile.com/phe4kr438gs9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.244.67.158 New Castle, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 9a1a9d1cd8b8763339afbecb0e704addccc762a09860d3a1c7075cd96d217e37

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.centfile.com/phe4kr438gs9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:09:12 GMT
last-modified: Sun, 28 Jan 2018 02:18:40 GMT
server: nginx
etag: "5a6d3300-1267"
x-powered-by: PleskLin
content-type: image/png
accept-ranges: bytes
content-length: 4711

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 151 KB
52 KB 588ms
189ms Script
text/javascript 172.217.24.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.centfile.com
URL: https://www.centfile.com/phe4kr438gs9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f34.1e100.net

Software

cafe /

Resource Hash

0ca019984be04d435009905ab15535622aa17bf9951b4b704da2f70e2599012b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.centfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:09:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52829
x-xss-protection: 0
server: cafe
etag: 6796099106829395619
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 23 Nov 2023 08:09:13 GMT

GET
H2 200 btn_close.gif
centfile.com/ 804 B
973 B 209ms
208ms Image
image/gif 207.244.67.158
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://centfile.com/btn_close.gif
Requested by: Host: www.centfile.com
URL: https://www.centfile.com/phe4kr438gs9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.244.67.158 New Castle, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 114a8060558d111066e792d5cff8086bbbd9d9c820a6daaf44db11a92d117841

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.centfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:09:12 GMT
last-modified: Sun, 16 Apr 2023 13:54:28 GMT
server: nginx
x-accel-version: 0.01
etag: "324-5f97469aef557"
x-powered-by: PleskLin
content-type: image/gif
accept-ranges: bytes
content-length: 804

GET
H2 200 pace.min.js Show response
www.centfile.com/js/ 12 KB
4 KB 210ms
209ms Script
application/javascript 207.244.67.158
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.centfile.com/js/pace.min.js
Requested by: Host: www.centfile.com
URL: https://www.centfile.com/phe4kr438gs9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.244.67.158 New Castle, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 579a10a2485055e988338be054f866cbe713c8510442130cbda0ce11ced6c49f

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.centfile.com/phe4kr438gs9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:09:13 GMT
content-encoding: br
last-modified: Sun, 28 Jan 2018 01:56:41 GMT
server: nginx
etag: W/"5a6d2dd9-304b"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 superfish.min.js Show response
www.centfile.com/js/ 4 KB
2 KB 210ms
210ms Script
application/javascript 207.244.67.158
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.centfile.com/js/superfish.min.js
Requested by: Host: www.centfile.com
URL: https://www.centfile.com/phe4kr438gs9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.244.67.158 New Castle, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 2023cccf4d953a5817a30a9c972d412a23c16c5ca3feef770776a337ed9460c1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.centfile.com/phe4kr438gs9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:09:13 GMT
content-encoding: br
last-modified: Sun, 28 Jan 2018 01:56:42 GMT
server: nginx
etag: W/"5a6d2dda-112a"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 morphext.min.js Show response
www.centfile.com/js/ 1014 B
616 B 211ms
209ms Script
application/javascript 207.244.67.158
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.centfile.com/js/morphext.min.js
Requested by: Host: www.centfile.com
URL: https://www.centfile.com/phe4kr438gs9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.244.67.158 New Castle, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: a86df3be0eff7f90991f057c21e6907c16391e6f8cd0a4773cc93d9401e9dfdb

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.centfile.com/phe4kr438gs9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:09:13 GMT
content-encoding: br
last-modified: Sun, 28 Jan 2018 01:56:38 GMT
x-accel-version: 0.01
server: nginx
etag: W/"3f6-563cc70a6a180"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 wow.min.js Show response
www.centfile.com/js/ 8 KB
3 KB 223ms
221ms Script
application/javascript 207.244.67.158
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.centfile.com/js/wow.min.js
Requested by: Host: www.centfile.com
URL: https://www.centfile.com/phe4kr438gs9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.244.67.158 New Castle, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 167d7ca784f3d3948837ea87c90fae712a158e7f34d02fc8dcdc091aefa62c7f

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.centfile.com/phe4kr438gs9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:09:13 GMT
content-encoding: br
last-modified: Sun, 28 Jan 2018 01:56:46 GMT
server: nginx
etag: W/"5a6d2dde-20ea"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 jquery.slicknav.min.js Show response
www.centfile.com/js/ 6 KB
2 KB 212ms
210ms Script
application/javascript 207.244.67.158
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.centfile.com/js/jquery.slicknav.min.js
Requested by: Host: www.centfile.com
URL: https://www.centfile.com/phe4kr438gs9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.244.67.158 New Castle, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: ad8b6e314753445f31b1b3f21b85d49ba98f835386d623fc3e9172b6859f7795

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.centfile.com/phe4kr438gs9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:09:13 GMT
content-encoding: br
last-modified: Sun, 28 Jan 2018 01:56:37 GMT
server: nginx
etag: W/"5a6d2dd5-19da"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 waypoints.min.js Show response
www.centfile.com/js/ 8 KB
3 KB 213ms
212ms Script
application/javascript 207.244.67.158
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.centfile.com/js/waypoints.min.js
Requested by: Host: www.centfile.com
URL: https://www.centfile.com/phe4kr438gs9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.244.67.158 New Castle, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: c31a2323b6e3ab938aad7b7711ccb96836e5452f58ce65a5d1dbfadcca1e568c

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.centfile.com/phe4kr438gs9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:09:13 GMT
content-encoding: br
last-modified: Sun, 28 Jan 2018 01:56:45 GMT
server: nginx
etag: W/"5a6d2ddd-1f6c"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 jquery.animateNumber.min.js Show response
www.centfile.com/js/ 1 KB
780 B 212ms
211ms Script
application/javascript 207.244.67.158
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.centfile.com/js/jquery.animateNumber.min.js
Requested by: Host: www.centfile.com
URL: https://www.centfile.com/phe4kr438gs9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.244.67.158 New Castle, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 35c2b2abe367758e35c91ea4e545072463372b9d4551a706731f587ecf1bc2a4

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.centfile.com/phe4kr438gs9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:09:13 GMT
content-encoding: br
last-modified: Sun, 28 Jan 2018 01:56:36 GMT
server: nginx
etag: W/"5a6d2dd4-548"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 bootstrap.min.js Show response
www.centfile.com/js/ 36 KB
9 KB 217ms
216ms Script
application/javascript 207.244.67.158
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.centfile.com/js/bootstrap.min.js
Requested by: Host: www.centfile.com
URL: https://www.centfile.com/phe4kr438gs9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.244.67.158 New Castle, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.centfile.com/phe4kr438gs9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:09:13 GMT
content-encoding: br
last-modified: Sun, 11 Feb 2018 16:43:14 GMT
server: nginx
etag: W/"5a8072a2-9004"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 owl.carousel.min.js Show response
www.centfile.com/js/ 23 KB
6 KB 220ms
218ms Script
application/javascript 207.244.67.158
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.centfile.com/js/owl.carousel.min.js
Requested by: Host: www.centfile.com
URL: https://www.centfile.com/phe4kr438gs9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.244.67.158 New Castle, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: e0e2bc4e1d3ee5024c4e1aa58a6cad9aa42fc63a8c89ce18013a1c8f2b94875c

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.centfile.com/phe4kr438gs9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:09:13 GMT
content-encoding: br
last-modified: Sun, 28 Jan 2018 01:56:40 GMT
server: nginx
etag: W/"5a6d2dd8-5d52"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 custom.js Show response
www.centfile.com/js/ 3 KB
1 KB 221ms
220ms Script
application/javascript 207.244.67.158
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.centfile.com/js/custom.js
Requested by: Host: www.centfile.com
URL: https://www.centfile.com/phe4kr438gs9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.244.67.158 New Castle, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: a26d2294c7259f7bf67280f1e33df4200971ca408fccd9bf3d38a362501222d0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.centfile.com/phe4kr438gs9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:09:13 GMT
content-encoding: br
last-modified: Sun, 28 Jan 2018 01:56:35 GMT
server: nginx
etag: W/"5a6d2dd3-b45"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 ticker.js Show response
www.centfile.com/js/ 4 KB
820 B 220ms
219ms Script
application/javascript 207.244.67.158
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://www.centfile.com/js/ticker.js
Requested by: Host: www.centfile.com
URL: https://www.centfile.com/phe4kr438gs9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.244.67.158 New Castle, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: c786317f3ce40a59075ef4565d91c109416258e9e1e860e09e698983ef7beebc

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.centfile.com/phe4kr438gs9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:09:13 GMT
content-encoding: br
last-modified: Sun, 28 Jan 2018 01:56:43 GMT
server: nginx
etag: W/"5a6d2ddb-e88"
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 309ms
2ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.centfile.com
URL: https://www.centfile.com/phe4kr438gs9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

e78fc86cc2859c8f152b3a401abaa7f336ba7a773e66d7b911439ad6bbb9dd09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.centfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 23 Nov 2023 08:09:13 GMT
content-md5: MzK6rm74HQXPc5d7FBXPQw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1685
reporting-endpoints
x-fb-debug: b/iRwsgxLMic8b419azWC29yS25vt2VCGkV58TVi4UAh2NSkx6pDEbb/aaeKX/caZei6xdpYlBZXzOo8n5M5gQ==
x-fb-content-md5: 1d7fca0dca64a619ffc8d11a1c7a857d
cross-origin-opener-policy: same-origin-allow-popups
etag: "e2ce6d3d37be792c55fa72d75ada863a"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Thu, 23 Nov 2023 08:24:01 GMT

GET
H2 200 flags.png
www.centfile.com/images/ 15 KB
15 KB 216ms
216ms Image
image/png 207.244.67.158
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.centfile.com/images/flags.png
Requested by: Host: www.centfile.com
URL: https://www.centfile.com/css2/style.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 207.244.67.158 New Castle, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 0787e30d6145bc8b8b92ed329f664bcc3012162ccba9ef943d7ada480afb74e9

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.centfile.com/css2/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:09:13 GMT
last-modified: Sun, 28 Jan 2018 01:38:15 GMT
server: nginx
etag: "5a6d2987-3b4c"
x-powered-by: PleskLin
content-type: image/png
accept-ranges: bytes
content-length: 15180

GET
H2 200 2-cm9JNi2YuVOUckZpy-.woff2
fonts.gstatic.com/s/changa/v27/ 22 KB
23 KB 409ms
3ms Font
font/woff2 142.251.221.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/changa/v27/2-cm9JNi2YuVOUckZpy-.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Changa:400,500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.221.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s31-in-f3.1e100.net

Software

sffe /

Resource Hash

2e1683ccc9fa765af342ee498fa1c62cf569d71313bec973c38e896a81d01aa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.centfile.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 21:14:31 GMT
x-content-type-options: nosniff
age: 471282
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23024
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 17:37:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Nov 2024 21:14:31 GMT

GET
H2 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 16ms
15ms Font
font/woff2 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://www.centfile.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:09:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 1114
age: 35495
cdn-cachedat: 10/31/2023 19:02:32
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 5a89ce67967b28537f7c9b44d4b7a15f
accept-ranges: bytes
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 82a7edc02dffa977-SYD
cdn-requestpullsuccess: True

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 302 KB
87 KB 308ms
3ms Script
application/x-javascript 157.240.8.23
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=106f3a60826c71ef2c196b60bd1de747

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.8.23 Sydney, Australia, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-syd2.fbcdn.net

Software

Resource Hash

f40f7f9f9c91315b6fa9c09bd885e4a844b173d46c181eea5ea254146d229a41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.centfile.com/
Origin: https://www.centfile.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 23 Nov 2023 08:09:13 GMT
content-md5: aMVKwkSP+GAs1vxaUdWcJg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88330
reporting-endpoints
x-fb-debug: 6pQ/4kZVJ9m3heh4QEYP2crhkQW4qIbollspyLPMnqa8CZEAmvd4ZkqoUHnLpD5YAqkwStKnmN71bnMIIgWnEg==
x-fb-content-md5: 96b32ff2bbe19c02ea786343b9635f47
cross-origin-opener-policy: same-origin-allow-popups
etag: "a817492d850b031f376d15e510c58f42"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Fri, 22 Nov 2024 07:44:05 GMT

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/ 397 KB
134 KB 207ms
206ms Script
text/javascript 172.217.24.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/show_ads_impl_fy2021.js?bust=31079699

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f34.1e100.net

Software

cafe /

Resource Hash

6a8bd0ef355525106852078c746943facaa5dda806c5e3dbdb70233409283984

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.centfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:09:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137265
x-xss-protection: 0
server: cafe
etag: 13230165216820303018
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Nov 2023 08:09:13 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame 1B43 9 KB
4 KB 352ms
3ms Document
text/html 142.250.71.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html?hello=world

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.71.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s17-in-f2.1e100.net

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.centfile.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

age: 37291
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Nov 2023 21:47:42 GMT
etag: 16674218716276178799
expires: Wed, 06 Dec 2023 21:47:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2CBD 83 KB
28 KB 933ms
932ms Document
text/html 142.250.71.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8989054117704044&output=html&h=280&slotname=9641227168&adk=1086079764&adf=1972238307&pi=t.ma~as.9641227168&w=336&lmt=1700726954&format=336x280&url=https%3A%2F%2Fwww.centfile.com%2Fphe4kr438gs9&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700726953605&bpp=3&bdt=1145&idt=533&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&correlator=2114039432253&frm=20&pv=2&ga_vid=1330707109.1700726954&ga_sid=1700726954&ga_hid=533254029&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=282&ady=635&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C44809003%2C31078301%2C31079699%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=164840300249874&tmod=1702033654&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=546

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/show_ads_impl_fy2021.js?bust=31079699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.71.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s17-in-f2.1e100.net

Software

cafe /

Resource Hash

cafbbc6d0c3acd70cba6b1a0e9c0bf1b475e75b79bada6bfd29bc8243e3d1b65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.centfile.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 28785
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 08:09:15 GMT
expires: Thu, 23 Nov 2023 08:09:15 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AB2C 37 KB
13 KB 671ms
670ms Document
text/html 142.250.71.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8989054117704044&output=html&h=280&slotname=4529459148&adk=4201992133&adf=3485233052&pi=t.ma~as.4529459148&w=336&lmt=1700726954&format=336x280&url=https%3A%2F%2Fwww.centfile.com%2Fphe4kr438gs9&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700726953608&bpp=1&bdt=1149&idt=551&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=2114039432253&frm=20&pv=1&ga_vid=1330707109.1700726954&ga_sid=1700726954&ga_hid=533254029&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1042&ady=625&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C44809003%2C31078301%2C31079699%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=164840300249874&tmod=1702033654&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=554

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/show_ads_impl_fy2021.js?bust=31079699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.71.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s17-in-f2.1e100.net

Software

cafe /

Resource Hash

c8a232a2ca6e90370216c787079374a65ffaff9ac2fabac2670169014a4938cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.centfile.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 13279
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 08:09:14 GMT
expires: Thu, 23 Nov 2023 08:09:14 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8B26 83 KB
28 KB 973ms
973ms Document
text/html 142.250.71.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8989054117704044&output=html&h=280&slotname=9207920698&adk=1314418388&adf=1883971444&pi=t.ma~as.9207920698&w=336&lmt=1700726954&format=336x280&url=https%3A%2F%2Fwww.centfile.com%2Fphe4kr438gs9&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700726953609&bpp=1&bdt=1149&idt=555&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280&correlator=2114039432253&frm=20&pv=1&ga_vid=1330707109.1700726954&ga_sid=1700726954&ga_hid=533254029&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=640&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C44809003%2C31078301%2C31079699%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=164840300249874&tmod=1702033654&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=559

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/show_ads_impl_fy2021.js?bust=31079699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.71.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s17-in-f2.1e100.net

Software

cafe /

Resource Hash

77d99620c65a9641762bef5b1e203368ab0478a1f11d34ffd3cb040ce13b4e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.centfile.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 28810
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 08:09:15 GMT
expires: Thu, 23 Nov 2023 08:09:15 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 053C 83 KB
28 KB 1198ms
1197ms Document
text/html 142.250.71.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8989054117704044&output=html&h=280&slotname=9207920698&adk=1314418388&adf=2280487119&pi=t.ma~as.9207920698&w=336&lmt=1700726954&format=336x280&url=https%3A%2F%2Fwww.centfile.com%2Fphe4kr438gs9&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700726953610&bpp=1&bdt=1151&idt=559&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280%2C336x280&correlator=2114039432253&frm=20&pv=1&ga_vid=1330707109.1700726954&ga_sid=1700726954&ga_hid=533254029&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=920&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C44809003%2C31078301%2C31079699%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=164840300249874&tmod=1702033654&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=562

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/show_ads_impl_fy2021.js?bust=31079699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.71.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s17-in-f2.1e100.net

Software

cafe /

Resource Hash

f0b9cce076bd1ec81b5aa75d0f026aa12ac30d2857416a4ada414237cd615602

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.centfile.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 28573
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 08:09:15 GMT
expires: Thu, 23 Nov 2023 08:09:15 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 01D2 357 KB
84 KB 726ms
725ms Document
text/html 142.250.71.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8989054117704044&output=html&adk=1812271804&adf=3025194257&lmt=1700726954&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.centfile.com%2Fphe4kr438gs9&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700726953622&bpp=1&bdt=1162&idt=553&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280%2C336x280%2C336x280&nras=1&correlator=2114039432253&frm=20&pv=1&ga_vid=1330707109.1700726954&ga_sid=1700726954&ga_hid=533254029&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C44809003%2C31078301%2C31079699%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=164840300249874&tmod=1702033654&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&fsb=1&dtd=564

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/show_ads_impl_fy2021.js?bust=31079699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.71.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s17-in-f2.1e100.net

Software

cafe /

Resource Hash

688c6d4564188e2356bf733e3c74bbf886b18380a5143e1eb1f18bf4f0917eb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.centfile.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 85351
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 08:09:14 GMT
expires: Thu, 23 Nov 2023 08:09:14 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
121 B 134ms
133ms Image
image/gif 172.217.24.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=fixedban&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: www.centfile.com
URL: https://www.centfile.com/phe4kr438gs9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f34.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.centfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 08:09:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame FFEA 468 B
465 B 108ms
107ms Document
text/html 142.250.71.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEIuDmgEY8t2o7gEwAQ&v=APEucNVLafGC3RCMqgq5s22ASAba5cQJQuADGHCLZ86A3XWqL2vyJbSW-12YTWvBrKFzzJFxJqAfoaI7td98Ame_lcRNJsqfgw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8989054117704044&output=html&h=280&slotname=4529459148&adk=4201992133&adf=3485233052&pi=t.ma~as.4529459148&w=336&lmt=1700726954&format=336x280&url=https%3A%2F%2Fwww.centfile.com%2Fphe4kr438gs9&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700726953608&bpp=1&bdt=1149&idt=551&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=2114039432253&frm=20&pv=1&ga_vid=1330707109.1700726954&ga_sid=1700726954&ga_hid=533254029&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1042&ady=625&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C44809003%2C31078301%2C31079699%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=164840300249874&tmod=1702033654&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=554

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.71.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s17-in-f2.1e100.net

Software

cafe /

Resource Hash

1a81c00b02e9a797e6e8cfce706577e8eb14c66fc4ab38ed71f09508d9222c72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8989054117704044&output=html&h=280&slotname=4529459148&adk=4201992133&adf=3485233052&pi=t.ma~as.4529459148&w=336&lmt=1700726954&format=336x280&url=https%3A%2F%2Fwww.centfile.com%2Fphe4kr438gs9&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700726953608&bpp=1&bdt=1149&idt=551&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=2114039432253&frm=20&pv=1&ga_vid=1330707109.1700726954&ga_sid=1700726954&ga_hid=533254029&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1042&ady=625&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C44809003%2C31078301%2C31079699%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=164840300249874&tmod=1702033654&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=554
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 178
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 08:09:15 GMT
expires: Thu, 23 Nov 2023 08:09:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame AB33 89 KB
31 KB 179ms
177ms Script
text/javascript 172.217.24.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f34.1e100.net

Software

cafe /

Resource Hash

38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:09:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31485
x-xss-protection: 0
server: cafe
etag: 7119415641918660631
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 23 Nov 2023 08:09:15 GMT

GET
H2 200 adj Show response
fw.adsafeprotected.com/rjss/bgd/1525488/72168018/xbbe/creative/ Frame AB33 263 KB
80 KB 18ms
7ms Script
application/javascript 52.62.225.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/bgd/1525488/72168018/xbbe/creative/adj?p=APEucNUEO23E16aAHkqqIoch7OXRw4BqxqO3MTsnUVG_acVcqcceJA0&d=CokBAKAmf-AS320dZ9UZ0u5hPtwLeTID7huEd0zyM3nT1YZzEXLEH33OhQdTL21EyeTrBPcKFSN5NkSDJ9us9lbhWdviagtLWUONhLYxDC0MLDZ0CoovR3xpwCTBZAUNkhYK_0DM3VDhXkVV5BN2ZIq60GyXtPOrnkNU2QxQmBd4ghY8AjrZkBRnBNQSyRQAoCZ_4CwLHkkYja9yPylN1rbb-G0qLAyWUwkjA4_5-CPfW0X4lz_F2KSCOeU7gcafK2lqNxV_boU6KLCFueuoneYt_4CbuT65re3KokabAhy1bEefVvkLjUu1UnSC3YLgun3hyNzOYcBMqOPEiB-RPlmbzzBr-2KgkE2GEcFxMfjfzGl7lfRnZMnMhLuXyYsqXhlmPLYjdjE-7BOtjslbkPD4rIW2kklPwc9283ss50rUH_P8R3YFcCq9wIPtqNYz2-Zio1zvWqeF9eUh4ErQre5x2ZcOAeMCSQ8gYa--zgNHflyKVYWvcX37sdZl8KSBthKasJ2zUnhOzJOOrswcM0ZlolEsCkNPnPTgHoUxsuujiogu0M8vfHxBLWUzT2jdE3kPX8tVeVXa2T80Wo5NrW4foNvf4_Jx7bKKMGNfKqZtZwDRlfL_X5NCcPQzSVLXuWG4-_5NFcvCmrSaYWPqnREc4vRQB_H2_UIt-ntsPdI1SIQO_YbIGmdNFndTYzlIzFruTD0cGbXmS-dxCkYcKHpd4ERSaTvlq6JxUsvEvikXTVUgjzDD569BEIXzPpTB93xdr8MUfUB7-jPYb1kaEALUmTn6JtPOamWyHKoYC_HRML6GHp4MkY4VIyCzwvY0XaHano6DS84FJlmMx48CaXesIKgO7I_o8JKITF8f5ZH0zHFhXsH0tmS7Ehr5QjZQd8vpLz-A9F0ONSgWyNPCCkYHa7PTtnoavEEMe3fJT5kaUkCKOEl6XSxCH_dJXqIKruRIr3nVMMDggOUoSFaxfSCc4Qcf4uCUHgJPcNJWSs5yAOEg7vESJI9WwsTq6KFsqP6LdDX2YMqz0hKlk-s5trizxhZZjsYofCtPUj3y9nJOD3jEp-4HYAJikDdxp5NLPmRear1EbppwdmLtGB5Y6TMWwS5mdgn_tiGQ0gB_kt3Zb6RKArw-tQqjCBRyWsOQDkrAWXG5jcuwPtEkFcFHnhUIBPMKqGa9VoFnugckkHpodxg_j6sVRsHMMLxCikk1hNfkERhgNCtsKc3Q_Y4OyoueR3MPDdv0c9TbIK9URnFOcVIu9I676QfgRvwKj0A3YDVNhMZQ1PH5pegKO8faWIl7V8sDpRn3Dih5A5u34U4OyedadP9IgC2xyKp9m-3UaDdhQZFuBUYXBCix9SxxsR-MH-pqpwFPfM2bHIajT3poeip7Cr9qnzfrjf_a6dcsyLAjN87AJDVO28okZX5xs1KJaqCAV2SI8WVhH9icpYcik_USeusvV4WWGPnLzv8bN_yzmztXwdfyhVUjJjqWsqUmK7M0U5oDzmhyLIE42c2DaZQRNl1zS2IR3uSjrtGS7FtNfSal2YGSffDsVyw9dSmhpdZpKuE94Libd9-x-1LNjlZWaeSbybIljcbyif1zRim7jrHKUk8cuWx-BoyZLckES21WI2dtQ5qdpmflpOBBm68bj6rKSAy0ozZWPw9nq3sc1VbzRStBcfQe0HJlPVPwMuWSV7gP6pz4mx8SABAVWi91DG0QKHFtyqXMWkTUEcf4uK4cqWIXBGlf97liMIh5jJLqA8o5qzsnudoaX6bm2isX3IypxijqihDcYFXWBAidbuJghK5siGUheLbUqaMMRV-1A9LEHKVLyZQ3Ynr8NGJmAg-nWFQOAYKgpJ1V8dFlrnASYZTaSZhvAWUQABanXyNmGr2P1Imt4GKc8_qx6CRY5v77EvyfSBf7U3ZJMWeTNuDZYBnjvoaSFQW4TGGAfEhVelPllNFLJeRgvRFzCU4XZESV4zHxN6L3xLGyxSBJEneDtGtpWQUvR6VYtfIUnmUlZ5d3Ypg3kqXJEfBDuMwlXQeUJ4PJM72mIdU9OIYMXhFUe_W240TsnAwkKqL1ciihnXkV-mT95P3w7IY3hhFdQWzNrxOqcLl2DUhEZLLMyyiGS2aXzC4d8D4HAkRlLojSpAjYAn8YQfxualBQcDOKiUANrup6Hl_Gdj6-GBzeTDBsU4JAnXCZ09VI7rhma8UzeSwhWMynWOveZlC1IhGkT67zqd3x2X8wI85T1jiJecTq4a4SUBcU7balwo88uWgA2pSCcwNJGMWuo3IL79t61i38JHWw_u6xid1EkqTeGSU52yXIUo7IW9RNlWmCngS6GCFNube97YsAge5s1ozYDfOZ0aGNNk3wTPGCeFZEj43Adg4Y0y2Hnw380dvyvdzDF929PGMnkfkS1Nh_SUEwxnpfx1riCrCWKN-K5mdxoMbloZQ4r0q3Y7LAHt2Lb1j0fpEqVjZxu3D81hPiABwTOSUL4JyTrYLA8bjwQxMF6XI6ekSmco1YbmmWcgOs3xw4pSTyKOmjd9l-LSWYbILvjXHzJLn-59xsW8agBxveFy2oFWnozOpCIGdYZV5MvRL894epcOvBhgYeU0c-VvLaExoTbsVf5BeJz3dyeWenahhiVn9T19geFFR9vHcJVM_n-C1F0dsbAhFkaX1DG7DkRl6CHx9kxqY0Z2pNUZOppxFMEaMb-UVZjftfOICFuOyQuHR3C0xoQMF9HMOBEA58yNBtiP-Orbyv2kUHhR6MfKlutbdBlq9GTxUbwxXcmZcixwerOFILJWWHdwAIauzOP6Rydvx8EMUbkVYoAgJgVo7UDAbgY8pOkfS4tk3ZP1fNQl9EnkjymjR4_wKC-qhwH5HvLxj2qC_1kUYEOMfZyWV2AqhjRwTG07c-z7LOb_hseBO11ScH_3uuHlboVfAGq3XaAR5nVXKcRUCGFtP4wpXpW2XPsmg1Vg9slCR4co5UH3yPRbkhatBYLJ1knhIMHEXmT9Y9L6ggDFKWcNKxwomBOScoijAuzsaAT0y-n5Ak-ap6-DlKQMNJUYbc6sHM2is3VjxP1SKF6r5RfSzNodTbPOD0TRo-717f5gRdyvndImJLk2UQzXYSveZX8kIqdwd-vGdWJq34NImWAK1hMGZXzON8f7cAKAEaYul921PQX9ywBStFxUFj41szh7nZqMGY4zxTHx7EXbhLFwDd_XqVBR_eoJB58DcKil6Ym9YpH4omduSitRHVcaEw2cbFimzdctIA1FYhITaBRkf9Yl1XRty7bHjRzubkHMi1hL844U_naqeinE2vRxM-s_qgp1Bg-EufKXZ5NUM89vdjH3WN1VeN0y4OPSFlcJsK3dQG___SOgt4298-D59y76-juK0_p9OSMwXObq2bT05W6a61ZVOlj5jeGgTrQF1QyGJZHL6S5Rdc3d5joqzQhdndSZFr-nNZyE5uB8vjhw996GW531AtQ4odcQtNz7bXqgasWf-VaFLjKVP55P9uOXUITm1HD19l0vCONDYXubFOLcBD3YAFMSwJP1kdlir_iUrRJ9ItT5lEIJg9ygxdVt1ErEZ8mLbELCtYr2Eq4IxPJoZ1Hq11XMCCMLOISDLiJsuVuf0P0ThuMJodjQGds9n0YdGzAuknus-EJtK-jI3FiOl7WO0SR_kuk0KFadYlUwg6WqQE-pYct5ddt76cAmPq96KiiRpUCAQSTgDICaaNFpV-kX6L0SgU0YpjZU_VPIpX4whB9BimgCGjXOi_zXnt0xDqobn8XHZPGgevAyIIztxK6iYjZtogCBqkWYKAGDQvD1kBTd45BxgBYAE&cry=1&bundleId=&ias_dspID=3&ias_campId=1013045261&ias_pubId=pub-8989054117704044&ias_chanId=1&ias_placementId=20263834769&bidurl=https://www.centfile.com/phe4kr438gs9&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hC2rsy-mqy7ZmpXZgMM0S6
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8989054117704044&output=html&h=280&slotname=4529459148&adk=4201992133&adf=3485233052&pi=t.ma~as.4529459148&w=336&lmt=1700726954&format=336x280&url=https%3A%2F%2Fwww.centfile.com%2Fphe4kr438gs9&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700726953608&bpp=1&bdt=1149&idt=551&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=2114039432253&frm=20&pv=1&ga_vid=1330707109.1700726954&ga_sid=1700726954&ga_hid=533254029&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1042&ady=625&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C44809003%2C31078301%2C31079699%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=164840300249874&tmod=1702033654&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=554
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.62.225.80 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-62-225-80.ap-southeast-2.compute.amazonaws.com
Software: /
Resource Hash: 4fce7d18bf336aee8feb2bde703ba56aa3e970a211ffa86f687d3a0f235f8f0e

