urlscan.io logo urlscan.io
SecurityTrails logo

pwedeh.com Open in urlscan Pro
199.250.212.57  Public Scan

Go To Rescan Add Verdict Report
URL: https://pwedeh.com/tag/ultralotto-658/page/2/
Submission: On January 04 via manual from AU — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 4 countries across 21 domains to perform 109 HTTP transactions. The main IP is 199.250.212.57, located in United States and belongs to INMOTION, US. The main domain is pwedeh.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on October 15th 2022. Valid for: 3 months.
This is the only time pwedeh.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 12 199.250.212.57 22611 (INMOTION)
6 142.250.4.95 15169 (GOOGLE)
29 142.251.10.154 15169 (GOOGLE)
1 2 172.67.8.141 13335 (CLOUDFLAR...)
9 74.125.200.94 15169 (GOOGLE)
2 74.125.24.97 15169 (GOOGLE)
1 74.125.24.156 15169 (GOOGLE)
2 142.250.4.156 15169 (GOOGLE)
2 172.217.194.154 15169 (GOOGLE)
27 74.125.68.132 15169 (GOOGLE)
6 172.217.194.155 15169 (GOOGLE)
6 172.217.194.149 15169 (GOOGLE)
1 142.251.12.147 15169 (GOOGLE)
1 2 104.18.24.173 13335 (CLOUDFLAR...)
1 1 13.107.42.14 8068 (MICROSOFT...)
2 2 35.186.253.211 15169 (GOOGLE)
2 2 67.199.150.81 62713 (AS-PUBMATIC)
1 1 54.169.66.1 16509 (AMAZON-02)
1 1 52.199.38.83 16509 (AMAZON-02)
2 2 104.254.148.252 29990 (ASN-APPNEX)
109 15
12    199.250.212.57 (United States)

ASN22611 (INMOTION, US)
PTR: vps62811.inmotionhosting.com
pwedeh.com
6    142.250.4.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f95.1e100.net
fonts.googleapis.com
29    142.251.10.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f154.1e100.net
pagead2.googlesyndication.com
googleads.g.doubleclick.net
cm.g.doubleclick.net
2    172.67.8.141 (United States)

ASN13335 (CLOUDFLARENET, US)
whos.amung.us
widgets.amung.us
9    74.125.200.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f94.1e100.net
fonts.gstatic.com
www.gstatic.com
2    74.125.24.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f97.1e100.net
ssl.google-analytics.com
1    74.125.24.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f156.1e100.net
partner.googleadservices.com
2    142.250.4.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f156.1e100.net
adservice.google.com.au
2    172.217.194.154 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f154.1e100.net
adservice.google.com
27    74.125.68.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f132.1e100.net
tpc.googlesyndication.com
6    172.217.194.155 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f155.1e100.net
www.googletagservices.com
googleads4.g.doubleclick.net
6    172.217.194.149 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f149.1e100.net
s0.2mdn.net
1    142.251.12.147 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f147.1e100.net
www.google.com
2    104.18.24.173 (None, )

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
2    67.199.150.81 (Los Angeles, United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    54.169.66.1 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-169-66-1.ap-southeast-1.compute.amazonaws.com
ads.yieldmo.com
1    52.199.38.83 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-199-38-83.ap-northeast-1.compute.amazonaws.com
google.dap.fw-ad.jp
2    104.254.148.252 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
secure.adnxs.com
Apex Domain
Subdomains		 Transfer
40 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 145
tpc.googlesyndication.com — Cisco Umbrella Rank: 187
544 KB
17 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 64
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 395
cm.g.doubleclick.net — Cisco Umbrella Rank: 321
165 KB
12 pwedeh.com
pwedeh.com
317 KB
9 gstatic.com
fonts.gstatic.com
www.gstatic.com
177 KB
6 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 362
64 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 127
5 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 221
234 KB
3 google.com
adservice.google.com — Cisco Umbrella Rank: 142
www.google.com — Cisco Umbrella Rank: 16
714 B
2 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 670
3 KB
2 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 996
1 KB
2 openx.net
rtb.openx.net — Cisco Umbrella Rank: 2379
618 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1178
s.tribalfusion.com — Cisco Umbrella Rank: 2747
1 KB
2 google.com.au
adservice.google.com.au — Cisco Umbrella Rank: 42186
957 B
2 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 424
17 KB
2 amung.us
whos.amung.us — Cisco Umbrella Rank: 9585
widgets.amung.us — Cisco Umbrella Rank: 10582
2 KB
1 fw-ad.jp
google.dap.fw-ad.jp — Cisco Umbrella Rank: 61539
562 B
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 893
503 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 840
734 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1011
696 B
0 genieessp.com Failed
js.genieessp.com Failed
0 addthis.com Failed
s7.addthis.com Failed
109 21
Domain Requested by
27 tpc.googlesyndication.com googleads.g.doubleclick.net
pwedeh.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
13 pagead2.googlesyndication.com pwedeh.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
tpc.googlesyndication.com
12 pwedeh.com 1 redirects pwedeh.com
9 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
pwedeh.com
7 cm.g.doubleclick.net googleads.g.doubleclick.net
6 s0.2mdn.net pwedeh.com
s0.2mdn.net
6 www.gstatic.com googleads.g.doubleclick.net
6 fonts.googleapis.com pwedeh.com
googleads.g.doubleclick.net
5 www.googletagservices.com googleads.g.doubleclick.net
3 fonts.gstatic.com fonts.googleapis.com
2 secure.adnxs.com 2 redirects
2 image6.pubmatic.com 2 redirects
2 rtb.openx.net 2 redirects
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.com.au pagead2.googlesyndication.com
2 ssl.google-analytics.com pwedeh.com
1 google.dap.fw-ad.jp 1 redirects
1 ads.yieldmo.com 1 redirects
1 px.ads.linkedin.com 1 redirects
1 s.tribalfusion.com googleads.g.doubleclick.net
1 a.tribalfusion.com 1 redirects
1 www.google.com googleads.g.doubleclick.net
tpc.googlesyndication.com
1 googleads4.g.doubleclick.net pwedeh.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 widgets.amung.us pwedeh.com
1 whos.amung.us 1 redirects
0 js.genieessp.com Failed pwedeh.com
0 s7.addthis.com Failed pwedeh.com
109 28

This site contains links to these domains. Also see Links.

Domain
www.youtube.com
whos.amung.us
Subject Issuer Validity Valid
pwedeh.com
cPanel, Inc. Certification Authority		 2022-10-15 -
2023-01-13		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.com.au
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh

This page contains 19 frames:

Primary Page: https://pwedeh.com/tag/ultralotto-658/page/2/
Frame ID: 9F5BFA26A0E3966EEDB513A9A2B1765B
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Frame ID: 577DE8B416D974C1CCC1352B0C8623FD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8253172199089713&output=html&adk=1812271804&adf=3025194257&lmt=1672798689&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=188x1080_l%7C188x1080_r&format=0x0&url=https%3A%2F%2Fpwedeh.com%2Ftag%2Fultralotto-658%2Fpage%2F2%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672798688695&bpp=7&bdt=2347&idt=526&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4489892786030&frm=20&pv=2&ga_vid=494072575.1672798688&ga_sid=1672798688&ga_hid=1947909348&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44776415%2C44780792&oid=2&pvsid=2391788490707384&tmod=304880314&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=546
Frame ID: D53A2161C0D4B2E425A736A2D4DA5577
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8253172199089713&output=html&h=280&slotname=5362010817&adk=1057712553&adf=487298480&pi=t.ma~as.5362010817&w=1160&fwrn=4&fwrnh=100&lmt=1672798689&rafmt=1&format=1160x280&url=https%3A%2F%2Fpwedeh.com%2Ftag%2Fultralotto-658%2Fpage%2F2%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672798688702&bpp=2&bdt=2355&idt=546&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4489892786030&frm=20&pv=1&ga_vid=494072575.1672798688&ga_sid=1672798688&ga_hid=1947909348&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=220&ady=148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44776415%2C44780792&oid=2&pvsid=2391788490707384&tmod=304880314&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=axfFYkGRGa&p=https%3A//pwedeh.com&dtd=550
Frame ID: 1537AB5B9DA757F447E0502020B6DCE7
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8253172199089713&output=html&h=250&adk=3278163190&adf=3458822843&pi=t.aa~a.4020363953~rp.4&w=320&fwrn=4&fwrnh=100&lmt=1672798690&rafmt=1&to=qs&pwprc=8831098242&format=320x250&url=https%3A%2F%2Fpwedeh.com%2Ftag%2Fultralotto-658%2Fpage%2F2%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672798690938&bpp=2&bdt=4591&idt=2&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D054b7266c4a9afe1-22bac65f29d90081%3AT%3D1672798689%3ART%3D1672798689%3AS%3DALNI_MYnzgmfOySWzA9OqAzE11ZdRvk8ZQ&gpic=UID%3D00000b9d8ae6feb6%3AT%3D1672798689%3ART%3D1672798689%3AS%3DALNI_MbuSvxg73P_e3oSzlFVfgNjILeC_A&prev_fmts=0x0%2C1160x280&nras=2&correlator=4489892786030&frm=20&pv=1&ga_vid=494072575.1672798688&ga_sid=1672798688&ga_hid=1947909348&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1912&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44776415%2C44780792&oid=2&psts=ACgb8tunMHDKgBrxA24YAvOt0UpXtDH16FywgIPGJ1J_Rz-p0YtRGfSNbG7Gd7z8S8MlRbma3V1sbNWWzpisXPCPNA&pvsid=2391788490707384&tmod=304880314&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hSt9I7pAgG&p=https%3A//pwedeh.com&dtd=10
Frame ID: C2020EF495BFDBEA9EFE686A2C4D55DC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js
Frame ID: A48627956109FF6C908ED5A5DEF78760
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Frame ID: 56B06B0C64BD559ED3C8EF79F82B0AF4
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Frame ID: 8DBDEAE8146EDE646BCED03B4E69E4D8
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Frame ID: 4307C4CC61237371A7363779DB8B4EE6
Requests: 13 HTTP requests in this frame

Frame: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssOUO317-jl5MN4P6FFwqjm4bGRvAhXH2OOsuzCzZ6qYflHhN-lYH_ySlLm4gcoKZRA9kkYk_IspSCWymrNLqXFjfbnK9Nieu7M0DhWeVTYxWakncWHPFU_70Gw_qnCFVRsdorcLRIk9L2kQ_zrykNk1jHbBwzrDEoDLpuC3xM9dINmoKTfTf3u4WP0Tv0o-6G33m6ILsUkge1R00bgRkHNt9FvI6aImK16oIWid6HyVDuPTGNsIJ2kz-6GY3wPGNV6ePDAvzLf91Kv8RN9_b6UHXyoDXJV9CxhCiSVKVRxJR5xd9GDGqDYrCUuD0SXN1byVrcyZzSgbzP3usCYFEvcMuniE_7LOeP2OjpvshKJmgX7BAKwo8iDQBQ3qDUCouY8mPd_RdVLl8srrJlIlCi6sgguYTLP2UIotZxSyPI9DOjV0ZFOv9ThwhprU6NkpX4cFXaHBXCUg9BZrY7MLal1voenodwEYnbaxDao8AYF7kWYy4cdxSZAiPIGPXXrDX1h1CH_ENraipJZ3p8tzU5Tuc8EphygwmuPS-_K5X6qx-0uspXX2PZpxy6LJJehqDxMroconQwGCoTk7OXo5-1RZNzgBTL4UNXABPHbxp2R_jBKiOTsfvt3-e5HF4DyyWCFLmqXqkFWRV8TGvMVlN_0uq2VxNQfjQbNUMy-7FnqYFal5ne2ST0ODqRFKsAjmmmyCOQNFqVfgABK6YG3s6x--Za7Dvlop5u4mCIQ2EcyUgeLJrWKOVukDmnysrJrVImwM37DcJD26upH0Bwg3QAoPixnHP9a88MWr1XZVbebyKerYY8I7L77HoxkfTh4w7mxBKm7LyV1bnhzyT09qZaekMFGe16hBX0z-0rGyOL14wqp1upMVmxg8s0WVtkcIRxiN8MatBSuAspFX2JlnIv9QztaoEDrlAhCqGwvdtVw7phO0T2PpcDJEYr0XxrGImzhQjNMciJhpZar8JBa4t4oUKgZMpjGbQxhjjJilNXKdDDzg0ATdU_TIU6QAu9XcZmS7UfoOjp56rNSz5AD1jwYtMiDRDmy70PTE5dNL-SnKdSW5QOQUgBIhbUuuuivL2nP&sai=AMfl-YRpAl1gqoaOugbXtimdKpUZk80dzXynfLRVl4aiHiIIsWsbUMnCA3fm3a6evexShzzx6j64WtH9UcqRM2HuThPIiD-H9RXajRis50pSLQcJ05sXInSihUsHqULkiSHoErSu0KFFl5n_8vrP9IPuSgw0PkrRwF68wzKpLRTYikf8Bxc2xX9mUQ_jSdhWqkC8NQiOdFIrRnF8mbgegPVLt4-tjvKyAmwOqSyiWHCMWvSlCDlYwBYVaAATe8oWZzG3xdpdj6iLDYe-Ki0QgfV59lFRA6ZL-k81d7b4VMax5thwwiCdBVrwChB4W5bQckdIXw3F32fvmzZvqY-oxbo0NEIxVGSIRBkB1DTPmvXIYn2lSi933r3EVicy6Nasn8O6GBPWHOfeBhph66LsY9NlWg&sig=Cg0ArKJSzFAPC-hlMJAoEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Frame ID: 92650663C7CED25D5EC99D149D7B4FBE
Requests: 9 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 3E3ADFE390AC2C92E1BF1F3F74A0C510
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3D76288E31EE79B87138F7E59B2FE8F5
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0D05578AA0F9F2A687FC3258FDECBC47
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js
Frame ID: BDE8522528B711E811DFD97B07F4AE9D
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js
Frame ID: B3DEF2194697D9E1645BFC4CBF864C60
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js
Frame ID: E170A78380EC381DF48A7AD9E770DD47
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4389378310692617716/MAR420-money-redHighlight-PL-300x250/index.html
Frame ID: F36BECEA961AE16A828A5557A10C9265
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 781397180B48FA32A42CE3B0827AA662
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8414FE6FF0189D5CFD2FD5D567E7B7A6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

UltraLotto 6/58 – PHILIPPINE PCSO LOTTO RESULTS PCSO | Page 2

Page URL History Show full URLs

  1. https://pwedeh.com/tag/ultralotto-658/page/2 HTTP 301
    https://pwedeh.com/tag/ultralotto-658/page/2/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

