urlscan.io logo urlscan.io
SecurityTrails logo

www.pngwing.com Open in urlscan Pro
172.64.193.31  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.pngwing.com/
Submission: On November 22 via manual from AU — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 18 IPs in 2 countries across 13 domains to perform 96 HTTP transactions. The main IP is 172.64.193.31, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.pngwing.com. The Cisco Umbrella rank of the primary domain is 137937.
TLS certificate: Issued by GTS CA 1P5 on November 10th 2023. Valid for: 3 months.
This is the only time www.pngwing.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
16 172.64.193.31 13335 (CLOUDFLAR...)
11 172.217.167.98 15169 (GOOGLE)
3 142.250.66.232 15169 (GOOGLE)
1 173.233.137.52 7979 (SERVERS-COM)
1 9 142.250.204.2 15169 (GOOGLE)
5 142.250.71.78 15169 (GOOGLE)
3 142.250.66.202 15169 (GOOGLE)
1 17 142.250.204.1 15169 (GOOGLE)
8 142.251.221.78 15169 (GOOGLE)
2 172.217.167.78 15169 (GOOGLE)
3 142.251.221.66 15169 (GOOGLE)
4 142.250.66.195 15169 (GOOGLE)
2 142.251.221.67 15169 (GOOGLE)
2 142.250.67.2 15169 (GOOGLE)
4 104.26.2.190 13335 (CLOUDFLAR...)
1 2 172.217.167.100 15169 (GOOGLE)
2 104.21.5.60 13335 (CLOUDFLAR...)
96 18
16    172.64.193.31 (United States)

ASN13335 (CLOUDFLARENET, US)
www.pngwing.com
assets.pngwing.com
w7.pngwing.com
11    172.217.167.98 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s17-in-f2.1e100.net
pagead2.googlesyndication.com
3    142.250.66.232 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s15-in-f8.1e100.net
www.googletagmanager.com
1    173.233.137.52 (United States)

ASN7979 (SERVERS-COM, US)
custodycraveretard.com
9    142.250.204.2 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f2.1e100.net
googleads.g.doubleclick.net
5    142.250.71.78 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s17-in-f14.1e100.net
www.google-analytics.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
3    142.250.66.202 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s23-in-f10.1e100.net
fonts.googleapis.com
17    142.250.204.1 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s25-in-f1.1e100.net
tpc.googlesyndication.com
8    142.251.221.78 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f14.1e100.net
encrypted-tbn2.gstatic.com
fundingchoicesmessages.google.com
2    172.217.167.78 (United States)

ASN15169 (GOOGLE, US)
PTR: syd15s06-in-f14.1e100.net
encrypted-tbn3.gstatic.com
3    142.251.221.66 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f2.1e100.net
www.googletagservices.com
4    142.250.66.195 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s23-in-f3.1e100.net
www.gstatic.com
2    142.251.221.67 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f3.1e100.net
fonts.gstatic.com
2    142.250.67.2 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: syd15s16-in-f2.1e100.net
www.googleadservices.com
4    104.26.2.190 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.rtbrain.app
2    172.217.167.100 (United States)

ASN15169 (GOOGLE, US)
PTR: syd09s17-in-f4.1e100.net
www.google.com
2    104.21.5.60 (None, )

ASN13335 (CLOUDFLARENET, US)
g.bidbrain.app
Apex Domain
Subdomains		 Transfer
28 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
478 KB
16 pngwing.com
www.pngwing.com — Cisco Umbrella Rank: 137937
assets.pngwing.com — Cisco Umbrella Rank: 214554
w7.pngwing.com — Cisco Umbrella Rank: 69863
223 KB
11 gstatic.com
encrypted-tbn0.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn3.gstatic.com
www.gstatic.com
fonts.gstatic.com
207 KB
9 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1359
www.google.com — Cisco Umbrella Rank: 2
65 KB
9 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
122 KB
4 rtbrain.app
cdn.rtbrain.app — Cisco Umbrella Rank: 10872
362 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
192 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
3 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
233 KB
2 bidbrain.app
g.bidbrain.app — Cisco Umbrella Rank: 19277
1 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 145
1 custodycraveretard.com
custodycraveretard.com — Cisco Umbrella Rank: 967991
96 13
Domain Requested by
17 tpc.googlesyndication.com 1 redirects googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
11 pagead2.googlesyndication.com www.pngwing.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
tpc.googlesyndication.com
9 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.pngwing.com
8 www.pngwing.com www.pngwing.com
7 fundingchoicesmessages.google.com pagead2.googlesyndication.com
7 w7.pngwing.com www.pngwing.com
4 cdn.rtbrain.app googleads.g.doubleclick.net
4 www.gstatic.com googleads.g.doubleclick.net
3 www.googletagservices.com googleads.g.doubleclick.net
3 fonts.googleapis.com googleads.g.doubleclick.net
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 www.googletagmanager.com www.pngwing.com
www.googletagmanager.com
2 g.bidbrain.app www.pngwing.com
cdn.rtbrain.app
2 www.google.com 1 redirects tpc.googlesyndication.com
2 www.googleadservices.com www.pngwing.com
2 fonts.gstatic.com fonts.googleapis.com
2 encrypted-tbn3.gstatic.com googleads.g.doubleclick.net
1 encrypted-tbn1.gstatic.com googleads.g.doubleclick.net
1 encrypted-tbn2.gstatic.com googleads.g.doubleclick.net
1 encrypted-tbn0.gstatic.com googleads.g.doubleclick.net
1 assets.pngwing.com www.pngwing.com
1 custodycraveretard.com www.pngwing.com
96 22

This site contains links to these domains. Also see Links.

Domain
mailtoui.com
Subject Issuer Validity Valid
pngwing.com
GTS CA 1P5		 2023-11-10 -
2024-02-08		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
custodycraveretard.com
R3		 2023-10-07 -
2024-01-05		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
rtbrain.app
Cloudflare Inc ECC CA-3		 2023-10-19 -
2024-10-18		 a year crt.sh
bidbrain.app
E1		 2023-11-02 -
2024-01-31		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh

This page contains 12 frames:

Primary Page: https://www.pngwing.com/
Frame ID: CAD28E7C80B70BD2ADE1B9C6F27D6A00
Requests: 44 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: BC0A472D78DD44334280CEAB75CD9930
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&adk=1812271804&adf=3025194257&lmt=1700686658&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.pngwing.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700686658046&bpp=3&bdt=359&idt=449&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4706740897534&frm=20&pv=2&ga_vid=1858397591.1700686659&ga_sid=1700686659&ga_hid=1389190118&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079606%2C31078301%2C44807763%2C44808149%2C44808284%2C44809056&oid=2&pvsid=3214162118825134&tmod=1824553614&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=465
Frame ID: D3B4F78062748D5E8A46201DB6095E54
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&h=280&slotname=6755779896&adk=4150343487&adf=3119996176&pi=t.ma~as.6755779896&w=1200&fwrn=4&fwrnh=100&lmt=1700686658&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.pngwing.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700686658049&bpp=1&bdt=361&idt=468&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4706740897534&frm=20&pv=1&ga_vid=1858397591.1700686659&ga_sid=1700686659&ga_hid=1389190118&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=486&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079606%2C31078301%2C44807763%2C44808149%2C44808284%2C44809056&oid=2&pvsid=3214162118825134&tmod=1824553614&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=471
Frame ID: 3A8CA91CADAEACCD610262A45D14952E
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js
Frame ID: 24B75FE8B0BD7588566F7DDB69D68EBF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 26151DA982AB000285EC184F5AB127F7
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: DBE655F4AABB94C837720A59E576EBCB
Requests: 11 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%7CDM%20Serif%20Display%3A400
Frame ID: 3E627D8C3107F7BA35471FA3B9AEAED1
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: BA0FCBFE12DD12A96C7A91376921FC71
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js
Frame ID: 9E1694F4C54009DA1209E53C693BCAD2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FFD08BD8A1AC1449A6AE0FC16245AAAA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A91D627FFEACC71A361A093FC239AB21
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

PNGWing - Exclusive png design images

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

96
Requests

93 %
HTTPS

0 %
IPv6

13
Domains

22
Subdomains

18
IPs

2
Countries

1905 kB
Transfer

4232 kB
Size

11
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODqt9mCwAEQsAkYsAkyCCbjkVFL8AYc HTTP 301
  • https://tpc.googlesyndication.com/simgad/18057958613485469141
Request Chain 47
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CiqjvQmteZfK9K6Ot9fwPzMeb-AOfuY-vdLSo2NrWEcyS5Z_dDhABIPDY1i1gpdiTgJABoAGhwJjxKMgBCagDAcgDy4SAgASqBM0BT9CjmR8XD5xyv30OnxMiq3lJZ2BKAJw9Jc6UncwmfozP9xyHYGgfEA0RBNecoulV1LqYK9NnWRM_az9uXKXRz6IkOCDhdKoL1zmii3oc9_K2DmvB6pk7QUywUUnn-9pzG2HxQ4KGoB54KAkHUdxINgw23FkL0Z4fKZwKp7UUiVweIAQm06qjiDAs7Z4EiWCK5AfiyxKqBQN7cqQviKc93m3wRA46EITk-YD6iqI9mAkzT70EtAHm49tBrsxnh-GHpnmP_eAjTZiFXoX4q8AEjvKD-L0EiAWO55qqTZIFBAgEGAGSBQQIBRgEoAYugAee5LmeBKgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6a-G9gHAPIHBBDNtBnSCBQIgGEQARgfMgKKAjoCgEBIvf3BOpoJgQJodHRwczovL3d3dy50ZW11LmNvbS9hdS9rdWlwZXIvdW4xLmh0bWw_c3Viaj1mZWVkLXVuJl9iZ19mcz0xJl9wX21hdDFfdHlwZT0xJl9wX2p1bXBfaWQ9NzI1Jl94X3ZzdF9zY2VuZT1hZGcmbG9jYWxlX292ZXJyaWRlPTEyfmVufkFVRCZnb29kc19pZD02MDEwOTk1MTI2NjA2MDYmX3BfcmZzPTEmX3hfYWRzX3N1Yl9jaGFubmVsPW90aGVyJl94X2Fkc19jaGFubmVsPWdvb2dsZSZfeF9iZ19hZGlkPWdkMTkzOTYyOS0xJnRvcGljX2NsYXNzaWZ5PTEwOYAKAcgLAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAtoMEQoLEICLnonQ08LaqAESAgED2BML0BUBgBcBshccChoIABIUcHViLTI2MDY0MTk1NzY3NjkzMjAYAA&sigh=_xP65Om23us&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTwDICaaNdIYGim6jaMeMxQ4Z7uvJ6nrgh4iFOd_nn7R0vSi3TKoaH0fD0MN2wVNaWh101-7Xh87kXH3bOZhJr3mkVh-igeaaCdoCeFzYEVsYAQ&template_id=494&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x773c24265fc523bb0000000000000000%22,%222%22:%220x77f7869904cb8f0f0000000000000000%22,%223%22:%220x1e8c91595bb40dfb0000000000000000%22,%224%22:%220x8e94ad05a0358e3c0000000000000000%22,%225%22:%220x1b7e52325daf4ede0000000000000000%22},%22debug_key%22:%226183078043924594395%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%224%22:[%2211-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224480784790112182577%22}&andc=true
Request Chain 71
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