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 08:09:15 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame AB33 3 KB
1 KB 406ms
7ms Script
text/javascript 172.217.24.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s20-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:10:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57552
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Dec 2023 16:10:03 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame AB33 20 KB
9 KB 401ms
1ms Script
text/javascript 172.217.24.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s20-in-f1.1e100.net

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:34:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16473
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 03:34:42 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame AB33 202 KB
64 KB 300ms
298ms Script
text/javascript 172.217.24.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f34.1e100.net

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Nov 2023 08:09:15 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame AB33 42 B
110 B 138ms
138ms Image
image/gif 172.217.24.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CwH9TvbAHEiuvv5RiKjGDLnElvSR1lTjXvsisd3VEYv-iKH_iET3KfywQ3Y2JTCMVlsTkJfMRxeDPRwLkwn1pOImSAIKY4lTM0Tdxj0FQSCuNnyAo

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f34.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 08:09:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AB33 0
56 B 134ms
133ms Image
image/gif 172.217.24.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=7893185005139507332&x=1&ct=76

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f34.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 08:09:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 style_banner_6df7b6.css
cdn.mediago.io/js/template/style/ Frame 657A 2 KB
2 KB 13ms
2ms Stylesheet
text/css 18.67.93.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mediago.io/js/template/style/style_banner_6df7b6.css
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8989054117704044&output=html&h=280&slotname=9641227168&adk=1086079764&adf=1972238307&pi=t.ma~as.9641227168&w=336&lmt=1700726954&format=336x280&url=https%3A%2F%2Fwww.centfile.com%2Fphe4kr438gs9&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700726953605&bpp=3&bdt=1145&idt=533&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&correlator=2114039432253&frm=20&pv=2&ga_vid=1330707109.1700726954&ga_sid=1700726954&ga_hid=533254029&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=282&ady=635&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C44809003%2C31078301%2C31079699%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=164840300249874&tmod=1702033654&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=546
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-102.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1c97b291f30dafec3877840f45e38fc5040760d5d48054ec301860db2f47abef

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: C1RTuJb0W8nqOWn6puCvq29BVn6V0227
date: Wed, 22 Nov 2023 22:44:01 GMT
via: 1.1 f1646a7b70ef690faac638f9c1dd2364.cloudfront.net (CloudFront)
last-modified: Thu, 24 Aug 2023 13:31:37 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P1
age: 33915
x-amz-server-side-encryption: AES256
etag: "c4080f016cac23105aef6b32b2ee7565"
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1667
x-amz-cf-id: l_oZPf7m31WcSMZncIlNHiF4irlFYfFzAMRc5FrxrkocUNhfhCnOYQ==

GET
H2 200 486c16ca447eda6b3e0d40baffcec05d__scv1__300x175.png
images.mediago.io/ML/ Frame 657A 76 KB
76 KB 11ms
4ms Image
image/png 34.111.60.239
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.mediago.io/ML/486c16ca447eda6b3e0d40baffcec05d__scv1__300x175.png
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8989054117704044&output=html&h=280&slotname=9641227168&adk=1086079764&adf=1972238307&pi=t.ma~as.9641227168&w=336&lmt=1700726954&format=336x280&url=https%3A%2F%2Fwww.centfile.com%2Fphe4kr438gs9&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700726953605&bpp=3&bdt=1145&idt=533&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&correlator=2114039432253&frm=20&pv=2&ga_vid=1330707109.1700726954&ga_sid=1700726954&ga_hid=533254029&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=282&ady=635&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C44809003%2C31078301%2C31079699%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=164840300249874&tmod=1702033654&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=546
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.60.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 239.60.111.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3a8c1c164f78ca46424ff1759dab01130d29caf9ef947a8624fdc569b6dd9bba

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:00:01 GMT
via: 1.1 google
age: 554
x-guploader-uploadid: ABPtcPp8eE0VHbBIgdjaDmakP7cC6Jl0UkqLmYyvhvMFqocQBBQFbPjWXkVisT4RQZuKVY_XjYkDoHJYt-tWL9eEJMJ77A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77704
last-modified: Fri, 20 Oct 2023 16:04:26 GMT
server: UploadServer
etag: "d27f22c24cf0988c5c5ce3c0a7a9ac06"
x-goog-generation: 1697817866333813
x-goog-hash: crc32c=FOxRIw==, md5=0n8iwkzwmIxcXOPAp6msBg==
content-type: image/png
cache-control: public,max-age=3600
x-goog-stored-content-length: 77704
accept-ranges: bytes

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 657A 3 KB
1 KB 362ms
7ms Script
text/javascript 172.217.24.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8989054117704044&output=html&h=280&slotname=9641227168&adk=1086079764&adf=1972238307&pi=t.ma~as.9641227168&w=336&lmt=1700726954&format=336x280&url=https%3A%2F%2Fwww.centfile.com%2Fphe4kr438gs9&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700726953605&bpp=3&bdt=1145&idt=533&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&correlator=2114039432253&frm=20&pv=2&ga_vid=1330707109.1700726954&ga_sid=1700726954&ga_hid=533254029&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=282&ady=635&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C44809003%2C31078301%2C31079699%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=164840300249874&tmod=1702033654&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=546

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s20-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:10:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57552
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Dec 2023 16:10:03 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 657A 20 KB
8 KB 359ms
4ms Script
text/javascript 172.217.24.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s20-in-f1.1e100.net

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:34:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16473
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 03:34:42 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 657A 202 KB
64 KB 233ms
233ms Script
text/javascript 172.217.24.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f34.1e100.net

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Nov 2023 08:09:15 GMT

GET
H2 200 style_banner_6df7b6.css
cdn.mediago.io/js/template/style/ Frame C6E1 2 KB
2 KB 2ms
2ms Stylesheet
text/css 18.67.93.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mediago.io/js/template/style/style_banner_6df7b6.css
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8989054117704044&output=html&h=280&slotname=9207920698&adk=1314418388&adf=1883971444&pi=t.ma~as.9207920698&w=336&lmt=1700726954&format=336x280&url=https%3A%2F%2Fwww.centfile.com%2Fphe4kr438gs9&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700726953609&bpp=1&bdt=1149&idt=555&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280&correlator=2114039432253&frm=20&pv=1&ga_vid=1330707109.1700726954&ga_sid=1700726954&ga_hid=533254029&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=640&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C44809003%2C31078301%2C31079699%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=164840300249874&tmod=1702033654&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=559
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-102.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1c97b291f30dafec3877840f45e38fc5040760d5d48054ec301860db2f47abef

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: C1RTuJb0W8nqOWn6puCvq29BVn6V0227
date: Wed, 22 Nov 2023 22:44:01 GMT
via: 1.1 f1646a7b70ef690faac638f9c1dd2364.cloudfront.net (CloudFront)
last-modified: Thu, 24 Aug 2023 13:31:37 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P1
age: 33915
x-amz-server-side-encryption: AES256
etag: "c4080f016cac23105aef6b32b2ee7565"
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1667
x-amz-cf-id: BAmhQXfaeiXAZYmAaqeqV7eb84IE6jKrpcYQyXOtx_zBKCHv1LscaA==

GET
H2 200 108918d33017385f44088434bb5a32a8__scv1__300x175.png
images.mediago.io/ML/ Frame C6E1 77 KB
78 KB 4ms
2ms Image
image/png 34.111.60.239
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.mediago.io/ML/108918d33017385f44088434bb5a32a8__scv1__300x175.png
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8989054117704044&output=html&h=280&slotname=9207920698&adk=1314418388&adf=1883971444&pi=t.ma~as.9207920698&w=336&lmt=1700726954&format=336x280&url=https%3A%2F%2Fwww.centfile.com%2Fphe4kr438gs9&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700726953609&bpp=1&bdt=1149&idt=555&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280&correlator=2114039432253&frm=20&pv=1&ga_vid=1330707109.1700726954&ga_sid=1700726954&ga_hid=533254029&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=640&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C44809003%2C31078301%2C31079699%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=164840300249874&tmod=1702033654&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=559
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.60.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 239.60.111.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3047554925444f61525b1615f5e1e2a419644baa2e7f75b0669a84ea2c2fba57

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 07:35:56 GMT
via: 1.1 google
age: 1999
x-guploader-uploadid: ABPtcPqcwNwd31yUMBVvBTUGJkL_cMP0OXHYoKNSA_wkvqv2KE-CtITuqgIGg6wobZ5Kpy8mJQ20qKkJFZQSsWpDt6EHsRc199dK
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79276
last-modified: Thu, 16 Nov 2023 07:06:03 GMT
server: UploadServer
etag: "42f81cb14247c4268b087672d717dc0c"
x-goog-generation: 1700118363188011
x-goog-hash: crc32c=hqmC0A==, md5=QvgcsUJHxCaLCHZy1xfcDA==
content-type: image/png
cache-control: public,max-age=3600
x-goog-stored-content-length: 79276
accept-ranges: bytes

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame C6E1 3 KB
1 KB 346ms
7ms Script
text/javascript 172.217.24.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8989054117704044&output=html&h=280&slotname=9207920698&adk=1314418388&adf=1883971444&pi=t.ma~as.9207920698&w=336&lmt=1700726954&format=336x280&url=https%3A%2F%2Fwww.centfile.com%2Fphe4kr438gs9&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700726953609&bpp=1&bdt=1149&idt=555&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280&correlator=2114039432253&frm=20&pv=1&ga_vid=1330707109.1700726954&ga_sid=1700726954&ga_hid=533254029&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=640&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C44809003%2C31078301%2C31079699%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=164840300249874&tmod=1702033654&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=559

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s20-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:10:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57552
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Dec 2023 16:10:03 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame C6E1 20 KB
8 KB 343ms
5ms Script
text/javascript 172.217.24.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8989054117704044&output=html&h=280&slotname=9207920698&adk=1314418388&adf=1883971444&pi=t.ma~as.9207920698&w=336&lmt=1700726954&format=336x280&url=https%3A%2F%2Fwww.centfile.com%2Fphe4kr438gs9&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700726953609&bpp=1&bdt=1149&idt=555&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280&correlator=2114039432253&frm=20&pv=1&ga_vid=1330707109.1700726954&ga_sid=1700726954&ga_hid=533254029&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=640&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C44809003%2C31078301%2C31079699%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=164840300249874&tmod=1702033654&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=559

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s20-in-f1.1e100.net

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:34:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16473
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 03:34:42 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame C6E1 202 KB
64 KB 238ms
238ms Script
text/javascript 172.217.24.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8989054117704044&output=html&h=280&slotname=9207920698&adk=1314418388&adf=1883971444&pi=t.ma~as.9207920698&w=336&lmt=1700726954&format=336x280&url=https%3A%2F%2Fwww.centfile.com%2Fphe4kr438gs9&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700726953609&bpp=1&bdt=1149&idt=555&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280&correlator=2114039432253&frm=20&pv=1&ga_vid=1330707109.1700726954&ga_sid=1700726954&ga_hid=533254029&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=640&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C44809003%2C31078301%2C31079699%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=164840300249874&tmod=1702033654&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=559

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f34.1e100.net

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Nov 2023 08:09:15 GMT

GET
H2 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/ 160 KB
55 KB 203ms
203ms Script
text/javascript 172.217.24.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/reactive_library_fy2021.js?bust=31079699

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/show_ads_impl_fy2021.js?bust=31079699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f34.1e100.net

Software

cafe /

Resource Hash

1bec279ac9a55d6ece9eb7761ddd4c6b6264af2351e3ad9325de77acf9954536

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.centfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:09:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55854
x-xss-protection: 0
server: cafe
etag: 10231862498706104839
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 23 Nov 2023 08:09:15 GMT

GET
H2 204 ic
trace.popin.cc/ju/ Frame 657A 0
120 B 320ms
109ms Image
text/html 35.213.89.133
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trace.popin.cc/ju/ic?tn=41b6e88a2b85b0e731ef8e73e5558712&trackingid=af8a2a5d1a0f50521c0e8e49baaf634b&acid=25857&data=GOgxX3iKciOBlKXIluFzmvynCcW8pmC0U3SQliZRRxXyD8s2zCcQqDaVe8vankZgoubLJagUeVq8faswWwmQ7vhjrWhzFvFowGqPZkAOA0GX36BRO56s-7bPZ4PXyl5noUG8VB8aIuanyiz0LPriybGzsmc1nj_V2LlJL00zyJMzVIEwas-PK8M98x50oqry971LTMOj8q7alggGVIACDvqy7nDmQmiEEfrAzouMDCcKcLnrg9gqe7zBPXBVz4cHsUzTC3f97Y4YC1MSCSz81yI6QHc-pWfGXjA3LyxJy5g0xbW2wYe0RpOrttFea3uNQwohUAdbPdjk0o_CYiHH87brthsbMwM-6IncZ6kQ_vBWgBwpTnWI_60VucEturJNYspwU13MCkq-l1mC07KPcl1WJ5qVOA4nLRjOLHMY4bOTHAIFDN5ai4ercQtKVtXsHqbaRlhMY8wpeZmlYJmXhIsAn2zI-2LSZJRZmxFjMHRNSGfBXb3T0IL1u6WBO-1dWt2VQb6faJMSW2gJuw7V9ddsslGCPdHYaPXeULaxl0DqYq74jlUyzi-VLkUxAOsLs5EISzvthH_wRh9rraKmltuOlBChJRB2v3kYFcTN7Fo00bHzbYAUl5hCQ5rh6ef2cK4NfEqzl5D1v6wwCBI_xxNe95B6p1RFAyaI_qLGEh8SEVt3PBjACz8IAIfd_U_ora4RqnNMj7yK3rWRI7S7BEDqjGlr9pffXiohbYUr7mWz6VR3FTE9ORepNehVIykrYBKLN4EEeijGEFQyet6NvluR8fL953RZk5-lWAWuugV4fhYi1Ff7oiGiIwUCc7xFUDpr5KqxIEVEz8Y7XDlmgPhOMUmRA73B606vw27Ec7VEAF0tj1sxUHneTdt0p98WjWCiMGB1tAKK8uQfjJHsFtw548GR3rBK_AJQiWAgaK6dqQWJUVAoppJ8aOqOgNsAWVvE4G15LgHPNGZ6hvTGUBMh7wRuGhBAAZdcWCvovj4yhRPQjS1_LELbEwAgEngDT7IpVTnPxSrJ7ZkCYSQiovpwtE401DkVWOQo5EntMyA&uid=mid_a57ff655b812746670da5407deb5c73b&mguid=&ap={AUCTION_PRICE}&tid=72
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8989054117704044&output=html&h=280&slotname=9641227168&adk=1086079764&adf=1972238307&pi=t.ma~as.9641227168&w=336&lmt=1700726954&format=336x280&url=https%3A%2F%2Fwww.centfile.com%2Fphe4kr438gs9&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700726953605&bpp=3&bdt=1145&idt=533&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&correlator=2114039432253&frm=20&pv=2&ga_vid=1330707109.1700726954&ga_sid=1700726954&ga_hid=533254029&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=282&ady=635&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C44809003%2C31078301%2C31079699%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=164840300249874&tmod=1702033654&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=546
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.213.89.133 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS: 133.89.213.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:09:15 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=utf-8

POST
H2 200 c
trace.mediago.io/ju/log/ Frame C6E1 0
197 B 555ms
185ms Ping
text/html 35.208.249.213
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://trace.mediago.io/ju/log/c?tn=41b6e88a2b85b0e731ef8e73e5558712&trackingid=60567d084d6e14f8fb09a3f8ce23b3e8&mguid=&app=MEDIA_INFO&ext={%22templateName%22:%22300x250_i18n%22,%22inIframe%22:true,%22getParentDoc%22:true,%22screenHeight%22:1200,%22screenWidth%22:1600,%22self_s_w%22:300,%22self_s_h%22:250,%22self_c_w%22:300,%22self_c_h%22:250,%22title%22:%22The%20Government%20Unexpectedly%20Announced%20This%20Benefit%20Until%20the%20End%20of%202023%22,%22language%22:%22en%22}
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8989054117704044&output=html&h=280&slotname=9207920698&adk=1314418388&adf=1883971444&pi=t.ma~as.9207920698&w=336&lmt=1700726954&format=336x280&url=https%3A%2F%2Fwww.centfile.com%2Fphe4kr438gs9&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700726953609&bpp=1&bdt=1149&idt=555&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280&correlator=2114039432253&frm=20&pv=1&ga_vid=1330707109.1700726954&ga_sid=1700726954&ga_hid=533254029&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=640&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C44809003%2C31078301%2C31079699%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=164840300249874&tmod=1702033654&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=559
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.208.249.213 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 213.249.208.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:09:15 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=utf-8

GET
H2 204 ic
trace.popin.cc/ju/ Frame C6E1 0
120 B 316ms
110ms Image
text/html 35.213.89.133
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trace.popin.cc/ju/ic?tn=41b6e88a2b85b0e731ef8e73e5558712&trackingid=60567d084d6e14f8fb09a3f8ce23b3e8&acid=24693&data=PW82DT7YCU7TEokws6fULTz5--n1gGHhdd8Ia7KPqEJKaS7AYNmcjygdwgru-z6O1fHUSxD9aNLFA5YIVihgahFlBtIxWPi_a0bTlZuneSuspQ4ixTS0tzsEtWNitSX4OImqYBfdKQ5t0tpuehWTj0-foLoeofLPUqbz6JNJ5BIuhWF1WqIhNhMW4dE2_Y6mW3Z9hSW7qxxDbmsWF93HBZtokm1cPbE4NRvnnHlYEW3IfY9pDy1I6cSOlob6jq7P7TjzPXRTYxKtHpv1okaWnwCPQiHlIKF9onWmrn89TqCbKcLyrgkXEzCeDiTKuC-kaj1qEYcKdLZZYVsKxrD2GeeWQDCeH5gvb-awGiPsRnlXjMayl9h6La3JORocCwp3RTpcbwEgsYpcN0XnXwaWg7d5gP4IlizT7-S2N5uv3UER1BXe2rd42t9JTiaYmV3HXOao4YPRLplwW9lMZnxUTs1RqPkr4-jNt6qgWjzMjgD-4xaZRwALsG3Gkzltth4lgmAfcCG3GezeUPRUyuedojTx70BlB33-xMLtcQeZS6L1Swy-UU_km70YsJ1zfq9j7Fm2kXB4BE3VytHV_xiPCBZQUbZDBmMFESdQPhLgnxt6_EXGd4lz_n4rJK4UFR0sd3d-4RH6Z1weud_mDv50V37DcqPXkp036Hp0ZwfO2NbTLBmz4tt7YvHh21B_eiYAJzET43lkDgpsAVXdk30vDPAFQ_jLlPjNunhiCZko_reUX2YvK69r_1Ej7nPTVsrPXrqLfrxYQfOZEdfvg7M98oi826L3X-4h0LF8AwAszkgbqYWv7bWsUvH1UmAdthYN0b5UQfPveEvvAuV8pSIAnmzRDYHm-VwQ7vziwOZ2D2PpVJdSzApIh5qKofOwRmzRzueLKWT1Y2d0AQrDYuXlhVp1xKvdGdiYxBIJv_JvlvcPxYZc60g5XYJXuLg-axJdtkStjKW6sPmoOf8fmW45mnU7_BHRQTxND5AwZoSxZZzq2KvIp4TtiDkE4G6VLz9bY6rVPH5Q6EHslc2wlKE_hDpKcBBEtU0q-lkdhQsk7oU&uid=mid_a57ff655b812746670da5407deb5c73b&mguid=&ap={AUCTION_PRICE}&tid=72
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8989054117704044&output=html&h=280&slotname=9207920698&adk=1314418388&adf=1883971444&pi=t.ma~as.9207920698&w=336&lmt=1700726954&format=336x280&url=https%3A%2F%2Fwww.centfile.com%2Fphe4kr438gs9&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700726953609&bpp=1&bdt=1149&idt=555&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280&correlator=2114039432253&frm=20&pv=1&ga_vid=1330707109.1700726954&ga_sid=1700726954&ga_hid=533254029&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=640&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C44809003%2C31078301%2C31079699%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=164840300249874&tmod=1702033654&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=559
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.213.89.133 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS: 133.89.213.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:09:15 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=utf-8

GET
H2

200

/
d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/ Frame FFEA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=turn_dmp&google_cm
https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/?mpuid=CAESEAvaY6dK44zfoCTKv9gdBks&google_cver=1

43 B
398 B

1430ms
350ms

Image
image/gif

50.116.239.135

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/?mpuid=CAESEAvaY6dK44zfoCTKv9gdBks&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEIuDmgEY8t2o7gEwAQ&v=APEucNVLafGC3RCMqgq5s22ASAba5cQJQuADGHCLZ86A3XWqL2vyJbSW-12YTWvBrKFzzJFxJqAfoaI7td98Ame_lcRNJsqfgw
Protocol: H2
Server: 50.116.239.135 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 23 Nov 2023 08:09:16 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Thu, 23 Nov 2023 08:09:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://d.turn.com/r/du/id/L2NzaWQvMS9tcGlkLzI0MTMwODU4/rnd/?mpuid=CAESEAvaY6dK44zfoCTKv9gdBks&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 309
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame FFEA
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKz2CG1-zSml_PiPYxRekyk&google_cver=1

43 B
770 B

112ms
112ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKz2CG1-zSml_PiPYxRekyk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEIuDmgEY8t2o7gEwAQ&v=APEucNVLafGC3RCMqgq5s22ASAba5cQJQuADGHCLZ86A3XWqL2vyJbSW-12YTWvBrKFzzJFxJqAfoaI7td98Ame_lcRNJsqfgw
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 08:09:15 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H9Boz%2BT3MM7N1qW10EOIGXOESpmreOkkq8%2B6fipDWySBqwYNaqHy3czt3WCWNeqNwQyFcP6R8DX4ZRnKWq9fUEIV%2FNOfVBzOkXsGQhIa7hpYuWi6gtJmJw1G6sEaFAI32dwM6hJehMHgzQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82a7edcffb98a965-SYD
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 23 Nov 2023 08:09:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKz2CG1-zSml_PiPYxRekyk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame FFEA
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZV8IqxgEiAzYkjtjTxZ7IwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKz2CG1-zSml_PiPYxRekyk&google_cver=1

43 B
735 B

111ms
111ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKz2CG1-zSml_PiPYxRekyk&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIkCEIuDmgEY8t2o7gEwAQ&v=APEucNVLafGC3RCMqgq5s22ASAba5cQJQuADGHCLZ86A3XWqL2vyJbSW-12YTWvBrKFzzJFxJqAfoaI7td98Ame_lcRNJsqfgw
Protocol: H3
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 08:09:15 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tAdhrTN%2FQMclnJjN8zGXnaP4WXsoMiKvOrW5ta7%2FvBPkRSjX0VvtXtBSASZjPD4o5p7LEB7Dx7GmWDLc2o0m8Pwj4zLckYsEV4LCSQ%2B1meO2CUGzITaR2zy2XC7%2F4ACSHZyfmTX1E0iKIw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 82a7edd0dc7ea965-SYD
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 23 Nov 2023 08:09:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKz2CG1-zSml_PiPYxRekyk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AB33 0
56 B 133ms
133ms Ping
image/gif 172.217.24.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2249745735706&version=m202309260101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f34.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 08:09:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AB33 0
56 B 138ms
138ms Ping
image/gif 172.217.24.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2249745735706&version=m202309260101&ct=76&x=1&cor=7893185005139507000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f34.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 08:09:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame AB33 16 KB
12 KB 146ms
145ms Script
text/javascript 142.250.71.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BmgbBAfEpMwdzAGsnNlj94PQRyDPnOScOw82V_M_xqlzx5c8-7dR1yoj1TB8gvMnbo-pro45nBjOvv_CI7ASf-NZRzOmMfgo38lbIY2gEA6VWbau26yWw6sUyos0AJQaUCyL3grqkbiZwTrd3ikCcC-w7p29yjIPWBOxVxiILrv1ZZ8RY&cry=1&dbm_d=AKAmf-B3l5w2RzNJKLON2yBvLZq6IkNQKkY5u_oCqRM4db5cxg1f0vpGUgZIRL7wfowbjnHXGs2NCgjYZhgbfe8pP1h1NLX-N6lvpsnuACtdsvaBDD2BEy_gVohGQRdZbuT0qeEx6gemSx2eDURsjksPRp5E0a_WcGSuiz03ajYEIoN3tiZe962cdHfOQx3sgZtlz_xyDM_3zOt9P_sp9BXb_E6MhefP_U2Cwb41x_x-jNZd5J4ACSrdK0FmM8JF-zsPJwBV90oK8KfJPT6VVCBFWNOKqzT1V2tlfcHnDYSpymtM7ye4MCrJLP4lppYHq52zaIEB3JLRGgTqWyp3QLFjESJKp5MPuM80M5ajlSr3qRpZprsm8HHPJ3NBCzhh-5-2Zd5iDvUhEXOQhr1uwof1sl15wYKuqHZJii9tia20-ZhMn5b018IKdVtjng1OQp91DQfACtXS4946zFnxfPRP5K331s-o8bK1G9eBVx5YpbUWlR_HK_zIG1_9U_q01D6SLakDGSvVo7WfYX1FcHjEBST-n1BL761Yv6nygWamuYU9wsHgdUzi1qWwRXcTXXWYx3W2g1PeUMKrpI-kB_jsrf3FjV6a_dW7L004vXir9un_HYxxgSdepbKkccEo0w8spyKJnJjfnwfRaIC_ydTz1aXp-rnnb6r_k7tQsfRGA5LYR4cJDc-2ansRLpmwJTo3PsYxX_5EgjqL3ZOX6ySMiy9zPCOtYQRpVd1_JEI0yYu4npEe_15Pw1KrVAlO3kmo7zfM8XdzxMDp5YdtfD-X3xXAL166UBHoa5oQ3siTmhnnX1-hDQlPCSPSYkoZn2k6Qjzd73OeD0VKPT7J0h9xVyy4dK5WXVwUVs44FEWpBO2pg0yZ-clMqn5YNe0G8tVpfAMMQ9sOiXj9OMxBFztABGt5osJsR_HqqueVuQztfLDS36v8k6gdXRanenbPN5bVYjh6vwPs9_BNfl1CDjRs-DWbG2NVTqb47Ntg6EoTgC-lYF3qtLCKQQQzPZVgADj7DwqTdTVWB99Hmzg9no7Ld4n2irv7tTrDUQYSOzBEIx6Bvx3hayjoY25M_c6Z1avBo2WsI78m74692GnlyAgsPLm_854nkb3wlsW555O8xVfRHjGCzXx6Nu3v48_mXuculCk0c38WtKkM5rj1xfOpMKaQjqsThxbv0m2gVyt8j_K6GtR7AjbFMxluQrIMWywfs1wHgHH0A2OVKERzENz-QgPlbiEvLl_5djJ0NowUNUi3eOqVcB5Nl7BUc2ow2QddB7ZNmjlvHG1RGiiwBTav5CnAB7zY-GRNT4gLj3dVmnivGEUTNMtNOixk-uJ5qKJQ3IcYkWxgLVEl_F3r9dQVpoFL3S0lPPcbAlhJPSuS-dQ__qeNCkwVJUX3OUrUbel6pDfmDfdNVe71DcfjoGR0LXNfKX7c-0Bp6NfyNhmoiDh-cr0flQqBI5WtAZFtB_1qAm99wQH3UNlHDejk5esddHgEO1XUhORBEV8LSwoUu-vTTmma0WuXSIIhz5WjpnQ7yKU7l3aCzlYqRRhwzwi-DZF7KJaU14ieB17Ffmz1LffpphwsS3ZD0KZ7oWuTKx0R97sJL4eHRzk31jVEbD38gGos1If9V569tEAYLzcnKuuzxwhh9JsAprYvThPsLIyY8zMWTbk6ZZ2w_ibDVMIJ1IlZZLbv-hL1v7iCGngv9UHgka2R3SzbhwLn7dady1BnkT4nNXbdfuZWdGBN9qv9_UUbnAlpw7l3RM1iUEQsnwe39_ixf3d0Z8cylL4IAYTMWbngtuNWU42a8fJ2L-PJ8AYYf3Ngh6rR8TkxBKtMieZmHIxkztVIoDXHM7DPqkz1L_wmyWwsw7vsfave_b1OGt8Tghcyl2v5e06IcddpDc10Vnc5DhS4hO6pC57Fv3lNNED1geOI2vhp9YKELolgFBdIYNgcZs08k8IhU94Sd6ye4I6LBXBYyGihk_jg1SDa8_IeL8WvN-Nj8FKpMryNE0U3G_tbdNS2t41oI9VIco9QfoD7I0McYp9Qduk-ct0dEVohepVQ49dKHpNgme8a8xuXSCwKbGSfYgGsVjZuAlVG4YHmFjLqsG4lJ-xRuTRe7ds8EqBgHJr2fP3XfcnY4IbIVrK9dDLJSNDr4cNx7xaiBHhoaQbics-ip0lbHIeipiTFAGcpTvx9wG_8hUHObsGlTwPYTiuBxkZftBcCQZSqbwxAuWfZ3hyenkv-_NFHlr5IOF_rK0YYwTPlSVvJW43PaqSwHkZl0UpJO6GLia1m2x4aTguzL8h0dK2pi_j_4simzPYGvHivQPZUCS--iu8YqalEgpVewCqx9-VqwlGosEQwunoWPbxKXuo1iItJ2o-e9zvyqjrSyOw406jc54QUbCpnoAJ-zSer_JrYBJu-1ssd9O1G7XCgQFQv4ColK76QA7fL15GSVk87zAAZ38mPdSO0ZILkegckH7O8J2XXrJjBt1oZXlZkqRs_z7mqB_eDGHA-1AfCOkfvKE3XbXAPV7ekPGqA6aU32SUyLktyFuJU43sZkgPiFCTfDWsoSvtX9xEQxeCQBX23vKlm8X99U914FSYaPKmDd-n6bAet-iYmbniEKoTNCzexBG9Kz5qmq1YNI1JsjcdGXjHGwdductSXryP8len-Re2Z5Ot3OTTGW7srEOsy9HdCcfNy7Uix4pKsasWUsGrtzncka7ERpFbMnKNhG664lBhQgmf2AQj1AiQJscoTz8GNlVPnZpYWedsThUohfz68Hr5nW1xQ2liRVctBOHpTJvw4oNAXBhSSper_udFDZzeiMNNQPB1WqoxCtJaMqhVAPYIUo8GAdG1N2OlEKFh9UrCBfh5BkwyMvs-jsGwu_d8n7Ddzlpf4AalH2C_q-o9oibdFK3Z0HduoyhdbeClYhF08_kxynx1iSKSY2331PvdHxjgZZK1nJLGjwqHM4VriRtCjWILp2WpYGA&cid=CAQSTgDICaaNFpV-kX6L0SgU0YpjZU_VPIpX4whB9BimgCGjXOi_zXnt0xDqobn8XHZPGgevAyIIztxK6iYjZtogCBqkWYKAGDQvD1kBTd45BxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.centfile.com%2F&ds=l&xdt=1&iif=1&cor=7893185005139507000&adk=2124396030&idt=192&cac=0&dtd=10