109
Requests

88 %
HTTPS

0 %
IPv6

21
Domains

28
Subdomains

15
IPs

4
Countries

1558 kB
Transfer

3549 kB
Size

20
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://pwedeh.com/tag/ultralotto-658/page/2 HTTP 301
    https://pwedeh.com/tag/ultralotto-658/page/2/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://whos.amung.us/widget/hc8na4fr.png HTTP 307
  • https://widgets.amung.us/classic/00/32.png
Request Chain 91
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEGV8-1HcQlv4ZcUdZjHjuMo&google_cver=1&google_push=AavPq0NdKPB9Jhb7s_qxQ8VXWfxr_bdhU5zngjZAPp5935MUCaq4HyfaCnu6CeefOINwyu_J5RP1i7NRb0XoMwn7CgEu33eiRTUqkvwuv-xyDQB2PU2pnersq6kKYAB0mDv7W2EgVnCOLLZF6A&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0NdKPB9Jhb7s_qxQ8VXWfxr_bdhU5zngjZAPp5935MUCaq4HyfaCnu6CeefOINwyu_J5RP1i7NRb0XoMwn7CgEu33eiRTUqkvwuv-xyDQB2PU2pnersq6kKYAB0mDv7W2EgVnCOLLZF6A%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGV8-1HcQlv4ZcUdZjHjuMo&google_cver=1&google_push=AavPq0NdKPB9Jhb7s_qxQ8VXWfxr_bdhU5zngjZAPp5935MUCaq4HyfaCnu6CeefOINwyu_J5RP1i7NRb0XoMwn7CgEu33eiRTUqkvwuv-xyDQB2PU2pnersq6kKYAB0mDv7W2EgVnCOLLZF6A&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0NdKPB9Jhb7s_qxQ8VXWfxr_bdhU5zngjZAPp5935MUCaq4HyfaCnu6CeefOINwyu_J5RP1i7NRb0XoMwn7CgEu33eiRTUqkvwuv-xyDQB2PU2pnersq6kKYAB0mDv7W2EgVnCOLLZF6A%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 92
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEIOGqrW0kgV9E0erAZa38f4&google_cver=1&google_push=AavPq0Ohy0B-zFqEMeL_kCl9r_-URx0IzLmCAhxoqe1XEU0WoaSQPvHBrYFmNSQETnORRcvkbL6jIfte7BnLgsjoMf9Pf8Vi2wzmJczF_uHXyvkbsMWDHq06D26SKZhtpORwa-nO4AeKJfAQQQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AavPq0Ohy0B-zFqEMeL_kCl9r_-URx0IzLmCAhxoqe1XEU0WoaSQPvHBrYFmNSQETnORRcvkbL6jIfte7BnLgsjoMf9Pf8Vi2wzmJczF_uHXyvkbsMWDHq06D26SKZhtpORwa-nO4AeKJfAQQQ
Request Chain 93
  • https://rtb.openx.net/sync/dds?google_gid=CAESEP3hdDc53cJ23frbE5jyxIM&google_cver=1&google_push=AavPq0MSTEnU5EEu3uoc4lN4U9xljtNXOQvfYvfLpyP2XERWpzXF0lgT-qnk6S0aTPkBVmBNliucOozVoMOReXRMonFqMtIXNZamBDZ_blvViInpzEczXnwTDZZA05FZflr83VS4uq9iUcB9VQ HTTP 302
  • https://rtb.openx.net/sync/dds?google_gid=CAESEP3hdDc53cJ23frbE5jyxIM&google_cver=1&google_push=AavPq0MSTEnU5EEu3uoc4lN4U9xljtNXOQvfYvfLpyP2XERWpzXF0lgT-qnk6S0aTPkBVmBNliucOozVoMOReXRMonFqMtIXNZamBDZ_blvViInpzEczXnwTDZZA05FZflr83VS4uq9iUcB9VQ&ox_sc=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AavPq0MSTEnU5EEu3uoc4lN4U9xljtNXOQvfYvfLpyP2XERWpzXF0lgT-qnk6S0aTPkBVmBNliucOozVoMOReXRMonFqMtIXNZamBDZ_blvViInpzEczXnwTDZZA05FZflr83VS4uq9iUcB9VQ&google_hm=L-Dc-MIJyGMFagOCcaNFTA==
Request Chain 94
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDPWOLjObeGPt832VrfwkBM&google_cver=1&google_push=AavPq0OIKglmSwXSeg3qK3nTLHWbitFoXlFNNfk--EoXtpCjLaVTnAOaad6JsJEuC_yKys5WrjIAuNv94KkzZYsw6pfXhzWQG5zr-OVwfc5ab9q5l42WXxnW_3GB6VlSDX8WpM8Tf-DTJnA4Mg HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDPWOLjObeGPt832VrfwkBM&google_cver=1&google_push=AavPq0OIKglmSwXSeg3qK3nTLHWbitFoXlFNNfk--EoXtpCjLaVTnAOaad6JsJEuC_yKys5WrjIAuNv94KkzZYsw6pfXhzWQG5zr-OVwfc5ab9q5l42WXxnW_3GB6VlSDX8WpM8Tf-DTJnA4Mg&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=R_sbhEorSRydPLjvbIWtiw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0OIKglmSwXSeg3qK3nTLHWbitFoXlFNNfk--EoXtpCjLaVTnAOaad6JsJEuC_yKys5WrjIAuNv94KkzZYsw6pfXhzWQG5zr-OVwfc5ab9q5l42WXxnW_3GB6VlSDX8WpM8Tf-DTJnA4Mg
Request Chain 95
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEIr31jIRcUzx1N599Y9yXec&google_cver=1&google_push=AavPq0NUb_Hdhsckuvvzdcr9pzq7kFSME4nPWDxdevPQdpB7jB82kwoM6xqimzJa90-uDarvKftvEsIlUqgy7HiFjYqlDV9NtZ7V0vfXkCdJFCUPImJouqQEKqVtbmh20c1xw3Pk1_Jtq7h- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AavPq0NUb_Hdhsckuvvzdcr9pzq7kFSME4nPWDxdevPQdpB7jB82kwoM6xqimzJa90-uDarvKftvEsIlUqgy7HiFjYqlDV9NtZ7V0vfXkCdJFCUPImJouqQEKqVtbmh20c1xw3Pk1_Jtq7h-&google_hm=Z2M0YTNhNjZmOWIyM2NkNTkyYjA=
Request Chain 96
  • https://google.dap.fw-ad.jp/dsp/google/pixel?google_gid=CAESEGf4Zfu714QMDd9oipcnSFA&google_cver=1&google_push=AavPq0NRq_s6niyXDF3PH_lYsRskbjIK8Gn1qg_CcuZnCoK-p09s5RuN4WH_nwmUY9bqMH6F_n9_rYtBXYMReakqnoUIz4KJ-63Fua8XN4vCdZwURbC-PjGVN6AMynSggkeBVXIWDjtkIsDqPg HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=docomo_ads_platform&google_push=AavPq0NRq_s6niyXDF3PH_lYsRskbjIK8Gn1qg_CcuZnCoK-p09s5RuN4WH_nwmUY9bqMH6F_n9_rYtBXYMReakqnoUIz4KJ-63Fua8XN4vCdZwURbC-PjGVN6AMynSggkeBVXIWDjtkIsDqPg&google_hm=NDQzMWUwYjgtMWI2MC0zYzViLThkNjctNWY2YjU0NDM2ZDE5
Request Chain 97
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEAie-alEfZPyEbQ3J2eK8MU&google_cver=1&google_push=AavPq0OILlmhXFDFejjSx23KMlxNzF97mZ-VrPOy3f3Th4NIsAc5QO_iKScyuBbp8M-ggUpnKWjP7arg-IEtZ9c5B4OVLYiDg9P60vQD7yhQEawqfKtRZPGv9GRYK7YJOb_ToqqQUc1CTa2mR1o HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEAie-alEfZPyEbQ3J2eK8MU%26google_cver%3D1%26google_push%3DAavPq0OILlmhXFDFejjSx23KMlxNzF97mZ-VrPOy3f3Th4NIsAc5QO_iKScyuBbp8M-ggUpnKWjP7arg-IEtZ9c5B4OVLYiDg9P60vQD7yhQEawqfKtRZPGv9GRYK7YJOb_ToqqQUc1CTa2mR1o HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MjIwMzgxOTcyNDgyMzg1NTExMg%3D%3D&google_gid=CAESEAie-alEfZPyEbQ3J2eK8MU&google_cver=1&google_push=AavPq0OILlmhXFDFejjSx23KMlxNzF97mZ-VrPOy3f3Th4NIsAc5QO_iKScyuBbp8M-ggUpnKWjP7arg-IEtZ9c5B4OVLYiDg9P60vQD7yhQEawqfKtRZPGv9GRYK7YJOb_ToqqQUc1CTa2mR1o

109 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
pwedeh.com/tag/ultralotto-658/page/2/
Redirect Chain
  • https://pwedeh.com/tag/ultralotto-658/page/2
  • https://pwedeh.com/tag/ultralotto-658/page/2/
38 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pwedeh.com/tag/ultralotto-658/page/2/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.250.212.57 , United States, ASN22611 (INMOTION, US),
Reverse DNS
vps62811.inmotionhosting.com
Software
Apache /
Resource Hash
a3828633d6ff4d80dfa86d02075d5310b2ac9d979f194287687f7d157b12ca5a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Wed, 04 Jan 2023 02:18:06 GMT
Keep-Alive
timeout=5, max=99
Link
<https://pwedeh.com/wp-json/>; rel="https://api.w.org/", <https://pwedeh.com/wp-json/wp/v2/tags/66>; rel="alternate"; type="application/json"
Server
Apache
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

Connection
Keep-Alive
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Wed, 04 Jan 2023 02:18:05 GMT
Keep-Alive
timeout=5, max=100
Location
https://pwedeh.com/tag/ultralotto-658/page/2/
Server
Apache
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Redirect-By
WordPress
css
fonts.googleapis.com/ 		26 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C300%2C300italic%2C400italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic&ver=1.3.0
Requested by
Host: pwedeh.com
URL: https://pwedeh.com/tag/ultralotto-658/page/2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f95.1e100.net
Software
ESF /
Resource Hash
47a7dd0cada3c63b3d5981848b65973772a3f5ccc578d16ed90e3aa1b74056ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pwedeh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 04 Jan 2023 02:18:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 04 Jan 2023 01:17:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 04 Jan 2023 02:18:06 GMT
dashicons.min.css
pwedeh.com/wp-includes/css/ 		58 KB
58 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pwedeh.com/wp-includes/css/dashicons.min.css?ver=6.1.1
Requested by
Host: pwedeh.com
URL: https://pwedeh.com/tag/ultralotto-658/page/2/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.250.212.57 , United States, ASN22611 (INMOTION, US),
Reverse DNS
vps62811.inmotionhosting.com
Software
Apache /
Resource Hash
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pwedeh.com/tag/ultralotto-658/page/2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 04 Jan 2023 02:18:06 GMT
Last-Modified
Fri, 16 Apr 2021 01:14:58 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
59016
style.min.css
pwedeh.com/wp-content/themes/genbu/ 		34 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pwedeh.com/wp-content/themes/genbu/style.min.css?ver=1.3.0
Requested by
Host: pwedeh.com
URL: https://pwedeh.com/tag/ultralotto-658/page/2/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.250.212.57 , United States, ASN22611 (INMOTION, US),
Reverse DNS
vps62811.inmotionhosting.com
Software
Apache /
Resource Hash
a327812585a1f35bd4e84aef8e4d3951968a91253af0cc0efd3d73bec2f2060a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pwedeh.com/tag/ultralotto-658/page/2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 04 Jan 2023 02:18:06 GMT
Last-Modified
Wed, 26 Aug 2020 14:48:43 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
35115
style.min.css
pwedeh.com/wp-includes/css/dist/block-library/ 		93 KB
93 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pwedeh.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by
Host: pwedeh.com
URL: https://pwedeh.com/tag/ultralotto-658/page/2/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.250.212.57 , United States, ASN22611 (INMOTION, US),
Reverse DNS
vps62811.inmotionhosting.com
Software
Apache /
Resource Hash
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pwedeh.com/tag/ultralotto-658/page/2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 04 Jan 2023 02:18:06 GMT
Last-Modified
Wed, 16 Nov 2022 01:08:16 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
94889
classic-themes.min.css
pwedeh.com/wp-includes/css/ 		217 B
458 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://pwedeh.com/wp-includes/css/classic-themes.min.css?ver=1
Requested by
Host: pwedeh.com
URL: https://pwedeh.com/tag/ultralotto-658/page/2/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.250.212.57 , United States, ASN22611 (INMOTION, US),
Reverse DNS
vps62811.inmotionhosting.com
Software
Apache /
Resource Hash
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pwedeh.com/tag/ultralotto-658/page/2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 04 Jan 2023 02:18:06 GMT
Last-Modified
Thu, 03 Nov 2022 09:06:13 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
217
jquery.min.js
pwedeh.com/wp-includes/js/jquery/ 		88 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pwedeh.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by
Host: pwedeh.com
URL: https://pwedeh.com/tag/ultralotto-658/page/2/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.250.212.57 , United States, ASN22611 (INMOTION, US),
Reverse DNS
vps62811.inmotionhosting.com
Software
Apache /
Resource Hash
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pwedeh.com/tag/ultralotto-658/page/2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 04 Jan 2023 02:18:06 GMT
Last-Modified
Thu, 03 Nov 2022 09:06:12 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
89684
jquery-migrate.min.js
pwedeh.com/wp-includes/js/jquery/ 		11 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pwedeh.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: pwedeh.com
URL: https://pwedeh.com/tag/ultralotto-658/page/2/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.250.212.57 , United States, ASN22611 (INMOTION, US),
Reverse DNS
vps62811.inmotionhosting.com
Software
Apache /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pwedeh.com/tag/ultralotto-658/page/2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 04 Jan 2023 02:18:06 GMT
Last-Modified
Mon, 04 Jan 2021 11:33:10 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
11224
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pwedeh.com
URL: https://pwedeh.com/tag/ultralotto-658/page/2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
a465ef716c053af325208b72af4084a7567081bb9bfbb84960cda42f3c702e42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pwedeh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 02:18:08 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49594
x-xss-protection
0
server
cafe
etag
14719278779886722089
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 04 Jan 2023 02:18:08 GMT
subscribe-e1540501877316.png
pwedeh.com/wp-content/uploads/2018/10/ 		414 B
655 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pwedeh.com/wp-content/uploads/2018/10/subscribe-e1540501877316.png
Requested by
Host: pwedeh.com
URL: https://pwedeh.com/tag/ultralotto-658/page/2/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.250.212.57 , United States, ASN22611 (INMOTION, US),
Reverse DNS
vps62811.inmotionhosting.com
Software
Apache /
Resource Hash
cce969722269a6a1c042a7ec02868dfe7259b114622afcd01b9e55a942fb4243