96 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.pngwing.com/ 		109 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.pngwing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.193.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e1ea155e3b107f3484d02ef534d517417500fecd7e2ca2d58064440d3b02d4e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
82a415f8ecf949c6-SIN
content-encoding
br
content-security-policy
frame-ancestors 'none'
content-type
text/html; charset=UTF-8
date
Wed, 22 Nov 2023 20:57:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=twUkcaw%2BYdrXGVRiys8iZe0xI7FTywEiO2E3Z2UKfia1%2B%2FvpUTy4Yl0cx0KVC67iGKJ%2FvDcF6gPt6oND711TJVYt%2Fd2RWx1Gyjz6DlYVik%2Bewq4ivpIiF0h1692ButzFcUk%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
DENY
base.css
www.pngwing.com/public/css/ 		32 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.pngwing.com/public/css/base.css?202091
Requested by
Host: www.pngwing.com
URL: https://www.pngwing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.193.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b76d745e00b46747ed39c9a15afb3334baedafa583fea7110b282c929f798d4c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.pngwing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 20:57:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1201027
cf-polished
origSize=37425
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sat, 08 Oct 2022 08:37:34 GMT
server
cloudflare
etag
W/"634136ce-9231"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7kX1hp1QkHRtflU%2FEo5OKm6P%2F0ZXKfFAdWrZzOKeA2U1VTW1tZQoMzmuQh%2BtUmN4oj9Dc0NGAHSXgHLuWz6g7zY%2F7PMa9bFzp2VjZD7KlpTm%2F80NYMYXYuPZ%2BtTjNiLNEbc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31104000
cf-ray
82a415faee1049c6-SIN
expires
Sat, 02 Nov 2024 23:20:30 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		150 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.pngwing.com
URL: https://www.pngwing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
cafe /
Resource Hash
9519877487be5a08a5238bae5fbf238b716df69fb18ecf5ecae4a73285032265
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.pngwing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 20:57:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52721
x-xss-protection
0
server
cafe
etag
12271933764397630181
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 22 Nov 2023 20:57:37 GMT
js
www.googletagmanager.com/gtag/ 		173 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-68216682-41
Requested by
Host: www.pngwing.com
URL: https://www.pngwing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.232 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
d8382618b0128ed13d48dea24c252499164156044e096626f6692ce27637157e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.pngwing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 20:57:37 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64712
x-xss-protection
0
last-modified
Wed, 22 Nov 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 22 Nov 2023 20:57:37 GMT
js
www.googletagmanager.com/gtag/ 		246 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DL3LYM7LC0
Requested by
Host: www.pngwing.com
URL: https://www.pngwing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.232 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
cc39a3e66767ea760347b2a0fd69bfdb9d3914d010b3a3f64a601c26bb0c779a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.pngwing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 20:57:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86373
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 22 Nov 2023 20:57:38 GMT
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
invoke.js
custodycraveretard.com/11028a078def20a8e59006ba19f41753/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://custodycraveretard.com/11028a078def20a8e59006ba19f41753/invoke.js
Requested by
Host: www.pngwing.com
URL: https://www.pngwing.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.233.137.52 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx/1.21.6 /
Resource Hash

Request headers

Referer
https://www.pngwing.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Wed, 22 Nov 2023 20:57:38 GMT
Server
nginx/1.21.6
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
header_bg.svg
www.pngwing.com/public/css/ 		69 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pngwing.com/public/css/header_bg.svg
Requested by
Host: www.pngwing.com
URL: https://www.pngwing.com/public/css/base.css?202091
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.193.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8290218f730b2483c7cc60d2eac2ea9e90595e9ca355769f742e75268120088

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.pngwing.com/public/css/base.css?202091
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 20:57:37 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 12 Mar 2020 00:58:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4895
etag
W/"5e698920-11575"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Co2K6D%2BmhCXeOrNoQLg7Q9djXj61Ute97IBHA2YvNIPqMeZZfI2DpIOABCnh2EuV5AXkzztUIjIxp5Vm%2BQSyfGowqudzcHp6A%2BJCCGUVBKrbQTWeRRRqpfaQKOMQ6U29BRE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
82a415fbae6349c6-SIN
alt-svc
h3=":443"; ma=86400
truncated
/ 		352 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1a9d619b2e7b16d11e6fdacc86346dbfd821e13497da959f5f3d16ad39e43a8e

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
load.svg
www.pngwing.com/public/css/ 		1 KB
673 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pngwing.com/public/css/load.svg
Requested by
Host: www.pngwing.com
URL: https://www.pngwing.com/public/css/base.css?202091
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.193.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3370e45614c256346047754a276504fd351020bf0169ba9dc7f826eaacc25e2c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.pngwing.com/public/css/base.css?202091
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 20:57:37 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 20 Aug 2020 10:40:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4074
etag
W/"5f3e5328-5a2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1k%2FVvgwxlLdtzYblduHM%2B6UZXLDKg3rp057KfUmpI2iQAW67%2BJ5kGKF9tvZyNDBG%2FA%2FAt7P6iIOwgo7vi%2FllOImiGtbKUconUTqCKS5jGzf4ddeLshSo8OLKwH3B7BAfTjU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
82a415fbce6d49c6-SIN
alt-svc
h3=":443"; ma=86400
scale.svg
www.pngwing.com/public/css/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pngwing.com/public/css/scale.svg
Requested by
Host: www.pngwing.com
URL: https://www.pngwing.com/public/css/base.css?202091
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.193.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1a1026bd29787369177df7c8b337bf62deab35e69dec0ccdf338cec4f307ac6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.pngwing.com/public/css/base.css?202091
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 20:57:37 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Mar 2019 06:06:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1903
etag
W/"5c9329fa-8d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RW9MHRCLsilDVMXp0h56HJUsc1myi0mipmfmDt1yIlVbxSyojaz%2Bez%2BETkXrXM7nl57Tnukr7g0qVemyqnpefnycSEohwGBgn4DRKLYU%2FKlNHltlR9khwF%2F9b2R1dPCIRhQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
82a415fbce6e49c6-SIN
alt-svc
h3=":443"; ma=86400
document.svg
www.pngwing.com/public/css/ 		1 KB
865 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pngwing.com/public/css/document.svg
Requested by
Host: www.pngwing.com
URL: https://www.pngwing.com/public/css/base.css?202091
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.193.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04261972b408d8edaefc199c08d87a13afec67796c540c7f1617127f6f66ab8a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.pngwing.com/public/css/base.css?202091
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 20:57:37 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Mar 2019 06:07:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3156
etag
W/"5c932a16-574"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WRZ5p40ZLJUxWK8Oh%2BczwIx%2BuFCe5M9TWzXhMv8z1Vmu9fU9YePZyqYtMOC%2F0UZ0ymmyBeKBoFdxHtdpvHWacxCrZ%2BFgZh7R%2BpiozCsA8vBs8bC3tyv2SaO2kgWkWaHtWVY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
82a415fbce6f49c6-SIN
alt-svc
h3=":443"; ma=86400
email-decode.min.js
www.pngwing.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pngwing.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.pngwing.com
URL: https://www.pngwing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.193.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.pngwing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 20:57:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 16 Nov 2023 21:55:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65568fe4-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ItPQhNpb0obF3Zjcp11FKCc8Erdnv07Q1LnEe3VYaccYUcBUkwa88%2B8qo4%2FZS62%2BIMC1zPgyhgaAvjYjrww5YBXjQaHfRezx1054JfX5v1kxFdZLT9MdCU54y90kBfzhWC0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
82a415fbfe7c49c6-SIN
expires
Fri, 24 Nov 2023 20:57:37 GMT
pw.js
assets.pngwing.com/public/ 		61 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.pngwing.com/public/pw.js?2023
Requested by
Host: www.pngwing.com
URL: https://www.pngwing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.193.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4852e58b654f278f26b4c5573249d53c3f4e3bac28389c826188cb51682de9a6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.pngwing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 20:57:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
290033
cf-polished
origSize=68607
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 19 Nov 2023 12:20:11 GMT
server
cloudflare
etag
W/"6559fd7b-10bff"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2Bh%2FPOfkB24QtO2zo%2FiBzm2g82cHIwCByFbcEUJeXlrHTa75Jta5RBVW0J5KdVYcFyoAtcg1eoz%2FYQ2obCd4hyzBxtDDlRHMy%2B6SW932tlgs6O5Ex03L%2Bwmlg7gqBlz3Txc%2FC7k%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31104000
cf-ray
82a415fc0e8149c6-SIN
expires
Wed, 13 Nov 2024 12:23:44 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ 		400 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
cafe /
Resource Hash
05c52effd56d419b352137352a7b173aaf71d3bb50f1bc3b5512906606e60454
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.pngwing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 20:57:38 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138496
x-xss-protection
0
server
cafe
etag
8155645234114529784
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Nov 2023 20:57:38 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame BC0A 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
cafe /
Resource Hash
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.pngwing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
3038
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4118
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 22 Nov 2023 20:07:00 GMT
etag
16674218716276178799
expires
Wed, 06 Dec 2023 20:07:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-68216682-41
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.78 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.pngwing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 22 Nov 2023 19:52:35 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
3903
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 22 Nov 2023 21:52:35 GMT
js
www.googletagmanager.com/gtag/ 		246 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DL3LYM7LC0&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-68216682-41
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.232 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s15-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
b2a8971f8ee5b7b00696e864162b311eaa61fe6c20d814f78772dc702823a6bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.pngwing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 20:57:38 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
86413
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 22 Nov 2023 20:57:38 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame D3B4 		257 KB
65 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&adk=1812271804&adf=3025194257&lmt=1700686658&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwww.pngwing.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700686658046&bpp=3&bdt=359&idt=449&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4706740897534&frm=20&pv=2&ga_vid=1858397591.1700686659&ga_sid=1700686659&ga_hid=1389190118&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079606%2C31078301%2C44807763%2C44808149%2C44808284%2C44809056&oid=2&pvsid=3214162118825134&tmod=1824553614&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=465
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
cafe /
Resource Hash
444bd3294ffbff1a0f02fb488936bbb73d0d08db2c8e829ae2994ef09ce58aff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.pngwing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
65953
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 22 Nov 2023 20:57:39 GMT
expires
Wed, 22 Nov 2023 20:57:39 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3A8C 		155 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&h=280&slotname=6755779896&adk=4150343487&adf=3119996176&pi=t.ma~as.6755779896&w=1200&fwrn=4&fwrnh=100&lmt=1700686658&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.pngwing.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700686658049&bpp=1&bdt=361&idt=468&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4706740897534&frm=20&pv=1&ga_vid=1858397591.1700686659&ga_sid=1700686659&ga_hid=1389190118&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=486&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079606%2C31078301%2C44807763%2C44808149%2C44808284%2C44809056&oid=2&pvsid=3214162118825134&tmod=1824553614&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=471
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
cafe /
Resource Hash
ddf9f40dc824c54651002c71d911dd0f2d118f3afe5bdc7ea19f60b988bcf11c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.pngwing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
44832
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 22 Nov 2023 20:57:39 GMT
expires
Wed, 22 Nov 2023 20:57:39 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/g/ 		0
172 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-DL3LYM7LC0&gtm=45je3b81v9122403094&_p=1700686657812&gcd=11l1l1l1l1&dma=0&cid=1858397591.1700686659&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700686658&sct=1&seg=0&dl=https%3A%2F%2Fwww.pngwing.com%2F&dt=PNGWing%20-%20Exclusive%20png%20design%20images&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1374
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DL3LYM7LC0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.78 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.pngwing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 20:57:38 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.pngwing.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
top.png
www.pngwing.com/public/css/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pngwing.com/public/css/top.png
Requested by
Host: www.pngwing.com
URL: https://www.pngwing.com/public/css/base.css?202091
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.193.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b04df73090f6b0f3192a3b71874ca3b3cc19dff16adc6cf365cd0c75897f6c0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.pngwing.com/public/css/base.css?202091
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 20:57:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1626620
alt-svc
h3=":443"; ma=86400
content-length
2867
last-modified
Thu, 21 Mar 2019 07:39:28 GMT
server
cloudflare
etag
"5c933fb0-b33"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YTUC0%2B%2B2PHkQtu02iIo5ULJFETKQxNWjKvZeuOv7F4t%2BkXe338ct3%2BTCuv0KA2ovPV70BbBzsxdTLiG7G0xlEn89KSTDDHDOL9PcOh%2FTmGQ007frgDxHCRWB2443YdiEHw8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31104000
accept-ranges
bytes
cf-ray
82a41600486d49c6-SIN
expires
Tue, 29 Oct 2024 01:07:18 GMT
png-transparent-logo-icon-instagram-logo-instagram-logo-purple-violet-text-thumbnail.png
w7.pngwing.com/pngs/722/1011/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w7.pngwing.com/pngs/722/1011/png-transparent-logo-icon-instagram-logo-instagram-logo-purple-violet-text-thumbnail.png
Requested by
Host: www.pngwing.com
URL: https://www.pngwing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.193.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b02fd9ddf4aaca4086f87123194c179b94b0e70760b28c2297d5312b4f4b8a31