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.71.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s17-in-f2.1e100.net

Software

cafe /

Resource Hash

d0188ff0bccf1c775b2a3d7d5c15b73aebddc0b9416b9dccf586041e7ddcfe1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8989054117704044&output=html&h=280&slotname=4529459148&adk=4201992133&adf=3485233052&pi=t.ma~as.4529459148&w=336&lmt=1700726954&format=336x280&url=https%3A%2F%2Fwww.centfile.com%2Fphe4kr438gs9&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700726953608&bpp=1&bdt=1149&idt=551&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=2114039432253&frm=20&pv=1&ga_vid=1330707109.1700726954&ga_sid=1700726954&ga_hid=533254029&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1042&ady=625&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C44809003%2C31078301%2C31079699%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=164840300249874&tmod=1702033654&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=554
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 08:09:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12345
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 style_banner_6df7b6.css
cdn.mediago.io/js/template/style/ Frame D1BC 2 KB
2 KB 2ms
2ms Stylesheet
text/css 18.67.93.102
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mediago.io/js/template/style/style_banner_6df7b6.css
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8989054117704044&output=html&h=280&slotname=9207920698&adk=1314418388&adf=2280487119&pi=t.ma~as.9207920698&w=336&lmt=1700726954&format=336x280&url=https%3A%2F%2Fwww.centfile.com%2Fphe4kr438gs9&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700726953610&bpp=1&bdt=1151&idt=559&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280%2C336x280&correlator=2114039432253&frm=20&pv=1&ga_vid=1330707109.1700726954&ga_sid=1700726954&ga_hid=533254029&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=920&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C44809003%2C31078301%2C31079699%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=164840300249874&tmod=1702033654&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=562
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.67.93.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-67-93-102.syd62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1c97b291f30dafec3877840f45e38fc5040760d5d48054ec301860db2f47abef

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id: C1RTuJb0W8nqOWn6puCvq29BVn6V0227
date: Wed, 22 Nov 2023 22:44:01 GMT
via: 1.1 f1646a7b70ef690faac638f9c1dd2364.cloudfront.net (CloudFront)
last-modified: Thu, 24 Aug 2023 13:31:37 GMT
server: AmazonS3
x-amz-cf-pop: SYD62-P1
age: 33915
x-amz-server-side-encryption: AES256
etag: "c4080f016cac23105aef6b32b2ee7565"
x-cache: Hit from cloudfront
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1667
x-amz-cf-id: KbAZNuMbK5cIKVjELc_jCXXpcvgX2vrera-Lg4yO9CJK9aF3BPud7Q==

GET
H3 200 108918d33017385f44088434bb5a32a8__scv1__300x175.png
images.mediago.io/ML/ Frame D1BC 77 KB
77 KB 3ms
3ms Image
image/png 34.111.60.239
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.mediago.io/ML/108918d33017385f44088434bb5a32a8__scv1__300x175.png
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8989054117704044&output=html&h=280&slotname=9207920698&adk=1314418388&adf=2280487119&pi=t.ma~as.9207920698&w=336&lmt=1700726954&format=336x280&url=https%3A%2F%2Fwww.centfile.com%2Fphe4kr438gs9&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700726953610&bpp=1&bdt=1151&idt=559&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280%2C336x280&correlator=2114039432253&frm=20&pv=1&ga_vid=1330707109.1700726954&ga_sid=1700726954&ga_hid=533254029&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=920&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C44809003%2C31078301%2C31079699%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=164840300249874&tmod=1702033654&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=562
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.111.60.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 239.60.111.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3047554925444f61525b1615f5e1e2a419644baa2e7f75b0669a84ea2c2fba57

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 07:35:56 GMT
via: 1.1 google
age: 1999
x-guploader-uploadid: ABPtcPqcwNwd31yUMBVvBTUGJkL_cMP0OXHYoKNSA_wkvqv2KE-CtITuqgIGg6wobZ5Kpy8mJQ20qKkJFZQSsWpDt6EHsRc199dK
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79276
last-modified: Thu, 16 Nov 2023 07:06:03 GMT
server: UploadServer
etag: "42f81cb14247c4268b087672d717dc0c"
x-goog-generation: 1700118363188011
x-goog-hash: crc32c=hqmC0A==, md5=QvgcsUJHxCaLCHZy1xfcDA==
content-type: image/png
cache-control: public,max-age=3600
x-goog-stored-content-length: 79276
accept-ranges: bytes

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame D1BC 3 KB
1 KB 195ms
8ms Script
text/javascript 172.217.24.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8989054117704044&output=html&h=280&slotname=9207920698&adk=1314418388&adf=2280487119&pi=t.ma~as.9207920698&w=336&lmt=1700726954&format=336x280&url=https%3A%2F%2Fwww.centfile.com%2Fphe4kr438gs9&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700726953610&bpp=1&bdt=1151&idt=559&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280%2C336x280&correlator=2114039432253&frm=20&pv=1&ga_vid=1330707109.1700726954&ga_sid=1700726954&ga_hid=533254029&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=920&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C44809003%2C31078301%2C31079699%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=164840300249874&tmod=1702033654&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=562

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s20-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:10:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57552
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Dec 2023 16:10:03 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame D1BC 20 KB
8 KB 192ms
5ms Script
text/javascript 172.217.24.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8989054117704044&output=html&h=280&slotname=9207920698&adk=1314418388&adf=2280487119&pi=t.ma~as.9207920698&w=336&lmt=1700726954&format=336x280&url=https%3A%2F%2Fwww.centfile.com%2Fphe4kr438gs9&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700726953610&bpp=1&bdt=1151&idt=559&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280%2C336x280&correlator=2114039432253&frm=20&pv=1&ga_vid=1330707109.1700726954&ga_sid=1700726954&ga_hid=533254029&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=920&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C44809003%2C31078301%2C31079699%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=164840300249874&tmod=1702033654&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=562

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s20-in-f1.1e100.net

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:34:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16473
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 03:34:42 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame D1BC 202 KB
64 KB 214ms
214ms Script
text/javascript 172.217.24.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8989054117704044&output=html&h=280&slotname=9207920698&adk=1314418388&adf=2280487119&pi=t.ma~as.9207920698&w=336&lmt=1700726954&format=336x280&url=https%3A%2F%2Fwww.centfile.com%2Fphe4kr438gs9&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700726953610&bpp=1&bdt=1151&idt=559&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280%2C336x280&correlator=2114039432253&frm=20&pv=1&ga_vid=1330707109.1700726954&ga_sid=1700726954&ga_hid=533254029&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=920&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C44809003%2C31078301%2C31079699%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=164840300249874&tmod=1702033654&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=562

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f34.1e100.net

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Nov 2023 08:09:15 GMT

GET
H2 204 ic
trace.popin.cc/ju/ Frame D1BC 0
193 B 193ms
109ms Image
text/html 35.213.89.133
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trace.popin.cc/ju/ic?tn=41b6e88a2b85b0e731ef8e73e5558712&trackingid=76b89394f0e2319f58f924a3fc3f9c33&acid=24693&data=h4LPKK_D0L6YvUWJ3FpGkQC0Uokx7A8lTgCJHixOsVwtjBoR637ZEHioyD6E2qe-tySL5gn-450zQ-k7ZJFDoFCv2LQ2uJrOUSpLJkM1x87WCjeFJa9ag2WB2WhN6dtcHdvsg0o0-MKc_RJ7bbukvCzi5bIKfVoh3ttZSjYrIPMynj3jWu32RKKuFdDPRMyLgaonNH1JLyWJxKT-PPx1AR0hHgKfd_lN-7lNRJ4EgiE2X5zZ6uwqBZSWKuYebPxZU4Hs1xzXpRK93X1MTbzjdsoUgcjZgsLkiCt7683EZwcT2Y2iT8P9qjlDvwfTuEX4vbNsW11TqScMaEdrf_vAkTtV532otZ7c8qQpY-mD51EIZSQQyzjatOpEGhVGZogisfh0EzeU6Momz2LYmRUxRyypjA7qEwXRkAA7FAmWlS2zetlUM-x24kj4DLXIMiNlyadAupcOn_73l1I_ftJxTf5VwsWoAM1yQAC1qNXgx4FKFGxcI4oElK3SSGkCbVB8D0WMTQlLjYg_tMQUguSerP41On5WWCa8mN6FZJiNgUD7KDLP63l8Nn-2o3sBbsQmrqy6nwU3zmqZVW8Jp6wz7TlYIQeDvHoOlXexlrUJhviBtL2HH5BXH21VRuWO0Ut1GgQZFN-Ch8zQ2wEjc6bEDps0FAAcdzAoHmOO7zTnfhZlcwnLt_RZJkUHgBn5neIM6vXIoTi-Ud-3-9dKhvUIKsH-zjy3DiNUyO4Fd4HKqa3ym4edYswW4O9kpGZljoQlUQoSRV5Db1k3Xt9xZXy_XWQugz5-gEf5JKNe6SHfCk7NKmMdefg6wHfN9INnWnBT6SERtSDAYqsWRopvoOe5pnvrc2RWRwqPPsXZjCjmaBkNopuRrwoUyAJFrciMmto3tQuMZBzJNkZcInCA6KEVItVVxEo_iVnyceigAHxs8D_8GQaQUTvpcdiW3hk0NyUpC20nYNkfJSlM6bhEqUe4B9JkHrADiEv1Sc8FmCyxHa32-KxqIi3OIZnTiPqIy1sq&uid=mid_a57ff655b812746670da5407deb5c73b&mguid=&ap={AUCTION_PRICE}&tid=72
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8989054117704044&output=html&h=280&slotname=9207920698&adk=1314418388&adf=2280487119&pi=t.ma~as.9207920698&w=336&lmt=1700726954&format=336x280&url=https%3A%2F%2Fwww.centfile.com%2Fphe4kr438gs9&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700726953610&bpp=1&bdt=1151&idt=559&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280%2C336x280&correlator=2114039432253&frm=20&pv=1&ga_vid=1330707109.1700726954&ga_sid=1700726954&ga_hid=533254029&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=920&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C44809003%2C31078301%2C31079699%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=164840300249874&tmod=1702033654&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=562
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.213.89.133 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS: 133.89.213.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:09:15 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=utf-8

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame 5D38 9 KB
4 KB 4ms
4ms Document
text/html 142.250.71.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/show_ads_impl_fy2021.js?bust=31079699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.71.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s17-in-f2.1e100.net

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.centfile.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

age: 19579
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 02:42:56 GMT
etag: 16674218716276178799
expires: Thu, 07 Dec 2023 02:42:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame F0E9 9 KB
4 KB 2ms
2ms Document
text/html 142.250.71.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/show_ads_impl_fy2021.js?bust=31079699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.71.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s17-in-f2.1e100.net

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.centfile.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

age: 19579
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 02:42:56 GMT
etag: 16674218716276178799
expires: Thu, 07 Dec 2023 02:42:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 5D38 4 KB
767 B 98ms
98ms Stylesheet
text/css 172.217.24.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f42.1e100.net

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 Nov 2023 08:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 Nov 2023 07:05:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Nov 2023 08:09:15 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 5D38 205 B
520 B 404ms
6ms Image
image/png 142.250.66.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.195 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f3.1e100.net

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Tue, 21 Nov 2023 06:30:47 GMT
x-content-type-options: nosniff
age: 178708
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 20 Nov 2024 06:30:47 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 5D38 604 B
696 B 404ms
6ms Image
image/png 142.250.66.195
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.195 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f3.1e100.net

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 20:50:18 GMT
x-content-type-options: nosniff
age: 472737
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 16 Nov 2024 20:50:18 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 5D38 15 KB
7 KB 73ms
9ms Script
text/javascript 172.217.24.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s20-in-f1.1e100.net

Software

cafe /

Resource Hash

2881d8eadc298102d2462e8d32e40792adce37b6cd89d99045f574eb3ecbb748

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 21:32:49 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38186
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6702
x-xss-protection: 0
server: cafe
etag: 11213825687312121238
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Dec 2023 21:32:49 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 5D38 21 KB
9 KB 73ms
10ms Script
text/javascript 172.217.24.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s20-in-f1.1e100.net

Software

cafe /

Resource Hash

25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 19:54:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 44068
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8781
x-xss-protection: 0
server: cafe
etag: 9666818975682992898
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Dec 2023 19:54:47 GMT

GET
H2 200 38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js Show response
www.gstatic.com/mysidia/ Frame F0E9 9 KB
4 KB 400ms
5ms Script
text/javascript 142.250.66.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.195 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f3.1e100.net

Software

sffe /

Resource Hash

70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 13:53:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 584120
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4046
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 14 Feb 2024 13:53:55 GMT

GET
H2 200 78b00c21e40332afd18050ebd59c6b08.js Show response
www.gstatic.com/mysidia/ Frame F0E9 11 KB
5 KB 401ms
5ms Script
text/javascript 142.250.66.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/78b00c21e40332afd18050ebd59c6b08.js?tag=text/vanilla_highlight_ms

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.195 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f3.1e100.net

Software

sffe /

Resource Hash

b82aa6c527e41e336e9cd392fffa550353f896f71a3c632a5bdd51e22de4ca0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 00:13:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 546937
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4753
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 15 Feb 2024 00:13:38 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F0E9 14 KB
1 KB 102ms
100ms Stylesheet
text/css 172.217.24.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f42.1e100.net

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 Nov 2023 08:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 Nov 2023 07:55:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Nov 2023 08:09:15 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame F0E9 2 KB
903 B 72ms
13ms Script
text/javascript 172.217.24.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s20-in-f1.1e100.net

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 21:50:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37104
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Dec 2023 21:50:51 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame F0E9 23 KB
9 KB 70ms
11ms Script
text/javascript 172.217.24.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s20-in-f1.1e100.net

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 21:34:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38067
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Dec 2023 21:34:48 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame F0E9 3 KB
1 KB 67ms
8ms Script
text/javascript 172.217.24.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s20-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:10:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57552
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Dec 2023 16:10:03 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame F0E9 20 KB
8 KB 64ms
6ms Script
text/javascript 172.217.24.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s20-in-f1.1e100.net

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:34:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16473
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 03:34:42 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame F0E9 202 KB
64 KB 266ms
265ms Script
text/javascript 172.217.24.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f34.1e100.net

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Nov 2023 08:09:15 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame F0E9 37 KB
15 KB 396ms
4ms Script
text/javascript 142.250.66.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.195 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f3.1e100.net

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 12:22:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71190
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 20 Feb 2024 12:22:45 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame AB33 41 KB
14 KB 55ms
9ms Script
text/javascript 172.217.24.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BmgbBAfEpMwdzAGsnNlj94PQRyDPnOScOw82V_M_xqlzx5c8-7dR1yoj1TB8gvMnbo-pro45nBjOvv_CI7ASf-NZRzOmMfgo38lbIY2gEA6VWbau26yWw6sUyos0AJQaUCyL3grqkbiZwTrd3ikCcC-w7p29yjIPWBOxVxiILrv1ZZ8RY&cry=1&dbm_d=AKAmf-B3l5w2RzNJKLON2yBvLZq6IkNQKkY5u_oCqRM4db5cxg1f0vpGUgZIRL7wfowbjnHXGs2NCgjYZhgbfe8pP1h1NLX-N6lvpsnuACtdsvaBDD2BEy_gVohGQRdZbuT0qeEx6gemSx2eDURsjksPRp5E0a_WcGSuiz03ajYEIoN3tiZe962cdHfOQx3sgZtlz_xyDM_3zOt9P_sp9BXb_E6MhefP_U2Cwb41x_x-jNZd5J4ACSrdK0FmM8JF-zsPJwBV90oK8KfJPT6VVCBFWNOKqzT1V2tlfcHnDYSpymtM7ye4MCrJLP4lppYHq52zaIEB3JLRGgTqWyp3QLFjESJKp5MPuM80M5ajlSr3qRpZprsm8HHPJ3NBCzhh-5-2Zd5iDvUhEXOQhr1uwof1sl15wYKuqHZJii9tia20-ZhMn5b018IKdVtjng1OQp91DQfACtXS4946zFnxfPRP5K331s-o8bK1G9eBVx5YpbUWlR_HK_zIG1_9U_q01D6SLakDGSvVo7WfYX1FcHjEBST-n1BL761Yv6nygWamuYU9wsHgdUzi1qWwRXcTXXWYx3W2g1PeUMKrpI-kB_jsrf3FjV6a_dW7L004vXir9un_HYxxgSdepbKkccEo0w8spyKJnJjfnwfRaIC_ydTz1aXp-rnnb6r_k7tQsfRGA5LYR4cJDc-2ansRLpmwJTo3PsYxX_5EgjqL3ZOX6ySMiy9zPCOtYQRpVd1_JEI0yYu4npEe_15Pw1KrVAlO3kmo7zfM8XdzxMDp5YdtfD-X3xXAL166UBHoa5oQ3siTmhnnX1-hDQlPCSPSYkoZn2k6Qjzd73OeD0VKPT7J0h9xVyy4dK5WXVwUVs44FEWpBO2pg0yZ-clMqn5YNe0G8tVpfAMMQ9sOiXj9OMxBFztABGt5osJsR_HqqueVuQztfLDS36v8k6gdXRanenbPN5bVYjh6vwPs9_BNfl1CDjRs-DWbG2NVTqb47Ntg6EoTgC-lYF3qtLCKQQQzPZVgADj7DwqTdTVWB99Hmzg9no7Ld4n2irv7tTrDUQYSOzBEIx6Bvx3hayjoY25M_c6Z1avBo2WsI78m74692GnlyAgsPLm_854nkb3wlsW555O8xVfRHjGCzXx6Nu3v48_mXuculCk0c38WtKkM5rj1xfOpMKaQjqsThxbv0m2gVyt8j_K6GtR7AjbFMxluQrIMWywfs1wHgHH0A2OVKERzENz-QgPlbiEvLl_5djJ0NowUNUi3eOqVcB5Nl7BUc2ow2QddB7ZNmjlvHG1RGiiwBTav5CnAB7zY-GRNT4gLj3dVmnivGEUTNMtNOixk-uJ5qKJQ3IcYkWxgLVEl_F3r9dQVpoFL3S0lPPcbAlhJPSuS-dQ__qeNCkwVJUX3OUrUbel6pDfmDfdNVe71DcfjoGR0LXNfKX7c-0Bp6NfyNhmoiDh-cr0flQqBI5WtAZFtB_1qAm99wQH3UNlHDejk5esddHgEO1XUhORBEV8LSwoUu-vTTmma0WuXSIIhz5WjpnQ7yKU7l3aCzlYqRRhwzwi-DZF7KJaU14ieB17Ffmz1LffpphwsS3ZD0KZ7oWuTKx0R97sJL4eHRzk31jVEbD38gGos1If9V569tEAYLzcnKuuzxwhh9JsAprYvThPsLIyY8zMWTbk6ZZ2w_ibDVMIJ1IlZZLbv-hL1v7iCGngv9UHgka2R3SzbhwLn7dady1BnkT4nNXbdfuZWdGBN9qv9_UUbnAlpw7l3RM1iUEQsnwe39_ixf3d0Z8cylL4IAYTMWbngtuNWU42a8fJ2L-PJ8AYYf3Ngh6rR8TkxBKtMieZmHIxkztVIoDXHM7DPqkz1L_wmyWwsw7vsfave_b1OGt8Tghcyl2v5e06IcddpDc10Vnc5DhS4hO6pC57Fv3lNNED1geOI2vhp9YKELolgFBdIYNgcZs08k8IhU94Sd6ye4I6LBXBYyGihk_jg1SDa8_IeL8WvN-Nj8FKpMryNE0U3G_tbdNS2t41oI9VIco9QfoD7I0McYp9Qduk-ct0dEVohepVQ49dKHpNgme8a8xuXSCwKbGSfYgGsVjZuAlVG4YHmFjLqsG4lJ-xRuTRe7ds8EqBgHJr2fP3XfcnY4IbIVrK9dDLJSNDr4cNx7xaiBHhoaQbics-ip0lbHIeipiTFAGcpTvx9wG_8hUHObsGlTwPYTiuBxkZftBcCQZSqbwxAuWfZ3hyenkv-_NFHlr5IOF_rK0YYwTPlSVvJW43PaqSwHkZl0UpJO6GLia1m2x4aTguzL8h0dK2pi_j_4simzPYGvHivQPZUCS--iu8YqalEgpVewCqx9-VqwlGosEQwunoWPbxKXuo1iItJ2o-e9zvyqjrSyOw406jc54QUbCpnoAJ-zSer_JrYBJu-1ssd9O1G7XCgQFQv4ColK76QA7fL15GSVk87zAAZ38mPdSO0ZILkegckH7O8J2XXrJjBt1oZXlZkqRs_z7mqB_eDGHA-1AfCOkfvKE3XbXAPV7ekPGqA6aU32SUyLktyFuJU43sZkgPiFCTfDWsoSvtX9xEQxeCQBX23vKlm8X99U914FSYaPKmDd-n6bAet-iYmbniEKoTNCzexBG9Kz5qmq1YNI1JsjcdGXjHGwdductSXryP8len-Re2Z5Ot3OTTGW7srEOsy9HdCcfNy7Uix4pKsasWUsGrtzncka7ERpFbMnKNhG664lBhQgmf2AQj1AiQJscoTz8GNlVPnZpYWedsThUohfz68Hr5nW1xQ2liRVctBOHpTJvw4oNAXBhSSper_udFDZzeiMNNQPB1WqoxCtJaMqhVAPYIUo8GAdG1N2OlEKFh9UrCBfh5BkwyMvs-jsGwu_d8n7Ddzlpf4AalH2C_q-o9oibdFK3Z0HduoyhdbeClYhF08_kxynx1iSKSY2331PvdHxjgZZK1nJLGjwqHM4VriRtCjWILp2WpYGA&cid=CAQSTgDICaaNFpV-kX6L0SgU0YpjZU_VPIpX4whB9BimgCGjXOi_zXnt0xDqobn8XHZPGgevAyIIztxK6iYjZtogCBqkWYKAGDQvD1kBTd45BxgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.centfile.com%2F&ds=l&xdt=1&iif=1&cor=7893185005139507000&adk=2124396030&idt=192&cac=0&dtd=10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s20-in-f1.1e100.net

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:46:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 534178
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Nov 2024 03:46:17 GMT

GET
H2

200

adj Show response
bid.g.doubleclick.net/xbbe/creative/ Frame AB33
Redirect Chain

https://fw.adsafeprotected.com/rfw/bgd/1525488/72168018/xbbe/creative/adj?p=APEucNUEO23E16aAHkqqIoch7OXRw4BqxqO3MTsnUVG_acVcqcceJA0&d=CokBAKAmf-AS320dZ9UZ0u5hPtwLeTID7huEd0zyM3nT1YZzEXLEH33OhQdTL21...
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNUEO23E16aAHkqqIoch7OXRw4BqxqO3MTsnUVG_acVcqcceJA0&d=CokBAKAmf-AS320dZ9UZ0u5hPtwLeTID7huEd0zyM3nT1YZzEXLEH33OhQdTL21EyeTrBPcKFSN5NkSDJ9us9lbhW...