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pwedeh.com/tag/ultralotto-658/page/2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 04 Jan 2023 02:18:07 GMT
Last-Modified
Wed, 26 Aug 2020 14:49:10 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
414
32.png
widgets.amung.us/classic/00/
Redirect Chain
  • https://whos.amung.us/widget/hc8na4fr.png
  • https://widgets.amung.us/classic/00/32.png
1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.amung.us/classic/00/32.png
Requested by
Host: pwedeh.com
URL: https://pwedeh.com/tag/ultralotto-658/page/2/
Protocol
H2
Server
172.67.8.141 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2705299e19ed7fabe00eb167ce32eda2fb0ae988e93fbf82bf4960db70b696a7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pwedeh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 02:18:08 GMT
cf-cache-status
HIT
last-modified
Sun, 13 Jun 2010 09:03:09 GMT
server
cloudflare
age
1631469
etag
"4c149ecd-5d2"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
78407b5a5d5fa868-SYD
content-length
1490
expires
Sat, 17 Dec 2022 05:06:59 GMT

Redirect headers

location
https://widgets.amung.us/classic/00/32.png
date
Wed, 04 Jan 2023 02:18:08 GMT
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
78407b586bbfa868-SYD
content-type
text/html; charset=UTF-8
fitvids.min.js
pwedeh.com/wp-content/themes/genbu/js/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pwedeh.com/wp-content/themes/genbu/js/fitvids.min.js?ver=0.1.1
Requested by
Host: pwedeh.com
URL: https://pwedeh.com/tag/ultralotto-658/page/2/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.250.212.57 , United States, ASN22611 (INMOTION, US),
Reverse DNS
vps62811.inmotionhosting.com
Software
Apache /
Resource Hash
7a268b489b6f711b49c3d2dc91829e27777c97947c8ef2eced9c9a24c0aa536e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pwedeh.com/tag/ultralotto-658/page/2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 04 Jan 2023 02:18:07 GMT
Last-Modified
Wed, 26 Aug 2020 14:48:43 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1523
theme.min.js
pwedeh.com/wp-content/themes/genbu/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pwedeh.com/wp-content/themes/genbu/js/theme.min.js?ver=1.3.0
Requested by
Host: pwedeh.com
URL: https://pwedeh.com/tag/ultralotto-658/page/2/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.250.212.57 , United States, ASN22611 (INMOTION, US),
Reverse DNS
vps62811.inmotionhosting.com
Software
Apache /
Resource Hash
dd2b1cadbeb441ac12524b5795e7f2c0ce02dc0a06a937eb227bf2cb4380756c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pwedeh.com/tag/ultralotto-658/page/2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 04 Jan 2023 02:18:07 GMT
Last-Modified
Wed, 26 Aug 2020 14:48:43 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
2575
wp-emoji-release.min.js
pwedeh.com/wp-includes/js/ 		18 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pwedeh.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Requested by
Host: pwedeh.com
URL: https://pwedeh.com/tag/ultralotto-658/page/2/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.250.212.57 , United States, ASN22611 (INMOTION, US),
Reverse DNS
vps62811.inmotionhosting.com
Software
Apache /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pwedeh.com/tag/ultralotto-658/page/2/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Wed, 04 Jan 2023 02:18:07 GMT
Last-Modified
Sat, 28 May 2022 20:46:52 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
18617
addthis_widget.js
s7.addthis.com/js/250/ 		0
0
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C300%2C300italic%2C400italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic&ver=1.3.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f94.1e100.net
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pwedeh.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 00:06:26 GMT
x-content-type-options
nosniff
age
267102
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 01 Jan 2024 00:06:26 GMT
truncated
/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bc9c387b513b4d43675910f780fa03e92b9a4b58432b402a8f0a801a0d5ae855

Request headers

Referer
Origin
https://pwedeh.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
application/x-font-woff;charset=utf-8
a1083161.js
js.genieessp.com/t/083/161/ 		0
0
a1058140.js
js.genieessp.com/t/058/140/ 		0
0
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: pwedeh.com
URL: https://pwedeh.com/tag/ultralotto-658/page/2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f97.1e100.net
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://pwedeh.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 04 Jan 2023 01:53:54 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
1454
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Wed, 04 Jan 2023 03:53:54 GMT
__utm.gif
ssl.google-analytics.com/r/ 		35 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1494169640&utmhn=pwedeh.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=UltraLotto%206%2F58%20%E2%80%93%20PHILIPPINE%20PCSO%20LOTTO%20RESULTS%20PCSO%20%7C%20Page%202&utmhid=1947909348&utmr=-&utmp=%2Ftag%2Fultralotto-658%2Fpage%2F2%2F&utmht=1672798688484&utmac=UA-8770403-2&utmcc=__utma%3D107540099.494072575.1672798688.1672798688.1672798688.1%3B%2B__utmz%3D107540099.1672798688.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=966665912&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: pwedeh.com
URL: https://pwedeh.com/tag/ultralotto-658/page/2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f97.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pwedeh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Jan 2023 02:18:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/ 		356 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js?bust=31071219
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
146415be02c257f4f176cf2a1f5ecba923baf6b66e80dc299885a16fd76b5d78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pwedeh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 02:18:08 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119966
x-xss-protection
0
server
cafe
etag
14395782047157721871
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 04 Jan 2023 02:18:08 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/ Frame 577D 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pwedeh.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
66538
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 03 Jan 2023 07:49:10 GMT
etag
10353107486223812946
expires
Tue, 17 Jan 2023 07:49:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v34/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans%3A400%2C300%2C300italic%2C400italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic&ver=1.3.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f94.1e100.net
Software
sffe /
Resource Hash
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://pwedeh.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 30 Dec 2022 15:33:47 GMT
x-content-type-options
nosniff
age
384261
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47952
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:22:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Dec 2023 15:33:47 GMT
cookie.js
partner.googleadservices.com/gampad/ 		387 B
696 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=pwedeh.com&callback=_gfp_s_&client=ca-pub-8253172199089713&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js?bust=31071219
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
b32f0501b2ba0afb3b3c89628deb5f2c67cdcb746bf49765e516ce34f495086c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pwedeh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 02:18:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
252
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=pwedeh.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js?bust=31071219
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pwedeh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 02:18:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=pwedeh.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js?bust=31071219
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pwedeh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 02:18:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D53A 		410 KB
83 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8253172199089713&output=html&adk=1812271804&adf=3025194257&lmt=1672798689&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=188x1080_l%7C188x1080_r&format=0x0&url=https%3A%2F%2Fpwedeh.com%2Ftag%2Fultralotto-658%2Fpage%2F2%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672798688695&bpp=7&bdt=2347&idt=526&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4489892786030&frm=20&pv=2&ga_vid=494072575.1672798688&ga_sid=1672798688&ga_hid=1947909348&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44776415%2C44780792&oid=2&pvsid=2391788490707384&tmod=304880314&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=546
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js?bust=31071219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
0ff1771bc606432b17d00200be26cf9c732f3aa6be5c027eca5e6e2ded0de553
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pwedeh.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
84997
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 04 Jan 2023 02:18:10 GMT
expires
Wed, 04 Jan 2023 02:18:10 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 1537 		100 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8253172199089713&output=html&h=280&slotname=5362010817&adk=1057712553&adf=487298480&pi=t.ma~as.5362010817&w=1160&fwrn=4&fwrnh=100&lmt=1672798689&rafmt=1&format=1160x280&url=https%3A%2F%2Fpwedeh.com%2Ftag%2Fultralotto-658%2Fpage%2F2%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672798688702&bpp=2&bdt=2355&idt=546&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4489892786030&frm=20&pv=1&ga_vid=494072575.1672798688&ga_sid=1672798688&ga_hid=1947909348&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=220&ady=148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44776415%2C44780792&oid=2&pvsid=2391788490707384&tmod=304880314&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=axfFYkGRGa&p=https%3A//pwedeh.com&dtd=550
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js?bust=31071219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
2f5b6daa0145b779ac0442cf9fb8db6dad26ff99aff2b4dc03b3aa687b979f19
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pwedeh.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
34027
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 04 Jan 2023 02:18:09 GMT
expires
Wed, 04 Jan 2023 02:18:09 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame 1537 		8 KB
991 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8253172199089713&output=html&h=280&slotname=5362010817&adk=1057712553&adf=487298480&pi=t.ma~as.5362010817&w=1160&fwrn=4&fwrnh=100&lmt=1672798689&rafmt=1&format=1160x280&url=https%3A%2F%2Fpwedeh.com%2Ftag%2Fultralotto-658%2Fpage%2F2%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672798688702&bpp=2&bdt=2355&idt=546&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4489892786030&frm=20&pv=1&ga_vid=494072575.1672798688&ga_sid=1672798688&ga_hid=1947909348&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=220&ady=148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44776415%2C44780792&oid=2&pvsid=2391788490707384&tmod=304880314&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=axfFYkGRGa&p=https%3A//pwedeh.com&dtd=550
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f95.1e100.net
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 04 Jan 2023 02:18:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 04 Jan 2023 02:02:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 04 Jan 2023 02:18:10 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/17852540213332540470/ Frame 1537 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17852540213332540470/14763004658117789537?w=600&h=314
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8253172199089713&output=html&h=280&slotname=5362010817&adk=1057712553&adf=487298480&pi=t.ma~as.5362010817&w=1160&fwrn=4&fwrnh=100&lmt=1672798689&rafmt=1&format=1160x280&url=https%3A%2F%2Fpwedeh.com%2Ftag%2Fultralotto-658%2Fpage%2F2%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672798688702&bpp=2&bdt=2355&idt=546&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4489892786030&frm=20&pv=1&ga_vid=494072575.1672798688&ga_sid=1672798688&ga_hid=1947909348&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=220&ady=148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44776415%2C44780792&oid=2&pvsid=2391788490707384&tmod=304880314&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=axfFYkGRGa&p=https%3A//pwedeh.com&dtd=550
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
69ff196154392828ab23640ebd627ef7ae4bbf4732f4fbb671722986f7b14b65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 09:57:08 GMT
x-content-type-options
nosniff
age
231662
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43929
x-xss-protection
0
last-modified
Sat, 10 Dec 2022 06:25:07 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 01 Jan 2024 09:57:08 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 1537 		2 KB
846 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8253172199089713&output=html&h=280&slotname=5362010817&adk=1057712553&adf=487298480&pi=t.ma~as.5362010817&w=1160&fwrn=4&fwrnh=100&lmt=1672798689&rafmt=1&format=1160x280&url=https%3A%2F%2Fpwedeh.com%2Ftag%2Fultralotto-658%2Fpage%2F2%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672798688702&bpp=2&bdt=2355&idt=546&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4489892786030&frm=20&pv=1&ga_vid=494072575.1672798688&ga_sid=1672798688&ga_hid=1947909348&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=220&ady=148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44776415%2C44780792&oid=2&pvsid=2391788490707384&tmod=304880314&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=axfFYkGRGa&p=https%3A//pwedeh.com&dtd=550
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 10:26:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
57094
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 17 Jan 2023 10:26:36 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 1537 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cf2bZ4eG0Y8SIFseE1Ab4soDAAYjJ_vBtieaZnekN2O2YuOYlEAEg3O3RB2ClgICAkAGgAb_L5oUCyAEJqAMByAPLBKoEiAJP0D9AvanCIWIrCzew76PFoo34SAE8_QaUClISlTqj_UecTajx-7W7dhCX9uyRNk07UrgS02qveWlLHZEoeOkokj-l_uZfBtZ7O7OOGvNeXvQf9YT8LPne6N2v0DYlhiwG7EXPD8PgSuza8wBlIpMTZUPWax9uXS577rKA-g4qnGAvzSPO7PBACI1STis32dWF-JidFnSW6DaqfSNYK4NRgt2Ei5qCO1CCmWAs4uGptfryx4kFSz2oD-mmi1sEr1mRE49OA27GOihp04306Sx4Lv-9sqAFPb5d_nZjQHMi0RBpqMGVIphfDmvS3cIRsbN0lZIt0eZaedC2yL18Wcc4gJ_whyeLrdzABPGIzarQA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAf_vIGzAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcDELh50ggPCIBhEAEYHzICigI6AoBAgAoByAsB2BMMiBQa0BUBgBcBshccChoIABIUcHViLTgyNTMxNzIxOTkwODk3MTMYAA&sigh=p9VC3ZucE3g&uach_m=[UACH]&cid=CAQSGwDq26N9CiaYiI56ixauHlJUDKBvTkVywQ1ViRgBIBM&template_id=5000
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8253172199089713&output=html&h=280&slotname=5362010817&adk=1057712553&adf=487298480&pi=t.ma~as.5362010817&w=1160&fwrn=4&fwrnh=100&lmt=1672798689&rafmt=1&format=1160x280&url=https%3A%2F%2Fpwedeh.com%2Ftag%2Fultralotto-658%2Fpage%2F2%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672798688702&bpp=2&bdt=2355&idt=546&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4489892786030&frm=20&pv=1&ga_vid=494072575.1672798688&ga_sid=1672798688&ga_hid=1947909348&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=220&ady=148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44776415%2C44780792&oid=2&pvsid=2391788490707384&tmod=304880314&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=axfFYkGRGa&p=https%3A//pwedeh.com&dtd=550
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8253172199089713&output=html&h=280&slotname=5362010817&adk=1057712553&adf=487298480&pi=t.ma~as.5362010817&w=1160&fwrn=4&fwrnh=100&lmt=1672798689&rafmt=1&format=1160x280&url=https%3A%2F%2Fpwedeh.com%2Ftag%2Fultralotto-658%2Fpage%2F2%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672798688702&bpp=2&bdt=2355&idt=546&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4489892786030&frm=20&pv=1&ga_vid=494072575.1672798688&ga_sid=1672798688&ga_hid=1947909348&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=220&ady=148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44776415%2C44780792&oid=2&pvsid=2391788490707384&tmod=304880314&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=axfFYkGRGa&p=https%3A//pwedeh.com&dtd=550
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 04 Jan 2023 02:18:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 04 Jan 2023 02:18:10 GMT
truncated
/ Frame 1537 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 1537 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 1537 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8253172199089713&output=html&h=280&slotname=5362010817&adk=1057712553&adf=487298480&pi=t.ma~as.5362010817&w=1160&fwrn=4&fwrnh=100&lmt=1672798689&rafmt=1&format=1160x280&url=https%3A%2F%2Fpwedeh.com%2Ftag%2Fultralotto-658%2Fpage%2F2%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672798688702&bpp=2&bdt=2355&idt=546&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4489892786030&frm=20&pv=1&ga_vid=494072575.1672798688&ga_sid=1672798688&ga_hid=1947909348&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=220&ady=148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44776415%2C44780792&oid=2&pvsid=2391788490707384&tmod=304880314&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=axfFYkGRGa&p=https%3A//pwedeh.com&dtd=550
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
cafe /
Resource Hash
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 11:36:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
52901
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9443
x-xss-protection
0
server
cafe
etag
9828741834572772835
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 17 Jan 2023 11:36:29 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 1537 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8253172199089713&output=html&h=280&slotname=5362010817&adk=1057712553&adf=487298480&pi=t.ma~as.5362010817&w=1160&fwrn=4&fwrnh=100&lmt=1672798689&rafmt=1&format=1160x280&url=https%3A%2F%2Fpwedeh.com%2Ftag%2Fultralotto-658%2Fpage%2F2%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672798688702&bpp=2&bdt=2355&idt=546&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4489892786030&frm=20&pv=1&ga_vid=494072575.1672798688&ga_sid=1672798688&ga_hid=1947909348&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=220&ady=148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44776415%2C44780792&oid=2&pvsid=2391788490707384&tmod=304880314&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=axfFYkGRGa&p=https%3A//pwedeh.com&dtd=550
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 05:36:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
74529
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 17 Jan 2023 05:36:01 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 1537 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8253172199089713&output=html&h=280&slotname=5362010817&adk=1057712553&adf=487298480&pi=t.ma~as.5362010817&w=1160&fwrn=4&fwrnh=100&lmt=1672798689&rafmt=1&format=1160x280&url=https%3A%2F%2Fpwedeh.com%2Ftag%2Fultralotto-658%2Fpage%2F2%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672798688702&bpp=2&bdt=2355&idt=546&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4489892786030&frm=20&pv=1&ga_vid=494072575.1672798688&ga_sid=1672798688&ga_hid=1947909348&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=220&ady=148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44776415%2C44780792&oid=2&pvsid=2391788490707384&tmod=304880314&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=axfFYkGRGa&p=https%3A//pwedeh.com&dtd=550
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 19:37:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
24011
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 17 Jan 2023 19:37:59 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1537 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8253172199089713&output=html&h=280&slotname=5362010817&adk=1057712553&adf=487298480&pi=t.ma~as.5362010817&w=1160&fwrn=4&fwrnh=100&lmt=1672798689&rafmt=1&format=1160x280&url=https%3A%2F%2Fpwedeh.com%2Ftag%2Fultralotto-658%2Fpage%2F2%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672798688702&bpp=2&bdt=2355&idt=546&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4489892786030&frm=20&pv=1&ga_vid=494072575.1672798688&ga_sid=1672798688&ga_hid=1947909348&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=220&ady=148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44776415%2C44780792&oid=2&pvsid=2391788490707384&tmod=304880314&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=axfFYkGRGa&p=https%3A//pwedeh.com&dtd=550
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 02:18:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 04 Jan 2023 02:18:10 GMT
5abbe811e7745ada511aeaa994a13f9f.js
www.gstatic.com/mysidia/ Frame 1537 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8253172199089713&output=html&h=280&slotname=5362010817&adk=1057712553&adf=487298480&pi=t.ma~as.5362010817&w=1160&fwrn=4&fwrnh=100&lmt=1672798689&rafmt=1&format=1160x280&url=https%3A%2F%2Fpwedeh.com%2Ftag%2Fultralotto-658%2Fpage%2F2%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672798688702&bpp=2&bdt=2355&idt=546&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4489892786030&frm=20&pv=1&ga_vid=494072575.1672798688&ga_sid=1672798688&ga_hid=1947909348&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=220&ady=148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44776415%2C44780792&oid=2&pvsid=2391788490707384&tmod=304880314&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=axfFYkGRGa&p=https%3A//pwedeh.com&dtd=550
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f94.1e100.net
Software
sffe /
Resource Hash
6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 11:20:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53888
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14213
x-xss-protection
0
last-modified
Thu, 08 Dec 2022 23:34:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 03 Apr 2023 11:20:02 GMT
truncated
/ Frame 1537 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f41c42623c56a098792015a18bd869a7c7813502f82f79bd681509d273449d79