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.pngwing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 20:57:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
843284
alt-svc
h3=":443"; ma=86400
content-length
20049
last-modified
Sat, 15 Feb 2020 21:33:32 GMT
server
cloudflare
etag
"5e4863ac-4e51"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZkC7VYDh677D7PD2rXk4JklHSm%2FoJLoSY3rTltfml8RTQ69kDsg3vnPRxwQnVEpn4G44sgfAlil35aJBuP1tmbqAKaSbLaedajvJKi%2BWTgSJ35ghXRoKv1SF3CYRNTnVHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31104000
accept-ranges
bytes
cf-ray
82a41600988e49c6-SIN
expires
Thu, 07 Nov 2024 02:42:54 GMT
png-transparent-whatsapp-application-software-message-icon-whatsapp-logo-whats-app-logo-logo-grass-mobile-phones-thumbnail.png
w7.pngwing.com/pngs/110/230/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w7.pngwing.com/pngs/110/230/png-transparent-whatsapp-application-software-message-icon-whatsapp-logo-whats-app-logo-logo-grass-mobile-phones-thumbnail.png
Requested by
Host: www.pngwing.com
URL: https://www.pngwing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.193.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e8aec5c9819e36a666e829761d6758423c0c1e61699ed69f325ef5c037d5300

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.pngwing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 20:57:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1890033
alt-svc
h3=":443"; ma=86400
content-length
12481
last-modified
Sun, 16 Feb 2020 06:58:34 GMT
server
cloudflare
etag
"5e48e81a-30c1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=si9eqpfCZB7YYGSttZH5yyDwi%2BoCQmG0H%2By5946bETodEkDSxi5gTQ6%2FvuHil%2Bz7di1g8w6IBqyI%2BFngLVLj7OKqjPjH%2BAgVBFe8MBOFpGpRr5X81G%2BmV0%2F4v9ROgXidiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31104000
accept-ranges
bytes
cf-ray
82a41600988949c6-SIN
expires
Fri, 25 Oct 2024 23:57:05 GMT
png-transparent-computer-icons-logo-instagram-logo-instagram-logo-miscellaneous-text-symbol-thumbnail.png
w7.pngwing.com/pngs/1003/904/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w7.pngwing.com/pngs/1003/904/png-transparent-computer-icons-logo-instagram-logo-instagram-logo-miscellaneous-text-symbol-thumbnail.png
Requested by
Host: www.pngwing.com
URL: https://www.pngwing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.193.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c26b77c6cc88bc95e9bb68a5908ec852cf79c0676a1b9627152d62c70ea67ab4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.pngwing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 20:57:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
928404
alt-svc
h3=":443"; ma=86400
content-length
4785
last-modified
Sat, 15 Feb 2020 22:53:31 GMT
server
cloudflare
etag
"5e48766b-12b1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JhyCAcWuEEMBb01OqNG2fGemTXbph6I%2BtBPx0SQ6vZ%2FSqICvvddjxwWCcmcfRipYtPMmfl9cj1FwLz4BfItlV1ryLTUmyttsv7Bfqpd7DJH5PJSflPh6nGOTStWB5j69kg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31104000
accept-ranges
bytes
cf-ray
82a41600988a49c6-SIN
expires
Wed, 06 Nov 2024 03:04:14 GMT
png-transparent-texture-mapping-paper-retro-paper-particles-superimposed-background-texture-white-building-thumbnail.png
w7.pngwing.com/pngs/965/196/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w7.pngwing.com/pngs/965/196/png-transparent-texture-mapping-paper-retro-paper-particles-superimposed-background-texture-white-building-thumbnail.png
Requested by
Host: www.pngwing.com
URL: https://www.pngwing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.193.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71964ea2985870f641b0287ee4093b081af59a94f04362a64e766bd8fd1b15c4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.pngwing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 20:57:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1626668
alt-svc
h3=":443"; ma=86400
content-length
61884
last-modified
Sun, 16 Feb 2020 01:06:17 GMT
server
cloudflare
etag
"5e489589-f1bc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cLNpSTAKAui4BVFVNNfftf8Jx2OkRnesOJU7rdhzu4K977B%2FsoiR1J7PHZ2CxSEmZ6o%2FHJBoY2E4PBH3V4X3EJjwKSlkbp7lXA%2FTtTueduzaBMqvtuXMbI%2BuoS9tnzodvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31104000
accept-ranges
bytes
cf-ray
82a41600988b49c6-SIN
expires
Tue, 29 Oct 2024 01:06:30 GMT
png-transparent-daytime-atmosphere-of-earth-computer-the-vast-sky-starry-night-watercolor-painting-texture-studio-thumbnail.png
w7.pngwing.com/pngs/568/815/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w7.pngwing.com/pngs/568/815/png-transparent-daytime-atmosphere-of-earth-computer-the-vast-sky-starry-night-watercolor-painting-texture-studio-thumbnail.png
Requested by
Host: www.pngwing.com
URL: https://www.pngwing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.193.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87e2ddabca4067e746eba189338aea0a9551390586b68660b0bf474aae4274c3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.pngwing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 20:57:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1281539
alt-svc
h3=":443"; ma=86400
content-length
19513
last-modified
Sat, 15 Feb 2020 21:02:30 GMT
server
cloudflare
etag
"5e485c66-4c39"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bRJ7BsQ12dY%2FdxlLYslCpGNAyQoBKJR8qjtULSYPFgTGJoO%2F0T7Dazqip0iO4tM0Y5upNUZ9veekDcapMQDacszJxVfBVe0fGDJUFUzc3IGyNrdNgoKvskU04D3JsC7cnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31104000
accept-ranges
bytes
cf-ray
82a41600988c49c6-SIN
expires
Sat, 02 Nov 2024 00:58:39 GMT
png-transparent-black-and-white-symmetry-daytime-pattern-radioactive-light-effect-time-lapse-grayscale-texture-photography-triangle-thumbnail.png
w7.pngwing.com/pngs/415/71/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w7.pngwing.com/pngs/415/71/png-transparent-black-and-white-symmetry-daytime-pattern-radioactive-light-effect-time-lapse-grayscale-texture-photography-triangle-thumbnail.png
Requested by
Host: www.pngwing.com
URL: https://www.pngwing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.193.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8efda6409951118f0a371a2475a9bd335b52d741991b2bf41c9c6fdcb594678

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.pngwing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 20:57:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
763348
alt-svc
h3=":443"; ma=86400
content-length
16556
last-modified
Sun, 16 Feb 2020 18:06:27 GMT
server
cloudflare
etag
"5e4984a3-40ac"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HqJN0NKUdFHM7JzB0QxJT6M1UYHo8MBLuef261qjGQ%2BuXeo2GSRWhYnXIDKjPrCEhCXR6dGEHxRlDrLI0XzwPmv%2BVxrgI2UuRxR2t8fWK2h%2BiSFkFUDRpOjYM83zp8RsYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31104000
accept-ranges
bytes
cf-ray
82a41600988d49c6-SIN
expires
Fri, 08 Nov 2024 00:55:10 GMT
png-transparent-triangle-black-and-white-pattern-blue-technology-triangle-black-graphic-texture-angle-white-thumbnail.png
w7.pngwing.com/pngs/177/409/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w7.pngwing.com/pngs/177/409/png-transparent-triangle-black-and-white-pattern-blue-technology-triangle-black-graphic-texture-angle-white-thumbnail.png
Requested by
Host: www.pngwing.com
URL: https://www.pngwing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.193.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbfbb43c40c2d60574de473d09004b600b0627e8cfe35a8b93256a937dc3eb71