52 KB
21 KB

319ms
127ms

Script
text/javascript

64.233.170.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNUEO23E16aAHkqqIoch7OXRw4BqxqO3MTsnUVG_acVcqcceJA0&d=CokBAKAmf-AS320dZ9UZ0u5hPtwLeTID7huEd0zyM3nT1YZzEXLEH33OhQdTL21EyeTrBPcKFSN5NkSDJ9us9lbhWdviagtLWUONhLYxDC0MLDZ0CoovR3xpwCTBZAUNkhYK_0DM3VDhXkVV5BN2ZIq60GyXtPOrnkNU2QxQmBd4ghY8AjrZkBRnBNQSyRQAoCZ_4CwLHkkYja9yPylN1rbb-G0qLAyWUwkjA4_5-CPfW0X4lz_F2KSCOeU7gcafK2lqNxV_boU6KLCFueuoneYt_4CbuT65re3KokabAhy1bEefVvkLjUu1UnSC3YLgun3hyNzOYcBMqOPEiB-RPlmbzzBr-2KgkE2GEcFxMfjfzGl7lfRnZMnMhLuXyYsqXhlmPLYjdjE-7BOtjslbkPD4rIW2kklPwc9283ss50rUH_P8R3YFcCq9wIPtqNYz2-Zio1zvWqeF9eUh4ErQre5x2ZcOAeMCSQ8gYa--zgNHflyKVYWvcX37sdZl8KSBthKasJ2zUnhOzJOOrswcM0ZlolEsCkNPnPTgHoUxsuujiogu0M8vfHxBLWUzT2jdE3kPX8tVeVXa2T80Wo5NrW4foNvf4_Jx7bKKMGNfKqZtZwDRlfL_X5NCcPQzSVLXuWG4-_5NFcvCmrSaYWPqnREc4vRQB_H2_UIt-ntsPdI1SIQO_YbIGmdNFndTYzlIzFruTD0cGbXmS-dxCkYcKHpd4ERSaTvlq6JxUsvEvikXTVUgjzDD569BEIXzPpTB93xdr8MUfUB7-jPYb1kaEALUmTn6JtPOamWyHKoYC_HRML6GHp4MkY4VIyCzwvY0XaHano6DS84FJlmMx48CaXesIKgO7I_o8JKITF8f5ZH0zHFhXsH0tmS7Ehr5QjZQd8vpLz-A9F0ONSgWyNPCCkYHa7PTtnoavEEMe3fJT5kaUkCKOEl6XSxCH_dJXqIKruRIr3nVMMDggOUoSFaxfSCc4Qcf4uCUHgJPcNJWSs5yAOEg7vESJI9WwsTq6KFsqP6LdDX2YMqz0hKlk-s5trizxhZZjsYofCtPUj3y9nJOD3jEp-4HYAJikDdxp5NLPmRear1EbppwdmLtGB5Y6TMWwS5mdgn_tiGQ0gB_kt3Zb6RKArw-tQqjCBRyWsOQDkrAWXG5jcuwPtEkFcFHnhUIBPMKqGa9VoFnugckkHpodxg_j6sVRsHMMLxCikk1hNfkERhgNCtsKc3Q_Y4OyoueR3MPDdv0c9TbIK9URnFOcVIu9I676QfgRvwKj0A3YDVNhMZQ1PH5pegKO8faWIl7V8sDpRn3Dih5A5u34U4OyedadP9IgC2xyKp9m-3UaDdhQZFuBUYXBCix9SxxsR-MH-pqpwFPfM2bHIajT3poeip7Cr9qnzfrjf_a6dcsyLAjN87AJDVO28okZX5xs1KJaqCAV2SI8WVhH9icpYcik_USeusvV4WWGPnLzv8bN_yzmztXwdfyhVUjJjqWsqUmK7M0U5oDzmhyLIE42c2DaZQRNl1zS2IR3uSjrtGS7FtNfSal2YGSffDsVyw9dSmhpdZpKuE94Libd9-x-1LNjlZWaeSbybIljcbyif1zRim7jrHKUk8cuWx-BoyZLckES21WI2dtQ5qdpmflpOBBm68bj6rKSAy0ozZWPw9nq3sc1VbzRStBcfQe0HJlPVPwMuWSV7gP6pz4mx8SABAVWi91DG0QKHFtyqXMWkTUEcf4uK4cqWIXBGlf97liMIh5jJLqA8o5qzsnudoaX6bm2isX3IypxijqihDcYFXWBAidbuJghK5siGUheLbUqaMMRV-1A9LEHKVLyZQ3Ynr8NGJmAg-nWFQOAYKgpJ1V8dFlrnASYZTaSZhvAWUQABanXyNmGr2P1Imt4GKc8_qx6CRY5v77EvyfSBf7U3ZJMWeTNuDZYBnjvoaSFQW4TGGAfEhVelPllNFLJeRgvRFzCU4XZESV4zHxN6L3xLGyxSBJEneDtGtpWQUvR6VYtfIUnmUlZ5d3Ypg3kqXJEfBDuMwlXQeUJ4PJM72mIdU9OIYMXhFUe_W240TsnAwkKqL1ciihnXkV-mT95P3w7IY3hhFdQWzNrxOqcLl2DUhEZLLMyyiGS2aXzC4d8D4HAkRlLojSpAjYAn8YQfxualBQcDOKiUANrup6Hl_Gdj6-GBzeTDBsU4JAnXCZ09VI7rhma8UzeSwhWMynWOveZlC1IhGkT67zqd3x2X8wI85T1jiJecTq4a4SUBcU7balwo88uWgA2pSCcwNJGMWuo3IL79t61i38JHWw_u6xid1EkqTeGSU52yXIUo7IW9RNlWmCngS6GCFNube97YsAge5s1ozYDfOZ0aGNNk3wTPGCeFZEj43Adg4Y0y2Hnw380dvyvdzDF929PGMnkfkS1Nh_SUEwxnpfx1riCrCWKN-K5mdxoMbloZQ4r0q3Y7LAHt2Lb1j0fpEqVjZxu3D81hPiABwTOSUL4JyTrYLA8bjwQxMF6XI6ekSmco1YbmmWcgOs3xw4pSTyKOmjd9l-LSWYbILvjXHzJLn-59xsW8agBxveFy2oFWnozOpCIGdYZV5MvRL894epcOvBhgYeU0c-VvLaExoTbsVf5BeJz3dyeWenahhiVn9T19geFFR9vHcJVM_n-C1F0dsbAhFkaX1DG7DkRl6CHx9kxqY0Z2pNUZOppxFMEaMb-UVZjftfOICFuOyQuHR3C0xoQMF9HMOBEA58yNBtiP-Orbyv2kUHhR6MfKlutbdBlq9GTxUbwxXcmZcixwerOFILJWWHdwAIauzOP6Rydvx8EMUbkVYoAgJgVo7UDAbgY8pOkfS4tk3ZP1fNQl9EnkjymjR4_wKC-qhwH5HvLxj2qC_1kUYEOMfZyWV2AqhjRwTG07c-z7LOb_hseBO11ScH_3uuHlboVfAGq3XaAR5nVXKcRUCGFtP4wpXpW2XPsmg1Vg9slCR4co5UH3yPRbkhatBYLJ1knhIMHEXmT9Y9L6ggDFKWcNKxwomBOScoijAuzsaAT0y-n5Ak-ap6-DlKQMNJUYbc6sHM2is3VjxP1SKF6r5RfSzNodTbPOD0TRo-717f5gRdyvndImJLk2UQzXYSveZX8kIqdwd-vGdWJq34NImWAK1hMGZXzON8f7cAKAEaYul921PQX9ywBStFxUFj41szh7nZqMGY4zxTHx7EXbhLFwDd_XqVBR_eoJB58DcKil6Ym9YpH4omduSitRHVcaEw2cbFimzdctIA1FYhITaBRkf9Yl1XRty7bHjRzubkHMi1hL844U_naqeinE2vRxM-s_qgp1Bg-EufKXZ5NUM89vdjH3WN1VeN0y4OPSFlcJsK3dQG___SOgt4298-D59y76-juK0_p9OSMwXObq2bT05W6a61ZVOlj5jeGgTrQF1QyGJZHL6S5Rdc3d5joqzQhdndSZFr-nNZyE5uB8vjhw996GW531AtQ4odcQtNz7bXqgasWf-VaFLjKVP55P9uOXUITm1HD19l0vCONDYXubFOLcBD3YAFMSwJP1kdlir_iUrRJ9ItT5lEIJg9ygxdVt1ErEZ8mLbELCtYr2Eq4IxPJoZ1Hq11XMCCMLOISDLiJsuVuf0P0ThuMJodjQGds9n0YdGzAuknus-EJtK-jI3FiOl7WO0SR_kuk0KFadYlUwg6WqQE-pYct5ddt76cAmPq96KiiRpUCAQSTgDICaaNFpV-kX6L0SgU0YpjZU_VPIpX4whB9BimgCGjXOi_zXnt0xDqobn8XHZPGgevAyIIztxK6iYjZtogCBqkWYKAGDQvD1kBTd45BxgBYAE&cry=1&bundleId=

Requested by

Protocol

Server

64.233.170.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sg-in-f157.1e100.net

Software

cafe /

Resource Hash

d6c641392e1406a3be2b6400372b22bf655595a6933dd00c6b75c1130cc11a15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8989054117704044&output=html&h=280&slotname=4529459148&adk=4201992133&adf=3485233052&pi=t.ma~as.4529459148&w=336&lmt=1700726954&format=336x280&url=https%3A%2F%2Fwww.centfile.com%2Fphe4kr438gs9&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700726953608&bpp=1&bdt=1149&idt=551&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=2114039432253&frm=20&pv=1&ga_vid=1330707109.1700726954&ga_sid=1700726954&ga_hid=533254029&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1042&ady=625&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C44809003%2C31078301%2C31079699%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=164840300249874&tmod=1702033654&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=554
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 08:09:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21182
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 23 Nov 2023 08:09:15 GMT
server: nginx
x-server-name: app03.au.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNUEO23E16aAHkqqIoch7OXRw4BqxqO3MTsnUVG_acVcqcceJA0&d=CokBAKAmf-AS320dZ9UZ0u5hPtwLeTID7huEd0zyM3nT1YZzEXLEH33OhQdTL21EyeTrBPcKFSN5NkSDJ9us9lbhWdviagtLWUONhLYxDC0MLDZ0CoovR3xpwCTBZAUNkhYK_0DM3VDhXkVV5BN2ZIq60GyXtPOrnkNU2QxQmBd4ghY8AjrZkBRnBNQSyRQAoCZ_4CwLHkkYja9yPylN1rbb-G0qLAyWUwkjA4_5-CPfW0X4lz_F2KSCOeU7gcafK2lqNxV_boU6KLCFueuoneYt_4CbuT65re3KokabAhy1bEefVvkLjUu1UnSC3YLgun3hyNzOYcBMqOPEiB-RPlmbzzBr-2KgkE2GEcFxMfjfzGl7lfRnZMnMhLuXyYsqXhlmPLYjdjE-7BOtjslbkPD4rIW2kklPwc9283ss50rUH_P8R3YFcCq9wIPtqNYz2-Zio1zvWqeF9eUh4ErQre5x2ZcOAeMCSQ8gYa--zgNHflyKVYWvcX37sdZl8KSBthKasJ2zUnhOzJOOrswcM0ZlolEsCkNPnPTgHoUxsuujiogu0M8vfHxBLWUzT2jdE3kPX8tVeVXa2T80Wo5NrW4foNvf4_Jx7bKKMGNfKqZtZwDRlfL_X5NCcPQzSVLXuWG4-_5NFcvCmrSaYWPqnREc4vRQB_H2_UIt-ntsPdI1SIQO_YbIGmdNFndTYzlIzFruTD0cGbXmS-dxCkYcKHpd4ERSaTvlq6JxUsvEvikXTVUgjzDD569BEIXzPpTB93xdr8MUfUB7-jPYb1kaEALUmTn6JtPOamWyHKoYC_HRML6GHp4MkY4VIyCzwvY0XaHano6DS84FJlmMx48CaXesIKgO7I_o8JKITF8f5ZH0zHFhXsH0tmS7Ehr5QjZQd8vpLz-A9F0ONSgWyNPCCkYHa7PTtnoavEEMe3fJT5kaUkCKOEl6XSxCH_dJXqIKruRIr3nVMMDggOUoSFaxfSCc4Qcf4uCUHgJPcNJWSs5yAOEg7vESJI9WwsTq6KFsqP6LdDX2YMqz0hKlk-s5trizxhZZjsYofCtPUj3y9nJOD3jEp-4HYAJikDdxp5NLPmRear1EbppwdmLtGB5Y6TMWwS5mdgn_tiGQ0gB_kt3Zb6RKArw-tQqjCBRyWsOQDkrAWXG5jcuwPtEkFcFHnhUIBPMKqGa9VoFnugckkHpodxg_j6sVRsHMMLxCikk1hNfkERhgNCtsKc3Q_Y4OyoueR3MPDdv0c9TbIK9URnFOcVIu9I676QfgRvwKj0A3YDVNhMZQ1PH5pegKO8faWIl7V8sDpRn3Dih5A5u34U4OyedadP9IgC2xyKp9m-3UaDdhQZFuBUYXBCix9SxxsR-MH-pqpwFPfM2bHIajT3poeip7Cr9qnzfrjf_a6dcsyLAjN87AJDVO28okZX5xs1KJaqCAV2SI8WVhH9icpYcik_USeusvV4WWGPnLzv8bN_yzmztXwdfyhVUjJjqWsqUmK7M0U5oDzmhyLIE42c2DaZQRNl1zS2IR3uSjrtGS7FtNfSal2YGSffDsVyw9dSmhpdZpKuE94Libd9-x-1LNjlZWaeSbybIljcbyif1zRim7jrHKUk8cuWx-BoyZLckES21WI2dtQ5qdpmflpOBBm68bj6rKSAy0ozZWPw9nq3sc1VbzRStBcfQe0HJlPVPwMuWSV7gP6pz4mx8SABAVWi91DG0QKHFtyqXMWkTUEcf4uK4cqWIXBGlf97liMIh5jJLqA8o5qzsnudoaX6bm2isX3IypxijqihDcYFXWBAidbuJghK5siGUheLbUqaMMRV-1A9LEHKVLyZQ3Ynr8NGJmAg-nWFQOAYKgpJ1V8dFlrnASYZTaSZhvAWUQABanXyNmGr2P1Imt4GKc8_qx6CRY5v77EvyfSBf7U3ZJMWeTNuDZYBnjvoaSFQW4TGGAfEhVelPllNFLJeRgvRFzCU4XZESV4zHxN6L3xLGyxSBJEneDtGtpWQUvR6VYtfIUnmUlZ5d3Ypg3kqXJEfBDuMwlXQeUJ4PJM72mIdU9OIYMXhFUe_W240TsnAwkKqL1ciihnXkV-mT95P3w7IY3hhFdQWzNrxOqcLl2DUhEZLLMyyiGS2aXzC4d8D4HAkRlLojSpAjYAn8YQfxualBQcDOKiUANrup6Hl_Gdj6-GBzeTDBsU4JAnXCZ09VI7rhma8UzeSwhWMynWOveZlC1IhGkT67zqd3x2X8wI85T1jiJecTq4a4SUBcU7balwo88uWgA2pSCcwNJGMWuo3IL79t61i38JHWw_u6xid1EkqTeGSU52yXIUo7IW9RNlWmCngS6GCFNube97YsAge5s1ozYDfOZ0aGNNk3wTPGCeFZEj43Adg4Y0y2Hnw380dvyvdzDF929PGMnkfkS1Nh_SUEwxnpfx1riCrCWKN-K5mdxoMbloZQ4r0q3Y7LAHt2Lb1j0fpEqVjZxu3D81hPiABwTOSUL4JyTrYLA8bjwQxMF6XI6ekSmco1YbmmWcgOs3xw4pSTyKOmjd9l-LSWYbILvjXHzJLn-59xsW8agBxveFy2oFWnozOpCIGdYZV5MvRL894epcOvBhgYeU0c-VvLaExoTbsVf5BeJz3dyeWenahhiVn9T19geFFR9vHcJVM_n-C1F0dsbAhFkaX1DG7DkRl6CHx9kxqY0Z2pNUZOppxFMEaMb-UVZjftfOICFuOyQuHR3C0xoQMF9HMOBEA58yNBtiP-Orbyv2kUHhR6MfKlutbdBlq9GTxUbwxXcmZcixwerOFILJWWHdwAIauzOP6Rydvx8EMUbkVYoAgJgVo7UDAbgY8pOkfS4tk3ZP1fNQl9EnkjymjR4_wKC-qhwH5HvLxj2qC_1kUYEOMfZyWV2AqhjRwTG07c-z7LOb_hseBO11ScH_3uuHlboVfAGq3XaAR5nVXKcRUCGFtP4wpXpW2XPsmg1Vg9slCR4co5UH3yPRbkhatBYLJ1knhIMHEXmT9Y9L6ggDFKWcNKxwomBOScoijAuzsaAT0y-n5Ak-ap6-DlKQMNJUYbc6sHM2is3VjxP1SKF6r5RfSzNodTbPOD0TRo-717f5gRdyvndImJLk2UQzXYSveZX8kIqdwd-vGdWJq34NImWAK1hMGZXzON8f7cAKAEaYul921PQX9ywBStFxUFj41szh7nZqMGY4zxTHx7EXbhLFwDd_XqVBR_eoJB58DcKil6Ym9YpH4omduSitRHVcaEw2cbFimzdctIA1FYhITaBRkf9Yl1XRty7bHjRzubkHMi1hL844U_naqeinE2vRxM-s_qgp1Bg-EufKXZ5NUM89vdjH3WN1VeN0y4OPSFlcJsK3dQG___SOgt4298-D59y76-juK0_p9OSMwXObq2bT05W6a61ZVOlj5jeGgTrQF1QyGJZHL6S5Rdc3d5joqzQhdndSZFr-nNZyE5uB8vjhw996GW531AtQ4odcQtNz7bXqgasWf-VaFLjKVP55P9uOXUITm1HD19l0vCONDYXubFOLcBD3YAFMSwJP1kdlir_iUrRJ9ItT5lEIJg9ygxdVt1ErEZ8mLbELCtYr2Eq4IxPJoZ1Hq11XMCCMLOISDLiJsuVuf0P0ThuMJodjQGds9n0YdGzAuknus-EJtK-jI3FiOl7WO0SR_kuk0KFadYlUwg6WqQE-pYct5ddt76cAmPq96KiiRpUCAQSTgDICaaNFpV-kX6L0SgU0YpjZU_VPIpX4whB9BimgCGjXOi_zXnt0xDqobn8XHZPGgevAyIIztxK6iYjZtogCBqkWYKAGDQvD1kBTd45BxgBYAE&cry=1&bundleId=
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame DAEB 91 KB
23 KB 732ms
153ms Script
application/javascript 99.84.203.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8989054117704044&output=html&h=280&slotname=4529459148&adk=4201992133&adf=3485233052&pi=t.ma~as.4529459148&w=336&lmt=1700726954&format=336x280&url=https%3A%2F%2Fwww.centfile.com%2Fphe4kr438gs9&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700726953608&bpp=1&bdt=1149&idt=551&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=2114039432253&frm=20&pv=1&ga_vid=1330707109.1700726954&ga_sid=1700726954&ga_hid=533254029&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1042&ady=625&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C44809003%2C31078301%2C31079699%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=164840300249874&tmod=1702033654&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=554
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.203.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-203-103.lax3.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 14:36:21 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 08523828eac58ab546028ccf39ec743c.cloudfront.net (CloudFront)
x-amz-cf-pop: LAX3-C3
age: 10863175
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: St3XVvQbNVAvgNPESxhzjbNjU6SFK3iE5qSf5k7XRZAk7U1nEmxz1w==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame AB33 43 B
216 B 896ms
189ms Image
image/gif 3.222.35.246
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1525488&asId=f213401f-912b-498c-ed1a-1d421c200017&tv=%7Bc:uO7mfz,pingTime:-3,time:40,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:16%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:40,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B34~0%5D,as:%5B34~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tWq0Z2d+11%7C121%7C131*.1525488-72168018%7C1311%7C141%7C151%7C16%7C17%7C18,idMap:131*,rmeas:1,rend:0,renddet:IMG.us,siq:17%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8989054117704044&output=html&h=280&slotname=4529459148&adk=4201992133&adf=3485233052&pi=t.ma~as.4529459148&w=336&lmt=1700726954&format=336x280&url=https%3A%2F%2Fwww.centfile.com%2Fphe4kr438gs9&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700726953608&bpp=1&bdt=1149&idt=551&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=2114039432253&frm=20&pv=1&ga_vid=1330707109.1700726954&ga_sid=1700726954&ga_hid=533254029&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1042&ady=625&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C44809003%2C31078301%2C31079699%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=164840300249874&tmod=1702033654&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=554
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.222.35.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-222-35-246.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 08:09:16 GMT
server: nginx
x-server-name: dt21.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame AB33 43 B
215 B 892ms
189ms Image
image/gif 3.222.35.246
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1525488&asId=f213401f-912b-498c-ed1a-1d421c200017&tv=%7Bc:uO7mfB,pingTime:-6,time:42,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:42,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B36~0%5D,as:%5B36~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tWq0Z2d+11%7C121%7C131*.1525488-72168018%7C1311%7C141%7C151%7C16%7C17%7C18,idMap:131*,rmeas:1,rend:0,renddet:IMG.us,siq:17%7D&tpiLookup=ao:www.centfile.com*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8989054117704044&output=html&h=280&slotname=4529459148&adk=4201992133&adf=3485233052&pi=t.ma~as.4529459148&w=336&lmt=1700726954&format=336x280&url=https%3A%2F%2Fwww.centfile.com%2Fphe4kr438gs9&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700726953608&bpp=1&bdt=1149&idt=551&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=2114039432253&frm=20&pv=1&ga_vid=1330707109.1700726954&ga_sid=1700726954&ga_hid=533254029&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1042&ady=625&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C44809003%2C31078301%2C31079699%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=164840300249874&tmod=1702033654&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=554
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.222.35.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-222-35-246.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 08:09:16 GMT
server: nginx
x-server-name: dt22.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame AB33 43 B
215 B 890ms
190ms Image
image/gif 3.222.35.246
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1525488&asId=f213401f-912b-498c-ed1a-1d421c200017&tv=%7Bc:uO7mfG,pingTime:-2,time:47,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:363,beZ:364,mfA:366,cmA:368,inA:368,inZ:371,prA:371,prZ:375,si:380,poA:382,poZ:401,cmZ:401,mfZ:401,loA:405,loZ:408,ltA:410,ltZ:410%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:16%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:47,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B41~0%5D,as:%5B41~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tWq0Z2d+11%7C121%7C131*.1525488-72168018%7C1311%7C141%7C151%7C16%7C17%7C18,idMap:131*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:IMG.us,siq:17,sinceFw:28,readyFired:false%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8989054117704044&output=html&h=280&slotname=4529459148&adk=4201992133&adf=3485233052&pi=t.ma~as.4529459148&w=336&lmt=1700726954&format=336x280&url=https%3A%2F%2Fwww.centfile.com%2Fphe4kr438gs9&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700726953608&bpp=1&bdt=1149&idt=551&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=2114039432253&frm=20&pv=1&ga_vid=1330707109.1700726954&ga_sid=1700726954&ga_hid=533254029&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1042&ady=625&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C44809003%2C31078301%2C31079699%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=164840300249874&tmod=1702033654&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=554
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.222.35.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-222-35-246.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 08:09:16 GMT
server: nginx
x-server-name: dt23.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
DATA 200
OK truncated
/ Frame 657A 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d942d06b7348fb9cf470ea1caef30357e60ffd4e220e6a3c57a9d36244c9357d

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 657A 0
133 B 150ms
149ms Image
text/html 142.250.71.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CGRRkqghfZZm9Db609fwPxLSZ8AabhIOKcuS-mIi1EcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi04OTg5MDU0MTE3NzA0MDQ0yAEJqAMByAMCqgTHAU_QiZna3o-SdSuGPU9rP-fjCnrpkW0MQQ_W9OnyazoiFzYcJOi2cngxuLB9ONTTH5BI6NHEzlL_Jjp5sa6StUuCaZMJYurNuPfh9eSRoScSUqXis8M-DTGnGtktAVR5xeyzX79NHOBaXgSbBaEifUw6Gdv5xk1Ts3pMabriDVXPotPn4QyARm_B473YRyd_3g83Yh4-rdmoHlE7iCyTuwlNqen61_m4qnDaTmmdPAoQ_U-54uVZRw0A-P3Qk_-h41OpltCmZvuABuf3xuybte2C8wGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTg5ODkwNTQxMTc3MDQwNDQYAA&sigh=7wNQ8AamgR8&uach_m=%5BUACH%5D&cid=CAQSTwDICaaNT8E-0NLImJOA7BPR0nbUMpJF17AoinrOkhDBGS_CLx51emvwMx4mjD0DQa5jxjcmxChHcROzhUPJky9TfJ2WaWmCxvReku7oz_MYAQ&cbvp=2&vis=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.71.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s17-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8989054117704044&output=html&h=280&slotname=9641227168&adk=1086079764&adf=1972238307&pi=t.ma~as.9641227168&w=336&lmt=1700726954&format=336x280&url=https%3A%2F%2Fwww.centfile.com%2Fphe4kr438gs9&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700726953605&bpp=3&bdt=1145&idt=533&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&correlator=2114039432253&frm=20&pv=2&ga_vid=1330707109.1700726954&ga_sid=1700726954&ga_hid=533254029&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=282&ady=635&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C44809003%2C31078301%2C31079699%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=164840300249874&tmod=1702033654&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=546
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 23 Nov 2023 08:09:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 winnotice
trace.popin.cc/api/log/ Frame 657A 0
60 B 108ms
107ms Image
text/plain 35.213.89.133
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trace.popin.cc/api/log/winnotice?tn=41b6e88a2b85b0e731ef8e73e5558712&winloss=2&id=496d537fac18c90a5db4e0cde5968722&seat_id=${AUCTION_SEAT_ID}&currency=${AUCTION_CURRENCY}&bid_id=${AUCTION_BID_ID}&ad_id=${AUCTION_AD_ID}&loss=${AUCTION_LOSS}&imp_id=1&price=${AUCTION_PRICE}&test=0&time=1700726954&dp=Iuidf1L9qTqtNWP9_ifR7KpOlpeNDyWNIWnOR4mDxyY&dsp_id=22&url=ROfgrMqFvUPgnkPqrNc2-oj3_DOoRgq-2XCTqUgDSEWI2l7aU-A9vkbYvQ7w8E5wGB7hJ-iCv7_g3-VnFHccX1mYB3w8id74p1tpj5muhOwvnszQWT4BVnt9nWOTkgANX6wiFN-TpELPUFSfmnVJ6YqNdvL5pcommWEi8rOjhAs7iG-_eVhqR-_c_J5ZT5ytvAbwPFl_ds39DTJfffdNM66X2hHa-B6lJvt3uE8Clp8A7VOC4zdQGSeB6heUgdkYFxHIfWPuYVWjzVM_QOmPSsiNlBckQvd5yE3tq-yz8ufGxb2fXxNZDosI4mYheu7xRdI0KowhFrl1C5SjpYT1ChWXlJBsWYSjKQirxmwZmhwZG-D-O8KaxHSWsZt7AGF6SrlcrvVLLZ4T5DwNfVo7EqKc2jpyaSq2Ttjcq13z9QRrmXOVk7dKYhEcVe1YH3U2D9MdF4s_kIvCkqlOmvhgKEw4NFn1VS7c2hbD4AjcDwXDy5TnFfMIw3QA2f3NuZFfOTJ1FCVnmmKNTLoVnYzWqyiexFYcRxIv5LQeeRbIEMvfzDWmjrfTVYVGpYWHv_qeceVUKUuX-Ig2pweblUhlUuYDpWKYoVgefwelkitLUJcy-mBdlIw49mQSU9be3iW404ZVr_LvU_EI0b_cQnKuY8dg1IAAcmMK_AYFMFiRqdtNX4rJ4PcozFhbQME8JPBA2vl75wFZ8HlDH4eMuIY7mPc9OGwSVdt6Ztwml77_x7DNoHU7GKYWzkGeV86wwpPaFQAJ7iTGdIG1-Gq1SYJG-ojrpAuD-j5FTX3ubztS8s-eNCjOPgZvFyysb_Ln0RC-imI5roq6GLq-CjSQjzM2PhTqfpjR61kwhU1KF1rzhkg9dP6ihD3O-z2UyoRkuLB8r5BBQ4KA27LlcUcd9LXnE9npqz_8PvR-vukXstk9Ei1v9VZOcunf5buGXsIZUH9CisCXU0wBjgD_x8hrPJBzd3eyxv2MS6jwL2gbeEq39flPrNANp8tjw6r-GasUqYXqlyUfD5IOZS6RZpc0EAU9aTP-40i5bf4ukg4TAw-zYky-OSeY-GFdLvHQACV1KNn62wvDlwaPpx9AV7jXdJleQhzQ7rBTq_JQ1E44QtsRU79M-YaEmiqCX-eFru6PH-251O4D1cI1-kpeLNd4cGP244_vrIuwSVOpG7PrK3zxhKOrqR2ydLAY--PNrZ09FZrTUeCB4faSop8JFrN1RqBhvnAjLU87OBF_5dGxJxhHg7jlheFSZb1hpnfzOZ9EuIQ2KX7xkMf47ahs7xBwT7a3L2YM7Q9TNmd-Atzx3mslJ9HasumlIQqGNngoJMHiF9ilDlHEIH78Anr71C-r0p4Mwv_qiTSUTlg5RJ7fCLXdAgPqlD4fCzGecj2x9UFmaf0rHfeavSsc3-QaUWwRv2Mi6mzkB7nA4fS4VIc5fzY9ojuiE89wm73nnfqUxaM-D4iyKKF0QD__G8lNJPydc9e8XNBITUJlOeveq8WY7Y-AF5ZPcshXL3xgRT7ICfg0Ajn7eE-4qNjvGMwAJF1KU1_qBGmoKgrLNiylIR-SUAym36GGvLKjw9n5GX07ydxVRmVW47E4kHTpO6NZtomjcFmWaN7XP50w9k-gfUwsa--hAPbrN_bqofSzwR_DzPG7xowgdYiqHML5h7qY94QvW8tqLkDW0iNZ66smnKW5lnMKFDo6iYXAF3K_cxVy8eY1M0mIl19apCxoi4bqc9gGTrxEnviSRT_gsVxbaoCJhEkzJxeRZZXhPY532Q1MLSobXkj204iohB50Xx1C-4ffNLxuxA&sp=Iuidf1L9qTqtNWP9_ifR7KpOlpeNDyWNIWnOR4mDxyY&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8989054117704044&output=html&h=280&slotname=9641227168&adk=1086079764&adf=1972238307&pi=t.ma~as.9641227168&w=336&lmt=1700726954&format=336x280&url=https%3A%2F%2Fwww.centfile.com%2Fphe4kr438gs9&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700726953605&bpp=3&bdt=1145&idt=533&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&correlator=2114039432253&frm=20&pv=2&ga_vid=1330707109.1700726954&ga_sid=1700726954&ga_hid=533254029&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=282&ady=635&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C44809003%2C31078301%2C31079699%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=164840300249874&tmod=1702033654&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=546
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.213.89.133 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS: 133.89.213.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:09:15 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8

GET
DATA 200
OK truncated
/ Frame C6E1 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86e1035528509542804097067d75c7fe51c43c8f3f31d823993fec7d1450f779

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D1BC 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 604baa78052f6a0f30ffe86727c8aab9fa391d43f456494ae2b6fc86ac55e10e

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame E68E 38 KB
13 KB 3ms
2ms Document
text/html 172.217.24.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s20-in-f1.1e100.net

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 15977
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 03:42:58 GMT
expires: Fri, 22 Nov 2024 03:42:58 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 6A7A 14 KB
1 KB 101ms
100ms Stylesheet
text/css 172.217.24.42
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.42 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f42.1e100.net

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 23 Nov 2023 08:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 23 Nov 2023 07:03:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 23 Nov 2023 08:09:15 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 6A7A 2 KB
856 B 2ms
2ms Script
text/javascript 172.217.24.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s20-in-f1.1e100.net