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/ 		150 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/reactive_library_fy2021.js?bust=31071219
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js?bust=31071219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
696ce8d155751f99273cfbc812210802f0c3ab1aab2d00bd2c7f9f18e75b10a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pwedeh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 02:18:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52344
x-xss-protection
0
server
cafe
etag
7612040953531166784
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 04 Jan 2023 02:18:11 GMT
integrator.js
adservice.google.com.au/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=pwedeh.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js?bust=31071219
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pwedeh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 02:18:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=pwedeh.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js?bust=31071219
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pwedeh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 02:18:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C202 		69 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8253172199089713&output=html&h=250&adk=3278163190&adf=3458822843&pi=t.aa~a.4020363953~rp.4&w=320&fwrn=4&fwrnh=100&lmt=1672798690&rafmt=1&to=qs&pwprc=8831098242&format=320x250&url=https%3A%2F%2Fpwedeh.com%2Ftag%2Fultralotto-658%2Fpage%2F2%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672798690938&bpp=2&bdt=4591&idt=2&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D054b7266c4a9afe1-22bac65f29d90081%3AT%3D1672798689%3ART%3D1672798689%3AS%3DALNI_MYnzgmfOySWzA9OqAzE11ZdRvk8ZQ&gpic=UID%3D00000b9d8ae6feb6%3AT%3D1672798689%3ART%3D1672798689%3AS%3DALNI_MbuSvxg73P_e3oSzlFVfgNjILeC_A&prev_fmts=0x0%2C1160x280&nras=2&correlator=4489892786030&frm=20&pv=1&ga_vid=494072575.1672798688&ga_sid=1672798688&ga_hid=1947909348&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1912&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44776415%2C44780792&oid=2&psts=ACgb8tunMHDKgBrxA24YAvOt0UpXtDH16FywgIPGJ1J_Rz-p0YtRGfSNbG7Gd7z8S8MlRbma3V1sbNWWzpisXPCPNA&pvsid=2391788490707384&tmod=304880314&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hSt9I7pAgG&p=https%3A//pwedeh.com&dtd=10
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js?bust=31071219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
7897c08881863169799b1ed2fd45f24a3ab1307efbb0bcedf8c895762c27639a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pwedeh.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
31352
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 04 Jan 2023 02:18:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 1537 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f94.1e100.net
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 16:23:49 GMT
x-content-type-options
nosniff
age
208462
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 01 Jan 2024 16:23:49 GMT
3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js
pagead2.googlesyndication.com/bg/ Frame A486 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8253172199089713&output=html&h=280&slotname=5362010817&adk=1057712553&adf=487298480&pi=t.ma~as.5362010817&w=1160&fwrn=4&fwrnh=100&lmt=1672798689&rafmt=1&format=1160x280&url=https%3A%2F%2Fpwedeh.com%2Ftag%2Fultralotto-658%2Fpage%2F2%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672798688702&bpp=2&bdt=2355&idt=546&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4489892786030&frm=20&pv=1&ga_vid=494072575.1672798688&ga_sid=1672798688&ga_hid=1947909348&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=220&ady=148&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44776415%2C44780792&oid=2&pvsid=2391788490707384&tmod=304880314&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=axfFYkGRGa&p=https%3A//pwedeh.com&dtd=550
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
sffe /
Resource Hash
dd6a4d39482b37efe9c55c363401d536da1f7abff0e9a2dbdd91d718700ce386
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 31 Dec 2022 19:39:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
283143
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16071
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 31 Dec 2023 19:39:08 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/ Frame 56B0 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js?bust=31071219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pwedeh.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
65740
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 03 Jan 2023 08:02:31 GMT
etag
10353107486223812946
expires
Tue, 17 Jan 2023 08:02:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/ Frame 8DBD 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js?bust=31071219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pwedeh.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
65740
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 03 Jan 2023 08:02:31 GMT
etag
10353107486223812946
expires
Tue, 17 Jan 2023 08:02:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/ Frame 4307 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js?bust=31071219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pwedeh.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
65740
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 03 Jan 2023 08:02:31 GMT
etag
10353107486223812946
expires
Tue, 17 Jan 2023 08:02:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame 56B0 		4 KB
636 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f95.1e100.net
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 04 Jan 2023 02:18:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 04 Jan 2023 01:12:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 04 Jan 2023 02:18:11 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 56B0 		205 B
520 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f94.1e100.net
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 31 Dec 2022 23:11:57 GMT
x-content-type-options
nosniff
age
270374
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 31 Dec 2023 23:11:57 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 56B0 		604 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f94.1e100.net
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 02:10:40 GMT
x-content-type-options
nosniff
age
259651
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 01 Jan 2024 02:10:40 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ Frame 56B0 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
cafe /
Resource Hash
4d0ed9630334a711204c67723b1eb52755c8316466fa7e4e601958e0c12a5da9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 19:37:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
24018
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8084
x-xss-protection
0
server
cafe
etag
2222875591315018765
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 17 Jan 2023 19:37:53 GMT
css
fonts.googleapis.com/ Frame 8DBD 		8 KB
895 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f95.1e100.net
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 04 Jan 2023 02:18:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 04 Jan 2023 01:11:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 04 Jan 2023 02:18:11 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 8DBD 		2 KB
804 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 10:26:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
57095
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 17 Jan 2023 10:26:36 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 8DBD 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
cafe /
Resource Hash
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 11:36:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
52902
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9443
x-xss-protection
0
server
cafe
etag
9828741834572772835
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 17 Jan 2023 11:36:29 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 8DBD 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 05:36:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
74530
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 17 Jan 2023 05:36:01 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 8DBD 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 19:37:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
24012
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 17 Jan 2023 19:37:59 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8DBD 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 02:18:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 04 Jan 2023 02:18:12 GMT
5abbe811e7745ada511aeaa994a13f9f.js
www.gstatic.com/mysidia/ Frame 8DBD 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f94.1e100.net
Software
sffe /
Resource Hash
6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 11:20:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53889
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14213
x-xss-protection
0
last-modified
Thu, 08 Dec 2022 23:34:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 03 Apr 2023 11:20:02 GMT
css
fonts.googleapis.com/ Frame 4307 		4 KB
621 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f95.1e100.net
Software
ESF /
Resource Hash
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 04 Jan 2023 02:18:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 04 Jan 2023 01:12:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 04 Jan 2023 02:18:11 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 4307 		2 KB
799 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 10:26:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
57095
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 17 Jan 2023 10:26:36 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 4307 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CjYdn4eG0Y_rcFcugoQOmvouwBve086Juwpycqf4P4NGrp5wOEAEg3O3RB2ClgICAkAGgAbeYgaIoyAEJqQIi9bkwP5p6PqgDAcgDywSqBI0CT9CBtMZPVmorUXHEE6AJ4kgHY69f8I8UY1OIlKaIRTk9NsZ9HPXtRw_mxB7bRb0vGTYh8SeQmKvmnt4vv8fcILYX4aoSctWqwNIJcnwAkMuf1O1GBvsivoT_mF3CKXzsbx74GhzAurSEoJt8rmKD-av5dGxQl_gFnuCCIsQ-iwAwA-RbAJsbIL2-PawQMMTweal6z4kS-fe5_x0Z9a80d5_MVOeUQGe0S6Jx_kn4HsH-Mm2ZIn7jVjkpxVUcMcxg4Z5GuA6fyvpFuFtM29xOy9XyxWiWh2MK2M6lPH9li-jwMV-SAELs-T-8rqqI37eOvICXEquRqSKIcEwobdS98raW1nXklkJSXpBoWxLABLDKguanBJIFBAgEGAGSBQQIBRgEoAYugAfMzIy6A6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcDEL070ggPCIBhEAEYHzICigI6AoBAgAoByAsBuBPkA9gTDNAVAYAXAbIXHAoaCAASFHB1Yi04MjUzMTcyMTk5MDg5NzEzGAA&sigh=jw-0o7in9eo&uach_m=[UACH]&cid=CAQSGwDq26N9pCxPNFNS6R-AZ1DkNQxb9o3Cn-vz0xgBIBM&template_id=484
Requested by
Host: pwedeh.com
URL: https://pwedeh.com/tag/ultralotto-658/page/2/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 04 Jan 2023 02:18:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 4307 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
cafe /
Resource Hash
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 11:36:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
52902
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9443
x-xss-protection
0
server
cafe
etag
9828741834572772835
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 17 Jan 2023 11:36:29 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 4307 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 05:36:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
74530
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 17 Jan 2023 05:36:01 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 4307 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 19:37:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
24012
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 17 Jan 2023 19:37:59 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4307 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 02:18:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 04 Jan 2023 02:18:12 GMT
5abbe811e7745ada511aeaa994a13f9f.js
www.gstatic.com/mysidia/ Frame 4307 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f94.1e100.net
Software
sffe /
Resource Hash
6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 11:20:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53889
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14213
x-xss-protection
0
last-modified
Thu, 08 Dec 2022 23:34:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 03 Apr 2023 11:20:02 GMT
6592766407814317453
tpc.googlesyndication.com/simgad/1033188966053812890/ Frame 4307 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1033188966053812890/6592766407814317453
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
a4b5a64e905994fa7e0186f454a1e71772d7f884b773a52fa4c324499e412d08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 02:18:11 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48059
x-xss-protection
0
last-modified
Mon, 17 Oct 2022 13:07:06 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 04 Jan 2024 02:18:11 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/5308674890933219038/ Frame 4307 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5308674890933219038/14763004658117789537?w=100&h=100
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
77efe0996aa57cbec1f507ad09aaca04b20dbe2c9c0892ed8efe84eb176381e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 02 Jan 2023 13:23:00 GMT
x-content-type-options
nosniff
age
132911
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5757
x-xss-protection
0
last-modified
Fri, 24 Jun 2022 14:56:37 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 02 Jan 2024 13:23:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 9265 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssOUO317-jl5MN4P6FFwqjm4bGRvAhXH2OOsuzCzZ6qYflHhN-lYH_ySlLm4gcoKZRA9kkYk_IspSCWymrNLqXFjfbnK9Nieu7M0DhWeVTYxWakncWHPFU_70Gw_qnCFVRsdorcLRIk9L2kQ_zrykNk1jHbBwzrDEoDLpuC3xM9dINmoKTfTf3u4WP0Tv0o-6G33m6ILsUkge1R00bgRkHNt9FvI6aImK16oIWid6HyVDuPTGNsIJ2kz-6GY3wPGNV6ePDAvzLf91Kv8RN9_b6UHXyoDXJV9CxhCiSVKVRxJR5xd9GDGqDYrCUuD0SXN1byVrcyZzSgbzP3usCYFEvcMuniE_7LOeP2OjpvshKJmgX7BAKwo8iDQBQ3qDUCouY8mPd_RdVLl8srrJlIlCi6sgguYTLP2UIotZxSyPI9DOjV0ZFOv9ThwhprU6NkpX4cFXaHBXCUg9BZrY7MLal1voenodwEYnbaxDao8AYF7kWYy4cdxSZAiPIGPXXrDX1h1CH_ENraipJZ3p8tzU5Tuc8EphygwmuPS-_K5X6qx-0uspXX2PZpxy6LJJehqDxMroconQwGCoTk7OXo5-1RZNzgBTL4UNXABPHbxp2R_jBKiOTsfvt3-e5HF4DyyWCFLmqXqkFWRV8TGvMVlN_0uq2VxNQfjQbNUMy-7FnqYFal5ne2ST0ODqRFKsAjmmmyCOQNFqVfgABK6YG3s6x--Za7Dvlop5u4mCIQ2EcyUgeLJrWKOVukDmnysrJrVImwM37DcJD26upH0Bwg3QAoPixnHP9a88MWr1XZVbebyKerYY8I7L77HoxkfTh4w7mxBKm7LyV1bnhzyT09qZaekMFGe16hBX0z-0rGyOL14wqp1upMVmxg8s0WVtkcIRxiN8MatBSuAspFX2JlnIv9QztaoEDrlAhCqGwvdtVw7phO0T2PpcDJEYr0XxrGImzhQjNMciJhpZar8JBa4t4oUKgZMpjGbQxhjjJilNXKdDDzg0ATdU_TIU6QAu9XcZmS7UfoOjp56rNSz5AD1jwYtMiDRDmy70PTE5dNL-SnKdSW5QOQUgBIhbUuuuivL2nP&sai=AMfl-YRpAl1gqoaOugbXtimdKpUZk80dzXynfLRVl4aiHiIIsWsbUMnCA3fm3a6evexShzzx6j64WtH9UcqRM2HuThPIiD-H9RXajRis50pSLQcJ05sXInSihUsHqULkiSHoErSu0KFFl5n_8vrP9IPuSgw0PkrRwF68wzKpLRTYikf8Bxc2xX9mUQ_jSdhWqkC8NQiOdFIrRnF8mbgegPVLt4-tjvKyAmwOqSyiWHCMWvSlCDlYwBYVaAATe8oWZzG3xdpdj6iLDYe-Ki0QgfV59lFRA6ZL-k81d7b4VMax5thwwiCdBVrwChB4W5bQckdIXw3F32fvmzZvqY-oxbo0NEIxVGSIRBkB1DTPmvXIYn2lSi933r3EVicy6Nasn8O6GBPWHOfeBhph66LsY9NlWg&sig=Cg0ArKJSzFAPC-hlMJAoEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Requested by
Host: pwedeh.com
URL: https://pwedeh.com/tag/ultralotto-658/page/2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 04 Jan 2023 02:18:11 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 9265 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: pwedeh.com
URL: https://pwedeh.com/tag/ultralotto-658/page/2/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f149.1e100.net
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 10:06:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
58278
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 04 Jan 2023 10:06:54 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 9265 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: pwedeh.com
URL: https://pwedeh.com/tag/ultralotto-658/page/2/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 08:37:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
582012
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Dec 2023 08:37:59 GMT
m_js_controller_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 9265 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/m_js_controller_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8253172199089713&output=html&h=250&adk=3278163190&adf=3458822843&pi=t.aa~a.4020363953~rp.4&w=320&fwrn=4&fwrnh=100&lmt=1672798690&rafmt=1&to=qs&pwprc=8831098242&format=320x250&url=https%3A%2F%2Fpwedeh.com%2Ftag%2Fultralotto-658%2Fpage%2F2%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672798690938&bpp=2&bdt=4591&idt=2&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D054b7266c4a9afe1-22bac65f29d90081%3AT%3D1672798689%3ART%3D1672798689%3AS%3DALNI_MYnzgmfOySWzA9OqAzE11ZdRvk8ZQ&gpic=UID%3D00000b9d8ae6feb6%3AT%3D1672798689%3ART%3D1672798689%3AS%3DALNI_MbuSvxg73P_e3oSzlFVfgNjILeC_A&prev_fmts=0x0%2C1160x280&nras=2&correlator=4489892786030&frm=20&pv=1&ga_vid=494072575.1672798688&ga_sid=1672798688&ga_hid=1947909348&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1912&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44776415%2C44780792&oid=2&psts=ACgb8tunMHDKgBrxA24YAvOt0UpXtDH16FywgIPGJ1J_Rz-p0YtRGfSNbG7Gd7z8S8MlRbma3V1sbNWWzpisXPCPNA&pvsid=2391788490707384&tmod=304880314&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hSt9I7pAgG&p=https%3A//pwedeh.com&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
cafe /
Resource Hash
573fcadc366e8f2230cee46d844a9d93ad5e63f103c1eec28bb802e2657345a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 02:39:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
85142
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14217
x-xss-protection
0
server
cafe
etag
13612117104345174519
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 17 Jan 2023 02:39:09 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 9265 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8253172199089713&output=html&h=250&adk=3278163190&adf=3458822843&pi=t.aa~a.4020363953~rp.4&w=320&fwrn=4&fwrnh=100&lmt=1672798690&rafmt=1&to=qs&pwprc=8831098242&format=320x250&url=https%3A%2F%2Fpwedeh.com%2Ftag%2Fultralotto-658%2Fpage%2F2%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672798690938&bpp=2&bdt=4591&idt=2&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D054b7266c4a9afe1-22bac65f29d90081%3AT%3D1672798689%3ART%3D1672798689%3AS%3DALNI_MYnzgmfOySWzA9OqAzE11ZdRvk8ZQ&gpic=UID%3D00000b9d8ae6feb6%3AT%3D1672798689%3ART%3D1672798689%3AS%3DALNI_MbuSvxg73P_e3oSzlFVfgNjILeC_A&prev_fmts=0x0%2C1160x280&nras=2&correlator=4489892786030&frm=20&pv=1&ga_vid=494072575.1672798688&ga_sid=1672798688&ga_hid=1947909348&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1912&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44776415%2C44780792&oid=2&psts=ACgb8tunMHDKgBrxA24YAvOt0UpXtDH16FywgIPGJ1J_Rz-p0YtRGfSNbG7Gd7z8S8MlRbma3V1sbNWWzpisXPCPNA&pvsid=2391788490707384&tmod=304880314&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hSt9I7pAgG&p=https%3A//pwedeh.com&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 05:36:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
74530
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 17 Jan 2023 05:36:01 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 9265 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8253172199089713&output=html&h=250&adk=3278163190&adf=3458822843&pi=t.aa~a.4020363953~rp.4&w=320&fwrn=4&fwrnh=100&lmt=1672798690&rafmt=1&to=qs&pwprc=8831098242&format=320x250&url=https%3A%2F%2Fpwedeh.com%2Ftag%2Fultralotto-658%2Fpage%2F2%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672798690938&bpp=2&bdt=4591&idt=2&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D054b7266c4a9afe1-22bac65f29d90081%3AT%3D1672798689%3ART%3D1672798689%3AS%3DALNI_MYnzgmfOySWzA9OqAzE11ZdRvk8ZQ&gpic=UID%3D00000b9d8ae6feb6%3AT%3D1672798689%3ART%3D1672798689%3AS%3DALNI_MbuSvxg73P_e3oSzlFVfgNjILeC_A&prev_fmts=0x0%2C1160x280&nras=2&correlator=4489892786030&frm=20&pv=1&ga_vid=494072575.1672798688&ga_sid=1672798688&ga_hid=1947909348&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1912&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44776415%2C44780792&oid=2&psts=ACgb8tunMHDKgBrxA24YAvOt0UpXtDH16FywgIPGJ1J_Rz-p0YtRGfSNbG7Gd7z8S8MlRbma3V1sbNWWzpisXPCPNA&pvsid=2391788490707384&tmod=304880314&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hSt9I7pAgG&p=https%3A//pwedeh.com&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 19:37:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
24012
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 17 Jan 2023 19:37:59 GMT
l
www.google.com/ads/measurement/ Frame 9265 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS7HVRQY6uXOBlDE3_RZ8KKW4fysW1NKNrLbRNqPuBLG5JaY55OACEw9uQCJS4ZKHxsFNxFjSToe1fOxRoP-uE8stdwrA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8253172199089713&output=html&h=250&adk=3278163190&adf=3458822843&pi=t.aa~a.4020363953~rp.4&w=320&fwrn=4&fwrnh=100&lmt=1672798690&rafmt=1&to=qs&pwprc=8831098242&format=320x250&url=https%3A%2F%2Fpwedeh.com%2Ftag%2Fultralotto-658%2Fpage%2F2%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672798690938&bpp=2&bdt=4591&idt=2&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D054b7266c4a9afe1-22bac65f29d90081%3AT%3D1672798689%3ART%3D1672798689%3AS%3DALNI_MYnzgmfOySWzA9OqAzE11ZdRvk8ZQ&gpic=UID%3D00000b9d8ae6feb6%3AT%3D1672798689%3ART%3D1672798689%3AS%3DALNI_MbuSvxg73P_e3oSzlFVfgNjILeC_A&prev_fmts=0x0%2C1160x280&nras=2&correlator=4489892786030&frm=20&pv=1&ga_vid=494072575.1672798688&ga_sid=1672798688&ga_hid=1947909348&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1912&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44776415%2C44780792&oid=2&psts=ACgb8tunMHDKgBrxA24YAvOt0UpXtDH16FywgIPGJ1J_Rz-p0YtRGfSNbG7Gd7z8S8MlRbma3V1sbNWWzpisXPCPNA&pvsid=2391788490707384&tmod=304880314&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hSt9I7pAgG&p=https%3A//pwedeh.com&dtd=10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f147.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9265 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8253172199089713&output=html&h=250&adk=3278163190&adf=3458822843&pi=t.aa~a.4020363953~rp.4&w=320&fwrn=4&fwrnh=100&lmt=1672798690&rafmt=1&to=qs&pwprc=8831098242&format=320x250&url=https%3A%2F%2Fpwedeh.com%2Ftag%2Fultralotto-658%2Fpage%2F2%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672798690938&bpp=2&bdt=4591&idt=2&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D054b7266c4a9afe1-22bac65f29d90081%3AT%3D1672798689%3ART%3D1672798689%3AS%3DALNI_MYnzgmfOySWzA9OqAzE11ZdRvk8ZQ&gpic=UID%3D00000b9d8ae6feb6%3AT%3D1672798689%3ART%3D1672798689%3AS%3DALNI_MbuSvxg73P_e3oSzlFVfgNjILeC_A&prev_fmts=0x0%2C1160x280&nras=2&correlator=4489892786030&frm=20&pv=1&ga_vid=494072575.1672798688&ga_sid=1672798688&ga_hid=1947909348&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1912&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44776415%2C44780792&oid=2&psts=ACgb8tunMHDKgBrxA24YAvOt0UpXtDH16FywgIPGJ1J_Rz-p0YtRGfSNbG7Gd7z8S8MlRbma3V1sbNWWzpisXPCPNA&pvsid=2391788490707384&tmod=304880314&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hSt9I7pAgG&p=https%3A//pwedeh.com&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 02:18:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 04 Jan 2023 02:18:12 GMT
css
fonts.googleapis.com/ Frame 3E3A 		8 KB
895 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f95.1e100.net
Software
ESF /
Resource Hash
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 04 Jan 2023 02:18:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 04 Jan 2023 01:12:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 04 Jan 2023 02:18:11 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 3E3A 		2 KB
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
cafe /
Resource Hash
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 10:26:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
57095
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
738
x-xss-protection
0
server
cafe
etag
1394486882873449110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 17 Jan 2023 10:26:36 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 3E3A 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
cafe /
Resource Hash
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 11:36:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
52902
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9443
x-xss-protection
0
server
cafe
etag
9828741834572772835
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 17 Jan 2023 11:36:29 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 3E3A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 05:36:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
74530
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 17 Jan 2023 05:36:01 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 3E3A 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 19:37:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
24012
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 17 Jan 2023 19:37:59 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3E3A 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 02:18:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 04 Jan 2023 02:18:12 GMT
5abbe811e7745ada511aeaa994a13f9f.js
www.gstatic.com/mysidia/ Frame 3E3A 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/5abbe811e7745ada511aeaa994a13f9f.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f94.1e100.net
Software
sffe /
Resource Hash
6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 03 Jan 2023 11:20:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53889
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14213
x-xss-protection
0
last-modified
Thu, 08 Dec 2022 23:34:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 03 Apr 2023 11:20:02 GMT
truncated
/ Frame 4307 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
19de398cfe5bb7446aba8f974ef0b0ea920dd296bad5ca290c6df60d121f02c3