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.pngwing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 20:57:38 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1114151
alt-svc
h3=":443"; ma=86400
content-length
16088
last-modified
Thu, 20 Feb 2020 14:58:38 GMT
server
cloudflare
etag
"5e4e9e9e-3ed8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pSeXpQMn%2F84PXA6LDkAsNfBodJ25qOVt21fs4meHKlKniUvpgEa8dlSM6UMSiTCI6zb%2BBGVrHAbnq7SbQ%2BY%2BmdKAEKJzKuJCGa8QCfL6Z%2Fsfs%2BDXl2Rnl%2FGk86sx2bT%2Fmg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31104000
accept-ranges
bytes
cf-ray
82a4160138c749c6-SIN
expires
Sun, 03 Nov 2024 23:28:27 GMT
collect
www.google-analytics.com/j/ 		1 B
91 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1389190118&t=pageview&_s=1&dl=https%3A%2F%2Fwww.pngwing.com%2F&ul=en-us&de=UTF-8&dt=PNGWing%20-%20Exclusive%20png%20design%20images&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1194048606&gjid=898377149&cid=1858397591.1700686659&tid=UA-68216682-41&_gid=640017365.1700686659&_r=1&gtm=457e3b81&gcd=11l1l1l1l1&dma=0&jsscut=1&z=1301540548
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.78 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.pngwing.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 20:57:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.pngwing.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 3A8C 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&h=280&slotname=6755779896&adk=4150343487&adf=3119996176&pi=t.ma~as.6755779896&w=1200&fwrn=4&fwrnh=100&lmt=1700686658&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.pngwing.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700686658049&bpp=1&bdt=361&idt=468&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4706740897534&frm=20&pv=1&ga_vid=1858397591.1700686659&ga_sid=1700686659&ga_hid=1389190118&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=486&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079606%2C31078301%2C44807763%2C44808149%2C44808284%2C44809056&oid=2&pvsid=3214162118825134&tmod=1824553614&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=471
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.202 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f10.1e100.net
Software
ESF /
Resource Hash
4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 22 Nov 2023 20:57:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 22 Nov 2023 19:15:16 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 22 Nov 2023 20:57:39 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 3A8C 		2 KB
903 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&h=280&slotname=6755779896&adk=4150343487&adf=3119996176&pi=t.ma~as.6755779896&w=1200&fwrn=4&fwrnh=100&lmt=1700686658&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.pngwing.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700686658049&bpp=1&bdt=361&idt=468&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4706740897534&frm=20&pv=1&ga_vid=1858397591.1700686659&ga_sid=1700686659&ga_hid=1389190118&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=486&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079606%2C31078301%2C44807763%2C44808149%2C44808284%2C44809056&oid=2&pvsid=3214162118825134&tmod=1824553614&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=471
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f1.1e100.net
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 12:22:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
30894
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 06 Dec 2023 12:22:45 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 3A8C 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&h=280&slotname=6755779896&adk=4150343487&adf=3119996176&pi=t.ma~as.6755779896&w=1200&fwrn=4&fwrnh=100&lmt=1700686658&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.pngwing.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700686658049&bpp=1&bdt=361&idt=468&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4706740897534&frm=20&pv=1&ga_vid=1858397591.1700686659&ga_sid=1700686659&ga_hid=1389190118&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=486&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079606%2C31078301%2C44807763%2C44808149%2C44808284%2C44809056&oid=2&pvsid=3214162118825134&tmod=1824553614&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=471
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f1.1e100.net
Software
cafe /
Resource Hash
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 13:13:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
27825
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9282
x-xss-protection
0
server
cafe
etag
14645652906762492339
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 06 Dec 2023 13:13:54 GMT
shopping
encrypted-tbn0.gstatic.com/ Frame 3A8C 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcT0W-9SLNEvdTL2GJKZWLe3kGsj6DZspm51ZPQKKrkUR4hYc5Om_B4-pByX35g&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&h=280&slotname=6755779896&adk=4150343487&adf=3119996176&pi=t.ma~as.6755779896&w=1200&fwrn=4&fwrnh=100&lmt=1700686658&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.pngwing.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700686658049&bpp=1&bdt=361&idt=468&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4706740897534&frm=20&pv=1&ga_vid=1858397591.1700686659&ga_sid=1700686659&ga_hid=1389190118&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=486&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079606%2C31078301%2C44807763%2C44808149%2C44808284%2C44809056&oid=2&pvsid=3214162118825134&tmod=1824553614&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=471
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.78 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f14.1e100.net
Software
sffe /
Resource Hash
da118132dcf3e8b44366d1b9daad7bf14f149ab30add024eef45caf44fdae6fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 03:27:20 GMT
x-content-type-options
nosniff
age
495019
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28842
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 04:29:04 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 16 Nov 2024 03:27:20 GMT
shopping
encrypted-tbn2.gstatic.com/ Frame 3A8C 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTxMXg1hNBoxng1bKScBvR47121XPLESS1gS3HrB6IbkFHKT6F8je-AYtJdqmM&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&h=280&slotname=6755779896&adk=4150343487&adf=3119996176&pi=t.ma~as.6755779896&w=1200&fwrn=4&fwrnh=100&lmt=1700686658&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.pngwing.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700686658049&bpp=1&bdt=361&idt=468&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4706740897534&frm=20&pv=1&ga_vid=1858397591.1700686659&ga_sid=1700686659&ga_hid=1389190118&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=486&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079606%2C31078301%2C44807763%2C44808149%2C44808284%2C44809056&oid=2&pvsid=3214162118825134&tmod=1824553614&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=471
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f14.1e100.net
Software
sffe /
Resource Hash
89c787860065ccc884bbdb29ac487267d1c3c1c3753566d8b3e6fbed973710d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 23:24:01 GMT
x-content-type-options
nosniff
age
509618
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19414
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 04:44:39 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 15 Nov 2024 23:24:01 GMT
shopping
encrypted-tbn1.gstatic.com/ Frame 3A8C 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTxqp3C7NSvnYYos7CE2WDCnkuzXJgtRxSKXVNwTeq3Bf1cHXj062fVVqmHfI0&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&h=280&slotname=6755779896&adk=4150343487&adf=3119996176&pi=t.ma~as.6755779896&w=1200&fwrn=4&fwrnh=100&lmt=1700686658&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.pngwing.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700686658049&bpp=1&bdt=361&idt=468&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4706740897534&frm=20&pv=1&ga_vid=1858397591.1700686659&ga_sid=1700686659&ga_hid=1389190118&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=486&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079606%2C31078301%2C44807763%2C44808149%2C44808284%2C44809056&oid=2&pvsid=3214162118825134&tmod=1824553614&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=471
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.71.78 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s17-in-f14.1e100.net
Software
sffe /
Resource Hash
333c8f08d81475641736a3893b562f4ec9c792a464db2906f8273212f8640c38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 21:38:07 GMT
x-content-type-options
nosniff
age
83972
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32770
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 07:35:44 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Wed, 20 Nov 2024 21:38:07 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 3A8C 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQBb-psxajmkRZbI-V5MEXdShGM_k40B-lZeSpTj339ePcOqlDhvQXVe6uLNw&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&h=280&slotname=6755779896&adk=4150343487&adf=3119996176&pi=t.ma~as.6755779896&w=1200&fwrn=4&fwrnh=100&lmt=1700686658&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.pngwing.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700686658049&bpp=1&bdt=361&idt=468&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4706740897534&frm=20&pv=1&ga_vid=1858397591.1700686659&ga_sid=1700686659&ga_hid=1389190118&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=486&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079606%2C31078301%2C44807763%2C44808149%2C44808284%2C44809056&oid=2&pvsid=3214162118825134&tmod=1824553614&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=471
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f14.1e100.net
Software
sffe /
Resource Hash
507a2d6f9d77c4b5a78ae77ff59df91f619371ced91fc02743b9e024f4c7e7db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 21:33:03 GMT
x-content-type-options
nosniff
age
84276
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19182
x-xss-protection
0
last-modified
Mon, 01 Jan 2024 11:36:44 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Wed, 20 Nov 2024 21:33:03 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 3A8C 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSCsDFEM5rHtdKzire-oRRAxDOjE77SjyzR-obuE4SeEMHj_AkQbb2RxPi_aw&usqp=CAI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&h=280&slotname=6755779896&adk=4150343487&adf=3119996176&pi=t.ma~as.6755779896&w=1200&fwrn=4&fwrnh=100&lmt=1700686658&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.pngwing.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700686658049&bpp=1&bdt=361&idt=468&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4706740897534&frm=20&pv=1&ga_vid=1858397591.1700686659&ga_sid=1700686659&ga_hid=1389190118&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=486&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079606%2C31078301%2C44807763%2C44808149%2C44808284%2C44809056&oid=2&pvsid=3214162118825134&tmod=1824553614&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=471
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s06-in-f14.1e100.net
Software
sffe /
Resource Hash
806982e643e8de872f84ae9386985fed5d9d541c90716ff0a8c1b7f2e59ca686
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 03:32:32 GMT
x-content-type-options
nosniff
age
494707
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34029
x-xss-protection
0
last-modified
Tue, 02 Jan 2024 11:57:42 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Sat, 16 Nov 2024 03:32:32 GMT
18057958613485469141
tpc.googlesyndication.com/simgad/ Frame 3A8C
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODqt9mCwAEQsAkYsAkyCCbjkVFL8AYc
  • https://tpc.googlesyndication.com/simgad/18057958613485469141
77 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/18057958613485469141
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&h=280&slotname=6755779896&adk=4150343487&adf=3119996176&pi=t.ma~as.6755779896&w=1200&fwrn=4&fwrnh=100&lmt=1700686658&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.pngwing.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700686658049&bpp=1&bdt=361&idt=468&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4706740897534&frm=20&pv=1&ga_vid=1858397591.1700686659&ga_sid=1700686659&ga_hid=1389190118&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=486&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079606%2C31078301%2C44807763%2C44808149%2C44808284%2C44809056&oid=2&pvsid=3214162118825134&tmod=1824553614&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=471
Protocol
H2
Server
142.250.204.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f1.1e100.net
Software
sffe /
Resource Hash
87a92e159459b46d503d7ca9301e076e886bf1eb91abaae349f8b6a69deb2571
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 03:27:03 GMT
x-content-type-options
nosniff
age
495036
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79088
x-xss-protection
0
last-modified
Mon, 10 Apr 2023 12:45:12 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 16 Nov 2024 03:27:03 GMT