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 21:50:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37104
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Dec 2023 21:50:51 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 6A7A 23 KB
9 KB 3ms
2ms Script
text/javascript 172.217.24.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s20-in-f1.1e100.net

Software

cafe /

Resource Hash

8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 21:34:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38067
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9282
x-xss-protection: 0
server: cafe
etag: 14645652906762492339
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Dec 2023 21:34:48 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 6A7A 3 KB
1 KB 4ms
3ms Script
text/javascript 172.217.24.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s20-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:10:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57552
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Dec 2023 16:10:03 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 6A7A 20 KB
8 KB 4ms
2ms Script
text/javascript 172.217.24.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s20-in-f1.1e100.net

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 03:34:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16473
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Dec 2023 03:34:42 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6A7A 202 KB
64 KB 122ms
121ms Script
text/javascript 172.217.24.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f34.1e100.net

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:09:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Nov 2023 08:09:15 GMT

GET
H2 200 a6de5423b7c632060e8f86136bd5d27a.js Show response
www.gstatic.com/mysidia/ Frame 6A7A 37 KB
16 KB 242ms
3ms Script
text/javascript 142.250.66.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.195 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f3.1e100.net

Software

sffe /

Resource Hash

0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 12:22:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71190
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15478
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 14:10:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 20 Feb 2024 12:22:45 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame C6E1 0
56 B 146ms
146ms Image
text/html 142.250.71.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CnQPGqghfZf6mDumi9fwP3ZyhmA6bhIOKcuS-mIi1EcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi04OTg5MDU0MTE3NzA0MDQ0yAEJqAMByAMCqgTHAU_QD4hjOVtzVHETdlgwqUVKQdAsuj9hbCMh13xmne7OIrPe8JOV6BCOcF22dywuMyEt5Tyee2RFWt7n9fJ1qGAdoXWRyEib7yjKLgbLiPmiM_lryDNip5v85KhjPC_dIT8uDQQx3ztFwuWvsIF1tLuO7vADgk9nfzzar7ymjStuC2VHHKohzxpMfMFedq0NLb7MKl_dei0N_8jw98vgZNRm3w7G5XbHtmmQ6VoqzAFJiGlt_C5MIrkB_DReosbRB-4PqNIRGU6ABueJre7FkO_PxwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTg5ODkwNTQxMTc3MDQwNDQYAA&sigh=F37YVPlX3ck&uach_m=%5BUACH%5D&cid=CAQSTgDICaaN7f4KmmIisODWuAME_Ssl_UEhwMwQdJYC0ck5dwyL364avdl2DD97rjh4hajHM68YSuX6_U4wnGY1E8Kh_Blz0MXWv46N2orV2BgB&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8989054117704044&output=html&h=280&slotname=9207920698&adk=1314418388&adf=1883971444&pi=t.ma~as.9207920698&w=336&lmt=1700726954&format=336x280&url=https%3A%2F%2Fwww.centfile.com%2Fphe4kr438gs9&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700726953609&bpp=1&bdt=1149&idt=555&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280&correlator=2114039432253&frm=20&pv=1&ga_vid=1330707109.1700726954&ga_sid=1700726954&ga_hid=533254029&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=640&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C44809003%2C31078301%2C31079699%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=164840300249874&tmod=1702033654&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=559

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.71.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s17-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8989054117704044&output=html&h=280&slotname=9207920698&adk=1314418388&adf=1883971444&pi=t.ma~as.9207920698&w=336&lmt=1700726954&format=336x280&url=https%3A%2F%2Fwww.centfile.com%2Fphe4kr438gs9&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700726953609&bpp=1&bdt=1149&idt=555&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280&correlator=2114039432253&frm=20&pv=1&ga_vid=1330707109.1700726954&ga_sid=1700726954&ga_hid=533254029&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=640&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C44809003%2C31078301%2C31079699%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=164840300249874&tmod=1702033654&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=559
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 23 Nov 2023 08:09:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 winnotice
trace.popin.cc/api/log/ Frame C6E1 0
39 B 106ms
105ms Image
text/plain 35.213.89.133
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trace.popin.cc/api/log/winnotice?tn=41b6e88a2b85b0e731ef8e73e5558712&winloss=2&id=4e221e31d7af16f081134df66ff37560&seat_id=${AUCTION_SEAT_ID}&currency=${AUCTION_CURRENCY}&bid_id=${AUCTION_BID_ID}&ad_id=${AUCTION_AD_ID}&loss=${AUCTION_LOSS}&imp_id=1&price=${AUCTION_PRICE}&test=0&time=1700726954&dp=GMcdnjohIToSnw5yWJJ3tm67URog6CEtUs4gzH0KV5o&dsp_id=22&url=p1rXgtP2RqoP1WyHvt_7CfuEMY14WvTBb-TuCKz1UbL510k_VTUyMSxDDukos_HBDLzGnQWzWrW8-A3QphWjSyrBZat-OZois7d_KKPCkAjxMHOVRbt_mpTndcbdDK3c1jnaYR-8uJXx2bMec1I0wpWGEZPZEtpGGDkV0GLuNgpLjz3hSIXxR0sdCLA31WpnVb8q9MzDBhpXBGeQz9NlFbZpxMseqX5wkFrvEVFETPfvIEdUjyDSY4T7anojaOklZgnJPNBTGjt4V5PqKWmYL_ibZKgtOKRLYCSTjifRohDnlgWV2dat1XdJe3_uy7VgZqI7e52u3pTCGiHu0Qdb9aeq-_o7Bztfs9qlT2zENR0Iersu3BTtiANNZng2SUiiJC7gSaY5CeY58h04VsSH-_ieXsxzsWW3WFIwZG-WDWvaDJm0tyJReeXt3-xHQdpZHZZnCpNMwuxjut6p1Lr29B4esxSppbjqGNRteoK-uBS1XIphHr29WHxD07kKhfz_0JfkBGqiH3Jyi04_qiOaWe1RcUenNqkOwzUeCalq3S2jjrzeaQ3ViHxdQwhF1C98dJYwT7ebQXY5Fmz3i4TqaWBFxNJG0gmFFcgTrmVvszvDFUFPPHc3g0iSSN59qM7c3W0fwbzAtxzqwPMoLG3RwqlsQ1T1Z5_QAIN_Q87Xsfe8o2Hx6zT0k0GTIWrNY_HXRLUX0qzz6qw5ykmwyx8tC7RRy9oQSqOwMePDAB8epnMr-yX7H2CYMJZoCR9G23VcnhNSM8P6Tbg6mINB9j0FzEKxwvYKdHnXOh79oTl0mru8Q3iG8fms7jOUtegFrEVtfDSjQgghRxM8tdYONX-ru7S7QCPHje9n1Nct40CLyX_wHyoF8AaNNNFlOMnEBQn4ehM19JfR87MEGbdg-k8L4guh6vWJEyGUG-kRAeYzScFG6wvnhpQDRJvdswAQV-REVE19CcNdgCldSfvGFRuuScTbnTZ6i9RVA9bP1pA2O93-wQaFUGALVgqqsQLop37jhU3UFiWXCUhKV3I1U4WseeBeyGz2hy_2A7sbyzwiiGUEBMUmd-vstAnG4FfGHmKCDWp9MzG7Wu5djUevJAZTyMixKgfkPsXnHnR-2rrozN-eKLrkcEa4IBm2-7swyI1-5iVIpJP_NKbydAp4h35YnvqxZlhv-1zb9qr2aiSBIFi70hb7yUOexTNLhuGZIlBFKHGb9qnY8EvWLRxvnirBJSihFGhH5gLml0N9PXzn4FP_2CwIlpLHpSrI6ck3n3GUghrdfma6LLA1RHuAttiCowrlz8fkc3vXzKqF0LJADQ3gyHM7ELasmmevqtPy7DRcr_IUoheMFZUCEmbwS4NjXSjEBGlncXb78jz77W1jMB3FWMZ2I2egBsHIxTUZUE8SYyBYTghsWBFdrhBDQjUtYTzkZvLd6O61Blu05lYZx61OfQpgltHz6baefcB1j7Y7lia8QhwfrS6aBeOj0WOnFPyQmoDz-z6FEL8a8o_Ns6KouCffqUXhHzizea1rODiAh9ou1BKIe5O8OnxZsbtBnCyNG0g2-c0T8h_54Hiqm131zG3rL5drEytdhU1D4FhV5RSsEfuiCUMYYFEC0w0sGaUY5kmUBS-XA6wj4h1yaJMAW2KNLkhh7nSb9-jPt32vfJxB30EsPzc-zTjpwh_hhFrtZ59deVzz_2K_mSTSYvKfF1QOWSlvwS_PYXd_JR20aEULumUkVIxof8DQ2Sv_5Ly8iIcGOKokmBBzRDdK86wG6Px3sgPz82vFMtArL7qDi6NPj2E_cXLKrEImO0TssQ&sp=GMcdnjohIToSnw5yWJJ3tm67URog6CEtUs4gzH0KV5o&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8989054117704044&output=html&h=280&slotname=9207920698&adk=1314418388&adf=1883971444&pi=t.ma~as.9207920698&w=336&lmt=1700726954&format=336x280&url=https%3A%2F%2Fwww.centfile.com%2Fphe4kr438gs9&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700726953609&bpp=1&bdt=1149&idt=555&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280&correlator=2114039432253&frm=20&pv=1&ga_vid=1330707109.1700726954&ga_sid=1700726954&ga_hid=533254029&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=640&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C44809003%2C31078301%2C31079699%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=164840300249874&tmod=1702033654&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=559
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.213.89.133 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS: 133.89.213.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:09:15 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8

GET
H2 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame E68E 39 KB
15 KB 2ms
2ms Script
text/javascript 172.217.24.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f34.1e100.net

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:17:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 93098
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 21 Nov 2024 06:17:37 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame D1BC 0
56 B 146ms
145ms Image
text/html 142.250.71.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Czd79qghfZdzDDpaP9fwP8eyxsAqbhIOKcuS-mIi1EcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi04OTg5MDU0MTE3NzA0MDQ0yAEJqAMByAMCqgTHAU_QR1mVknsgAJ2egoS6Bc5q6tVsA5UahFgl__PnancZUcXbaBiyucidwsFDbOq8siqFjiAyvrie0eSalASonVvFuMyarHvfqhWcHuufUDbJs7az3YhdycgdESJRGo9U3p2n2omR7h_5bkwmSNc7aKoypJYfWNtfxSZjxYKOd9q3Qho5bXQ2DEHrANaRCZCcewkXQIdO_985TJ5RN_PZCh9PbXPl8qkxunnFNxZNHMf1yEEXnebnSQBBxECKyHFl4d482adRUg2ABueJre7FkO_PxwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE6gAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTg5ODkwNTQxMTc3MDQwNDQYAA&sigh=Z14P30j54TE&uach_m=%5BUACH%5D&cid=CAQSTwDICaaNrx2IGMzuStZPSlGu0zQOZz72Vg1qTRlSeRn_3myg0Tb6E2vlK1cGzDkpncEEemHFER6RVmklAbQDucZNeZRnSK92NRnq-BSfzp8YAQ&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8989054117704044&output=html&h=280&slotname=9207920698&adk=1314418388&adf=2280487119&pi=t.ma~as.9207920698&w=336&lmt=1700726954&format=336x280&url=https%3A%2F%2Fwww.centfile.com%2Fphe4kr438gs9&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700726953610&bpp=1&bdt=1151&idt=559&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280%2C336x280&correlator=2114039432253&frm=20&pv=1&ga_vid=1330707109.1700726954&ga_sid=1700726954&ga_hid=533254029&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=920&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C44809003%2C31078301%2C31079699%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=164840300249874&tmod=1702033654&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=562

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.71.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s17-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8989054117704044&output=html&h=280&slotname=9207920698&adk=1314418388&adf=2280487119&pi=t.ma~as.9207920698&w=336&lmt=1700726954&format=336x280&url=https%3A%2F%2Fwww.centfile.com%2Fphe4kr438gs9&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700726953610&bpp=1&bdt=1151&idt=559&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280%2C336x280&correlator=2114039432253&frm=20&pv=1&ga_vid=1330707109.1700726954&ga_sid=1700726954&ga_hid=533254029&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=920&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C44809003%2C31078301%2C31079699%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=164840300249874&tmod=1702033654&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=562
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 23 Nov 2023 08:09:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 winnotice
trace.popin.cc/api/log/ Frame D1BC 0
39 B 119ms
119ms Image
text/plain 35.213.89.133
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trace.popin.cc/api/log/winnotice?tn=41b6e88a2b85b0e731ef8e73e5558712&winloss=2&id=b7d08cf62a815c709ae1ed5949f261ff&seat_id=${AUCTION_SEAT_ID}&currency=${AUCTION_CURRENCY}&bid_id=${AUCTION_BID_ID}&ad_id=${AUCTION_AD_ID}&loss=${AUCTION_LOSS}&imp_id=1&price=${AUCTION_PRICE}&test=0&time=1700726954&dp=SMfPvPZsZCd_YNTP1NFK8gw8kDuD51BiC_TiU7KGWaI&dsp_id=22&url=K98Tr-xpPHWcsLEJtmdDs4vNCiRzA5cOy_Kvz-TN8vvPvzTPD8VAyA9OMwOvP_S6d6rogrsmHDyZQ4D_nKiQ1wqixGeB8Z0PjimtWfIeyu2VSLq_t14JHud46RpXJ44lL6mUK7QQg8HYfOVqmBxo7GE1svGDay4IpaSLdPnRmrVS1z6cf5qudyFo453zLk01jRxrsbagsv68g_gYX8EFm5Cf7ZMzu6BhMPILKUO4xolSYUlnOv_j1CSqYFJ7p2GT0h6Jh_wI--J3DOHVYVTewcy_jgwVNFGyo4scgmwsQbHZqOkcvME_OsFnUO__oqOkbHsL7S08zduqh-No5e4ht9Z70Z25dAR1VmZIxHV61PJPEUu-GeGiWznzVaKyHhTmcaj_jFqJGI0JaCZIPeqxyIk3S1dRrVJSV9WoD3OXS1RLvUtDn_W_yyTGJdyTFZJDjwvgOANZIBlciqsB-iZNtYUTtaopWnuldteQIVuGFVWgwph1wDIqbiGLdumoPxaHZfZ9IZc1QaFTsTY1ePRcYDTEMSi5DepOYXDtkZ9Ei_neZG6RFZ-DqAnRAHhcKVa0-JGoCYv-DYab1QyibhzkJiXsb2QJHKjtUi00uqp435Uzs5B46NOZL9tsS8YqpvNYxfJTyVUI_tX7_99xbNxBwSncHGTcfygkzzKx3ncjsUCUr814vI4cg2I8Ul0rhFSHkNQpxyDhwAG74t8yyZJlCKvMYqMYka5Mr74B2DR_iFlXlxs53k0pJGqWO_A4YxeeATm_BjWgq149Kgquj6Ys6NR_CZOFVOpJDPW7bGEo7_6MYcPKMsMdc8IBslwL8_KGd-PJFu3F4cxKewYWBfQhlEU1tRTo8ofOufHWLWJPgO_wN0rb4g2ELAS_1v1Axa6oXfJOu9pQcZPVt6bfO4xufGze2WxDO5_6PGjjV3qT6_JO9agNVKOh1xJoWe8H0kCESoPPti8ALZI51YHkXuRHvZq0Wu4_TX7T2QmT4mIMQr2ElFAKqca-La6zYpipLo7dMGUF40KQqQ5kYDdLOGkP9ArrsF_a3GkdAhkKf4aa5BQ8Ou9xfqOUkYlC0b1hLDC0xZOFSuVOMOMxFi46ssyjCL5azWp98acCZu4B5kEol0VIROx4sKMbF9AdHAjSCs9eQIKgpD5-3-lL0jOhqAk5e7gEZmlajujWPf9Xzeb7j-VAO4yeL2mpXnwUpz1ztGxxUBnIgVOZYEDKU7c9Tz0LnV7mjsrlq_au19-5f3SbavWkLLBepAPhXlbAGzHbbabl6E42e8niK7mo_Guw6O3yQjNQgsmNs_8yTDPcOY5FarHbQyTTofhKoKSQWQ_3MngUfqtu_eg09rIhMTf68fyRtjX8NDDHu69ggtTxjfCaqb2HnaQts6Q2ZcBhPZdnMc0KINdVZ0oQh2nl5KToNcXeR3YBLCaQtKIVWG1Tvoq1EEkznZvisLFvblpwokWecYspzstvXuyAye4uSZM3-SgHcgomWK4mbkgGTjTmtYcKGHj_urEnauJiDhdPyzn8krA5Ny6B_ECWIcxJAwWZwOuMQm6xIQuEh5olsTOQGWNiLpZ86H2BvzP7FH19KeJpEHxrZMXVmwti0rENTrP5QVe3TDgwYSN6FfqaF_nCZY-fmdge1nW-JCCnBMb3-2pxJvwiRbYoRZFKfzIJ4mEydgeS7HEDzZrXEuyyZFvya-EIF4ROZHI75YQ2Xjj1Q5zhXbOYIaurS6Tk7E_CYb2E1qU_fg&sp=SMfPvPZsZCd_YNTP1NFK8gw8kDuD51BiC_TiU7KGWaI&cbvp=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8989054117704044&output=html&h=280&slotname=9207920698&adk=1314418388&adf=2280487119&pi=t.ma~as.9207920698&w=336&lmt=1700726954&format=336x280&url=https%3A%2F%2Fwww.centfile.com%2Fphe4kr438gs9&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700726953610&bpp=1&bdt=1151&idt=559&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280%2C336x280&correlator=2114039432253&frm=20&pv=1&ga_vid=1330707109.1700726954&ga_sid=1700726954&ga_hid=533254029&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=920&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C44809003%2C31078301%2C31079699%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=164840300249874&tmod=1702033654&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=562
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.213.89.133 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS: 133.89.213.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:09:15 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=utf-8

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E68E 0
56 B 140ms
140ms Image
image/gif 172.217.24.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B3-K0qwhfZd_bHJLQowO5lLCQDAAAAAA4AeAEAg&bg=!f3ylfDPNAAZxrfrxUa07ADQBe5WfOBKxLBWwaqukmJbGrKauJ0-KaZxRYHbXmYX5wVFWdOKhswCxb7l89nP2AUwicnrlAgAAAGNSAAAAAmgBB5kDEszALfdNb66-8bp54AeXSz8PkQj-Gfzh3tDtJ-un63sk6VMEk7w5jUSiADxximgt8LqAPVCGJcoUDnleNEwNTtvmoyZXqSa8h1R__s-zVn8OchkGlL4s1vZ-TIk-biEWJIiTqjtJk99kjms7i-jo6KqlexsSotqaRGd47hZErQE5s1yk2PrcSXzAA6AKTe2SAOnVXMbbon-FOTC8qrJiI9DI2W3sLd-khdtpZpR4cTOWCjgOUKv5b3X-pvKpDvAJFOLDZrU8Qh9D-E4atDxy0Rjh_9t6BnfJ2OLyDnSb2ERSl6LJ05pfg1j10fTTVzEgyDZfN-jRtC4v9CyPMEDSfp61QCUncqkTDmA99VSzTulsxyUPbjZaPUN_dEy-GUtFO2urYz_DJuc3wbKsGKC2c4Yys4PL8iiZ8kRFc9Yn1TplrCVOAhqmZJQST4h_yaagIPcmqhfW-l4JBNyJYksfrHRhk3aayeD5CZiElUkYUFg9IobTUR7XzDtNEuGXmKVFeEeAaAITK-9v4fUdXwjznaIbolnS23paBeEnAMst2ZAryEloHm5anELdbtundObgLfNwK070WQz-HcgBFaMo1P12ixQR8bnVhIQ8uMy4_g8uw52NEk14oR-1ySznIyRvqjhfQtnoL9U_oWD5DMl9l7BK1wCqNomiNQTygOF3MC-6vQ5jSnL_f92dTD0KEfiY6dIsMY2TGmBMxn8fPnRYrhL943i-F95ej_QN5WpxLz3PrPaUF1mf7C7piRSBSN8lR1mddBwFagw7HWrLpEL02aD_VFfYIscs0YHYZWu6zjkB2RvbRjODhVSF16fMzqDx2QofjCX8qI-wy1AK95V0IKKQtwku1Vot7ykTO0s-KZQfpjpGO6Y1Rtv136dhuCzgCRQGZmpk39TrZR-izvUZ53WIXTKa7-KZMt9qzz_k9KHda_TYGheeaLi-JOsBYqtPXtM47aadrFBBn6DGsqvaClJt5ehUmfyePf_P3EfH14-_UUD3yiQiz6zyy0wDWatEWkliIzsz5K3dktP9GMcyc8Ha4A

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f34.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 08:09:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6900 143 B
229 B 2ms
2ms Document
text/html 142.250.71.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.71.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s17-in-f2.1e100.net

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

age: 1287
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 07:47:48 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js Show response
pagead2.googlesyndication.com/bg/ Frame FDE0 39 KB
15 KB 2ms
2ms Script
text/javascript 172.217.24.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js

Requested by

Host: www.centfile.com
URL: https://www.centfile.com/phe4kr438gs9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f34.1e100.net

Software

sffe /

Resource Hash

ea1ece673616b82840316d3236fc1a02a37f6eb1fcf653812c7117a3c11b315a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:40:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 534547
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15097
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 03:40:09 GMT

GET
H2 200 4249 Show response
ads.everesttech.net/ads/mts/24650/ Frame AB33 7 KB
7 KB 764ms
153ms Script
text/javascript 35.166.43.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.everesttech.net/ads/mts/24650/4249?DFA_Click_Tracker=^(t_cq_ue_https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsvmqb1CpgOa6YasrW6TEgoBt3Q1PBPCEhq27Terr0gt6BiXCqiqXzhqqXWNzNZ44dvwAktcMrJ3jnK6floLRVkMbdmRlJK87R-Qs6Jf7WiwSgzSYmtBSKLXF66UY73PyaJgPqcWHCklDLfS1Di7eA9n5u_vKIZSBPMAsNXkkljh3LbVMbPMeQBwPPCd-iFU6imoqiF31ej80fwSIX-aNRgO9nnkgQlmNgqUo392kFaTVKwWK-zM3cdCz-hA9JkSat60oP8CKMPf9TRBm7XNJ6pHAeinz8k8-Xaj_6Iqt79fq-0GINIk8TAseQ-yaZVsZmI8X46tryFnF0qiktvxv4uAV1FzSN3vEI9aTqwXQJ7-UiA7An9lv9iof5T4D73dAi452VpKNbygMVoqhnDm5cSwvl8WCHvCkTF18iLT1nu-In_21z5FpcUo4Q0ze55ZjL8ZhIDJXySLKVd-5l0kI3PtXRRPV2X7nEPRCMd17u3aJP-23SVRULV8fGWNgyNh6juiwBxD-tpf2QMPWKz-QRVhjd6TVJZ56_VwFNZfsRjRz0Vuy6sewQLVAbUKLFhKdpCPlvDiuiq-7cgE05265yfdP31PVh6hiLXrDfazGSXtEhhsfNMQ2Xh6wke03V_vX5NajfySkgRepWrqHR4ukzcLsHSgtYNht3vI4sjPN6oSdd2PKld5-4QHnuk8RI9IgaF5d7bwKzBCWNVw8H2jkyWLrDCOhgWpQiUsjvgfFPomZk6L9sHDY6I0TJk2ZL6-2kWTZQNfEtPLMv2M0ZdclptVtU6uQ05250Bok6hvGdE_ee4qODisUzHZ3buxHdL7snjDJQnCU_YYR9tLIb4Wkv4wDejqOTNewFRhqY9wgFBedypbcfXOK54n-skSrp8sgPJNd3E4pWMFTGC0mik16YK7bjYBcRBtTbjIEGp1083dQgRO_zwKdaySIYgMZL_hs29vaBbf4VEYY0QeLtl4rxN1FkBocAnExG8041-Vv895xCzwIsc7yyc6em1fBw3Rr8FfWTciepm1iM8peCJXuqd2rowDn3z7mkt4xlnx3CIFpAamyM3qKGu1WQ7g8tmol8MfPAA8AlBixcDhqiZB6zi6d4Xy9ntgiYaqhkzox3Lt-eZ85SMoLrHxNhNID3shm8f3a0KxFw1Sm_bcBQh-oOBsvBAFWvVldEAA1_BEx0ibX83ZhpXriXp_WtYtlTL6C7CslJWvw_pb5ZfUS4H1aVdDbP7PDA5lGcrNJXSeJB5CtxX0P1ad5mEx1zT7vg1D41KjPsmWGVo&sai=AMfl-YR0tjb9rd4PiQgCeATOzkheRXDBUqhbDoXpMLbdXwTJRtNIl67hUK4r1LIsINr_CxugkXgYHVxM1TOtZOuO2aYw9Y6SOWliAmf_LjpFHBJ-vhIRdN5JGnK9OTYctHUBmh-Df76n8AiwA47Eo4Uf9eIyd-f63t9cCdexs5w-8iXkhfBlZ8SQjUpuSVyEgfsi5KJR2S9s6mHPOBrUUDZnB4O4F4CDtByr0qTgoEYpDa8_cYXzyHh8xxAzBXnDcSLsciew8LGx_qWVNCe-0MUw8AkgiToFNDC1oddyjpDebwZ2ToJzbb8&sig=Cg0ArKJSzDdaO0Vj8HBtEAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=_ue_cq)&DFA_BuyId=30055738&DFA_PlacementId=369666594&DFA_AdId=560440423&DFA_CreativeId=168146449&DFA_SiteId=6958819&TC_1=cmm9ii6tdrx&TC_2=30055738&TC_3=369666594&TC_4=168146449&TC_5=dcmadvertiserid|8391437$dcmcampaignid|30055738$dcmadid|560440423$dcmrenderingid|168238155$dcmsiteid|6958819$dcmplacementid|369666594$customer|Microsoft$dv360auctionid|ct=AU&st=&city=0&dma=0&zp=&bw=4&DCM_PlacementID=369666594
Requested by: Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1525488/72168018/xbbe/creative/adj?p=APEucNUEO23E16aAHkqqIoch7OXRw4BqxqO3MTsnUVG_acVcqcceJA0&d=CokBAKAmf-AS320dZ9UZ0u5hPtwLeTID7huEd0zyM3nT1YZzEXLEH33OhQdTL21EyeTrBPcKFSN5NkSDJ9us9lbhWdviagtLWUONhLYxDC0MLDZ0CoovR3xpwCTBZAUNkhYK_0DM3VDhXkVV5BN2ZIq60GyXtPOrnkNU2QxQmBd4ghY8AjrZkBRnBNQSyRQAoCZ_4CwLHkkYja9yPylN1rbb-G0qLAyWUwkjA4_5-CPfW0X4lz_F2KSCOeU7gcafK2lqNxV_boU6KLCFueuoneYt_4CbuT65re3KokabAhy1bEefVvkLjUu1UnSC3YLgun3hyNzOYcBMqOPEiB-RPlmbzzBr-2KgkE2GEcFxMfjfzGl7lfRnZMnMhLuXyYsqXhlmPLYjdjE-7BOtjslbkPD4rIW2kklPwc9283ss50rUH_P8R3YFcCq9wIPtqNYz2-Zio1zvWqeF9eUh4ErQre5x2ZcOAeMCSQ8gYa--zgNHflyKVYWvcX37sdZl8KSBthKasJ2zUnhOzJOOrswcM0ZlolEsCkNPnPTgHoUxsuujiogu0M8vfHxBLWUzT2jdE3kPX8tVeVXa2T80Wo5NrW4foNvf4_Jx7bKKMGNfKqZtZwDRlfL_X5NCcPQzSVLXuWG4-_5NFcvCmrSaYWPqnREc4vRQB_H2_UIt-ntsPdI1SIQO_YbIGmdNFndTYzlIzFruTD0cGbXmS-dxCkYcKHpd4ERSaTvlq6JxUsvEvikXTVUgjzDD569BEIXzPpTB93xdr8MUfUB7-jPYb1kaEALUmTn6JtPOamWyHKoYC_HRML6GHp4MkY4VIyCzwvY0XaHano6DS84FJlmMx48CaXesIKgO7I_o8JKITF8f5ZH0zHFhXsH0tmS7Ehr5QjZQd8vpLz-A9F0ONSgWyNPCCkYHa7PTtnoavEEMe3fJT5kaUkCKOEl6XSxCH_dJXqIKruRIr3nVMMDggOUoSFaxfSCc4Qcf4uCUHgJPcNJWSs5yAOEg7vESJI9WwsTq6KFsqP6LdDX2YMqz0hKlk-s5trizxhZZjsYofCtPUj3y9nJOD3jEp-4HYAJikDdxp5NLPmRear1EbppwdmLtGB5Y6TMWwS5mdgn_tiGQ0gB_kt3Zb6RKArw-tQqjCBRyWsOQDkrAWXG5jcuwPtEkFcFHnhUIBPMKqGa9VoFnugckkHpodxg_j6sVRsHMMLxCikk1hNfkERhgNCtsKc3Q_Y4OyoueR3MPDdv0c9TbIK9URnFOcVIu9I676QfgRvwKj0A3YDVNhMZQ1PH5pegKO8faWIl7V8sDpRn3Dih5A5u34U4OyedadP9IgC2xyKp9m-3UaDdhQZFuBUYXBCix9SxxsR-MH-pqpwFPfM2bHIajT3poeip7Cr9qnzfrjf_a6dcsyLAjN87AJDVO28okZX5xs1KJaqCAV2SI8WVhH9icpYcik_USeusvV4WWGPnLzv8bN_yzmztXwdfyhVUjJjqWsqUmK7M0U5oDzmhyLIE42c2DaZQRNl1zS2IR3uSjrtGS7FtNfSal2YGSffDsVyw9dSmhpdZpKuE94Libd9-x-1LNjlZWaeSbybIljcbyif1zRim7jrHKUk8cuWx-BoyZLckES21WI2dtQ5qdpmflpOBBm68bj6rKSAy0ozZWPw9nq3sc1VbzRStBcfQe0HJlPVPwMuWSV7gP6pz4mx8SABAVWi91DG0QKHFtyqXMWkTUEcf4uK4cqWIXBGlf97liMIh5jJLqA8o5qzsnudoaX6bm2isX3IypxijqihDcYFXWBAidbuJghK5siGUheLbUqaMMRV-1A9LEHKVLyZQ3Ynr8NGJmAg-nWFQOAYKgpJ1V8dFlrnASYZTaSZhvAWUQABanXyNmGr2P1Imt4GKc8_qx6CRY5v77EvyfSBf7U3ZJMWeTNuDZYBnjvoaSFQW4TGGAfEhVelPllNFLJeRgvRFzCU4XZESV4zHxN6L3xLGyxSBJEneDtGtpWQUvR6VYtfIUnmUlZ5d3Ypg3kqXJEfBDuMwlXQeUJ4PJM72mIdU9OIYMXhFUe_W240TsnAwkKqL1ciihnXkV-mT95P3w7IY3hhFdQWzNrxOqcLl2DUhEZLLMyyiGS2aXzC4d8D4HAkRlLojSpAjYAn8YQfxualBQcDOKiUANrup6Hl_Gdj6-GBzeTDBsU4JAnXCZ09VI7rhma8UzeSwhWMynWOveZlC1IhGkT67zqd3x2X8wI85T1jiJecTq4a4SUBcU7balwo88uWgA2pSCcwNJGMWuo3IL79t61i38JHWw_u6xid1EkqTeGSU52yXIUo7IW9RNlWmCngS6GCFNube97YsAge5s1ozYDfOZ0aGNNk3wTPGCeFZEj43Adg4Y0y2Hnw380dvyvdzDF929PGMnkfkS1Nh_SUEwxnpfx1riCrCWKN-K5mdxoMbloZQ4r0q3Y7LAHt2Lb1j0fpEqVjZxu3D81hPiABwTOSUL4JyTrYLA8bjwQxMF6XI6ekSmco1YbmmWcgOs3xw4pSTyKOmjd9l-LSWYbILvjXHzJLn-59xsW8agBxveFy2oFWnozOpCIGdYZV5MvRL894epcOvBhgYeU0c-VvLaExoTbsVf5BeJz3dyeWenahhiVn9T19geFFR9vHcJVM_n-C1F0dsbAhFkaX1DG7DkRl6CHx9kxqY0Z2pNUZOppxFMEaMb-UVZjftfOICFuOyQuHR3C0xoQMF9HMOBEA58yNBtiP-Orbyv2kUHhR6MfKlutbdBlq9GTxUbwxXcmZcixwerOFILJWWHdwAIauzOP6Rydvx8EMUbkVYoAgJgVo7UDAbgY8pOkfS4tk3ZP1fNQl9EnkjymjR4_wKC-qhwH5HvLxj2qC_1kUYEOMfZyWV2AqhjRwTG07c-z7LOb_hseBO11ScH_3uuHlboVfAGq3XaAR5nVXKcRUCGFtP4wpXpW2XPsmg1Vg9slCR4co5UH3yPRbkhatBYLJ1knhIMHEXmT9Y9L6ggDFKWcNKxwomBOScoijAuzsaAT0y-n5Ak-ap6-DlKQMNJUYbc6sHM2is3VjxP1SKF6r5RfSzNodTbPOD0TRo-717f5gRdyvndImJLk2UQzXYSveZX8kIqdwd-vGdWJq34NImWAK1hMGZXzON8f7cAKAEaYul921PQX9ywBStFxUFj41szh7nZqMGY4zxTHx7EXbhLFwDd_XqVBR_eoJB58DcKil6Ym9YpH4omduSitRHVcaEw2cbFimzdctIA1FYhITaBRkf9Yl1XRty7bHjRzubkHMi1hL844U_naqeinE2vRxM-s_qgp1Bg-EufKXZ5NUM89vdjH3WN1VeN0y4OPSFlcJsK3dQG___SOgt4298-D59y76-juK0_p9OSMwXObq2bT05W6a61ZVOlj5jeGgTrQF1QyGJZHL6S5Rdc3d5joqzQhdndSZFr-nNZyE5uB8vjhw996GW531AtQ4odcQtNz7bXqgasWf-VaFLjKVP55P9uOXUITm1HD19l0vCONDYXubFOLcBD3YAFMSwJP1kdlir_iUrRJ9ItT5lEIJg9ygxdVt1ErEZ8mLbELCtYr2Eq4IxPJoZ1Hq11XMCCMLOISDLiJsuVuf0P0ThuMJodjQGds9n0YdGzAuknus-EJtK-jI3FiOl7WO0SR_kuk0KFadYlUwg6WqQE-pYct5ddt76cAmPq96KiiRpUCAQSTgDICaaNFpV-kX6L0SgU0YpjZU_VPIpX4whB9BimgCGjXOi_zXnt0xDqobn8XHZPGgevAyIIztxK6iYjZtogCBqkWYKAGDQvD1kBTd45BxgBYAE&cry=1&bundleId=&ias_dspID=3&ias_campId=1013045261&ias_pubId=pub-8989054117704044&ias_chanId=1&ias_placementId=20263834769&bidurl=https://www.centfile.com/phe4kr438gs9&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hC2rsy-mqy7ZmpXZgMM0S6&adsafe_url=https%3A%2F%2Fwww.centfile.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.centfile.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-8989054117704044%26output%3Dhtml%26h%3D280%26slotname%3D4529459148%26adk%3D4201992133%26adf%3D3485233052%26pi%3Dt.ma~as.4529459148%26w%3D336%26lmt%3D1700726954%26format%3D336x280%26url%3Dhttps%253A%252F%252Fwww.centfile.com%252Fphe4kr438gs9%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1700726953608%26bpp%3D1%26bdt%3D1149%26idt%3D551%26shv%3Dr20231109%26mjsv%3Dm202311140101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D336x280%26correlator%3D2114039432253%26frm%3D20%26pv%3D1%26ga_vid%3D1330707109.1700726954%26ga_sid%3D1700726954%26ga_hid%3D533254029%26ga_fc%3D0%26u_tz%3D480%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1042%26ady%3D625%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C31079265%252C44809003%252C31078301%252C31079699%252C44807763%252C44808149%252C44808285%252C44809057%26oid%3D2%26pvsid%3D164840300249874%26tmod%3D1702033654%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D2%26uci%3Da!2%26fsb%3D1%26dtd%3D554&adsafe_type=bed&adsafe_jsinfo=,id:f213401f-912b-498c-ed1a-1d421c200017,c:uO7mfb,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-8575fb65d6-4qbtg,rg:au,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:tWq0Z2d+11%7C121%7C131*.1525488-72168018%7C1311%7C141%7C151%7C16%7C17%7C18,idMap:131*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:17,oid:97c15d8e-89d7-11ee-94d7-d6a740cced44,v:19.8.461,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.166.43.136 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-166-43-136.us-west-2.compute.amazonaws.com
Software: AMO-jAds/1.1 /
Resource Hash: 369d0f36fac04c23ca6859df2b12d4de4bd63ba90846981eb8cab6006f977c3e