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3D76 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8253172199089713&output=html&h=250&adk=3278163190&adf=3458822843&pi=t.aa~a.4020363953~rp.4&w=320&fwrn=4&fwrnh=100&lmt=1672798690&rafmt=1&to=qs&pwprc=8831098242&format=320x250&url=https%3A%2F%2Fpwedeh.com%2Ftag%2Fultralotto-658%2Fpage%2F2%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672798690938&bpp=2&bdt=4591&idt=2&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D054b7266c4a9afe1-22bac65f29d90081%3AT%3D1672798689%3ART%3D1672798689%3AS%3DALNI_MYnzgmfOySWzA9OqAzE11ZdRvk8ZQ&gpic=UID%3D00000b9d8ae6feb6%3AT%3D1672798689%3ART%3D1672798689%3AS%3DALNI_MbuSvxg73P_e3oSzlFVfgNjILeC_A&prev_fmts=0x0%2C1160x280&nras=2&correlator=4489892786030&frm=20&pv=1&ga_vid=494072575.1672798688&ga_sid=1672798688&ga_hid=1947909348&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1912&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44776415%2C44780792&oid=2&psts=ACgb8tunMHDKgBrxA24YAvOt0UpXtDH16FywgIPGJ1J_Rz-p0YtRGfSNbG7Gd7z8S8MlRbma3V1sbNWWzpisXPCPNA&pvsid=2391788490707384&tmod=304880314&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hSt9I7pAgG&p=https%3A//pwedeh.com&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
65757
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 03 Jan 2023 08:02:15 GMT
etag
48472445140208031
expires
Wed, 04 Jan 2023 08:02:15 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 1537 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvj3QzP82b2GCxPPIzyJYLRrBYmbuM-hQbthMh0wk3LJ_ooJucZhHcpWfgNWPKAF-qXIoU81gicdvVJvX13XArKH-NPoyclTsAcTcWXu_wlhImdSARwcJVNJKKZ7KLvelnfnQw&sai=AMfl-YTUKECm28c1aChsj-6CRkOSlDHfTAviApjsOCOzBRyr16eP9CLd-pFLOIuJbfWsrdy2FpgdxLnYmxTBKRg&sig=Cg0ArKJSzKVxPYq2wlL3EAE&cid=CAQSGwDq26N9CiaYiI56ixauHlJUDKBvTkVywQ1ViRgBIBM&id=lidar2&mcvt=1000&p=0,0,280,1160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1057712553&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1672798689253&rpt=1805&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Jan 2023 02:18:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 9265 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6f0be9e3280238b5425cf146e218d9331fee6c3ac00ef99fa89532d46931294b