Redirect headers

date
Wed, 22 Nov 2023 20:50:24 GMT
x-content-type-options
nosniff
server
cafe
age
435
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/18057958613485469141
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 22 Dec 2023 20:50:24 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 3A8C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&h=280&slotname=6755779896&adk=4150343487&adf=3119996176&pi=t.ma~as.6755779896&w=1200&fwrn=4&fwrnh=100&lmt=1700686658&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.pngwing.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700686658049&bpp=1&bdt=361&idt=468&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4706740897534&frm=20&pv=1&ga_vid=1858397591.1700686659&ga_sid=1700686659&ga_hid=1389190118&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=486&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079606%2C31078301%2C44807763%2C44808149%2C44808284%2C44809056&oid=2&pvsid=3214162118825134&tmod=1824553614&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=471
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 13:13:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
27826
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 06 Dec 2023 13:13:53 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 3A8C 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&h=280&slotname=6755779896&adk=4150343487&adf=3119996176&pi=t.ma~as.6755779896&w=1200&fwrn=4&fwrnh=100&lmt=1700686658&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.pngwing.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700686658049&bpp=1&bdt=361&idt=468&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4706740897534&frm=20&pv=1&ga_vid=1858397591.1700686659&ga_sid=1700686659&ga_hid=1389190118&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=486&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079606%2C31078301%2C44807763%2C44808149%2C44808284%2C44809056&oid=2&pvsid=3214162118825134&tmod=1824553614&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=471
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f1.1e100.net
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 12:22:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
30895
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 06 Dec 2023 12:22:44 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 3A8C 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&h=280&slotname=6755779896&adk=4150343487&adf=3119996176&pi=t.ma~as.6755779896&w=1200&fwrn=4&fwrnh=100&lmt=1700686658&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.pngwing.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700686658049&bpp=1&bdt=361&idt=468&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4706740897534&frm=20&pv=1&ga_vid=1858397591.1700686659&ga_sid=1700686659&ga_hid=1389190118&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=486&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079606%2C31078301%2C44807763%2C44808149%2C44808284%2C44809056&oid=2&pvsid=3214162118825134&tmod=1824553614&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=471
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 20:57:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Nov 2023 20:57:39 GMT
a6de5423b7c632060e8f86136bd5d27a.js
www.gstatic.com/mysidia/ Frame 3A8C 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&h=280&slotname=6755779896&adk=4150343487&adf=3119996176&pi=t.ma~as.6755779896&w=1200&fwrn=4&fwrnh=100&lmt=1700686658&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.pngwing.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700686658049&bpp=1&bdt=361&idt=468&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4706740897534&frm=20&pv=1&ga_vid=1858397591.1700686659&ga_sid=1700686659&ga_hid=1389190118&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=486&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079606%2C31078301%2C44807763%2C44808149%2C44808284%2C44809056&oid=2&pvsid=3214162118825134&tmod=1824553614&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=471
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.195 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f3.1e100.net
Software
sffe /
Resource Hash
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 12:22:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30894
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15478
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 14:10:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 20 Feb 2024 12:22:45 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ 		160 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
cafe /
Resource Hash
8092d8631db487458239e2129a998bf21baa6e90b71417c452e5cd483045012b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.pngwing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 20:57:39 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55802
x-xss-protection
0
server
cafe
etag
3899309415480298807
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Nov 2023 20:57:39 GMT
ca-pub-2606419576769320
fundingchoicesmessages.google.com/i/ 		161 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-2606419576769320?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f14.1e100.net
Software
ESF /
Resource Hash
03972c85a08d9d856c2869273fe5416d0747779854dbbedd675095e37d770955
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Jio4bJWIC-hZnzcpdnWqmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.pngwing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 20:57:40 GMT
content-security-policy
script-src 'report-sample' 'nonce-Jio4bJWIC-hZnzcpdnWqmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 3A8C 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f1e90bd84ccee1e504dbf33d30b3f26e59dcf07f7b663debfcc9f3ee1580ae14

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 3A8C 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f3.1e100.net
Software
sffe /
Resource Hash
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 23:16:56 GMT
x-content-type-options
nosniff
age
510044
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21428
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:32:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Nov 2024 23:16:56 GMT
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 3A8C 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f3.1e100.net
Software
sffe /
Resource Hash
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 23:21:24 GMT
x-content-type-options
nosniff
age
509776
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20784
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:21:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Nov 2024 23:21:24 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 3A8C
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CiqjvQmteZfK9K6Ot9fwPzMeb-AOfuY-vdLSo2NrWEcyS5Z_dDhABIPDY1i1gpdiTgJABoAGhwJjxKMgBCagDAcgDy4SAgASqBM0BT9CjmR8XD5xyv30OnxMiq3lJZ2BKAJw9Jc6Uncwmfoz...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x773c24265fc523bb0000000000000000%22,%222%22:%220x77f7869904cb8f0f0000000000000000%22,%223%22:%220x1e8c91...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x773c24265fc523bb0000000000000000%22,%222%22:%220x77f7869904cb8f0f0000000000000000%22,%223%22:%220x1e8c91595bb40dfb0000000000000000%22,%224%22:%220x8e94ad05a0358e3c0000000000000000%22,%225%22:%220x1b7e52325daf4ede0000000000000000%22},%22debug_key%22:%226183078043924594395%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%224%22:[%2211-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224480784790112182577%22}&andc=true
Requested by
Host: www.pngwing.com
URL: https://www.pngwing.com/
Protocol
H2
Server
142.250.67.2 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 20:57:40 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x773c24265fc523bb0000000000000000","2":"0x77f7869904cb8f0f0000000000000000","3":"0x1e8c91595bb40dfb0000000000000000","4":"0x8e94ad05a0358e3c0000000000000000","5":"0x1b7e52325daf4ede0000000000000000"},"debug_key":"6183078043924594395","debug_reporting":true,"destination":"https://temu.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10974797857"],"4":["11-22"],"6":["true"]},"priority":"500","source_event_id":"4480784790112182577"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 22 Nov 2023 20:57:40 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 22 Nov 2023 20:57:40 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x773c24265fc523bb0000000000000000","2":"0x77f7869904cb8f0f0000000000000000","3":"0x1e8c91595bb40dfb0000000000000000","4":"0x8e94ad05a0358e3c0000000000000000","5":"0x1b7e52325daf4ede0000000000000000"},"debug_key":"6183078043924594395","debug_reporting":true,"destination":"https://temu.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10974797857"],"4":["11-22"],"6":["true"]},"priority":"500","source_event_id":"4480784790112182577"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js
pagead2.googlesyndication.com/bg/ Frame 24B7 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&h=280&slotname=6755779896&adk=4150343487&adf=3119996176&pi=t.ma~as.6755779896&w=1200&fwrn=4&fwrnh=100&lmt=1700686658&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.pngwing.com%2F&ea=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700686658049&bpp=1&bdt=361&idt=468&shv=r20231109&mjsv=m202311090101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4706740897534&frm=20&pv=1&ga_vid=1858397591.1700686659&ga_sid=1700686659&ga_hid=1389190118&ga_fc=0&u_tz=480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=486&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079606%2C31078301%2C44807763%2C44808149%2C44808284%2C44809056&oid=2&pvsid=3214162118825134&tmod=1824553614&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=471
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
sffe /
Resource Hash
2202d272a7623a0f20d055bae57feefb858a3352833ea36fcc438a895857d307
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 21:12:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
431098
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15051
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 16 Nov 2024 21:12:42 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x773c24265fc523bb0000000000000000%22,%222%22:%220x77f7869904cb8f0f0000000000000000%22,%223%22:%220x1e8c91595bb40dfb0000000000000000%22,%224%22:%220x8e94ad05a0358e3c0000000000000000%22,%225%22:%220x1b7e52325daf4ede0000000000000000%22},%22debug_key%22:%226183078043924594395%22,%22debug_reporting%22:true,%22destination%22:%22https://temu.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210974797857%22],%224%22:[%2211-22%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%224480784790112182577%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.67.2 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd15s16-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 22 Nov 2023 20:57:40 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame 2615 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
cafe /
Resource Hash
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.pngwing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
30896
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4118
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 22 Nov 2023 12:22:44 GMT
etag
16674218716276178799
expires
Wed, 06 Dec 2023 12:22:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/ Frame DBE6 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
cafe /
Resource Hash
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.pngwing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
30896
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4118
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 22 Nov 2023 12:22:44 GMT
etag
16674218716276178799
expires
Wed, 06 Dec 2023 12:22:44 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxUYkFlBksd8BHMlXsNTuCAntBhnbbvvWT40mDaXxLlPpqrpTVbtFaS4Yb1eAsoZmyEsYLc38vxgqx81aeD2iFm3Otl5_qG6VeMquTMAtzgp4iqmSZvXh9ezxucj9MQFEvCK-HquOQ==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUYkFlBksd8BHMlXsNTuCAntBhnbbvvWT40mDaXxLlPpqrpTVbtFaS4Yb1eAsoZmyEsYLc38vxgqx81aeD2iFm3Otl5_qG6VeMquTMAtzgp4iqmSZvXh9ezxucj9MQFEvCK-HquOQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAwNjg2NjYwLDM0NDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cucG5nd2luZy5jb20vIixudWxsLFtbOCwiTnRzNUx2WUlvYmsiXSxbOSwiZW4tR0IiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.Nts5LvYIobk.es5.O/am=CAM/d=1/rs=AJlcJMwjquukVg9_YNyS2j959HfbzHLHtQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f14.1e100.net
Software
ESF /
Resource Hash
552a044d5e4f4be0dcf2ffdc4efeac28607ad650199f440e8d1ba28dffef6562
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ZKITfsYhKlvFGZnfGCCf3w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.pngwing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 20:57:40 GMT
content-security-policy
script-src 'report-sample' 'nonce-ZKITfsYhKlvFGZnfGCCf3w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
css2
fonts.googleapis.com/ Frame 2615 		4 KB
767 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.202 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f10.1e100.net
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 22 Nov 2023 20:57:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 22 Nov 2023 20:11:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 22 Nov 2023 20:57:40 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2615 		205 B
520 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.195 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f3.1e100.net
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 21 Nov 2023 06:30:47 GMT
x-content-type-options
nosniff
age
138413
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 20 Nov 2024 06:30:47 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 2615 		604 B
696 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.195 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f3.1e100.net
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 20:50:18 GMT
x-content-type-options
nosniff
age
432442
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 16 Nov 2024 20:50:18 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 2615 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f1.1e100.net
Software
cafe /
Resource Hash
2881d8eadc298102d2462e8d32e40792adce37b6cd89d99045f574eb3ecbb748
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 12:22:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
30896
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6702
x-xss-protection
0
server
cafe
etag
11213825687312121238
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 06 Dec 2023 12:22:44 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame 2615 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f1.1e100.net
Software
cafe /
Resource Hash
25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 12:22:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
30896
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8781
x-xss-protection
0
server
cafe
etag
9666818975682992898
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 06 Dec 2023 12:22:44 GMT
index-d013504c.js
cdn.rtbrain.app/ng-assets/creative/assets/ Frame DBE6 		103 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.rtbrain.app/ng-assets/creative/assets/index-d013504c.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9761b670a9955801e48f9d73c801ef83eb6917b75aa3100eb20b5b56ea3d1ea2