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 08:09:16 GMT
server: AMO-jAds/1.1
p3p: NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT
content-type: text/javascript;charset=UTF-8
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 6663
expires: Thu Nov 23 08:09:16 UTC 2023

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame AB33 31 KB
12 KB 3ms
3ms Script
text/javascript 172.217.24.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite.js

Requested by

Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rfw/bgd/1525488/72168018/xbbe/creative/adj?p=APEucNUEO23E16aAHkqqIoch7OXRw4BqxqO3MTsnUVG_acVcqcceJA0&d=CokBAKAmf-AS320dZ9UZ0u5hPtwLeTID7huEd0zyM3nT1YZzEXLEH33OhQdTL21EyeTrBPcKFSN5NkSDJ9us9lbhWdviagtLWUONhLYxDC0MLDZ0CoovR3xpwCTBZAUNkhYK_0DM3VDhXkVV5BN2ZIq60GyXtPOrnkNU2QxQmBd4ghY8AjrZkBRnBNQSyRQAoCZ_4CwLHkkYja9yPylN1rbb-G0qLAyWUwkjA4_5-CPfW0X4lz_F2KSCOeU7gcafK2lqNxV_boU6KLCFueuoneYt_4CbuT65re3KokabAhy1bEefVvkLjUu1UnSC3YLgun3hyNzOYcBMqOPEiB-RPlmbzzBr-2KgkE2GEcFxMfjfzGl7lfRnZMnMhLuXyYsqXhlmPLYjdjE-7BOtjslbkPD4rIW2kklPwc9283ss50rUH_P8R3YFcCq9wIPtqNYz2-Zio1zvWqeF9eUh4ErQre5x2ZcOAeMCSQ8gYa--zgNHflyKVYWvcX37sdZl8KSBthKasJ2zUnhOzJOOrswcM0ZlolEsCkNPnPTgHoUxsuujiogu0M8vfHxBLWUzT2jdE3kPX8tVeVXa2T80Wo5NrW4foNvf4_Jx7bKKMGNfKqZtZwDRlfL_X5NCcPQzSVLXuWG4-_5NFcvCmrSaYWPqnREc4vRQB_H2_UIt-ntsPdI1SIQO_YbIGmdNFndTYzlIzFruTD0cGbXmS-dxCkYcKHpd4ERSaTvlq6JxUsvEvikXTVUgjzDD569BEIXzPpTB93xdr8MUfUB7-jPYb1kaEALUmTn6JtPOamWyHKoYC_HRML6GHp4MkY4VIyCzwvY0XaHano6DS84FJlmMx48CaXesIKgO7I_o8JKITF8f5ZH0zHFhXsH0tmS7Ehr5QjZQd8vpLz-A9F0ONSgWyNPCCkYHa7PTtnoavEEMe3fJT5kaUkCKOEl6XSxCH_dJXqIKruRIr3nVMMDggOUoSFaxfSCc4Qcf4uCUHgJPcNJWSs5yAOEg7vESJI9WwsTq6KFsqP6LdDX2YMqz0hKlk-s5trizxhZZjsYofCtPUj3y9nJOD3jEp-4HYAJikDdxp5NLPmRear1EbppwdmLtGB5Y6TMWwS5mdgn_tiGQ0gB_kt3Zb6RKArw-tQqjCBRyWsOQDkrAWXG5jcuwPtEkFcFHnhUIBPMKqGa9VoFnugckkHpodxg_j6sVRsHMMLxCikk1hNfkERhgNCtsKc3Q_Y4OyoueR3MPDdv0c9TbIK9URnFOcVIu9I676QfgRvwKj0A3YDVNhMZQ1PH5pegKO8faWIl7V8sDpRn3Dih5A5u34U4OyedadP9IgC2xyKp9m-3UaDdhQZFuBUYXBCix9SxxsR-MH-pqpwFPfM2bHIajT3poeip7Cr9qnzfrjf_a6dcsyLAjN87AJDVO28okZX5xs1KJaqCAV2SI8WVhH9icpYcik_USeusvV4WWGPnLzv8bN_yzmztXwdfyhVUjJjqWsqUmK7M0U5oDzmhyLIE42c2DaZQRNl1zS2IR3uSjrtGS7FtNfSal2YGSffDsVyw9dSmhpdZpKuE94Libd9-x-1LNjlZWaeSbybIljcbyif1zRim7jrHKUk8cuWx-BoyZLckES21WI2dtQ5qdpmflpOBBm68bj6rKSAy0ozZWPw9nq3sc1VbzRStBcfQe0HJlPVPwMuWSV7gP6pz4mx8SABAVWi91DG0QKHFtyqXMWkTUEcf4uK4cqWIXBGlf97liMIh5jJLqA8o5qzsnudoaX6bm2isX3IypxijqihDcYFXWBAidbuJghK5siGUheLbUqaMMRV-1A9LEHKVLyZQ3Ynr8NGJmAg-nWFQOAYKgpJ1V8dFlrnASYZTaSZhvAWUQABanXyNmGr2P1Imt4GKc8_qx6CRY5v77EvyfSBf7U3ZJMWeTNuDZYBnjvoaSFQW4TGGAfEhVelPllNFLJeRgvRFzCU4XZESV4zHxN6L3xLGyxSBJEneDtGtpWQUvR6VYtfIUnmUlZ5d3Ypg3kqXJEfBDuMwlXQeUJ4PJM72mIdU9OIYMXhFUe_W240TsnAwkKqL1ciihnXkV-mT95P3w7IY3hhFdQWzNrxOqcLl2DUhEZLLMyyiGS2aXzC4d8D4HAkRlLojSpAjYAn8YQfxualBQcDOKiUANrup6Hl_Gdj6-GBzeTDBsU4JAnXCZ09VI7rhma8UzeSwhWMynWOveZlC1IhGkT67zqd3x2X8wI85T1jiJecTq4a4SUBcU7balwo88uWgA2pSCcwNJGMWuo3IL79t61i38JHWw_u6xid1EkqTeGSU52yXIUo7IW9RNlWmCngS6GCFNube97YsAge5s1ozYDfOZ0aGNNk3wTPGCeFZEj43Adg4Y0y2Hnw380dvyvdzDF929PGMnkfkS1Nh_SUEwxnpfx1riCrCWKN-K5mdxoMbloZQ4r0q3Y7LAHt2Lb1j0fpEqVjZxu3D81hPiABwTOSUL4JyTrYLA8bjwQxMF6XI6ekSmco1YbmmWcgOs3xw4pSTyKOmjd9l-LSWYbILvjXHzJLn-59xsW8agBxveFy2oFWnozOpCIGdYZV5MvRL894epcOvBhgYeU0c-VvLaExoTbsVf5BeJz3dyeWenahhiVn9T19geFFR9vHcJVM_n-C1F0dsbAhFkaX1DG7DkRl6CHx9kxqY0Z2pNUZOppxFMEaMb-UVZjftfOICFuOyQuHR3C0xoQMF9HMOBEA58yNBtiP-Orbyv2kUHhR6MfKlutbdBlq9GTxUbwxXcmZcixwerOFILJWWHdwAIauzOP6Rydvx8EMUbkVYoAgJgVo7UDAbgY8pOkfS4tk3ZP1fNQl9EnkjymjR4_wKC-qhwH5HvLxj2qC_1kUYEOMfZyWV2AqhjRwTG07c-z7LOb_hseBO11ScH_3uuHlboVfAGq3XaAR5nVXKcRUCGFtP4wpXpW2XPsmg1Vg9slCR4co5UH3yPRbkhatBYLJ1knhIMHEXmT9Y9L6ggDFKWcNKxwomBOScoijAuzsaAT0y-n5Ak-ap6-DlKQMNJUYbc6sHM2is3VjxP1SKF6r5RfSzNodTbPOD0TRo-717f5gRdyvndImJLk2UQzXYSveZX8kIqdwd-vGdWJq34NImWAK1hMGZXzON8f7cAKAEaYul921PQX9ywBStFxUFj41szh7nZqMGY4zxTHx7EXbhLFwDd_XqVBR_eoJB58DcKil6Ym9YpH4omduSitRHVcaEw2cbFimzdctIA1FYhITaBRkf9Yl1XRty7bHjRzubkHMi1hL844U_naqeinE2vRxM-s_qgp1Bg-EufKXZ5NUM89vdjH3WN1VeN0y4OPSFlcJsK3dQG___SOgt4298-D59y76-juK0_p9OSMwXObq2bT05W6a61ZVOlj5jeGgTrQF1QyGJZHL6S5Rdc3d5joqzQhdndSZFr-nNZyE5uB8vjhw996GW531AtQ4odcQtNz7bXqgasWf-VaFLjKVP55P9uOXUITm1HD19l0vCONDYXubFOLcBD3YAFMSwJP1kdlir_iUrRJ9ItT5lEIJg9ygxdVt1ErEZ8mLbELCtYr2Eq4IxPJoZ1Hq11XMCCMLOISDLiJsuVuf0P0ThuMJodjQGds9n0YdGzAuknus-EJtK-jI3FiOl7WO0SR_kuk0KFadYlUwg6WqQE-pYct5ddt76cAmPq96KiiRpUCAQSTgDICaaNFpV-kX6L0SgU0YpjZU_VPIpX4whB9BimgCGjXOi_zXnt0xDqobn8XHZPGgevAyIIztxK6iYjZtogCBqkWYKAGDQvD1kBTd45BxgBYAE&cry=1&bundleId=&ias_dspID=3&ias_campId=1013045261&ias_pubId=pub-8989054117704044&ias_chanId=1&ias_placementId=20263834769&bidurl=https://www.centfile.com/phe4kr438gs9&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0hC2rsy-mqy7ZmpXZgMM0S6&adsafe_url=https%3A%2F%2Fwww.centfile.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.centfile.com%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-8989054117704044%26output%3Dhtml%26h%3D280%26slotname%3D4529459148%26adk%3D4201992133%26adf%3D3485233052%26pi%3Dt.ma~as.4529459148%26w%3D336%26lmt%3D1700726954%26format%3D336x280%26url%3Dhttps%253A%252F%252Fwww.centfile.com%252Fphe4kr438gs9%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1700726953608%26bpp%3D1%26bdt%3D1149%26idt%3D551%26shv%3Dr20231109%26mjsv%3Dm202311140101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D336x280%26correlator%3D2114039432253%26frm%3D20%26pv%3D1%26ga_vid%3D1330707109.1700726954%26ga_sid%3D1700726954%26ga_hid%3D533254029%26ga_fc%3D0%26u_tz%3D480%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1042%26ady%3D625%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C31079265%252C44809003%252C31078301%252C31079699%252C44807763%252C44808149%252C44808285%252C44809057%26oid%3D2%26pvsid%3D164840300249874%26tmod%3D1702033654%26uas%3D0%26nvt%3D1%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D2%26uci%3Da!2%26fsb%3D1%26dtd%3D554&adsafe_type=bed&adsafe_jsinfo=,id:f213401f-912b-498c-ed1a-1d421c200017,c:uO7mfb,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-8575fb65d6-4qbtg,rg:au,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:3,mot:0,app:0,maw:0,fm:tWq0Z2d+11%7C121%7C131*.1525488-72168018%7C1311%7C141%7C151%7C16%7C17%7C18,idMap:131*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,tt:rjss,et:17,oid:97c15d8e-89d7-11ee-94d7-d6a740cced44,v:19.8.461,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f34.1e100.net

Software

cafe /

Resource Hash

610d24f5996131b3ab98f18e05441cc246aa8674c3842df0df2b40b57ac9fd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 21:47:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37289
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11874
x-xss-protection: 0
server: cafe
etag: 3876053170955424897
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Dec 2023 21:47:47 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame AB33 11 KB
4 KB 4ms
3ms Script
text/javascript 172.217.24.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f34.1e100.net

Software

cafe /

Resource Hash

47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 16:23:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56741
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4206
x-xss-protection: 0
server: cafe
etag: 17947678125179771625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Dec 2023 16:23:35 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame AB33 0
0 244ms
142ms Fetch
image/gif 172.217.167.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvaULIqzftgNrcdQIiGtDxWsSZJE5D8u2McIsGRUr4ZqMhcvNwPGxlVQHG0aZKK-NCtUPjBuE6VA6w3riuNyvThRfM4CqHGvGYoJLMc2hw415p76MS4dpw6hRBNTRrONtsZETo8TZnBICc5P0lVnrM-NyDMKak5PF1skQOa&sai=AMfl-YS4x-iA-CPnHUje5HnkRLX_nkdt91TZFUSHLIlFtW0gBFX2aclEABaI6yQFTeGMkCKoRy12EI7jLWJ_QR77L0lUkUMVOvzVDJS9Ipf0c5Vg0R66735zZIvyxrXRMA&sig=Cg0ArKJSzMcmna2vCx-1EAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231109.30334&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:09:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6900
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
168 B

137ms
136ms

Document
text/html

142.250.71.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.71.66 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s17-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 08:09:16 GMT
expires: Thu, 23 Nov 2023 08:09:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 08:09:16 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js Show response
pagead2.googlesyndication.com/bg/ Frame 06D1 39 KB
15 KB 3ms
2ms Script
text/javascript 172.217.24.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?hello=world&fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f34.1e100.net

Software

sffe /

Resource Hash

ea1ece673616b82840316d3236fc1a02a37f6eb1fcf653812c7117a3c11b315a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Fri, 17 Nov 2023 03:40:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 534547
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15097
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 16 Nov 2024 03:40:09 GMT

POST
H2 200 c
trace.mediago.io/ju/log/ Frame 657A 0
39 B 186ms
185ms Ping
text/html 35.208.249.213
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://trace.mediago.io/ju/log/c?tn=41b6e88a2b85b0e731ef8e73e5558712&trackingid=af8a2a5d1a0f50521c0e8e49baaf634b&mguid=&app=vimpLog&ext={%22name%22:%22REAL_VIMP%22,%22vimp_elapsed_time%22:1061,%22time%22:1700726956291,%22intersectCount%22:1,%22intersectErrCount%22:0}
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8989054117704044&output=html&h=280&slotname=9641227168&adk=1086079764&adf=1972238307&pi=t.ma~as.9641227168&w=336&lmt=1700726954&format=336x280&url=https%3A%2F%2Fwww.centfile.com%2Fphe4kr438gs9&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700726953605&bpp=3&bdt=1145&idt=533&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&correlator=2114039432253&frm=20&pv=2&ga_vid=1330707109.1700726954&ga_sid=1700726954&ga_hid=533254029&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=282&ady=635&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C44809003%2C31078301%2C31079699%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=164840300249874&tmod=1702033654&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=546
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.208.249.213 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 213.249.208.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:09:16 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=utf-8

GET
H2 204 ic
trace.popin.cc/ju/ Frame 657A 0
120 B 106ms
106ms Image
text/html 35.213.89.133
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trace.popin.cc/ju/ic?tn=41b6e88a2b85b0e731ef8e73e5558712&trackingid=af8a2a5d1a0f50521c0e8e49baaf634b&acid=25857&data=H-vEraLWP-B5Ytywn9Jcdo6Ga0yA3_59XWLrOETfh-h4vkXdGQv6Ukuj24hWftNtQqDxWUKio3ayoa53G3q7yPOdy9smv_UmaDihgE1Gk07dD-h43YSzlQk6uvXNrXIhkH3kp1q2HoB-51nPcfOWOJv2pZMGzUOa4WKkRcYFJCxWMmMw9whDkSfGuXVQuP6FeFEeG2XlQa3-EsRAqNcIpxrPjv3YW6kFPC01nm2X0MAgQIdUS1OZKx1M74N7qqGouM2G6l8D5rSBHYCc7CWeTmtMiTdA3TMrCuym9n3_D6OQWuVl1DLbdNkuXhcYhskgFlRXKtYZwOYSZVj-YsfgpS8WwD6fXSbgCf0FekgStUSwexyVVuJHFSyd7d9yS16nlBXUtJaFosH-er5eRx27-gA3by3qirxT49W_MP9roAPn_R_6PMJepL2emQVGmvua8Iq0L53Qoj0V8B2pTmALcpS_MRN2ZN7PS_ADH9nXX9Gp6KLdI33eS5XgAK4FpvqfQDbR9om05cNVsS3UtkG9ypksyhwtke-ffz88DZrh2Nlcl167t71MuMUtrMecbHMug5hQRB2i_Ewh9OBySkh7qiTSYvuMwCel10WdCCMSwIR0459d3Xo32zZ5Cdzm71d9HkmbZUdUxq4rHgK1Y-w5-W-FdHRCHEuRaCBcmM-_Ah6n5Hf_CUF_RelvZ-wMYfmA5qnYfDaLDbF6ZX_C2EyiGbO81xBHZHLEcqw5LpgaPc5Lq_jA_IqzhL_Niyc_xj3alTGVBerFyDbTZnXZt6aMGDVbKXqk2scCZtDHYIwV2BEaccJI039ggwB0DqBNsP2ZjEYO5RWbR8tqL2hXbjTcv7yDjGfmCh4sS_We9IQD9reIPwnLAhI7HcF9TXJgUO8UiOritjIKHo7XK2oHhN9yGBOQMBSvY67uP7_CPRAjycvXb6IcZ85VMLGFUBlrJfsgk9yzBLlx--qlI7mwWTt0Ps5vZi433nRPIRBs8Pfw3Vz18SCB7t9CyhZW1HZsykKqJvX5SraiTaa_FVA7FeqcSn0Tvz-6n1yZJMMamu0iAnU&uid=mid_a57ff655b812746670da5407deb5c73b&mguid=&ap={AUCTION_PRICE}&tid=72
Requested by: Host: www.centfile.com
URL: https://www.centfile.com/phe4kr438gs9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.213.89.133 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS: 133.89.213.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:09:16 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=utf-8

POST
H2 200 c
trace.mediago.io/ju/log/ Frame C6E1 0
39 B 186ms
185ms Ping
text/html 35.208.249.213
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://trace.mediago.io/ju/log/c?tn=41b6e88a2b85b0e731ef8e73e5558712&trackingid=60567d084d6e14f8fb09a3f8ce23b3e8&mguid=&app=vimpLog&ext={%22name%22:%22REAL_VIMP%22,%22vimp_elapsed_time%22:1051,%22time%22:1700726956292,%22intersectCount%22:1,%22intersectErrCount%22:0}
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8989054117704044&output=html&h=280&slotname=9207920698&adk=1314418388&adf=1883971444&pi=t.ma~as.9207920698&w=336&lmt=1700726954&format=336x280&url=https%3A%2F%2Fwww.centfile.com%2Fphe4kr438gs9&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700726953609&bpp=1&bdt=1149&idt=555&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280&correlator=2114039432253&frm=20&pv=1&ga_vid=1330707109.1700726954&ga_sid=1700726954&ga_hid=533254029&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=640&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C44809003%2C31078301%2C31079699%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=164840300249874&tmod=1702033654&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=559
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.208.249.213 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 213.249.208.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:09:16 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=utf-8

GET
H2 204 ic
trace.popin.cc/ju/ Frame C6E1 0
120 B 107ms
106ms Image
text/html 35.213.89.133
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trace.popin.cc/ju/ic?tn=41b6e88a2b85b0e731ef8e73e5558712&trackingid=60567d084d6e14f8fb09a3f8ce23b3e8&acid=24693&data=NFlAaJm2lAdaaNAXCp3hVtvQJBpgcRN2Xw04qmUgQx5a09hPUq1n-ScwGnKpZ4pSLQchBsgc7w-qzcuTaa_d_qXtAdeLEjDsacp3OgMVnQQeBk3IvuAz56xdb2HsN1mC4jnXeCJaBRT9VaQrnI-AbKjJreAy540vdSpM7504C55QZEHWLoMq6-GjMhpYgyE1-G-aXgrP1Klx-AbqZuoAv7T8hK9R2TixCpbgjG7mi1TQELv4VWAbLMijDNyoNFPDaO1RNosNcFBP1zgNpZz79qLYoswsk7lblnf_sM5fqfZTiENW24CGh8sCHUFsLVS8zRiNl1lWlE5pfE-cr0JNwsHicJXGkuitZxvzKFojkEHnw0phsYcIKS-ZIusRiOEjmXbhlSQbbjYLNzJk_icmNd2I2WDepKnxT3NaqWvPR0q9V0LmS7vdWqPpZ5x6tgJgmgnIJx0nVfyu9YFedUWSsxomkbxQJewHmsl9dfIWN7q0wpk8TZ-qC7r1P-9rnCS-QI-GXg1HHwS8HS7WrCb3bhkYzlgfdzmU-hhlxsWfdpRyRjotXGRjc3Oh0VPhQzFr7dIn9WEjQ3C8WxQJWpXhcJuCg0XCO3sDndbC_5hnAweyGYJUZB8Shfq-F4dvhJXEZtvV_MoA4afrqvVmsznMU1dtH6YyODhhykwUdLxCw9MnOc3uuPm19AjzzBKH71djFhsb3mO0HgU4YAz2qC5sFvg3MvGC38UiO9sH_zPhj_4kn4O3iFWwnvsEpd3riieYO-3WXEqy4EHVR--n9_7ljAt8-DnTiCa2ojG0r03DZJMvImoJ7bXKxsfhCauyb9DhbGROtcjoipMjiLtlK15cmneUYAhfsxJCvYEWms5C3uB2k9sgqFfn1CTqn2xkRfwjVTohGsPNz6bjFfiJkj51VlXRqzH-m6L9_u3m5eaDsp2KT8airFFOpFhzRRyV6ihD3TEHA2BuLjSYm5YLMJagj6280wQj9Dagqg0ydQve4WNw2JWXwneXdJiwtnuBUBN5LDJYIQY3t87FDrIc0UGd1a_Cj-unQHZdjZjh97tBMBQ&uid=mid_a57ff655b812746670da5407deb5c73b&mguid=&ap={AUCTION_PRICE}&tid=72
Requested by: Host: www.centfile.com
URL: https://www.centfile.com/phe4kr438gs9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.213.89.133 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS: 133.89.213.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:09:16 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=utf-8