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 0D05 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
510676
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 29 Dec 2022 04:26:56 GMT
expires
Fri, 29 Dec 2023 04:26:56 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js
pagead2.googlesyndication.com/bg/ Frame BDE8 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js
Requested by
Host: pwedeh.com
URL: https://pwedeh.com/tag/ultralotto-658/page/2/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
sffe /
Resource Hash
dd6a4d39482b37efe9c55c363401d536da1f7abff0e9a2dbdd91d718700ce386
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 31 Dec 2022 19:39:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
283144
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16071
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 31 Dec 2023 19:39:08 GMT
i.match
s.tribalfusion.com/z/ Frame 3D76
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEGV8-1HcQlv4ZcUdZjHjuMo&google_cver=1&google_push=AavPq0NdKPB9Jhb7s_qxQ8VXWfxr_bdhU5zngjZAPp5935MUCaq4HyfaCnu6CeefOINwyu_J5RP1i7NRb0XoMwn7CgEu33eiRTUqk...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGV8-1HcQlv4ZcUdZjHjuMo&google_cver=1&google_push=AavPq0NdKPB9Jhb7s_qxQ8VXWfxr_bdhU5zngjZAPp5935MUCaq4HyfaCnu6CeefOINwyu_J5RP1i7NRb0XoMwn7CgEu33eiRTU...
43 B
433 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGV8-1HcQlv4ZcUdZjHjuMo&google_cver=1&google_push=AavPq0NdKPB9Jhb7s_qxQ8VXWfxr_bdhU5zngjZAPp5935MUCaq4HyfaCnu6CeefOINwyu_J5RP1i7NRb0XoMwn7CgEu33eiRTUqkvwuv-xyDQB2PU2pnersq6kKYAB0mDv7W2EgVnCOLLZF6A&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0NdKPB9Jhb7s_qxQ8VXWfxr_bdhU5zngjZAPp5935MUCaq4HyfaCnu6CeefOINwyu_J5RP1i7NRb0XoMwn7CgEu33eiRTUqkvwuv-xyDQB2PU2pnersq6kKYAB0mDv7W2EgVnCOLLZF6A%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8253172199089713&output=html&h=250&adk=3278163190&adf=3458822843&pi=t.aa~a.4020363953~rp.4&w=320&fwrn=4&fwrnh=100&lmt=1672798690&rafmt=1&to=qs&pwprc=8831098242&format=320x250&url=https%3A%2F%2Fpwedeh.com%2Ftag%2Fultralotto-658%2Fpage%2F2%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672798690938&bpp=2&bdt=4591&idt=2&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D054b7266c4a9afe1-22bac65f29d90081%3AT%3D1672798689%3ART%3D1672798689%3AS%3DALNI_MYnzgmfOySWzA9OqAzE11ZdRvk8ZQ&gpic=UID%3D00000b9d8ae6feb6%3AT%3D1672798689%3ART%3D1672798689%3AS%3DALNI_MbuSvxg73P_e3oSzlFVfgNjILeC_A&prev_fmts=0x0%2C1160x280&nras=2&correlator=4489892786030&frm=20&pv=1&ga_vid=494072575.1672798688&ga_sid=1672798688&ga_hid=1947909348&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1912&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44776415%2C44780792&oid=2&psts=ACgb8tunMHDKgBrxA24YAvOt0UpXtDH16FywgIPGJ1J_Rz-p0YtRGfSNbG7Gd7z8S8MlRbma3V1sbNWWzpisXPCPNA&pvsid=2391788490707384&tmod=304880314&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hSt9I7pAgG&p=https%3A//pwedeh.com&dtd=10
Protocol
H2
Server
104.18.24.173 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Jan 2023 02:18:13 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
78407b760a66aabb-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 04 Jan 2023 02:18:12 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
2354
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGV8-1HcQlv4ZcUdZjHjuMo&google_cver=1&google_push=AavPq0NdKPB9Jhb7s_qxQ8VXWfxr_bdhU5zngjZAPp5935MUCaq4HyfaCnu6CeefOINwyu_J5RP1i7NRb0XoMwn7CgEu33eiRTUqkvwuv-xyDQB2PU2pnersq6kKYAB0mDv7W2EgVnCOLLZF6A&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAavPq0NdKPB9Jhb7s_qxQ8VXWfxr_bdhU5zngjZAPp5935MUCaq4HyfaCnu6CeefOINwyu_J5RP1i7NRb0XoMwn7CgEu33eiRTUqkvwuv-xyDQB2PU2pnersq6kKYAB0mDv7W2EgVnCOLLZF6A%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
78407b745868aabb-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3D76
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEIOGqrW0kgV9E0erAZa38f4&google_cver=1&google_push=AavPq0Ohy0B-zFqEMeL_kCl9r_-URx0IzLmCAhxoqe1XEU0WoaSQPvHBrYFmNSQETnORRcvkbL6jI...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AavPq0Ohy0B-zFqEMeL_kCl9r_-URx0IzLmCAhxoqe1XEU0WoaSQPvHBrYFmNSQETnORRcvkbL6jIfte7BnLgsjoMf9Pf8Vi2wzmJczF_uHXyvkbsMWDHq06D26SKZhtpO...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AavPq0Ohy0B-zFqEMeL_kCl9r_-URx0IzLmCAhxoqe1XEU0WoaSQPvHBrYFmNSQETnORRcvkbL6jIfte7BnLgsjoMf9Pf8Vi2wzmJczF_uHXyvkbsMWDHq06D26SKZhtpORwa-nO4AeKJfAQQQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8253172199089713&output=html&h=250&adk=3278163190&adf=3458822843&pi=t.aa~a.4020363953~rp.4&w=320&fwrn=4&fwrnh=100&lmt=1672798690&rafmt=1&to=qs&pwprc=8831098242&format=320x250&url=https%3A%2F%2Fpwedeh.com%2Ftag%2Fultralotto-658%2Fpage%2F2%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672798690938&bpp=2&bdt=4591&idt=2&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D054b7266c4a9afe1-22bac65f29d90081%3AT%3D1672798689%3ART%3D1672798689%3AS%3DALNI_MYnzgmfOySWzA9OqAzE11ZdRvk8ZQ&gpic=UID%3D00000b9d8ae6feb6%3AT%3D1672798689%3ART%3D1672798689%3AS%3DALNI_MbuSvxg73P_e3oSzlFVfgNjILeC_A&prev_fmts=0x0%2C1160x280&nras=2&correlator=4489892786030&frm=20&pv=1&ga_vid=494072575.1672798688&ga_sid=1672798688&ga_hid=1947909348&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1912&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44776415%2C44780792&oid=2&psts=ACgb8tunMHDKgBrxA24YAvOt0UpXtDH16FywgIPGJ1J_Rz-p0YtRGfSNbG7Gd7z8S8MlRbma3V1sbNWWzpisXPCPNA&pvsid=2391788490707384&tmod=304880314&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hSt9I7pAgG&p=https%3A//pwedeh.com&dtd=10
Protocol
H3
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Jan 2023 02:18:12 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 04 Jan 2023 02:18:12 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: C2AA18DA5D88498B8071759AAE0A3192 Ref B: SYD03EDGE1407 Ref C: 2023-01-04T02:18:12Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AavPq0Ohy0B-zFqEMeL_kCl9r_-URx0IzLmCAhxoqe1XEU0WoaSQPvHBrYFmNSQETnORRcvkbL6jIfte7BnLgsjoMf9Pf8Vi2wzmJczF_uHXyvkbsMWDHq06D26SKZhtpORwa-nO4AeKJfAQQQ
x-li-proto
http/2
content-length
0
x-li-uuid
AAXxZsva9Oab5xJkfONJ+g==
pixel
cm.g.doubleclick.net/ Frame 3D76
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEP3hdDc53cJ23frbE5jyxIM&google_cver=1&google_push=AavPq0MSTEnU5EEu3uoc4lN4U9xljtNXOQvfYvfLpyP2XERWpzXF0lgT-qnk6S0aTPkBVmBNliucOozVoMOReXRMonFqMtIXNZamB...
  • https://rtb.openx.net/sync/dds?google_gid=CAESEP3hdDc53cJ23frbE5jyxIM&google_cver=1&google_push=AavPq0MSTEnU5EEu3uoc4lN4U9xljtNXOQvfYvfLpyP2XERWpzXF0lgT-qnk6S0aTPkBVmBNliucOozVoMOReXRMonFqMtIXNZamB...
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AavPq0MSTEnU5EEu3uoc4lN4U9xljtNXOQvfYvfLpyP2XERWpzXF0lgT-qnk6S0aTPkBVmBNliucOozVoMOReXRMonFqMtIXNZamBDZ_blvViInpzEczXnwTDZZA05FZflr83V...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AavPq0MSTEnU5EEu3uoc4lN4U9xljtNXOQvfYvfLpyP2XERWpzXF0lgT-qnk6S0aTPkBVmBNliucOozVoMOReXRMonFqMtIXNZamBDZ_blvViInpzEczXnwTDZZA05FZflr83VS4uq9iUcB9VQ&google_hm=L-Dc-MIJyGMFagOCcaNFTA==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8253172199089713&output=html&h=250&adk=3278163190&adf=3458822843&pi=t.aa~a.4020363953~rp.4&w=320&fwrn=4&fwrnh=100&lmt=1672798690&rafmt=1&to=qs&pwprc=8831098242&format=320x250&url=https%3A%2F%2Fpwedeh.com%2Ftag%2Fultralotto-658%2Fpage%2F2%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672798690938&bpp=2&bdt=4591&idt=2&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D054b7266c4a9afe1-22bac65f29d90081%3AT%3D1672798689%3ART%3D1672798689%3AS%3DALNI_MYnzgmfOySWzA9OqAzE11ZdRvk8ZQ&gpic=UID%3D00000b9d8ae6feb6%3AT%3D1672798689%3ART%3D1672798689%3AS%3DALNI_MbuSvxg73P_e3oSzlFVfgNjILeC_A&prev_fmts=0x0%2C1160x280&nras=2&correlator=4489892786030&frm=20&pv=1&ga_vid=494072575.1672798688&ga_sid=1672798688&ga_hid=1947909348&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1912&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44776415%2C44780792&oid=2&psts=ACgb8tunMHDKgBrxA24YAvOt0UpXtDH16FywgIPGJ1J_Rz-p0YtRGfSNbG7Gd7z8S8MlRbma3V1sbNWWzpisXPCPNA&pvsid=2391788490707384&tmod=304880314&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hSt9I7pAgG&p=https%3A//pwedeh.com&dtd=10
Protocol
H3
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Jan 2023 02:18:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 04 Jan 2023 02:18:12 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AavPq0MSTEnU5EEu3uoc4lN4U9xljtNXOQvfYvfLpyP2XERWpzXF0lgT-qnk6S0aTPkBVmBNliucOozVoMOReXRMonFqMtIXNZamBDZ_blvViInpzEczXnwTDZZA05FZflr83VS4uq9iUcB9VQ&google_hm=L-Dc-MIJyGMFagOCcaNFTA==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
o9g553n33qf75bdjan69i6i293l7db76
pixel
cm.g.doubleclick.net/ Frame 3D76
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=R_sbhEorSRydPLjvbIWtiw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=R_sbhEorSRydPLjvbIWtiw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0OIKglmSwXSeg3qK3nTLHWbitFoXlFNNfk--EoXtpCjLaVTnAOaad6JsJEuC_yKys5WrjIAuNv94KkzZYsw6pfXhzWQG5zr-OVwfc5ab9q5l42WXxnW_3GB6VlSDX8WpM8Tf-DTJnA4Mg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8253172199089713&output=html&h=250&adk=3278163190&adf=3458822843&pi=t.aa~a.4020363953~rp.4&w=320&fwrn=4&fwrnh=100&lmt=1672798690&rafmt=1&to=qs&pwprc=8831098242&format=320x250&url=https%3A%2F%2Fpwedeh.com%2Ftag%2Fultralotto-658%2Fpage%2F2%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672798690938&bpp=2&bdt=4591&idt=2&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D054b7266c4a9afe1-22bac65f29d90081%3AT%3D1672798689%3ART%3D1672798689%3AS%3DALNI_MYnzgmfOySWzA9OqAzE11ZdRvk8ZQ&gpic=UID%3D00000b9d8ae6feb6%3AT%3D1672798689%3ART%3D1672798689%3AS%3DALNI_MbuSvxg73P_e3oSzlFVfgNjILeC_A&prev_fmts=0x0%2C1160x280&nras=2&correlator=4489892786030&frm=20&pv=1&ga_vid=494072575.1672798688&ga_sid=1672798688&ga_hid=1947909348&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1912&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44776415%2C44780792&oid=2&psts=ACgb8tunMHDKgBrxA24YAvOt0UpXtDH16FywgIPGJ1J_Rz-p0YtRGfSNbG7Gd7z8S8MlRbma3V1sbNWWzpisXPCPNA&pvsid=2391788490707384&tmod=304880314&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hSt9I7pAgG&p=https%3A//pwedeh.com&dtd=10
Protocol
H3
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Jan 2023 02:18:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=R_sbhEorSRydPLjvbIWtiw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AavPq0OIKglmSwXSeg3qK3nTLHWbitFoXlFNNfk--EoXtpCjLaVTnAOaad6JsJEuC_yKys5WrjIAuNv94KkzZYsw6pfXhzWQG5zr-OVwfc5ab9q5l42WXxnW_3GB6VlSDX8WpM8Tf-DTJnA4Mg
date
Wed, 04 Jan 2023 02:18:12 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 3D76
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEIr31jIRcUzx1N599Y9yXec&google_cver=1&google_push=AavPq0NUb_Hdhsckuvvzdcr9pzq7kFSME4nPWDxdevPQdpB7jB82kwoM6xqimzJa90-uDarvKftvEsIlUqgy7HiFjYqlDV9NtZ7...
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AavPq0NUb_Hdhsckuvvzdcr9pzq7kFSME4nPWDxdevPQdpB7jB82kwoM6xqimzJa90-uDarvKftvEsIlUqgy7HiFjYqlDV9NtZ7V0vfXkCdJFCUPImJouqQEKqVtbmh20c1...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AavPq0NUb_Hdhsckuvvzdcr9pzq7kFSME4nPWDxdevPQdpB7jB82kwoM6xqimzJa90-uDarvKftvEsIlUqgy7HiFjYqlDV9NtZ7V0vfXkCdJFCUPImJouqQEKqVtbmh20c1xw3Pk1_Jtq7h-&google_hm=Z2M0YTNhNjZmOWIyM2NkNTkyYjA=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8253172199089713&output=html&h=250&adk=3278163190&adf=3458822843&pi=t.aa~a.4020363953~rp.4&w=320&fwrn=4&fwrnh=100&lmt=1672798690&rafmt=1&to=qs&pwprc=8831098242&format=320x250&url=https%3A%2F%2Fpwedeh.com%2Ftag%2Fultralotto-658%2Fpage%2F2%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672798690938&bpp=2&bdt=4591&idt=2&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D054b7266c4a9afe1-22bac65f29d90081%3AT%3D1672798689%3ART%3D1672798689%3AS%3DALNI_MYnzgmfOySWzA9OqAzE11ZdRvk8ZQ&gpic=UID%3D00000b9d8ae6feb6%3AT%3D1672798689%3ART%3D1672798689%3AS%3DALNI_MbuSvxg73P_e3oSzlFVfgNjILeC_A&prev_fmts=0x0%2C1160x280&nras=2&correlator=4489892786030&frm=20&pv=1&ga_vid=494072575.1672798688&ga_sid=1672798688&ga_hid=1947909348&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1912&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44776415%2C44780792&oid=2&psts=ACgb8tunMHDKgBrxA24YAvOt0UpXtDH16FywgIPGJ1J_Rz-p0YtRGfSNbG7Gd7z8S8MlRbma3V1sbNWWzpisXPCPNA&pvsid=2391788490707384&tmod=304880314&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hSt9I7pAgG&p=https%3A//pwedeh.com&dtd=10
Protocol
H3
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Jan 2023 02:18:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 04 Jan 2023 02:18:12 GMT
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AavPq0NUb_Hdhsckuvvzdcr9pzq7kFSME4nPWDxdevPQdpB7jB82kwoM6xqimzJa90-uDarvKftvEsIlUqgy7HiFjYqlDV9NtZ7V0vfXkCdJFCUPImJouqQEKqVtbmh20c1xw3Pk1_Jtq7h-&google_hm=Z2M0YTNhNjZmOWIyM2NkNTkyYjA=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
pixel
cm.g.doubleclick.net/ Frame 3D76
Redirect Chain
  • https://google.dap.fw-ad.jp/dsp/google/pixel?google_gid=CAESEGf4Zfu714QMDd9oipcnSFA&google_cver=1&google_push=AavPq0NRq_s6niyXDF3PH_lYsRskbjIK8Gn1qg_CcuZnCoK-p09s5RuN4WH_nwmUY9bqMH6F_n9_rYtBXYMReak...
  • https://cm.g.doubleclick.net/pixel?google_nid=docomo_ads_platform&google_push=AavPq0NRq_s6niyXDF3PH_lYsRskbjIK8Gn1qg_CcuZnCoK-p09s5RuN4WH_nwmUY9bqMH6F_n9_rYtBXYMReakqnoUIz4KJ-63Fua8XN4vCdZwURbC-PjG...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=docomo_ads_platform&google_push=AavPq0NRq_s6niyXDF3PH_lYsRskbjIK8Gn1qg_CcuZnCoK-p09s5RuN4WH_nwmUY9bqMH6F_n9_rYtBXYMReakqnoUIz4KJ-63Fua8XN4vCdZwURbC-PjGVN6AMynSggkeBVXIWDjtkIsDqPg&google_hm=NDQzMWUwYjgtMWI2MC0zYzViLThkNjctNWY2YjU0NDM2ZDE5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8253172199089713&output=html&h=250&adk=3278163190&adf=3458822843&pi=t.aa~a.4020363953~rp.4&w=320&fwrn=4&fwrnh=100&lmt=1672798690&rafmt=1&to=qs&pwprc=8831098242&format=320x250&url=https%3A%2F%2Fpwedeh.com%2Ftag%2Fultralotto-658%2Fpage%2F2%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672798690938&bpp=2&bdt=4591&idt=2&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D054b7266c4a9afe1-22bac65f29d90081%3AT%3D1672798689%3ART%3D1672798689%3AS%3DALNI_MYnzgmfOySWzA9OqAzE11ZdRvk8ZQ&gpic=UID%3D00000b9d8ae6feb6%3AT%3D1672798689%3ART%3D1672798689%3AS%3DALNI_MbuSvxg73P_e3oSzlFVfgNjILeC_A&prev_fmts=0x0%2C1160x280&nras=2&correlator=4489892786030&frm=20&pv=1&ga_vid=494072575.1672798688&ga_sid=1672798688&ga_hid=1947909348&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1912&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44776415%2C44780792&oid=2&psts=ACgb8tunMHDKgBrxA24YAvOt0UpXtDH16FywgIPGJ1J_Rz-p0YtRGfSNbG7Gd7z8S8MlRbma3V1sbNWWzpisXPCPNA&pvsid=2391788490707384&tmod=304880314&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hSt9I7pAgG&p=https%3A//pwedeh.com&dtd=10
Protocol
H3
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Jan 2023 02:18:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=docomo_ads_platform&google_push=AavPq0NRq_s6niyXDF3PH_lYsRskbjIK8Gn1qg_CcuZnCoK-p09s5RuN4WH_nwmUY9bqMH6F_n9_rYtBXYMReakqnoUIz4KJ-63Fua8XN4vCdZwURbC-PjGVN6AMynSggkeBVXIWDjtkIsDqPg&google_hm=NDQzMWUwYjgtMWI2MC0zYzViLThkNjctNWY2YjU0NDM2ZDE5
date
Wed, 04 Jan 2023 02:18:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-store
content-length
0
pixel
cm.g.doubleclick.net/ Frame 3D76
Redirect Chain
  • https://secure.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=${BASE64_UID_ENC}&google_gid=CAESEAie-alEfZPyEbQ3J2eK8MU&google_cver=1&google_push=AavPq0OILlmhXFDFe...