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 20:57:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1530
cf-polished
origSize=105866
x-guploader-uploadid
ABPtcPo3bEkF13ODa8KnT2T1VbAkliNBGwh58c_fvL4-Ax9joBrOoP7c3jgVUDx_evZiJp_KSTCivaV9TvKTPPBrvfPG_A
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
cf-bgj
minify
last-modified
Sun, 19 Nov 2023 11:10:55 GMT
server
cloudflare
etag
W/"c56b0b361edf26077db6803e7f270dc3"
vary
Accept-Encoding
x-goog-generation
1700392255147585
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=F1eZhQ==, md5=xWsLNh7fJgd9toA+fycNww==
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XuBOinFvPbYmKLUk%2FRZqBNv16RK%2FgpB6PA9L9HUHUnCU44eIrCL1RsaHWHeNTu5FQGUvTG1X5idogIJMEWFdvM9VnikZi%2Bf1DKUot3JRQxOewDq7JpTejhQMPik379Nx%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
105866
cf-ray
82a4160d5f51a82b-SYD
expires
Wed, 22 Nov 2023 21:26:44 GMT
index-3a093a4b.css
cdn.rtbrain.app/ng-assets/creative/assets/ Frame DBE6 		12 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.rtbrain.app/ng-assets/creative/assets/index-3a093a4b.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c97932f3da61852fbe1b8294dddbf7ac4095d70129c45ddf0af406fccba4ed2f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 20:57:40 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1436
cf-polished
origSize=12761
x-guploader-uploadid
ABPtcPoOOMEbWaxJammVrQYnOsklpv6o9QlV3p46OTngqOM5T8A19aIkKYWLLqQLh9r4RZ3ldU-An7wVfY64Eym3zlstdQ
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
cf-bgj
minify
last-modified
Sun, 19 Nov 2023 11:10:54 GMT
server
cloudflare
etag
W/"6cc0616b80994a431480a5b9166138cb"
vary
Accept-Encoding
x-goog-generation
1700392254415113
content-type
text/css
access-control-allow-origin
*
x-goog-hash
crc32c=qMMQOg==, md5=bMBha4CZSkMUgKW5FmE4yw==
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lT%2BDfRwwKQLFVoZZQQuaVuJ8%2FZ5XQhjjbggZQ6Yd2zvQAFZO7keGf4MXZaGwTB3lOE0aBWla5L2QJcWFH9BbLuowXLJ%2BLHsqzFq49PbzqdxCcNaT5%2BNKXM%2BLJrzci9eupQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
12761
cf-ray
82a4160d5e98a820-SYD
expires
Wed, 22 Nov 2023 20:57:57 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame DBE6 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 13:13:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
27827
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 06 Dec 2023 13:13:53 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame DBE6 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f1.1e100.net
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 12:22:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
30896
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 06 Dec 2023 12:22:44 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame DBE6 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 20:57:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Nov 2023 20:57:40 GMT
css
fonts.googleapis.com/ Frame 3E62 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%7CDM%20Serif%20Display%3A400
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.202 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f10.1e100.net
Software
ESF /
Resource Hash
350e82e3b0665fac81a4caeaead3cdfa419527a93585a2ac7cbc9bf2e0e3a867
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 22 Nov 2023 20:57:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 22 Nov 2023 19:02:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 22 Nov 2023 20:57:40 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 3E62 		2 KB
856 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f1.1e100.net
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 12:22:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
30895
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 06 Dec 2023 12:22:45 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 3E62 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f1.1e100.net
Software
cafe /
Resource Hash
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 13:13:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
27826
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9282
x-xss-protection
0
server
cafe
etag
14645652906762492339
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 06 Dec 2023 13:13:54 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame BA0F 		143 B
228 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
2444
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 22 Nov 2023 20:16:56 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 3E62 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 13:13:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
27827
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 06 Dec 2023 13:13:53 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 3E62 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f1.1e100.net
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 12:22:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
30896
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 06 Dec 2023 12:22:44 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 3E62 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f2.1e100.net
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 20:57:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 Nov 2023 20:57:40 GMT
a6de5423b7c632060e8f86136bd5d27a.js
www.gstatic.com/mysidia/ Frame 3E62 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.66.195 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s23-in-f3.1e100.net
Software
sffe /
Resource Hash
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 12:22:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
30895
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15478
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 14:10:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 20 Feb 2024 12:22:45 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame BA0F
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
168 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 22 Nov 2023 20:57:41 GMT
expires
Wed, 22 Nov 2023 20:57:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 22 Nov 2023 20:57:40 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxV-WCtRTPuoCQ43dQULS-YG894shEzxbTwuOIRA1aUmbN2_xPF-FG3qvJCzXFQ3Pim_WvpquLplscYmyS07nEBXsvPOd24_6p3lL0vz6LPomR3yNNkUN0QqDKA7MYyuZN-4uadtrQ==
fundingchoicesmessages.google.com/f/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxV-WCtRTPuoCQ43dQULS-YG894shEzxbTwuOIRA1aUmbN2_xPF-FG3qvJCzXFQ3Pim_WvpquLplscYmyS07nEBXsvPOd24_6p3lL0vz6LPomR3yNNkUN0QqDKA7MYyuZN-4uadtrQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAwNjg2NjYwLDU5MzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vd3d3LnBuZ3dpbmcuY29tLyIsbnVsbCxbWzgsIk50czVMdllJb2JrIl0sWzksImVuLUdCIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.Nts5LvYIobk.es5.O/am=CAM/d=1/rs=AJlcJMwjquukVg9_YNyS2j959HfbzHLHtQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f14.1e100.net
Software
ESF /
Resource Hash
356ea5790a603055081151c9a0f3ad40c80511150b3eee322b11019861e49c37
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-g7ct9H6ksutVi45SSgUdGg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.pngwing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 20:57:40 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-g7ct9H6ksutVi45SSgUdGg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame DBE6 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CZgUXQmteZd7NK96C9fwPsLCzgA_SkbaNbbnQrsqWD8CNtwEQASAAYKXYk4CQAYIBF2NhLXB1Yi0yNjA2NDE5NTc2NzY5MzIwyAEJqAMByAMCqgTDAU_QiCy9oWLihw62KQ4O_RarrI3GI_pTg_WCWDCmGg5i8FwHTm7qebWsCDI7fzPxNnC77nrjNQlCu7H__5gFbTlnfFSoM4kbfFFqyi8ym0lQiXizlOLXkpoipI7VV0wPcREIIs5wEC61gBYn_OL9sT7kj2YB7l9u1iEFPTUeKZan6jL8myS6TkPAmphUHvX4l0yiOMzOfi4vSeyqeHgB3zlr-NApnvohW6VolekthqYjObq7tKrjAOD27ffaQ4QRLcHc8oAGuryy6oOJ9LEFoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0yNjA2NDE5NTc2NzY5MzIwGAA&sigh=2VONntHXKos&uach_m=[UACH]&cid=CAQSTgDICaaNkVu-RB69qn7nQar4_GzkcvBEIU_7WlkFQOoWUzoXSCs9aggfBfiVPEKbuzC-DRWX_sF89gr8ToA0zGXWxGQq6AzkDplyezDLqBgB&cbvp=2&vis=1
Requested by
Host: www.pngwing.com
URL: https://www.pngwing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 22 Nov 2023 20:57:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
rtimp
g.bidbrain.app/ Frame DBE6 		0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://g.bidbrain.app/rtimp?sid=c5466e91-8979-11ee-ba7a-3210eec218a4&d=www.pngwing.com&cr=ext_ng_start_ghst8__0&a=imp&p=ZV5rQgAK5t4JnUFeAAzYMOzfJnSw7YZGM7ortQ&im=sZWcC4q6kINcUYSDaVspNVD6DPUP9R9NElxpR8s6xcsTIe7tbL4oe7-mDCqTz9h7gFHjPAn9SZ2fjK06Im_A-23Gixrj7MpMZck-ayEUl3bbloVUdlnFXQu6W3U56RDBrOhA16XY9kTNbVU_1wykLRANw520XqP1mA3MO_LVf1tYSeBdVGfR-uyLC1ZY5gE9oTRIhZaMAa09TIu_LDJZJvgXY8UFGNJEXgqCNNPEofQGmlZvVGppNimWwwKmJiQFQufFb78nQOv37vBp21F8SQ&cbvp=2
Requested by
Host: www.pngwing.com
URL: https://www.pngwing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.5.60 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 20:57:41 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
0
pragma
no-cache
server
cloudflare
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fuf%2FkFVY9OrtGnc6yr5%2FSDBhk%2FWov1IzYcLFzzB%2BJwTYC4REpDQeTzpyWnGKrc7EgSY%2FyYMUTAlUt1CgAXmqmfWG5D9RSyNRfVld1r1UpYnEKlSAMh6Lza06iN%2BeggpeQw%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
82a41611acada876-SYD
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
expires
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 3A8C 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvOKmuGMes5SD9CseDZCQ2zCDQhrNL2lj7TZ6fD6o0HrVAHMrWm0L6Pm3qzXjbjNT39yHaEg5_J1vRss4ge6unkONvUFqPy4PohaUZHYQAHRnAfbuwWqr7A0KGhZWiv1EpGBxZJcltlsg&sai=AMfl-YQoovi310Baw06hVxslk6jX0dIE9szYJjREGYAz-6649WebRcIfMY5y9kE0rMfS6Nxbs6ghL9hkNfodWMeAciIZxqdN_gVyq_6ZOJ3bmFmy6JVA5HRHtnOqMLIFkIBJrTx68B_WmmaWCpmJBZ0JcA&sig=Cg0ArKJSzNmvZfvAA6AzEAE&cid=CAQSTwDICaaNdIYGim6jaMeMxQ4Z7uvJ6nrgh4iFOd_nn7R0vSi3TKoaH0fD0MN2wVNaWh101-7Xh87kXH3bOZhJr3mkVh-igeaaCdoCeFzYEVsYAQ&id=lidar2&mcvt=1009&p=0,0,280,1200&mtos=1009,1009,1009,1009,1009&tos=1009,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=4150343487&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700686658521&rpt=1523&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Nov 2023 20:57:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Roboto-Regular.ttf
cdn.rtbrain.app/fonts/ Frame DBE6 		159 KB
160 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.rtbrain.app/fonts/Roboto-Regular.ttf
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0e5a21bf5c95e4c1bce2be98a3656ebcc6d42a21f41c4e3ebf69dd815702e54

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 20:57:41 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
721
x-guploader-uploadid
ABPtcPqy9jpHsjssgmVIpoO2fsNOVsHF0vu23u-xV4kUE6EUKhRgsJ4ytTF7bhtQgw5vwcLpBoMUc1k7qzQiw30zXnVOgtF6RrTX
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
162876
last-modified
Wed, 14 Jun 2023 14:22:11 GMT
server
cloudflare
etag
"ac3f799d5bbaf5196fab15ab8de8431c"
vary
Accept-Encoding
x-goog-generation
1686752530970769
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=tGTglg==, md5=rD95nVu69RlvqxWrjehDHA==
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J3qbetx5GjaeRMUHXyaMurR%2FkcyIKtUVRYPz%2BCTM7nP12tAIWnDNGHa9iV1OTPtUB0%2FFP2feeYei1eAvUUGIfDRUjd7Dl1KqRzOQuXKtYXm2TpMqO7%2BoBhSJJXym3TRADQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
162876
accept-ranges
bytes
cf-ray
82a416107a92a82b-SYD
expires
Wed, 22 Nov 2023 21:20:52 GMT
Roboto-Bold-700.ttf
cdn.rtbrain.app/fonts/ Frame DBE6 		159 KB
159 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.rtbrain.app/fonts/Roboto-Bold-700.ttf
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.190 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef2ab0e402d5cb9de893e263a2c44e57f57fec3974b0d981bfe84dec3dae83a1