POST
H2 200 c
trace.mediago.io/ju/log/ Frame D1BC 0
39 B 185ms
185ms Ping
text/html 35.208.249.213
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://trace.mediago.io/ju/log/c?tn=41b6e88a2b85b0e731ef8e73e5558712&trackingid=76b89394f0e2319f58f924a3fc3f9c33&mguid=&app=vimpLog&ext={%22name%22:%22REAL_VIMP%22,%22vimp_elapsed_time%22:1039,%22time%22:1700726956418,%22intersectCount%22:1,%22intersectErrCount%22:0}
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8989054117704044&output=html&h=280&slotname=9207920698&adk=1314418388&adf=2280487119&pi=t.ma~as.9207920698&w=336&lmt=1700726954&format=336x280&url=https%3A%2F%2Fwww.centfile.com%2Fphe4kr438gs9&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700726953610&bpp=1&bdt=1151&idt=559&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280%2C336x280&correlator=2114039432253&frm=20&pv=1&ga_vid=1330707109.1700726954&ga_sid=1700726954&ga_hid=533254029&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=920&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C44809003%2C31078301%2C31079699%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=164840300249874&tmod=1702033654&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=562
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.208.249.213 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 213.249.208.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:09:16 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=utf-8

GET
H2 204 ic
trace.popin.cc/ju/ Frame D1BC 0
120 B 105ms
105ms Image
text/html 35.213.89.133
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trace.popin.cc/ju/ic?tn=41b6e88a2b85b0e731ef8e73e5558712&trackingid=76b89394f0e2319f58f924a3fc3f9c33&acid=24693&data=9LyA3VbZmsyM4IN28aRnFPqwudJ9fd7ZJy0EfptNr6YLt5ydCYZwHNm8K6RArR22cEBiyiJx4PG34Cj0fzUCm8NbexM6fmqvQ2RF0e5B71PfxXiQdr--rntaYHUqyEpIh6Um57NvZu_h5n_rAipyz47Dzv6oqNxDH13f_MU57oRj_tbYLdWygEKr8plr9uNyLOXCoxiNaFcbo06sZely7hxZRTEOO-VkRTJtqE5n3bufwXaLnX3WxMKPYs2EIgCmB8kcsjMPQ5OCVXzlNAm1-CpQUS5slJTz4TKKs_7TW8RjzpG_WFjObunve8Loz1CW7SlNcSL4SZADpR9wYI_ePd6zJZaslMTuXMUX7vUP5bFUitQyG7mw1_9Tkeee4NgFT-ll2tRYSvM3qB45pJcHLwNQzbIuRy0mCqP_iZTJCoGkZc93hmZYT7NFrFEo0UW3TDJtJxIDKR243c3_aM2y7kZyTR3xa3MdiVNRpJe6c_Tw_VBzgxeg7I5zA2FdTwsaTbbwFo0wWIzndDAAiSGq-XCB6CYc16BVoX4JzbKWwJ_5T-HdDn9UuyzV8lQMuBr4lzPWOYRsmj-iITp2AfCcLqrnWfHRjjwq0CDCUp_2qEfuhOrYBB8nFNU_SAG_SuYz0jC72RM7O_SaKEnvpw2ycmlsb1Q5FgzPEQTjE-HXh8uoEXY8AI5T0OF6m1guGz4n_W-OpTLiNsc5ylPMFzf-Q0E7neQ5EnfEDYs3iQ5qP__SCpxtK9ti4oOlojxR9Kr9CHZPyM_idMgnwEMLbf-XeFO1y_lCB_8FSJxnma28FjbECMbYaIUIq4cWazu5UpXIH2MYf_iMgMgMIuHEuydeGdTY3qnh_1zEtG_rWVx5Eb3D2a_nUdHv-pddrQxt-W5yWzN2O_jWNQgvvl29geH1JV30lg0DAUxK4OKvp4sDpFfh0d3dA82KBy8tXaDFFgek4Lf3x0Nr1ZSSgcl0HkjsUsVBqx-fa0vltVtD0Au_4WKhBdhqzaWuehR9_iwPs_bQ&uid=mid_a57ff655b812746670da5407deb5c73b&mguid=&ap={AUCTION_PRICE}&tid=72
Requested by: Host: www.centfile.com
URL: https://www.centfile.com/phe4kr438gs9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.213.89.133 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS: 133.89.213.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:09:16 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=utf-8

GET
H2 200 dt
dt.adsafeprotected.com/ Frame AB33 43 B
215 B 189ms
189ms Image
image/gif 3.222.35.246
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1525488&asId=f213401f-912b-498c-ed1a-1d421c200017&tv=%7Bc:uO7mw6,pingTime:-10,time:1065,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtNDgwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE5LjAuNjA0NS4xNTkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1700726956614%7C%7C88152ee970d746622dd7d4c151d1a382%7C%7C1b7de7e82db1163ab7a1342e5def95a8%7C%7Cc3919064dec33060add5b1b8bb4512ac%7C%7C4187f109a794f8783a028fd2158ac4c4%7C%7C1bbbfcff4d9e29be69ae6ed60690247b%7C%7C3a87f7052e0537e27eb3f9f16a7441a5%7C%7Cfe127f41ad42c6916de288f944f3ba8c%7C%7C1663701684%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8989054117704044&output=html&h=280&slotname=4529459148&adk=4201992133&adf=3485233052&pi=t.ma~as.4529459148&w=336&lmt=1700726954&format=336x280&url=https%3A%2F%2Fwww.centfile.com%2Fphe4kr438gs9&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700726953608&bpp=1&bdt=1149&idt=551&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280&correlator=2114039432253&frm=20&pv=1&ga_vid=1330707109.1700726954&ga_sid=1700726954&ga_hid=533254029&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1042&ady=625&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C44809003%2C31078301%2C31079699%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=164840300249874&tmod=1702033654&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=554
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.222.35.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-222-35-246.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 08:09:16 GMT
server: nginx
x-server-name: dt09.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 657A 42 B
404 B 838ms
139ms Fetch
image/gif 172.217.24.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvQ-KjHk6dCJL6xAQ_tdE0egeTMlfXkJg04-jF2VBlzPpH2oiyq92YEHaLjrOBWyt35UK8bcM5Bw5GAJKl-jfz6a03ByA53u9n3y787dWLUsi2mz3L9YA&sig=Cg0ArKJSzI4zFQJcwSn3EAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1086079764&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700726955230&rpt=412&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f34.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 08:09:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C6E1 42 B
108 B 788ms
140ms Fetch
image/gif 172.217.24.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssi9HbMejws1SQFm0bbS1nYv0Jodr-JPMB3xkOrDf8RhK0_DtI8tbvoGPcR0Rvd-iG7pjJM3SFvvyKpzm6TjCXObvWp1EVIKiz7nr5PjAqDh10XRsKjJg&sig=Cg0ArKJSzGBn52ymMozyEAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1314418388&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700726955241&rpt=465&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f34.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 08:09:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4249 Show response
ads.everesttech.net/ads/mts/24650/ Frame AB33 11 KB
12 KB 157ms
156ms Script
text/javascript 35.166.43.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.everesttech.net/ads/mts/24650/4249?DFA_Click_Tracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvmqb1CpgOa6YasrW6TEgoBt3Q1PBPCEhq27Terr0gt6BiXCqiqXzhqqXWNzNZ44dvwAktcMrJ3jnK6floLRVkMbdmRlJK87R-Qs6Jf7WiwSgzSYmtBSKLXF66UY73PyaJgPqcWHCklDLfS1Di7eA9n5u_vKIZSBPMAsNXkkljh3LbVMbPMeQBwPPCd-iFU6imoqiF31ej80fwSIX-aNRgO9nnkgQlmNgqUo392kFaTVKwWK-zM3cdCz-hA9JkSat60oP8CKMPf9TRBm7XNJ6pHAeinz8k8-Xaj_6Iqt79fq-0GINIk8TAseQ-yaZVsZmI8X46tryFnF0qiktvxv4uAV1FzSN3vEI9aTqwXQJ7-UiA7An9lv9iof5T4D73dAi452VpKNbygMVoqhnDm5cSwvl8WCHvCkTF18iLT1nu-In_21z5FpcUo4Q0ze55ZjL8ZhIDJXySLKVd-5l0kI3PtXRRPV2X7nEPRCMd17u3aJP-23SVRULV8fGWNgyNh6juiwBxD-tpf2QMPWKz-QRVhjd6TVJZ56_VwFNZfsRjRz0Vuy6sewQLVAbUKLFhKdpCPlvDiuiq-7cgE05265yfdP31PVh6hiLXrDfazGSXtEhhsfNMQ2Xh6wke03V_vX5NajfySkgRepWrqHR4ukzcLsHSgtYNht3vI4sjPN6oSdd2PKld5-4QHnuk8RI9IgaF5d7bwKzBCWNVw8H2jkyWLrDCOhgWpQiUsjvgfFPomZk6L9sHDY6I0TJk2ZL6-2kWTZQNfEtPLMv2M0ZdclptVtU6uQ05250Bok6hvGdE_ee4qODisUzHZ3buxHdL7snjDJQnCU_YYR9tLIb4Wkv4wDejqOTNewFRhqY9wgFBedypbcfXOK54n-skSrp8sgPJNd3E4pWMFTGC0mik16YK7bjYBcRBtTbjIEGp1083dQgRO_zwKdaySIYgMZL_hs29vaBbf4VEYY0QeLtl4rxN1FkBocAnExG8041-Vv895xCzwIsc7yyc6em1fBw3Rr8FfWTciepm1iM8peCJXuqd2rowDn3z7mkt4xlnx3CIFpAamyM3qKGu1WQ7g8tmol8MfPAA8AlBixcDhqiZB6zi6d4Xy9ntgiYaqhkzox3Lt-eZ85SMoLrHxNhNID3shm8f3a0KxFw1Sm_bcBQh-oOBsvBAFWvVldEAA1_BEx0ibX83ZhpXriXp_WtYtlTL6C7CslJWvw_pb5ZfUS4H1aVdDbP7PDA5lGcrNJXSeJB5CtxX0P1ad5mEx1zT7vg1D41KjPsmWGVo%26sai%3DAMfl-YR0tjb9rd4PiQgCeATOzkheRXDBUqhbDoXpMLbdXwTJRtNIl67hUK4r1LIsINr_CxugkXgYHVxM1TOtZOuO2aYw9Y6SOWliAmf_LjpFHBJ-vhIRdN5JGnK9OTYctHUBmh-Df76n8AiwA47Eo4Uf9eIyd-f63t9cCdexs5w-8iXkhfBlZ8SQjUpuSVyEgfsi5KJR2S9s6mHPOBrUUDZnB4O4F4CDtByr0qTgoEYpDa8_cYXzyHh8xxAzBXnDcSLsciew8LGx_qWVNCe-0MUw8AkgiToFNDC1oddyjpDebwZ2ToJzbb8%26sig%3DCg0ArKJSzDdaO0Vj8HBtEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D&DFA_BuyId=30055738&DFA_PlacementId=369666594&DFA_AdId=560440423&DFA_CreativeId=168146449&DFA_SiteId=6958819&TC_1=cmm9ii6tdrx&TC_2=30055738&TC_3=369666594&TC_4=168146449&TC_5=dcmadvertiserid|8391437$dcmcampaignid|30055738$dcmadid|560440423$dcmrenderingid|168238155$dcmsiteid|6958819$dcmplacementid|369666594$customer|Microsoft$dv360auctionid|ct=AU&st=&city=0&dma=0&zp=&bw=4&DCM_PlacementID=369666594&edge=y&html5=y&nr=0.45475227792265893
Requested by: Host: ads.everesttech.net
URL: https://ads.everesttech.net/ads/mts/24650/4249?DFA_Click_Tracker=^(t_cq_ue_https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsvmqb1CpgOa6YasrW6TEgoBt3Q1PBPCEhq27Terr0gt6BiXCqiqXzhqqXWNzNZ44dvwAktcMrJ3jnK6floLRVkMbdmRlJK87R-Qs6Jf7WiwSgzSYmtBSKLXF66UY73PyaJgPqcWHCklDLfS1Di7eA9n5u_vKIZSBPMAsNXkkljh3LbVMbPMeQBwPPCd-iFU6imoqiF31ej80fwSIX-aNRgO9nnkgQlmNgqUo392kFaTVKwWK-zM3cdCz-hA9JkSat60oP8CKMPf9TRBm7XNJ6pHAeinz8k8-Xaj_6Iqt79fq-0GINIk8TAseQ-yaZVsZmI8X46tryFnF0qiktvxv4uAV1FzSN3vEI9aTqwXQJ7-UiA7An9lv9iof5T4D73dAi452VpKNbygMVoqhnDm5cSwvl8WCHvCkTF18iLT1nu-In_21z5FpcUo4Q0ze55ZjL8ZhIDJXySLKVd-5l0kI3PtXRRPV2X7nEPRCMd17u3aJP-23SVRULV8fGWNgyNh6juiwBxD-tpf2QMPWKz-QRVhjd6TVJZ56_VwFNZfsRjRz0Vuy6sewQLVAbUKLFhKdpCPlvDiuiq-7cgE05265yfdP31PVh6hiLXrDfazGSXtEhhsfNMQ2Xh6wke03V_vX5NajfySkgRepWrqHR4ukzcLsHSgtYNht3vI4sjPN6oSdd2PKld5-4QHnuk8RI9IgaF5d7bwKzBCWNVw8H2jkyWLrDCOhgWpQiUsjvgfFPomZk6L9sHDY6I0TJk2ZL6-2kWTZQNfEtPLMv2M0ZdclptVtU6uQ05250Bok6hvGdE_ee4qODisUzHZ3buxHdL7snjDJQnCU_YYR9tLIb4Wkv4wDejqOTNewFRhqY9wgFBedypbcfXOK54n-skSrp8sgPJNd3E4pWMFTGC0mik16YK7bjYBcRBtTbjIEGp1083dQgRO_zwKdaySIYgMZL_hs29vaBbf4VEYY0QeLtl4rxN1FkBocAnExG8041-Vv895xCzwIsc7yyc6em1fBw3Rr8FfWTciepm1iM8peCJXuqd2rowDn3z7mkt4xlnx3CIFpAamyM3qKGu1WQ7g8tmol8MfPAA8AlBixcDhqiZB6zi6d4Xy9ntgiYaqhkzox3Lt-eZ85SMoLrHxNhNID3shm8f3a0KxFw1Sm_bcBQh-oOBsvBAFWvVldEAA1_BEx0ibX83ZhpXriXp_WtYtlTL6C7CslJWvw_pb5ZfUS4H1aVdDbP7PDA5lGcrNJXSeJB5CtxX0P1ad5mEx1zT7vg1D41KjPsmWGVo&sai=AMfl-YR0tjb9rd4PiQgCeATOzkheRXDBUqhbDoXpMLbdXwTJRtNIl67hUK4r1LIsINr_CxugkXgYHVxM1TOtZOuO2aYw9Y6SOWliAmf_LjpFHBJ-vhIRdN5JGnK9OTYctHUBmh-Df76n8AiwA47Eo4Uf9eIyd-f63t9cCdexs5w-8iXkhfBlZ8SQjUpuSVyEgfsi5KJR2S9s6mHPOBrUUDZnB4O4F4CDtByr0qTgoEYpDa8_cYXzyHh8xxAzBXnDcSLsciew8LGx_qWVNCe-0MUw8AkgiToFNDC1oddyjpDebwZ2ToJzbb8&sig=Cg0ArKJSzDdaO0Vj8HBtEAE&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&adurl=_ue_cq)&DFA_BuyId=30055738&DFA_PlacementId=369666594&DFA_AdId=560440423&DFA_CreativeId=168146449&DFA_SiteId=6958819&TC_1=cmm9ii6tdrx&TC_2=30055738&TC_3=369666594&TC_4=168146449&TC_5=dcmadvertiserid|8391437$dcmcampaignid|30055738$dcmadid|560440423$dcmrenderingid|168238155$dcmsiteid|6958819$dcmplacementid|369666594$customer|Microsoft$dv360auctionid|ct=AU&st=&city=0&dma=0&zp=&bw=4&DCM_PlacementID=369666594
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.166.43.136 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-166-43-136.us-west-2.compute.amazonaws.com
Software: AMO-jAds/1.1 /
Resource Hash: babfbb25f1f542c850eb2a73e267f565ea3ac024623cf8031dbec7f255c144ae

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type: text/javascript;charset=utf-8
pragma: no-cache
date: Thu, 23 Nov 2023 08:09:16 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
server: AMO-jAds/1.1
expires: Thu Nov 23 08:09:16 UTC 2023

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D1BC 42 B
108 B 698ms
139ms Fetch
image/gif 172.217.24.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst2r-lbP5pq4Mjtj0L3NN-34uv3lvSp7L1mSX-FueQXCv5M8WZW2twHFmLh6Wx4IlVAhHr4PNYYvENcDFi1KvtMmtzV6y9tw1zeSKgUCj3o8hnJYu4Ipw&sig=Cg0ArKJSzDG8F_651DjLEAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1314418388&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700726955379&rpt=416&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f34.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 08:09:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK html5-ad-script_v4.html Show response
dco-assets.everestads.net/ics-campaign/static/dco/ Frame EFA0 16 KB
4 KB 53ms
2ms Document
text/html 23.38.135.194

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=ZV8IrAAAJ5zy0DmH
Requested by: Host: ads.everesttech.net
URL: https://ads.everesttech.net/ads/mts/24650/4249?DFA_Click_Tracker=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvmqb1CpgOa6YasrW6TEgoBt3Q1PBPCEhq27Terr0gt6BiXCqiqXzhqqXWNzNZ44dvwAktcMrJ3jnK6floLRVkMbdmRlJK87R-Qs6Jf7WiwSgzSYmtBSKLXF66UY73PyaJgPqcWHCklDLfS1Di7eA9n5u_vKIZSBPMAsNXkkljh3LbVMbPMeQBwPPCd-iFU6imoqiF31ej80fwSIX-aNRgO9nnkgQlmNgqUo392kFaTVKwWK-zM3cdCz-hA9JkSat60oP8CKMPf9TRBm7XNJ6pHAeinz8k8-Xaj_6Iqt79fq-0GINIk8TAseQ-yaZVsZmI8X46tryFnF0qiktvxv4uAV1FzSN3vEI9aTqwXQJ7-UiA7An9lv9iof5T4D73dAi452VpKNbygMVoqhnDm5cSwvl8WCHvCkTF18iLT1nu-In_21z5FpcUo4Q0ze55ZjL8ZhIDJXySLKVd-5l0kI3PtXRRPV2X7nEPRCMd17u3aJP-23SVRULV8fGWNgyNh6juiwBxD-tpf2QMPWKz-QRVhjd6TVJZ56_VwFNZfsRjRz0Vuy6sewQLVAbUKLFhKdpCPlvDiuiq-7cgE05265yfdP31PVh6hiLXrDfazGSXtEhhsfNMQ2Xh6wke03V_vX5NajfySkgRepWrqHR4ukzcLsHSgtYNht3vI4sjPN6oSdd2PKld5-4QHnuk8RI9IgaF5d7bwKzBCWNVw8H2jkyWLrDCOhgWpQiUsjvgfFPomZk6L9sHDY6I0TJk2ZL6-2kWTZQNfEtPLMv2M0ZdclptVtU6uQ05250Bok6hvGdE_ee4qODisUzHZ3buxHdL7snjDJQnCU_YYR9tLIb4Wkv4wDejqOTNewFRhqY9wgFBedypbcfXOK54n-skSrp8sgPJNd3E4pWMFTGC0mik16YK7bjYBcRBtTbjIEGp1083dQgRO_zwKdaySIYgMZL_hs29vaBbf4VEYY0QeLtl4rxN1FkBocAnExG8041-Vv895xCzwIsc7yyc6em1fBw3Rr8FfWTciepm1iM8peCJXuqd2rowDn3z7mkt4xlnx3CIFpAamyM3qKGu1WQ7g8tmol8MfPAA8AlBixcDhqiZB6zi6d4Xy9ntgiYaqhkzox3Lt-eZ85SMoLrHxNhNID3shm8f3a0KxFw1Sm_bcBQh-oOBsvBAFWvVldEAA1_BEx0ibX83ZhpXriXp_WtYtlTL6C7CslJWvw_pb5ZfUS4H1aVdDbP7PDA5lGcrNJXSeJB5CtxX0P1ad5mEx1zT7vg1D41KjPsmWGVo%26sai%3DAMfl-YR0tjb9rd4PiQgCeATOzkheRXDBUqhbDoXpMLbdXwTJRtNIl67hUK4r1LIsINr_CxugkXgYHVxM1TOtZOuO2aYw9Y6SOWliAmf_LjpFHBJ-vhIRdN5JGnK9OTYctHUBmh-Df76n8AiwA47Eo4Uf9eIyd-f63t9cCdexs5w-8iXkhfBlZ8SQjUpuSVyEgfsi5KJR2S9s6mHPOBrUUDZnB4O4F4CDtByr0qTgoEYpDa8_cYXzyHh8xxAzBXnDcSLsciew8LGx_qWVNCe-0MUw8AkgiToFNDC1oddyjpDebwZ2ToJzbb8%26sig%3DCg0ArKJSzDdaO0Vj8HBtEAE%26fbs_aeid%3D%255Bgw_fbsaeid%255D%26urlfix%3D1%26adurl%3D&DFA_BuyId=30055738&DFA_PlacementId=369666594&DFA_AdId=560440423&DFA_CreativeId=168146449&DFA_SiteId=6958819&TC_1=cmm9ii6tdrx&TC_2=30055738&TC_3=369666594&TC_4=168146449&TC_5=dcmadvertiserid|8391437$dcmcampaignid|30055738$dcmadid|560440423$dcmrenderingid|168238155$dcmsiteid|6958819$dcmplacementid|369666594$customer|Microsoft$dv360auctionid|ct=AU&st=&city=0&dma=0&zp=&bw=4&DCM_PlacementID=369666594&edge=y&html5=y&nr=0.45475227792265893
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.135.194 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 3bdf27a1124d341aa2b1880639ae305d9af0d84dd79d7e7f460794038ff75fbf

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 3934
Content-Type: text/html; charset=UTF-8
Date: Thu, 23 Nov 2023 08:09:17 GMT
ETag: "150315370-3fce-5e32201ac1000"
Expires: Thu, 23 Nov 2023 09:09:17 GMT
Last-Modified: Wed, 06 Jul 2022 12:21:20 GMT
Server: Apache
Vary: Accept-Encoding
X-Permitted-Cross-Domain-Policies: all

GET
DATA 200
OK truncated
/ Frame AB33 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4182f2f1bd3443d2f95cefb03c649e12cd10b361c6c48edbfd416cfe52cb96b

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK mraid.js Show response
dco-assets.everestads.net/ics-campaign/static/dco/ Frame EFA0 0
390 B 5ms
3ms Script
text/javascript 23.38.135.194

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign/static/dco/mraid.js
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=ZV8IrAAAJ5zy0DmH
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.135.194 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=ZV8IrAAAJ5zy0DmH
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 23 Nov 2023 08:09:17 GMT
Last-Modified: Wed, 06 Jul 2022 12:21:20 GMT
Server: Apache
X-Permitted-Cross-Domain-Policies: all
ETag: "150315371-0-5e32201ac1000"
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0
Expires: Thu, 23 Nov 2023 09:09:17 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame AB33 0
0 144ms
139ms Fetch
image/gif 172.217.167.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvaULIqzftgNrcdQIiGtDxWsSZJE5D8u2McIsGRUr4ZqMhcvNwPGxlVQHG0aZKK-NCtUPjBuE6VA6w3riuNyvThRfM4CqHGvGYoJLMc2hw415p76MS4dpw6hRBNTRrONtsZETo8TZnBICc5P0lVnrM-NyDMKak5PF1skQOa&sai=AMfl-YS4x-iA-CPnHUje5HnkRLX_nkdt91TZFUSHLIlFtW0gBFX2aclEABaI6yQFTeGMkCKoRy12EI7jLWJ_QR77L0lUkUMVOvzVDJS9Ipf0c5Vg0R66735zZIvyxrXRMA&sig=Cg0ArKJSzMcmna2vCx-1EAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1288&vt=11&dtpt=1287&dett=4&cstd=0&cisv=r20231109.30334&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.167.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s17-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:09:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2

200

/
www.facebook.com/login/ Frame 2C90
Redirect Chain

https://www.facebook.com/v2.11/plugins/page.php?adapt_container_width=false&app_id=1893386844309522&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%3D1893386844309522%26channel%3Dhttps%253A%252F%252Fstaticxx.faceboo...