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dxandr_eb%26google_hm%3D%24%7BBASE64_UID_ENC%7D%26google_gid%3DCAESEAie-alEfZPyEbQ3J2eK8MU%26goo...
  • https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MjIwMzgxOTcyNDgyMzg1NTExMg%3D%3D&google_gid=CAESEAie-alEfZPyEbQ3J2eK8MU&google_cver=1&google_push=AavPq0OILlmhXFDFejjSx23KMlxNzF97mZ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MjIwMzgxOTcyNDgyMzg1NTExMg%3D%3D&google_gid=CAESEAie-alEfZPyEbQ3J2eK8MU&google_cver=1&google_push=AavPq0OILlmhXFDFejjSx23KMlxNzF97mZ-VrPOy3f3Th4NIsAc5QO_iKScyuBbp8M-ggUpnKWjP7arg-IEtZ9c5B4OVLYiDg9P60vQD7yhQEawqfKtRZPGv9GRYK7YJOb_ToqqQUc1CTa2mR1o
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8253172199089713&output=html&h=250&adk=3278163190&adf=3458822843&pi=t.aa~a.4020363953~rp.4&w=320&fwrn=4&fwrnh=100&lmt=1672798690&rafmt=1&to=qs&pwprc=8831098242&format=320x250&url=https%3A%2F%2Fpwedeh.com%2Ftag%2Fultralotto-658%2Fpage%2F2%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672798690938&bpp=2&bdt=4591&idt=2&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D054b7266c4a9afe1-22bac65f29d90081%3AT%3D1672798689%3ART%3D1672798689%3AS%3DALNI_MYnzgmfOySWzA9OqAzE11ZdRvk8ZQ&gpic=UID%3D00000b9d8ae6feb6%3AT%3D1672798689%3ART%3D1672798689%3AS%3DALNI_MbuSvxg73P_e3oSzlFVfgNjILeC_A&prev_fmts=0x0%2C1160x280&nras=2&correlator=4489892786030&frm=20&pv=1&ga_vid=494072575.1672798688&ga_sid=1672798688&ga_hid=1947909348&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1912&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44776415%2C44780792&oid=2&psts=ACgb8tunMHDKgBrxA24YAvOt0UpXtDH16FywgIPGJ1J_Rz-p0YtRGfSNbG7Gd7z8S8MlRbma3V1sbNWWzpisXPCPNA&pvsid=2391788490707384&tmod=304880314&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hSt9I7pAgG&p=https%3A//pwedeh.com&dtd=10
Protocol
H3
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Jan 2023 02:18:13 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 04 Jan 2023 02:18:13 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
173.245.209.166; 173.245.209.166; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
d2af48ee-98a8-47be-b63b-4f82ac8918e9
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=xandr_eb&google_hm=MjIwMzgxOTcyNDgyMzg1NTExMg%3D%3D&google_gid=CAESEAie-alEfZPyEbQ3J2eK8MU&google_cver=1&google_push=AavPq0OILlmhXFDFejjSx23KMlxNzF97mZ-VrPOy3f3Th4NIsAc5QO_iKScyuBbp8M-ggUpnKWjP7arg-IEtZ9c5B4OVLYiDg9P60vQD7yhQEawqfKtRZPGv9GRYK7YJOb_ToqqQUc1CTa2mR1o
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 3D76 		0
69 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IPkuW0BG5Q07US5HlSVjSjhsKqY20SR41tUQHWwq0AGv4Tvq1WmHCJuxviRZKEqSu1WkLuOAQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8253172199089713&output=html&h=250&adk=3278163190&adf=3458822843&pi=t.aa~a.4020363953~rp.4&w=320&fwrn=4&fwrnh=100&lmt=1672798690&rafmt=1&to=qs&pwprc=8831098242&format=320x250&url=https%3A%2F%2Fpwedeh.com%2Ftag%2Fultralotto-658%2Fpage%2F2%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672798690938&bpp=2&bdt=4591&idt=2&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D054b7266c4a9afe1-22bac65f29d90081%3AT%3D1672798689%3ART%3D1672798689%3AS%3DALNI_MYnzgmfOySWzA9OqAzE11ZdRvk8ZQ&gpic=UID%3D00000b9d8ae6feb6%3AT%3D1672798689%3ART%3D1672798689%3AS%3DALNI_MbuSvxg73P_e3oSzlFVfgNjILeC_A&prev_fmts=0x0%2C1160x280&nras=2&correlator=4489892786030&frm=20&pv=1&ga_vid=494072575.1672798688&ga_sid=1672798688&ga_hid=1947909348&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1912&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44776415%2C44780792&oid=2&psts=ACgb8tunMHDKgBrxA24YAvOt0UpXtDH16FywgIPGJ1J_Rz-p0YtRGfSNbG7Gd7z8S8MlRbma3V1sbNWWzpisXPCPNA&pvsid=2391788490707384&tmod=304880314&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hSt9I7pAgG&p=https%3A//pwedeh.com&dtd=10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 02:18:12 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js
pagead2.googlesyndication.com/bg/ Frame B3DE 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js
Requested by
Host: pwedeh.com
URL: https://pwedeh.com/tag/ultralotto-658/page/2/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
sffe /
Resource Hash
dd6a4d39482b37efe9c55c363401d536da1f7abff0e9a2dbdd91d718700ce386
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 31 Dec 2022 19:39:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
283144
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16071
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 31 Dec 2023 19:39:08 GMT
3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js
pagead2.googlesyndication.com/bg/ Frame E170 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js
Requested by
Host: pwedeh.com
URL: https://pwedeh.com/tag/ultralotto-658/page/2/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
sffe /
Resource Hash
dd6a4d39482b37efe9c55c363401d536da1f7abff0e9a2dbdd91d718700ce386
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 31 Dec 2022 19:39:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
283144
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16071
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 31 Dec 2023 19:39:08 GMT
index.html
s0.2mdn.net/sadbundle/4389378310692617716/MAR420-money-redHighlight-PL-300x250/ Frame F36B 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4389378310692617716/MAR420-money-redHighlight-PL-300x250/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f149.1e100.net
Software
sffe /
Resource Hash
9b6909bd92eed092886dc0f99f782fb0979537509ea344a788fb02b6e2802169
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
180274
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1657
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Mon, 02 Jan 2023 00:13:38 GMT
expires
Tue, 02 Jan 2024 00:13:38 GMT
last-modified
Tue, 02 Aug 2022 15:41:58 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js
pagead2.googlesyndication.com/bg/ Frame 0D05 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
sffe /
Resource Hash
dd6a4d39482b37efe9c55c363401d536da1f7abff0e9a2dbdd91d718700ce386
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 31 Dec 2022 19:39:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
283144
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16071
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 31 Dec 2023 19:39:08 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0D05 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BG1ti4-G0Y7HhA-iSssUPyeymiAMAAAAAOAHgBAI&bg=!fn2lfTnNAAYgquz3AKo7ACkAdvg8WreXkcSfGFI-ukBNLpwY7SheB-vzt3--RwZPytUydrMC-mjjqwIAAABTUgAAAAJoAQcKACfOFmL7xXnQ4baM9evxFVg1PmonzX5342kaybSUMEyXwD9NxiSysAWZAx6ylDZdzE9kwayBcXZxZ4XRSgGinvabrRLrSATbaeP6K9wX5_cfFZozOXQZPtOHmM9UJLpE4Huuk4mIzmgSJdd7NayHC1WSQagQDoc-ipvmj7TQqOisOUoppKeeb7MLdml_aqqi8X9bGlby5aTeo5rUAqvl45xnVFwAEzuRc_z6TY2yWB55fYZC19F5_NPOFCWKqL2uEdPmJuAOFBEzyRNNYDjNjcSOZtv29V3p-MwXaAZMNvni9M3-AHvJLqBhhd381RlyB9z1eLo5e4IgjSYrIgo3xaD7gwMBe1g587vyxo5vYVm_3bCtLZwlcxYmIUekwBl_1lsvNP-HaPEVcfxJwm092mLfhRHbDoRfkTTcJuemXIMOtATQpZD1mYjQMAU2vcnOKxyvQei9aTseIO9Q3YPMzRte5DLvEVZjjb3JrvarfX1BAI6sr3tiRvj-pQ6bpzUohY1HDLY_VVqwP1qLCqWniSQ_o4rpq9GzL-MgIyseDnOlIfdCz0qtAiByvIGv6Ef4wMoR3LCLrv85aV74mG-Wrn2x2SP_RIN92FaoXQIorLl8aq3afxJv-p0qmiDSzPiV0LEqfpNyGkhn2YuRElFB1tWoAaYYY2LmhaMgLbOzubKxXSZI4EH1xocyRA4LzB4eWf334ZsnQMKaSejxGwIGt6N7LKTFSU_OZ6gS08Q3_IqRuM2Ym2Uwyfs8gbEYe-Ct8HGSKVVtdVuJ-5Tgbv_1Jcs36bbZayERAbA6RhsWkNucIRBDYTJEd-VQqKtJFS8aNUaoycfEQ5BsRQ7V-agZ-ekhm5QZxCaCWHk31cItM9S9rmfKAlRYRyX5ZKnGoic4Axqqhr1h2hdKPG4PGxskrr1OvWR2HrLlDtjNnKODehqGdO36JPlDHCYujeQM0UsYYBGh6Gp_gN8aop8prNqO30U7bBSTRxH3Uv8qXEHijIyd6DFzOusJNtEXi0dGsPaRwj1DXFhbYxw9RKhx6WJ-fk2N1rWJr3zZXB67JPxKflpgzuxcwP52mZnEqDpOYUyxp4jDhHOl7d1DLZVvSUIB4n-CDHbhUzS7pqY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8253172199089713&output=html&h=250&adk=3278163190&adf=3458822843&pi=t.aa~a.4020363953~rp.4&w=320&fwrn=4&fwrnh=100&lmt=1672798690&rafmt=1&to=qs&pwprc=8831098242&format=320x250&url=https%3A%2F%2Fpwedeh.com%2Ftag%2Fultralotto-658%2Fpage%2F2%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672798690938&bpp=2&bdt=4591&idt=2&shv=r20221207&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D054b7266c4a9afe1-22bac65f29d90081%3AT%3D1672798689%3ART%3D1672798689%3AS%3DALNI_MYnzgmfOySWzA9OqAzE11ZdRvk8ZQ&gpic=UID%3D00000b9d8ae6feb6%3AT%3D1672798689%3ART%3D1672798689%3AS%3DALNI_MbuSvxg73P_e3oSzlFVfgNjILeC_A&prev_fmts=0x0%2C1160x280&nras=2&correlator=4489892786030&frm=20&pv=1&ga_vid=494072575.1672798688&ga_sid=1672798688&ga_hid=1947909348&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1060&ady=1912&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071219%2C44776415%2C44780792&oid=2&psts=ACgb8tunMHDKgBrxA24YAvOt0UpXtDH16FywgIPGJ1J_Rz-p0YtRGfSNbG7Gd7z8S8MlRbma3V1sbNWWzpisXPCPNA&pvsid=2391788490707384&tmod=304880314&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=hSt9I7pAgG&p=https%3A//pwedeh.com&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Jan 2023 02:18:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
style.css
s0.2mdn.net/sadbundle/4389378310692617716/MAR420-money-redHighlight-PL-300x250/styles/ Frame F36B 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4389378310692617716/MAR420-money-redHighlight-PL-300x250/styles/style.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4389378310692617716/MAR420-money-redHighlight-PL-300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f149.1e100.net
Software
sffe /
Resource Hash
43929d4f332fedde50c389c39459b5dadba85d41cd9460bb93e9b8f0355ed55c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4389378310692617716/MAR420-money-redHighlight-PL-300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 31 Dec 2022 21:00:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
278283
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1023
x-xss-protection
0
last-modified
Tue, 02 Aug 2022 15:41:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 31 Dec 2023 21:00:10 GMT
george-150.jpg
s0.2mdn.net/sadbundle/4389378310692617716/MAR420-money-redHighlight-PL-300x250/images/ Frame F36B 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4389378310692617716/MAR420-money-redHighlight-PL-300x250/images/george-150.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4389378310692617716/MAR420-money-redHighlight-PL-300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f149.1e100.net
Software
sffe /
Resource Hash
808be5728137e02d2f3ebc535636a7838897765c817e4a143aee35790f0ca07e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4389378310692617716/MAR420-money-redHighlight-PL-300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 06:47:01 GMT
x-content-type-options
nosniff
age
588672
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22685
x-xss-protection
0
last-modified
Tue, 02 Aug 2022 15:41:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 28 Dec 2023 06:47:01 GMT
script.js
s0.2mdn.net/sadbundle/4389378310692617716/MAR420-money-redHighlight-PL-300x250/scripts/ Frame F36B 		2 KB
684 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4389378310692617716/MAR420-money-redHighlight-PL-300x250/scripts/script.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4389378310692617716/MAR420-money-redHighlight-PL-300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f149.1e100.net
Software
sffe /
Resource Hash
77b9d3f2f115c18e1d27634717cb8bde194657fd2a662afc6ab685d3598976fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4389378310692617716/MAR420-money-redHighlight-PL-300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 01 Jan 2023 03:33:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
254696
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
655
x-xss-protection
0
last-modified
Tue, 02 Aug 2022 15:41:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 01 Jan 2024 03:33:17 GMT
search.png
s0.2mdn.net/sadbundle/4389378310692617716/MAR420-money-redHighlight-PL-300x250/images/ Frame F36B 		514 B
541 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4389378310692617716/MAR420-money-redHighlight-PL-300x250/images/search.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4389378310692617716/MAR420-money-redHighlight-PL-300x250/styles/style.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f149.1e100.net
Software
sffe /
Resource Hash
c8eb253ff9058165db575680b7b02a051c5095ecb74688dad21f87095b9d9792
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4389378310692617716/MAR420-money-redHighlight-PL-300x250/styles/style.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 29 Dec 2022 17:22:21 GMT
x-content-type-options
nosniff
age
464152
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
514
x-xss-protection
0
last-modified
Tue, 02 Aug 2022 15:41:58 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 29 Dec 2023 17:22:21 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4307 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuQMXc8O54kj4N6t5ExnrQGXqcvCy-errZRE6WN5gQXgpvuKz60J_EXZM2l_SX6jJjNoF-N6eGSEN26UgiErvfJKYkTlzGDkDUwcrs8S_Gyy2WKVEIenS2NEt-t3Mj7WiXGXi8&sai=AMfl-YTRFP-75Fkb7PFkhNNOy0TjhLJrRGyvF5CgaRX-avhg0DiQSeb9BVqw0pqReY1tBMJgWQomHSGI-p59OB4&sig=Cg0ArKJSzEVexD0yUAhnEAE&cid=CAQSGwDq26N9pCxPNFNS6R-AZ1DkNQxb9o3Cn-vz0xgBIBM&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=840,1000,1000,1000,1000&tos=840,160,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1672798691192&rpt=1190&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 04 Jan 2023 02:18:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js?bust=31071219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
d2cdcd681bff029c15cb4fee2d14fccf1b1a88d498d0e9d31b3131a1d058523c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pwedeh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 02:18:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11212
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_fy2021.js?bust=31071219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pwedeh.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 04 Jan 2023 02:18:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 04 Jan 2023 02:18:13 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7813 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pwedeh.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
7156
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 04 Jan 2023 00:18:57 GMT
expires
Thu, 04 Jan 2024 00:18:57 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8414 		0
0
3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js
pagead2.googlesyndication.com/bg/ Frame 7813 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s7.addthis.com
URL
http://s7.addthis.com/js/250/addthis_widget.js
Domain
js.genieessp.com
URL
http://js.genieessp.com/t/083/161/a1083161.js
Domain
js.genieessp.com
URL
http://js.genieessp.com/t/058/140/a1058140.js
Domain
www.google.com
URL
https://www.google.com/recaptcha/api2/aframe
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/bg/3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| oncontentvisibilityautostatechange object| _wpemojiSettings undefined| $ function| jQuery object| adsbygoogle object| addthis_config string| gaJsHost object| twemoji object| wp object| _gat object| _gaq object| pageTracker object| gaGlobal object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| googletag object| google_llp