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 20:57:41 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
735
x-guploader-uploadid
ABPtcPr9CF72d_4r8eELvLVwg3_7exRRk8K55EJtFNcZtkgz4jePdb48S8D62fJ_sb03jJLvgx8Oy5bivkOslJnUalyX7A
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
content-length
162464
last-modified
Wed, 14 Jun 2023 14:03:41 GMT
server
cloudflare
etag
"d329cc8b34667f114a95422aaad1b063"
vary
Accept-Encoding
x-goog-generation
1686751421527536
content-type
application/octet-stream
access-control-allow-origin
*
x-goog-hash
crc32c=FQIdBg==, md5=0ynMizRmfxFKlUIqqtGwYw==
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=24XPbdzM%2F4EiS5LlLD1fmIB49epw7E1LAKpAtXnOESuUQ7sRUEWkCiDLjhg%2Ftj4AvPca3P%2FpROzcWHhfQ51HAlKQygk3jr9i0jsTgrFRCbkZk%2BrTs7F5Z5ds2oqpsnyzyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
162464
accept-ranges
bytes
cf-ray
82a416107a94a82b-SYD
expires
Wed, 22 Nov 2023 21:26:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
cafe /
Resource Hash
083c388b11ff9349e3dbfe981028994b10da0452557a0c5ffe809b43c6a17fa5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.pngwing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 20:57:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12530
x-xss-protection
0
IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js
pagead2.googlesyndication.com/bg/ Frame 9E16 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/IgLScqdiOg8g0FW65X_u-4WKM1KDPqNvzEOKiVhX0wc.js
Requested by
Host: www.pngwing.com
URL: https://www.pngwing.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
sffe /
Resource Hash
2202d272a7623a0f20d055bae57feefb858a3352833ea36fcc438a895857d307
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 21:12:42 GMT
content-encoding
br
x-content-type-options
nosniff
age
431099
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15051
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 16 Nov 2024 21:12:42 GMT
rtimp
g.bidbrain.app/ Frame DBE6 		0
465 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://g.bidbrain.app/rtimp
Requested by
Host: cdn.rtbrain.app
URL: https://cdn.rtbrain.app/ng-assets/creative/assets/index-d013504c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.5.60 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 22 Nov 2023 20:57:41 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
0
pragma
no-cache
server
cloudflare
access-control-allow-methods
GET,HEAD,OPTIONS,POST,PUT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8T%2Fk8Tb4EjGWIOycN64YYi4o2DiqC0JoXbz2jinta00CVUMJmubFgLBvg0P54ZhEs2uvGpSe3aBVwjjeO4CYkVUckjDdwPFdBgNsv1hi8GxHQXzschLaV8lqWREbci76%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
82a41611acb0a876-SYD
access-control-allow-headers
Access-Control-Allow-Headers, Access-Control-Allow-Origin, Origin, Accept, X-Requested-With, X-Forwarded-For, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers, Authorization, Configs-Guid, X-Service-Auth, X-Client-Version
expires
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.pngwing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 20:57:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 22 Nov 2023 20:57:42 GMT
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
254 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=7.156175655923994
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f14.1e100.net
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-aVvvk-RL2NAM2qiSD4-YlQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.pngwing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 20:57:42 GMT
content-security-policy
script-src 'report-sample' 'nonce-aVvvk-RL2NAM2qiSD4-YlQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
px.gif
fundingchoicesmessages.google.com/img/ 		43 B
517 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=0.7558833453628573
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f14.1e100.net
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-WNCSY0Ut4ph2ks79mf4W_Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.pngwing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 20:57:42 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-WNCSY0Ut4ph2ks79mf4W_Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FFD0 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.pngwing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
27827
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 22 Nov 2023 13:13:55 GMT
expires
Thu, 21 Nov 2024 13:13:55 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A91D 		829 B
996 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f4.1e100.net
Software
GSE /
Resource Hash
c2246c45b6dc729e1bb0750c664d8adbd68041aad1800fdde83f0b740e3a3fb0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-NjMK1hUlRcaqiPn1Md-NwA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.pngwing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-NjMK1hUlRcaqiPn1Md-NwA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 22 Nov 2023 20:57:42 GMT
expires
Wed, 22 Nov 2023 20:57:42 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame FFD0 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 13:13:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
27827
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 21 Nov 2024 13:13:55 GMT
generate_204
tpc.googlesyndication.com/ Frame FFD0 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?9EZIuQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.204.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s25-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 20:57:42 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame A91D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=3214162118825134&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
AGSKWxWzTSNutmbdLf50rpIbHriwFTZO76eNb2GGxQgmMBJAgq6C5EyfXOxQVtPv8O87HKWZDvtOq__qA-LKEnlPcJQkyiM_ZwYtMhjFfieTZj4h9zu0A8DPwHUupXNe1L2oJ26cLUTcrQ==
fundingchoicesmessages.google.com/el/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWzTSNutmbdLf50rpIbHriwFTZO76eNb2GGxQgmMBJAgq6C5EyfXOxQVtPv8O87HKWZDvtOq__qA-LKEnlPcJQkyiM_ZwYtMhjFfieTZj4h9zu0A8DPwHUupXNe1L2oJ26cLUTcrQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.Nts5LvYIobk.es5.O/am=CAM/d=1/rs=AJlcJMwjquukVg9_YNyS2j959HfbzHLHtQ/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-uYhKqg69NQxfEwc8_BksUw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.pngwing.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 22 Nov 2023 20:57:43 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-uYhKqg69NQxfEwc8_BksUw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.pngwing.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=3214162118825134&bg=!paalpunNAAZxrfrxUa07ADQBe5WfON85KwLAcy2wExMv9-eaGhzJrq7WSfEABbY8zDppLO56SI6gg_mXNqJnMhehTTZ8AgAAADpSAAAAAmgBB5kCtNA1MY7UTxR_o4C-ZZm8lFQ7-_k72SOyQWA8UnRUSZzrT9x1svtx4TwnIwsqLzZ9At1iWxE24W1ocpZDtdJrRpYn00P9LhDLC46y7YXTrVaENfiYaDKM8SyKoTNa3VMLQBwSekMc5EmCAWaFnHTA4Zsh97Z5Bl0nFeWFyh5fntn69N2Qu_bZ5WeVw3F51aN31LYKY4vJ3BdpVWqkpcsmaeiRIZHvOO_7UUMVeOxwIBsH2aBpSBvD5xVD92jUFjNkaMwtvDQRxwc6pk0GglI7zUvHMnnT8DhlzCAn7Is3Ecd2B8LJCGfjQdaKnUqCodPHfHZXeaTzGDrZLTZv_X4uHLqS9DreQpafGxTzVdddZY468EMwXvUeeTJSbqxbOhUsP22rOlkMGFUxQxGoXpqAOmUL6J7dOIX809xSGGki4AwVpV26LxuAXthF4oSMdOgMQUhSHXG1Hg00NV-T5ahlC4AwKNJBq0-u1YKrGpl1CtczzkNFptbqdKsdEB6WHh-VB9bc6q5ICpz8gWIscgTvDc9Fu4aLQcosEFs9xRmiJcel4SJ9g51rv7e6UPjT-k1N40-Xj8dG2KX2TdXxwkLrFGDGlcNh7elhKc3YqahxlLQ5xhaGqkDGvFrInzA5gel5qE3VwqzLbL7dE-OtCL9F3uUB1zUigYPXWzV79rOtTkFa7TVx7BiRV9viKfQ9ahaAKIzM1tpFaOnP0-NaUJMWIr8TlzwEBD8RKTlQyD2TpQ_zfyvy6GzxMP-DMHPjTMk1ElwqXmFwwb-ZsGsPB4__28mE4owGKYe1VVnP_Rz6uM_rpGSoC94pwMPbEl--4O8sdP76VrL0mVMr10km7eP9JRvFC8NcMxK8x9fvZ4Z0ijGei3teUF4Y8iw1S1yan4AzUHT7-jxl5V9gWQKnAoTeoyr2N-Hn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.pngwing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
display
fundingchoicesmessages.google.com/f/AGSKWxVK_T6tmTyqLcWZmPbvcqRSvaMyN0kbTEJfV6pX_rzRH9x2V5Z3BNWr0MtxpfVcfvyJU7hVYsKLwZ2r8CRhNZpYwxcKqjQcQJFpE13HiuxBzcR1ofbIPNjwONt1HBnc8ukuUjRJY8ucOgNEAsPY3GFooapDu... 		54 B
297 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVK_T6tmTyqLcWZmPbvcqRSvaMyN0kbTEJfV6pX_rzRH9x2V5Z3BNWr0MtxpfVcfvyJU7hVYsKLwZ2r8CRhNZpYwxcKqjQcQJFpE13HiuxBzcR1ofbIPNjwONt1HBnc8ukuUjRJY8ucOgNEAsPY3GFooapDuYfpyfgFGyCdFxvKXvgyuOHTpyNryr8T/__ad/display?_ad_slot==728x90//sponsorHeaderDeriv_/rotatorad300x250.
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.Nts5LvYIobk.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMyysLgrsOtVOJGCxjMAGP55i0EuqA/m=ad_blocking_detection_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.221.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f14.1e100.net
Software
ESF /
Resource Hash
246bbba46da46fb394ce709ee2eeee0d7ee64c737c5f18dfd140540cd1b3b107
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-isVhKCikNJvUl22nIPlg_g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.pngwing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 20:57:43 GMT
content-security-policy
script-src 'report-sample' 'nonce-isVhKCikNJvUl22nIPlg_g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
rum.js
pagead2.googlesyndication.com/pagead/js/ 		64 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/rum.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_GB.Nts5LvYIobk.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMyysLgrsOtVOJGCxjMAGP55i0EuqA/m=ad_blocking_detection_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.167.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s17-in-f2.1e100.net
Software
cafe /
Resource Hash
25679e64b105c0acb0da7fe3cf9f7988027e9511a28c536f5ea322ac08e642dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.pngwing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 22 Nov 2023 20:22:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
2097
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24357
x-xss-protection
0
server
cafe
etag
17020722232796629264
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Wed, 22 Nov 2023 21:22:46 GMT
AGSKWxWzTSNutmbdLf50rpIbHriwFTZO76eNb2GGxQgmMBJAgq6C5EyfXOxQVtPv8O87HKWZDvtOq__qA-LKEnlPcJQkyiM_ZwYtMhjFfieTZj4h9zu0A8DPwHUupXNe1L2oJ26cLUTcrQ==
fundingchoicesmessages.google.com/el/ 		0
0
AGSKWxWzTSNutmbdLf50rpIbHriwFTZO76eNb2GGxQgmMBJAgq6C5EyfXOxQVtPv8O87HKWZDvtOq__qA-LKEnlPcJQkyiM_ZwYtMhjFfieTZj4h9zu0A8DPwHUupXNe1L2oJ26cLUTcrQ==
fundingchoicesmessages.google.com/el/ 		0
0
AGSKWxWzTSNutmbdLf50rpIbHriwFTZO76eNb2GGxQgmMBJAgq6C5EyfXOxQVtPv8O87HKWZDvtOq__qA-LKEnlPcJQkyiM_ZwYtMhjFfieTZj4h9zu0A8DPwHUupXNe1L2oJ26cLUTcrQ==
fundingchoicesmessages.google.com/el/ 		0
0
AGSKWxWzTSNutmbdLf50rpIbHriwFTZO76eNb2GGxQgmMBJAgq6C5EyfXOxQVtPv8O87HKWZDvtOq__qA-LKEnlPcJQkyiM_ZwYtMhjFfieTZj4h9zu0A8DPwHUupXNe1L2oJ26cLUTcrQ==
fundingchoicesmessages.google.com/el/ 		0
0
AGSKWxVxpYj86R_GqAHzLWe2Q_PAI4YIawIa0oTz4sk4MNqIYd_1IRUBdicJ7V6DOtVTkkNsawNd16gGsiqfinKDVCVW14zTSVqWGLwY3jd79-rwLyzAZ39sKIJjqo5nJdfRFQJB3MlfZA==
fundingchoicesmessages.google.com/f/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fundingchoicesmessages.google.com
URL
https://fundingchoicesmessages.google.com/el/AGSKWxWzTSNutmbdLf50rpIbHriwFTZO76eNb2GGxQgmMBJAgq6C5EyfXOxQVtPv8O87HKWZDvtOq__qA-LKEnlPcJQkyiM_ZwYtMhjFfieTZj4h9zu0A8DPwHUupXNe1L2oJ26cLUTcrQ==
Domain
fundingchoicesmessages.google.com
URL
https://fundingchoicesmessages.google.com/el/AGSKWxWzTSNutmbdLf50rpIbHriwFTZO76eNb2GGxQgmMBJAgq6C5EyfXOxQVtPv8O87HKWZDvtOq__qA-LKEnlPcJQkyiM_ZwYtMhjFfieTZj4h9zu0A8DPwHUupXNe1L2oJ26cLUTcrQ==
Domain
fundingchoicesmessages.google.com
URL
https://fundingchoicesmessages.google.com/el/AGSKWxWzTSNutmbdLf50rpIbHriwFTZO76eNb2GGxQgmMBJAgq6C5EyfXOxQVtPv8O87HKWZDvtOq__qA-LKEnlPcJQkyiM_ZwYtMhjFfieTZj4h9zu0A8DPwHUupXNe1L2oJ26cLUTcrQ==
Domain
fundingchoicesmessages.google.com
URL
https://fundingchoicesmessages.google.com/el/AGSKWxWzTSNutmbdLf50rpIbHriwFTZO76eNb2GGxQgmMBJAgq6C5EyfXOxQVtPv8O87HKWZDvtOq__qA-LKEnlPcJQkyiM_ZwYtMhjFfieTZj4h9zu0A8DPwHUupXNe1L2oJ26cLUTcrQ==
Domain
fundingchoicesmessages.google.com
URL
https://fundingchoicesmessages.google.com/f/AGSKWxVxpYj86R_GqAHzLWe2Q_PAI4YIawIa0oTz4sk4MNqIYd_1IRUBdicJ7V6DOtVTkkNsawNd16gGsiqfinKDVCVW14zTSVqWGLwY3jd79-rwLyzAZ39sKIJjqo5nJdfRFQJB3MlfZA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAwNjg2NjYzLDM0NjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cucG5nd2luZy5jb20vIixudWxsLFtbOCwiTnRzNUx2WUlvYmsiXSxbOSwiZW4tR0IiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Verdicts & Comments Add Verdict or Comment