0
0

255ms
254ms

Document
text/html

157.240.8.35

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%3D1893386844309522%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df1ce008b1104e6%2526domain%253Dwww.centfile.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.centfile.com%25252Ff325720aa36d354%2526relation%253Dparent.parent%26container_width%3D281%26height%3D72%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FCentFile%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dtrue%26tabs%3Dtimeline%26width%3D275

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=106f3a60826c71ef2c196b60bd1de747

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.8.35 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.centfile.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 23 Nov 2023 08:09:18 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
reporting-endpoints: default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: hC77QeB3+oQpwJrRS4CwvnEDPg+yubW229kaO3omIHjHGzRye7M5Uee3tWikklionr8ZXwtXTT/0gL6gGSmr7w==
x-frame-options: DENY
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 08:09:17 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v12.0
location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dfalse%26app_id%3D1893386844309522%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df1ce008b1104e6%2526domain%253Dwww.centfile.com%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fwww.centfile.com%25252Ff325720aa36d354%2526relation%253Dparent.parent%26container_width%3D281%26height%3D72%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FCentFile%252F%26locale%3Den_US%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dtrue%26tabs%3Dtimeline%26width%3D275
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), geolocation=(self), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), payment=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=()
pragma: no-cache
reporting-endpoints
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-fb-debug: gL7UToXaQIOOZmROZLyZlJ/cSm3SG+tuTt7viSBZB1r+jFuY9GuLZ9LIXPowe+Vdlhi5g5/EaDvxjrQbg9czkg==
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 438ms
138ms XHR
application/json 172.217.24.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/show_ads_impl_fy2021.js?bust=31079699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f34.1e100.net

Software

cafe /

Resource Hash

7053fff595cd5763817a4ab694bfc0792e25cf8f809f7f04c77277c872f40908

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.centfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:09:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12422
x-xss-protection: 0

GET
H/1.1 200
OK 300x250.html Show response
dco-assets.everestads.net/ics-campaign//5031/t/8979/13/ Frame 835C 14 KB
4 KB 3ms
2ms Document
text/html 23.38.135.194

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8979/13/300x250.html
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=ZV8IrAAAJ5zy0DmH
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.135.194 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 841c6bbbb5de52a2907e9b2a232a8a2fbe5043d8b770cf6ba57edeca063857a2

Request headers

Referer: https://dco-assets.everestads.net/ics-campaign/static/dco/html5-ad-script_v4.html?data=ZV8IrAAAJ5zy0DmH
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 3810
Content-Type: text/html; charset=UTF-8
Date: Thu, 23 Nov 2023 08:09:17 GMT
ETag: "1a95254f9-370d-60561f5f98140"
Expires: Thu, 23 Nov 2023 09:09:17 GMT
Last-Modified: Fri, 15 Sep 2023 08:55:57 GMT
Server: Apache
Vary: Accept-Encoding
X-Permitted-Cross-Domain-Policies: all

GET
H/1.1 200
OK style.min.css
dco-assets.everestads.net/ics-campaign//5031/t/8979/13/css/ Frame 835C 4 KB
5 KB 3ms
2ms Stylesheet
text/css 23.38.135.194

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8979/13/css/style.min.css
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8979/13/300x250.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.135.194 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 2bd128170f24b963f67f17e2a1312ae8371c44c3ecad64cedde585555f4d55ef

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/8979/13/300x250.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 23 Nov 2023 08:09:17 GMT
Last-Modified: Fri, 15 Sep 2023 08:55:57 GMT
Server: Apache
X-Permitted-Cross-Domain-Policies: all
ETag: "1a90bd26a-11d1-60561f5f98140"
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4561
Expires: Thu, 23 Nov 2023 09:09:17 GMT

GET
H2 200 AMOLibrary.js Show response
ads.everesttech.net/ads/static/local/ Frame 835C 5 KB
6 KB 150ms
149ms Script
application/javascript 35.166.43.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.everesttech.net/ads/static/local/AMOLibrary.js
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8979/13/300x250.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.166.43.136 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-166-43-136.us-west-2.compute.amazonaws.com
Software: AMO-jAds/1.1 /
Resource Hash: e66ad7a792dcaa684917803058147d54e110728a7cef76562e5bc5ca1388339e

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://dco-assets.everestads.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: cache
date: Thu, 23 Nov 2023 08:09:17 GMT
last-modified: Wed, 22 Dec 2021 09:29:42 GMT
server: AMO-jAds/1.1
etag: W/"5582-1640165382000"
content-type: application/javascript
cache-control: cache,store,max-age=86400
accept-ranges: bytes
content-length: 5582

GET
H2 200 gsap.min.js Show response
cdn.jsdelivr.net/npm/gsap@3.0.1/dist/ Frame 835C 54 KB
23 KB 774ms
152ms Script
application/javascript 151.101.1.229

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/gsap@3.0.1/dist/gsap.min.js

Requested by

Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8979/13/300x250.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.1.229 -, , ASN (),

Reverse DNS

Software

Resource Hash

8154aa9057e3367d9d3e4bb1f85db9645c01fc0690091aadc57dbae849ba3499

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://dco-assets.everestads.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 23 Nov 2023 08:09:18 GMT
x-content-type-options: nosniff
content-encoding: br
age: 3794741
x-jsd-version: 3.0.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23008
x-served-by: cache-fra-eddf8230095-FRA, cache-bfi-krnt7300081-BFI
x-jsd-version-type: version
etag: W/"d8fc-fe8VvabeDqL+WzK+waTDAMtuAsE"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK script.min.js Show response
dco-assets.everestads.net/ics-campaign//5031/t/8979/13/js/ Frame 835C 7 KB
8 KB 7ms
4ms Script
text/javascript 23.38.135.194

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8979/13/js/script.min.js
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8979/13/300x250.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.135.194 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 6ed03c02eec456fe89e228d6cdf45bf7088aa9402beaab5a2a1214a1aa35ce3c

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/8979/13/300x250.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 23 Nov 2023 08:09:17 GMT
Last-Modified: Fri, 15 Sep 2023 08:55:57 GMT
Server: Apache
X-Permitted-Cross-Domain-Policies: all
ETag: "1a95254fb-1cef-60561f5f98140"
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7407
Expires: Thu, 23 Nov 2023 09:09:17 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame AB33 43 B
215 B 189ms
189ms Image
image/gif 3.222.35.246
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1525488&asId=f213401f-912b-498c-ed1a-1d421c200017&tv=%7Bc:uO7mM9,time:2060,type:e,im:%7Bpci:%7Btdr:2008%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:0,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:2060,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:16,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B2054~0%5D,as:%5B2054~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:191,fm:tWq0Z2d+11%7C121%7C131*.1525488-72168018%7C1311%7C141%7C151%7C16%7C17%7C18,idMap:131*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:17,sis:469%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.222.35.246 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-222-35-246.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 08:09:17 GMT
server: nginx
x-server-name: dt19.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 152ms
152ms Script
text/javascript 172.217.24.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311140101/show_ads_impl_fy2021.js?bust=31079699

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s20-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.centfile.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:09:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 23 Nov 2023 08:09:17 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6AF1 13 KB
5 KB 4ms
2ms Document
text/html 172.217.24.33
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.33 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd15s20-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.centfile.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 22497
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 01:54:20 GMT
expires: Fri, 22 Nov 2024 01:54:20 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 19CF 829 B
998 B 103ms
101ms Document
text/html 142.250.66.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.66.196 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

syd09s23-in-f4.1e100.net

Software

GSE /

Resource Hash

15fff68fbbaf2433c4f6ee2683bdbc2ea4ab83a580d8b56ce7205b0ea5b0eb72

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lBmkG0e19z8zzpZvrRSszg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.centfile.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-lBmkG0e19z8zzpZvrRSszg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 23 Nov 2023 08:09:17 GMT
expires: Thu, 23 Nov 2023 08:09:17 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame 6AF1 39 KB
15 KB 2ms
2ms Script
text/javascript 172.217.24.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f34.1e100.net

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Wed, 22 Nov 2023 06:17:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 93100
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 21 Nov 2024 06:17:37 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AB33 42 B
108 B 142ms
142ms Fetch
image/gif 172.217.24.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssx_5gn6KPp0Xw8Fs00w3LhEltopCxKTeEVRe2q8GehWDZ-cmVmg4S-ITQ2d7wOAa6UKQrLM9G5Gv2ynl0ML5yos0ZQdplJqx4b9N36Lopgj6Ur56rE9ffMHW1yBeGO-yA9iG8YFYrHUg&sai=AMfl-YRFRLD9OBbYPEGkc47sK73r-rCOfCN4ePn_vUz9MqBHo58Oe3XH_EI7zZo_tdO0m1I0Za-7-DTgN2kDpOMPze-80q9vBm_3DoibVwTX8_3aDjdzIB5kdb_Rod7iGiUtGngM6m_7shH9MYhqPEsX&sig=Cg0ArKJSzBGHcIi91oyLEAE&cid=CAQSTgDICaaNFpV-kX6L0SgU0YpjZU_VPIpX4whB9BimgCGjXOi_zXnt0xDqobn8XHZPGgevAyIIztxK6iYjZtogCBqkWYKAGDQvD1kBTd45BxgB&id=lidar2&mcvt=1003&p=0,0,250,300&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4201992133&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700726955187&rpt=1786&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f34.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 08:09:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame 6AF1 0
40 B 2ms
1ms Image
text/plain 172.217.24.33
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?oNC3eQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.24.33 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: syd15s20-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:09:18 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 19CF 0
0 138ms
137ms Image
text/html 172.217.24.34
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=164840300249874&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.217.24.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: hkg07s23-in-f34.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H/1.1 200
OK SegoePro-Semibold.woff
dco-assets.everestads.net/ics-campaign//5031/t/8979/13/fonts/ Frame 835C 29 KB
30 KB 10ms
9ms Font
application/octet-stream 23.38.135.194

General

Check archive.org

Show headers Download Go to

Full URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8979/13/fonts/SegoePro-Semibold.woff
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8979/13/300x250.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.135.194 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: dba5db65eacdd32e82b077fce0282798e8a702ecbead9b1a1afc305c2fdba33c

Request headers

Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/8979/13/300x250.html
Origin: https://dco-assets.everestads.net
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 23 Nov 2023 08:09:18 GMT
Last-Modified: Fri, 15 Sep 2023 08:55:57 GMT
Server: Apache
X-Permitted-Cross-Domain-Policies: all
ETag: "1a95254fa-74a0-60561f5f98140"
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29856
Expires: Thu, 23 Nov 2023 09:09:18 GMT

GET
H/1.1 200
OK e51232cf9fc8dd7b4756cbe34f3be9cc.png
dco-assets.everestads.net/iCornerStore/rescaled-images/MICROSOFTSTORE/current/ Frame 835C 110 B
497 B 3ms
2ms Image
image/png 23.38.135.194

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dco-assets.everestads.net/iCornerStore/rescaled-images/MICROSOFTSTORE/current/e51232cf9fc8dd7b4756cbe34f3be9cc.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.135.194 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 6f064b11007507ecebb88b25c6b21a41e51189b079c5a30342c8dc8950019c0c

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/8979/13/300x250.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 23 Nov 2023 08:09:18 GMT
Last-Modified: Wed, 22 Nov 2023 14:09:18 GMT
Server: Apache
X-Permitted-Cross-Domain-Policies: all
ETag: "106564822-6e-60abe43d8e671"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 110
Expires: Thu, 23 Nov 2023 09:09:18 GMT

GET
H/1.1 200
OK fdb5a0a262004eb25a0c2d542be81930.png
dco-assets.everestads.net/iCornerStore/source-images/MICROSOFTSTORE/current/ Frame 835C 20 KB
21 KB 3ms
2ms Image
image/png 23.38.135.194

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dco-assets.everestads.net/iCornerStore/source-images/MICROSOFTSTORE/current/fdb5a0a262004eb25a0c2d542be81930.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.135.194 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 7d705bc0eb87c6773ad5545cf2e6feb3a9376945a6602f98503d59ad0beb9479

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/8979/13/300x250.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 23 Nov 2023 08:09:18 GMT
Last-Modified: Wed, 22 Nov 2023 14:09:23 GMT
Server: Apache
X-Permitted-Cross-Domain-Policies: all
ETag: "1525ea234-50f6-60abe441ce4d6"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20726
Expires: Thu, 23 Nov 2023 09:09:18 GMT

GET
H/1.1 200
OK 0b69673cabb63518958b2b9a171ff66d.png
dco-assets.everestads.net/iCornerStore/source-images/MICROSOFTSTORE/current/ Frame 835C 2 KB
2 KB 5ms
2ms Image
image/png 23.38.135.194

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dco-assets.everestads.net/iCornerStore/source-images/MICROSOFTSTORE/current/0b69673cabb63518958b2b9a171ff66d.png
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.135.194 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: e5822473962458d0280aa5c92e6c8da3c4a10cc76ea55bd3c06ab8bf64eb4bd7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/8979/13/300x250.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 23 Nov 2023 08:09:18 GMT
Last-Modified: Wed, 22 Nov 2023 14:09:46 GMT
Server: Apache
X-Permitted-Cross-Domain-Policies: all
ETag: "10573e08d-78f-60abe457e4d92"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1935
Expires: Thu, 23 Nov 2023 09:09:18 GMT

GET
H/1.1 200
OK fdb5a0a262004eb25a0c2d542be81930.png
dco-assets.everestads.net/iCornerStore/source-images/MICROSOFTSTORE/current/ Frame 835C 20 KB
21 KB 4ms
4ms Image
image/png 23.38.135.194

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dco-assets.everestads.net/iCornerStore/source-images/MICROSOFTSTORE/current/fdb5a0a262004eb25a0c2d542be81930.png
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8979/13/js/script.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.135.194 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: 7d705bc0eb87c6773ad5545cf2e6feb3a9376945a6602f98503d59ad0beb9479

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/8979/13/300x250.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 23 Nov 2023 08:09:18 GMT
Last-Modified: Wed, 22 Nov 2023 14:09:23 GMT
Server: Apache
X-Permitted-Cross-Domain-Policies: all
ETag: "1525ea234-50f6-60abe441ce4d6"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20726
Expires: Thu, 23 Nov 2023 09:09:18 GMT

GET
H/1.1 200
OK 0b69673cabb63518958b2b9a171ff66d.png
dco-assets.everestads.net/iCornerStore/source-images/MICROSOFTSTORE/current/ Frame 835C 2 KB
2 KB 3ms
3ms Image
image/png 23.38.135.194

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dco-assets.everestads.net/iCornerStore/source-images/MICROSOFTSTORE/current/0b69673cabb63518958b2b9a171ff66d.png
Requested by: Host: dco-assets.everestads.net
URL: https://dco-assets.everestads.net/ics-campaign//5031/t/8979/13/js/script.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.38.135.194 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: e5822473962458d0280aa5c92e6c8da3c4a10cc76ea55bd3c06ab8bf64eb4bd7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://dco-assets.everestads.net/ics-campaign//5031/t/8979/13/300x250.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Thu, 23 Nov 2023 08:09:18 GMT
Last-Modified: Wed, 22 Nov 2023 14:09:46 GMT
Server: Apache
X-Permitted-Cross-Domain-Policies: all
ETag: "10573e08d-78f-60abe457e4d92"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1935
Expires: Thu, 23 Nov 2023 09:09:18 GMT

GET
H2 204 imp
analyticspixel.microsoft.com/aid/ Frame 835C 0
673 B 137ms
120ms Image
text/plain 204.79.197.204

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticspixel.microsoft.com/aid/imp?dcoimpid=ZV8IrAAAJ5zy0DmH&dcmadvertiserid|8391437$dcmcampaignid|30055738$dcmadid|560440423$dcmrenderingid|168238155$dcmsiteid|6958819$dcmplacementid|369666594$customer|Microsoft$dv360auctionid|ct=AU
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.79.197.204 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://dco-assets.everestads.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 08:09:17 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A9D5DB667193414294621032B156130D Ref B: SYD03EDGE0821 Ref C: 2023-11-23T08:09:18Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 c
trace.mediago.io/ju/log/ Frame 657A 0
39 B 186ms
185ms Ping
text/html 35.208.249.213
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://trace.mediago.io/ju/log/c?tn=41b6e88a2b85b0e731ef8e73e5558712&trackingid=af8a2a5d1a0f50521c0e8e49baaf634b&mguid=&app=VIMP_DURA&ext={%22reportTime%22:2,%22curTime%22:1700726958292}
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8989054117704044&output=html&h=280&slotname=9641227168&adk=1086079764&adf=1972238307&pi=t.ma~as.9641227168&w=336&lmt=1700726954&format=336x280&url=https%3A%2F%2Fwww.centfile.com%2Fphe4kr438gs9&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700726953605&bpp=3&bdt=1145&idt=533&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&correlator=2114039432253&frm=20&pv=2&ga_vid=1330707109.1700726954&ga_sid=1700726954&ga_hid=533254029&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=282&ady=635&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C44809003%2C31078301%2C31079699%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=164840300249874&tmod=1702033654&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=546
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.208.249.213 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 213.249.208.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:09:18 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=utf-8

POST
H2 200 c
trace.mediago.io/ju/log/ Frame C6E1 0
39 B 186ms
186ms Ping
text/html 35.208.249.213
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://trace.mediago.io/ju/log/c?tn=41b6e88a2b85b0e731ef8e73e5558712&trackingid=60567d084d6e14f8fb09a3f8ce23b3e8&mguid=&app=VIMP_DURA&ext={%22reportTime%22:2,%22curTime%22:1700726958292}
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8989054117704044&output=html&h=280&slotname=9207920698&adk=1314418388&adf=1883971444&pi=t.ma~as.9207920698&w=336&lmt=1700726954&format=336x280&url=https%3A%2F%2Fwww.centfile.com%2Fphe4kr438gs9&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700726953609&bpp=1&bdt=1149&idt=555&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280&correlator=2114039432253&frm=20&pv=1&ga_vid=1330707109.1700726954&ga_sid=1700726954&ga_hid=533254029&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=640&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C44809003%2C31078301%2C31079699%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=164840300249874&tmod=1702033654&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=559
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.208.249.213 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 213.249.208.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:09:18 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=utf-8

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AB33 0
56 B 138ms
138ms Ping
image/gif 172.217.24.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2249745735706&version=m202309260101&ct=76&x=1&cor=7893185005139507000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.24.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

hkg07s23-in-f34.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Nov 2023 08:09:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 c
trace.mediago.io/ju/log/ Frame D1BC 0
39 B 185ms
185ms Ping
text/html 35.208.249.213
GOOGLE-2

General

Check archive.org

Show headers Download Go to

Full URL: https://trace.mediago.io/ju/log/c?tn=41b6e88a2b85b0e731ef8e73e5558712&trackingid=76b89394f0e2319f58f924a3fc3f9c33&mguid=&app=VIMP_DURA&ext={%22reportTime%22:2,%22curTime%22:1700726958418}
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8989054117704044&output=html&h=280&slotname=9207920698&adk=1314418388&adf=2280487119&pi=t.ma~as.9207920698&w=336&lmt=1700726954&format=336x280&url=https%3A%2F%2Fwww.centfile.com%2Fphe4kr438gs9&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700726953610&bpp=1&bdt=1151&idt=559&shv=r20231109&mjsv=m202311140101&ptt=9&saldr=aa&abxe=1&prev_fmts=336x280%2C336x280%2C336x280&correlator=2114039432253&frm=20&pv=1&ga_vid=1330707109.1700726954&ga_sid=1700726954&ga_hid=533254029&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=632&ady=920&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079265%2C44809003%2C31078301%2C31079699%2C44807763%2C44808149%2C44808285%2C44809057&oid=2&pvsid=164840300249874&tmod=1702033654&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfoeE%7C&abl=CF&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=562
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.208.249.213 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS: 213.249.208.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 23 Nov 2023 08:09:18 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=utf-8

GET sodar
pagead2.googlesyndication.com/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=164840300249874&bg=!0tGl0Z7NAAZxrfrxUa07ADQBe5WfOHSTU_CKariMxSnRkhWUXis6vyIMADDhy_t0wUVNR3SyhxPiZqneEe8CS7g5KELzAgAAAEZSAAAAA2gBBwoAeH96BK4ca8CKp2FZJoCTWYmsY8jDueL5igLiPXW8fw-89cYcVuu32OQz5y8PY5U01EIZJk_vmoDNRVQ7h_45h5rB8s4kVE130C1bMsLu-gG1jKGXoheNmXTg9kL6OwRrIA80W-1eR4M6_Wyp7ZLo-2kRCA6siZD1IpkCvopERQAUuUSRxMTSMb0bOMd1bcSKPWV_j7K68UvTvImNudQYo_6CUZ8b4AZD6Yg80TYjmdB-2AYrfDGX7JwQEPTi9cJ7lyKhvMEUlDXjokEVbQINQ2uOyg7tFjyDaEnpXLkYnj5rG41jTIq3b3aqrMhLV11NDlaboIM6uDz2V1bixVkujO5vW5rnGFPY-rUrb8Qvi6h_fm9pdDfKtVEF6WEZlOkj-hgoBZp3NFRGLNgMxo20nb7xyrga0x-GLWDXUAFHg_yV3u65hQZzX0z0Voz30YIQGjKixRjStiW5dKMirqBD4zf7ocySGHA_eUI3apJPk7aOCF-Jsw6T9mXnyvqXCH0IptWIKUHCF9jZgb19u6dNSS0KbDDSkp_NjGogHVtJgwgB9jyLt1bktOuneerYVUo7Z6Nkg1OEt2sfvrMCbXNuGkKakNScpZPhPzWNmf7WZEgS_p69VCk3aw34XgtrszVRMb5xPEYCG2Xt03rIJtgX9i8uVhSX_7nNTOE5uS747pwgKa8Ng37XpYrmyeyZIhJhct1YVF3pNQjaBg_kAmOSieF0Z4ygYcB3aW3nuaTANyPzTXJo4v5HM02Bnuwn5qlyDDovJSG0_jb4-itpIoDwSduCrkuhtKMrv4jOfo4iRFuH5BNAb3QMAl_VJxc5KetymbxCzCMLxnEt64savpgcW2jgtJvRh6r6xHARZtxq_uIfihhfit9JxQhJCEP5iuzYxHkCEdnru4S0fhxTMzTadNCjdfsK_45Eqa4-Rg2lfNAYBNtZHMR6hc7mH3jcoUR01RcMqaxceonppJd3Ct0KVPOPqdFL6ZbPmcfxurE-0iXnx6OuiWdiqX7uJ9wM-YI14bq8qIGT992cjLMXEA8kaxov_JCvw3U7T1BLA6zTfXemqH9uptn_YeS0kBRvse1o1WgiOxb5W7EPCQ

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.centfile.com/	1969-12-31 23:59:59	Name: lang Value: english
.doubleclick.net/	1970-01-21 02:01:26	Name: IDE Value: AHWqTUlqCNI3UkpNO7KlimLRX8hIzsCiM24iDX6gSrTmSADQ-nuthmpexZmabUfH
.doubleclick.net/	1970-01-20 16:25:27	Name: test_cookie Value: CheckForPermission
.casalemedia.com/	1970-01-21 01:11:02	Name: CMID Value: ZV8IqxgEiAzYkjtjTxZ7IwAA
.casalemedia.com/	1970-01-20 18:35:02	Name: CMPS Value: 4834
.casalemedia.com/	1970-01-20 18:35:02	Name: CMPRO Value: 4834
.doubleclick.net/	1970-01-20 20:44:38	Name: APC Value: AfxxVi5tBW5p2sZTNdtDtYDqLWUGaQsb2tI1gBE-qtBLWtuG6fuRWw
.popin.cc/	1970-01-21 01:11:02	Name: __mguid_ Value: 1b7de7e857c563c221tf3m00lpawx1jy
.centfile.com/	1970-01-21 01:47:02	Name: __gads Value: ID=f76041271d34d48f:T=1700726954:RT=1700726954:S=ALNI_MY2aU7Ll9FX6gVvWMyjan80IYHGxA
.centfile.com/	1970-01-21 01:47:02	Name: __gpi Value: UID=00000c959f6b7e83:T=1700726954:RT=1700726954:S=ALNI_Mat-SaIQwJncWXnGEpsnnII2Kcqvg
.mediago.io/	1970-01-21 01:11:02	Name: __mguid_ Value: 1b7de7e83c9c51c12vxr9700lpawx1pk
.doubleclick.net/	1970-01-20 16:25:30	Name: DSID Value: NO_DATA
.everesttech.net/	1970-01-21 02:01:26	Name: everest_g_v2 Value: g_surferid~ZV8IrAAAIGOZ9gkb
.turn.com/	1970-01-20 20:44:38	Name: uid Value: 4512375954779782453

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.everesttech.net
ajax.googleapis.com
analyticspixel.microsoft.com
bid.g.doubleclick.net
cdn.jsdelivr.net
cdn.mediago.io
centfile.com
cm.g.doubleclick.net
connect.facebook.net
d.turn.com
dco-assets.everestads.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
images.mediago.io
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
static.adsafeprotected.com
tpc.googlesyndication.com
trace.mediago.io
trace.popin.cc
www.centfile.com
www.facebook.com
www.google.com
www.googletagservices.com
www.gstatic.com
pagead2.googlesyndication.com
104.18.10.207
104.18.36.155
142.250.204.2
142.250.66.195
142.250.66.196
142.250.66.234
142.250.71.66
142.251.221.67
151.101.1.229
157.240.8.23
157.240.8.35
172.217.167.98
172.217.24.33
172.217.24.34
172.217.24.42
18.67.93.102
204.79.197.204
207.244.67.158
23.38.135.194
3.222.35.246
34.111.60.239
35.166.43.136
35.208.249.213
35.213.89.133
50.116.239.135
52.62.225.80
64.233.170.157
99.84.203.103
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
0787e30d6145bc8b8b92ed329f664bcc3012162ccba9ef943d7ada480afb74e9
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0ca019984be04d435009905ab15535622aa17bf9951b4b704da2f70e2599012b
114a8060558d111066e792d5cff8086bbbd9d9c820a6daaf44db11a92d117841
15fff68fbbaf2433c4f6ee2683bdbc2ea4ab83a580d8b56ce7205b0ea5b0eb72
167d7ca784f3d3948837ea87c90fae712a158e7f34d02fc8dcdc091aefa62c7f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1a81c00b02e9a797e6e8cfce706577e8eb14c66fc4ab38ed71f09508d9222c72
1bec279ac9a55d6ece9eb7761ddd4c6b6264af2351e3ad9325de77acf9954536
1c97b291f30dafec3877840f45e38fc5040760d5d48054ec301860db2f47abef
2023cccf4d953a5817a30a9c972d412a23c16c5ca3feef770776a337ed9460c1
25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af
2881d8eadc298102d2462e8d32e40792adce37b6cd89d99045f574eb3ecbb748
2979f9a6e32fc42c3e7406339ee9fe76b31d1b52059776a02b4a7fa6a4fd280a
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2bd128170f24b963f67f17e2a1312ae8371c44c3ecad64cedde585555f4d55ef
2d04f8e9406176b4114c84f81c2bad9c219345dac0cda7d584cc9aeae46f85d7
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2e1683ccc9fa765af342ee498fa1c62cf569d71313bec973c38e896a81d01aa8
3047554925444f61525b1615f5e1e2a419644baa2e7f75b0669a84ea2c2fba57
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
35c2b2abe367758e35c91ea4e545072463372b9d4551a706731f587ecf1bc2a4
369d0f36fac04c23ca6859df2b12d4de4bd63ba90846981eb8cab6006f977c3e
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
3a8c1c164f78ca46424ff1759dab01130d29caf9ef947a8624fdc569b6dd9bba
3bdf27a1124d341aa2b1880639ae305d9af0d84dd79d7e7f460794038ff75fbf
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d5002a20956286cc253c9a7db333f698bc2239b7d04c6136712fbd4ae817126
4fce7d18bf336aee8feb2bde703ba56aa3e970a211ffa86f687d3a0f235f8f0e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
579a10a2485055e988338be054f866cbe713c8510442130cbda0ce11ced6c49f
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
604baa78052f6a0f30ffe86727c8aab9fa391d43f456494ae2b6fc86ac55e10e
610d24f5996131b3ab98f18e05441cc246aa8674c3842df0df2b40b57ac9fd0c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
688c6d4564188e2356bf733e3c74bbf886b18380a5143e1eb1f18bf4f0917eb8
6a8bd0ef355525106852078c746943facaa5dda806c5e3dbdb70233409283984
6da091889aacae8de59227b88c99c4b4c841615d3cf74d1f5b107323322ba963
6ed03c02eec456fe89e228d6cdf45bf7088aa9402beaab5a2a1214a1aa35ce3c
6f064b11007507ecebb88b25c6b21a41e51189b079c5a30342c8dc8950019c0c
7053fff595cd5763817a4ab694bfc0792e25cf8f809f7f04c77277c872f40908
70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4
75ffe10b4af164fdaaac762fa4683b89d55276b84d9c30c367f6ecf511eff17a
77d99620c65a9641762bef5b1e203368ab0478a1f11d34ffd3cb040ce13b4e1b
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7d705bc0eb87c6773ad5545cf2e6feb3a9376945a6602f98503d59ad0beb9479
8154aa9057e3367d9d3e4bb1f85db9645c01fc0690091aadc57dbae849ba3499
841c6bbbb5de52a2907e9b2a232a8a2fbe5043d8b770cf6ba57edeca063857a2
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
86e1035528509542804097067d75c7fe51c43c8f3f31d823993fec7d1450f779
89edd9a6e936780813d1ad6bdbc9978796e510cadde6bce7dace025803e2a231
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
9a1a9d1cd8b8763339afbecb0e704addccc762a09860d3a1c7075cd96d217e37
a26d2294c7259f7bf67280f1e33df4200971ca408fccd9bf3d38a362501222d0
a86df3be0eff7f90991f057c21e6907c16391e6f8cd0a4773cc93d9401e9dfdb
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ad8b6e314753445f31b1b3f21b85d49ba98f835386d623fc3e9172b6859f7795
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b82aa6c527e41e336e9cd392fffa550353f896f71a3c632a5bdd51e22de4ca0f
babfbb25f1f542c850eb2a73e267f565ea3ac024623cf8031dbec7f255c144ae
c31a2323b6e3ab938aad7b7711ccb96836e5452f58ce65a5d1dbfadcca1e568c
c4fb91befcf134b81ecfa1c586e1f9d6426c8f4fc1f6c130ac1fddb49ab5df96
c7653a747a4955889b1a38dcc8d7c9ec52e4494ebf9b9b5f48546e6e9afcb1ca
c786317f3ce40a59075ef4565d91c109416258e9e1e860e09e698983ef7beebc
c8a232a2ca6e90370216c787079374a65ffaff9ac2fabac2670169014a4938cd
c8ecfe747c979fbd87624913200a9237343679923b495885bced089b80fc84f6
cafbbc6d0c3acd70cba6b1a0e9c0bf1b475e75b79bada6bfd29bc8243e3d1b65
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
d0188ff0bccf1c775b2a3d7d5c15b73aebddc0b9416b9dccf586041e7ddcfe1f
d591993fff1e403d90f99552fe21bda328cb09645815c4dc764cb64db259c702
d6c641392e1406a3be2b6400372b22bf655595a6933dd00c6b75c1130cc11a15
d942d06b7348fb9cf470ea1caef30357e60ffd4e220e6a3c57a9d36244c9357d
dba5db65eacdd32e82b077fce0282798e8a702ecbead9b1a1afc305c2fdba33c
dd52bf70f2854bf2ba647794ec459ffbff7aecfa012761521e5058f2b343ef6a
e0e2bc4e1d3ee5024c4e1aa58a6cad9aa42fc63a8c89ce18013a1c8f2b94875c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4182f2f1bd3443d2f95cefb03c649e12cd10b361c6c48edbfd416cfe52cb96b
e5822473962458d0280aa5c92e6c8da3c4a10cc76ea55bd3c06ab8bf64eb4bd7
e66ad7a792dcaa684917803058147d54e110728a7cef76562e5bc5ca1388339e
e78fc86cc2859c8f152b3a401abaa7f336ba7a773e66d7b911439ad6bbb9dd09
e8a4ec002545486fb475c977fc9d53ac48a77cfb3d36ac91042c14dc688d5657
ea1ece673616b82840316d3236fc1a02a37f6eb1fcf653812c7117a3c11b315a
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ebe7a06d126935a51e922a162761342dcb20c937d42870b92ac3f05da1f28a1b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0b9cce076bd1ec81b5aa75d0f026aa12ac30d2857416a4ada414237cd615602
f40f7f9f9c91315b6fa9c09bd885e4a844b173d46c181eea5ea254146d229a41
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c

www.centfile.com Open in urlscan Pro 207.244.67.158 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

163 Requests

97 %HTTPS

0 %IPv6

19 Domains

30 Subdomains

28 IPs

4 Countries

1995 kBTransfer

5174 kBSize

14 Cookies

5 Outgoing links

Redirected requests

163 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.centfile.com Open in urlscan Pro
207.244.67.158 Public Scan

Screenshot
Live screenshot

Full Image

163
Requests

97 %
HTTPS

0 %
IPv6

19
Domains

30
Subdomains

28
IPs

4
Countries

1995 kB
Transfer

5174 kB
Size

14
Cookies

163 HTTP transactions
4 data transactions