20 Cookies

Domain/Path Name / Value
.pwedeh.com/ Name: __utma
Value: 107540099.494072575.1672798688.1672798688.1672798688.1
.pwedeh.com/ Name: __utmc
Value: 107540099
.pwedeh.com/ Name: __utmz
Value: 107540099.1672798688.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.pwedeh.com/ Name: __utmt
Value: 1
.pwedeh.com/ Name: __utmb
Value: 107540099.1.10.1672798688
.pwedeh.com/ Name: __gads
Value: ID=054b7266c4a9afe1-22bac65f29d90081:T=1672798689:RT=1672798689:S=ALNI_MYnzgmfOySWzA9OqAzE11ZdRvk8ZQ
.pwedeh.com/ Name: __gpi
Value: UID=00000b9d8ae6feb6:T=1672798689:RT=1672798689:S=ALNI_MbuSvxg73P_e3oSzlFVfgNjILeC_A
.doubleclick.net/ Name: IDE
Value: AHWqTUkDPTFkbn9VJj8XZ21w3Cmg8WtgKzgxJyBPezfTDOCaI9g0-Ro8i3x0oYgOyhE
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.openx.net/ Name: i
Value: 231a699d-c208-4eba-b9c8-87ddc69d4c0b|1672798692
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&c2682ad1-0d4d-4e91-81c4-1770da04b0af"
.linkedin.com/ Name: lidc
Value: "b=VGST09:s=V:r=V:a=V:p=V:g=2462:u=1:x=1:i=1672798692:t=1672885092:v=2:sig=AQH7Bs01eaNyoIelr9WS7Q_Kxl3jYyjA"
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.yieldmo.com/ Name: yieldmo_id
Value: gc4a3a66f9b23cd592b0%7C1672798692804%7C0%7C
.tribalfusion.com/ Name: ANON_ID
Value: aenseFu4YUcmqcn63g8Vv97qjpTkk92UCx4HxtCVx7DYnA5KKwQredRIEa7NZcrFQmrTkI6QGGVQKvMpb1qCY
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 47FB1B84-4A2B-491C-9D3C-B8EF6C85AD8B
.adnxs.com/ Name: uuid2
Value: 2203819724823855112
.dap.fw-ad.jp/ Name: user
Value: 4431e0b8-1b60-3c5b-8d67-5f6b54436d19
.dap.fw-ad.jp/ Name: gcm_usec
Value: 1672798693008000

9 Console Messages

Source Level URL
Text
security warning URL: https://pwedeh.com/tag/ultralotto-658/page/2/
Message:
Mixed Content: The page at 'https://pwedeh.com/tag/ultralotto-658/page/2/' was loaded over HTTPS, but requested an insecure element 'http://pwedeh.com/wp-content/uploads/2018/10/subscribe-e1540501877316.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://pwedeh.com/tag/ultralotto-658/page/2/
Message:
Mixed Content: The page at 'https://pwedeh.com/tag/ultralotto-658/page/2/' was loaded over HTTPS, but requested an insecure element 'http://whos.amung.us/widget/hc8na4fr.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security error URL: https://pwedeh.com/tag/ultralotto-658/page/2/
Message:
Mixed Content: The page at 'https://pwedeh.com/tag/ultralotto-658/page/2/' was loaded over HTTPS, but requested an insecure script 'http://s7.addthis.com/js/250/addthis_widget.js'. This request has been blocked; the content must be served over HTTPS.
security warning URL: https://pwedeh.com/tag/ultralotto-658/page/2/(Line 182)
Message:
Mixed Content: The page at 'https://pwedeh.com/tag/ultralotto-658/page/2/' was loaded over HTTPS, but requested an insecure element 'http://pwedeh.com/wp-content/uploads/2018/10/subscribe-e1540501877316.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security error URL: https://pwedeh.com/tag/ultralotto-658/page/2/
Message:
Mixed Content: The page at 'https://pwedeh.com/tag/ultralotto-658/page/2/' was loaded over HTTPS, but requested an insecure script 'http://js.genieessp.com/t/083/161/a1083161.js'. This request has been blocked; the content must be served over HTTPS.
security error URL: https://pwedeh.com/tag/ultralotto-658/page/2/
Message:
Mixed Content: The page at 'https://pwedeh.com/tag/ultralotto-658/page/2/' was loaded over HTTPS, but requested an insecure script 'http://js.genieessp.com/t/058/140/a1058140.js'. This request has been blocked; the content must be served over HTTPS.
security warning URL: https://pwedeh.com/tag/ultralotto-658/page/2/(Line 462)
Message:
Mixed Content: The page at 'https://pwedeh.com/tag/ultralotto-658/page/2/' was loaded over HTTPS, but requested an insecure element 'http://whos.amung.us/widget/hc8na4fr.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
javascript warning URL: https://pwedeh.com/tag/ultralotto-658/page/2/(Line 461)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ssl.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://pwedeh.com/tag/ultralotto-658/page/2/(Line 461)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ssl.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ads.yieldmo.com
adservice.google.com
adservice.google.com.au
cm.g.doubleclick.net
fonts.googleapis.com
fonts.gstatic.com
google.dap.fw-ad.jp
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
image6.pubmatic.com
js.genieessp.com
pagead2.googlesyndication.com
partner.googleadservices.com
pwedeh.com
px.ads.linkedin.com
rtb.openx.net
s.tribalfusion.com
s0.2mdn.net
s7.addthis.com
secure.adnxs.com
ssl.google-analytics.com
tpc.googlesyndication.com
whos.amung.us
widgets.amung.us
www.google.com
www.googletagservices.com
www.gstatic.com
js.genieessp.com
pagead2.googlesyndication.com
s7.addthis.com
www.google.com
104.18.24.173
104.254.148.252
13.107.42.14
142.250.4.156
142.250.4.95
142.251.10.154
142.251.12.147
172.217.194.149
172.217.194.154
172.217.194.155
172.67.8.141
199.250.212.57
35.186.253.211
52.199.38.83
54.169.66.1
67.199.150.81
74.125.200.94
74.125.24.156
74.125.24.97
74.125.68.132
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ff1771bc606432b17d00200be26cf9c732f3aa6be5c027eca5e6e2ded0de553
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
146415be02c257f4f176cf2a1f5ecba923baf6b66e80dc299885a16fd76b5d78
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
19de398cfe5bb7446aba8f974ef0b0ea920dd296bad5ca290c6df60d121f02c3
2705299e19ed7fabe00eb167ce32eda2fb0ae988e93fbf82bf4960db70b696a7
2f5b6daa0145b779ac0442cf9fb8db6dad26ff99aff2b4dc03b3aa687b979f19
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
43929d4f332fedde50c389c39459b5dadba85d41cd9460bb93e9b8f0355ed55c
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
47a7dd0cada3c63b3d5981848b65973772a3f5ccc578d16ed90e3aa1b74056ab
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4d0ed9630334a711204c67723b1eb52755c8316466fa7e4e601958e0c12a5da9
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
573fcadc366e8f2230cee46d844a9d93ad5e63f103c1eec28bb802e2657345a6
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
696ce8d155751f99273cfbc812210802f0c3ab1aab2d00bd2c7f9f18e75b10a3
69ff196154392828ab23640ebd627ef7ae4bbf4732f4fbb671722986f7b14b65
6b23e94a0591e43f749074a39df5a5e700d5bd6c40d1b8016a1a2e44a3176037
6f0be9e3280238b5425cf146e218d9331fee6c3ac00ef99fa89532d46931294b
77b9d3f2f115c18e1d27634717cb8bde194657fd2a662afc6ab685d3598976fd
77efe0996aa57cbec1f507ad09aaca04b20dbe2c9c0892ed8efe84eb176381e6
7897c08881863169799b1ed2fd45f24a3ab1307efbb0bcedf8c895762c27639a
7a268b489b6f711b49c3d2dc91829e27777c97947c8ef2eced9c9a24c0aa536e
808be5728137e02d2f3ebc535636a7838897765c817e4a143aee35790f0ca07e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b6909bd92eed092886dc0f99f782fb0979537509ea344a788fb02b6e2802169
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a327812585a1f35bd4e84aef8e4d3951968a91253af0cc0efd3d73bec2f2060a
a3828633d6ff4d80dfa86d02075d5310b2ac9d979f194287687f7d157b12ca5a
a465ef716c053af325208b72af4084a7567081bb9bfbb84960cda42f3c702e42
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b5a64e905994fa7e0186f454a1e71772d7f884b773a52fa4c324499e412d08
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
b32f0501b2ba0afb3b3c89628deb5f2c67cdcb746bf49765e516ce34f495086c
bc9c387b513b4d43675910f780fa03e92b9a4b58432b402a8f0a801a0d5ae855
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c8eb253ff9058165db575680b7b02a051c5095ecb74688dad21f87095b9d9792
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cce969722269a6a1c042a7ec02868dfe7259b114622afcd01b9e55a942fb4243
d2cdcd681bff029c15cb4fee2d14fccf1b1a88d498d0e9d31b3131a1d058523c
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
dd2b1cadbeb441ac12524b5795e7f2c0ce02dc0a06a937eb227bf2cb4380756c
dd6a4d39482b37efe9c55c363401d536da1f7abff0e9a2dbdd91d718700ce386
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f41c42623c56a098792015a18bd869a7c7813502f82f79bd681509d273449d79
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f