102 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| documentPictureInPicture function| gtag object| dataLayer object| adsbygoogle object| atOptions object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager string| GoogleAnalyticsObject function| ga function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| larr string| language string| abbr string| site function| _toConsumableArray function| _nonIterableSpread function| _iterableToArray function| _arrayWithoutHoles function| _extends function| _typeof object| mailtouiApp function| waterFall number| cwd object| lazyLoadInstance function| getClient function| getScrollTop number| page function| g function| input_size function| callAjax function| gup number| h function| setCookie function| dl_png function| forceDownload function| resample undefined| xyArr boolean| click_flag undefined| info function| pcaptcha function| close_pcaptcha function| load_captcha_img function| stepn undefined| id undefined| xhr object| cookieconsent function| LazyLoad function| saveAs object| FileSaver object| nanoajax object| gaplugins object| gaData object| google_llp object| googlefc boolean| adsbygoogle_ama_fc_has_run object| googletag object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| ZTEyZjdhZTA3ZDFlZDYwOGxvYWRlcl9qcw== string| ZTEyZjdhZTA3ZDFlZDYwOGNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| GoogleGcLKhOms

11 Cookies

Domain/Path Name / Value
.pngwing.com/ Name: _ga_DL3LYM7LC0
Value: GS1.1.1700686658.1.0.1700686658.0.0.0
.pngwing.com/ Name: _ga
Value: GA1.2.1858397591.1700686659
.pngwing.com/ Name: _gid
Value: GA1.2.640017365.1700686659
.pngwing.com/ Name: _gat_gtag_UA_68216682_41
Value: 1
.pngwing.com/ Name: __gads
Value: ID=eabc5baa9c6fd61c:T=1700686658:RT=1700686658:S=ALNI_MYfB_8a-8Wh-cSBpzn52bbMb0qW_A
.pngwing.com/ Name: __gpi
Value: UID=00000c944f99ed55:T=1700686658:RT=1700686658:S=ALNI_MaWdMHhJovQN10ZVc25czVOkhCygw
.doubleclick.net/ Name: IDE
Value: AHWqTUlv6eKlZHpiIZ0Sh8RQ8xQtEhg5oAhBblTAueKK-d0c1aC2H5T_P7G1kOwG5ZA
.googleadservices.com/ Name: ar_debug
Value: 1
.doubleclick.net/ Name: DSID
Value: NO_DATA
.bidbrain.app/ Name: sid_cross
Value: c5466e91-8979-11ee-ba7a-3210eec218a4
.bidbrain.app/ Name: uid_cross
Value: c6db6eec-8979-11ee-ac7c-06a638f674c5

3 Console Messages

Source Level URL
Text
javascript warning URL: https://www.pngwing.com/(Line 93)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://custodycraveretard.com/11028a078def20a8e59006ba19f41753/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.pngwing.com/(Line 93)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://custodycraveretard.com/11028a078def20a8e59006ba19f41753/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://custodycraveretard.com/11028a078def20a8e59006ba19f41753/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'none'
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

assets.pngwing.com
cdn.rtbrain.app
custodycraveretard.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
g.bidbrain.app
googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
w7.pngwing.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.pngwing.com
fundingchoicesmessages.google.com
104.21.5.60
104.26.2.190
142.250.204.1
142.250.204.2
142.250.66.195
142.250.66.202
142.250.66.232
142.250.67.2
142.250.71.78
142.251.221.66
142.251.221.67
142.251.221.78
172.217.167.100
172.217.167.78
172.217.167.98
172.64.193.31
173.233.137.52
03972c85a08d9d856c2869273fe5416d0747779854dbbedd675095e37d770955
04261972b408d8edaefc199c08d87a13afec67796c540c7f1617127f6f66ab8a
05c52effd56d419b352137352a7b173aaf71d3bb50f1bc3b5512906606e60454
083c388b11ff9349e3dbfe981028994b10da0452557a0c5ffe809b43c6a17fa5
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1a9d619b2e7b16d11e6fdacc86346dbfd821e13497da959f5f3d16ad39e43a8e
1b04df73090f6b0f3192a3b71874ca3b3cc19dff16adc6cf365cd0c75897f6c0
2202d272a7623a0f20d055bae57feefb858a3352833ea36fcc438a895857d307
246bbba46da46fb394ce709ee2eeee0d7ee64c737c5f18dfd140540cd1b3b107
25679e64b105c0acb0da7fe3cf9f7988027e9511a28c536f5ea322ac08e642dc
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af
2881d8eadc298102d2462e8d32e40792adce37b6cd89d99045f574eb3ecbb748
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
333c8f08d81475641736a3893b562f4ec9c792a464db2906f8273212f8640c38
3370e45614c256346047754a276504fd351020bf0169ba9dc7f826eaacc25e2c
350e82e3b0665fac81a4caeaead3cdfa419527a93585a2ac7cbc9bf2e0e3a867
356ea5790a603055081151c9a0f3ad40c80511150b3eee322b11019861e49c37
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
444bd3294ffbff1a0f02fb488936bbb73d0d08db2c8e829ae2994ef09ce58aff
4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808
4852e58b654f278f26b4c5573249d53c3f4e3bac28389c826188cb51682de9a6
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e1ea155e3b107f3484d02ef534d517417500fecd7e2ca2d58064440d3b02d4e
507a2d6f9d77c4b5a78ae77ff59df91f619371ced91fc02743b9e024f4c7e7db
552a044d5e4f4be0dcf2ffdc4efeac28607ad650199f440e8d1ba28dffef6562
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e8aec5c9819e36a666e829761d6758423c0c1e61699ed69f325ef5c037d5300
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
71964ea2985870f641b0287ee4093b081af59a94f04362a64e766bd8fd1b15c4
806982e643e8de872f84ae9386985fed5d9d541c90716ff0a8c1b7f2e59ca686
8092d8631db487458239e2129a998bf21baa6e90b71417c452e5cd483045012b
87a92e159459b46d503d7ca9301e076e886bf1eb91abaae349f8b6a69deb2571
87e2ddabca4067e746eba189338aea0a9551390586b68660b0bf474aae4274c3
89c787860065ccc884bbdb29ac487267d1c3c1c3753566d8b3e6fbed973710d2
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
9519877487be5a08a5238bae5fbf238b716df69fb18ecf5ecae4a73285032265
9761b670a9955801e48f9d73c801ef83eb6917b75aa3100eb20b5b56ea3d1ea2
a8290218f730b2483c7cc60d2eac2ea9e90595e9ca355769f742e75268120088
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
b02fd9ddf4aaca4086f87123194c179b94b0e70760b28c2297d5312b4f4b8a31
b1a1026bd29787369177df7c8b337bf62deab35e69dec0ccdf338cec4f307ac6
b2a8971f8ee5b7b00696e864162b311eaa61fe6c20d814f78772dc702823a6bf
b76d745e00b46747ed39c9a15afb3334baedafa583fea7110b282c929f798d4c
c2246c45b6dc729e1bb0750c664d8adbd68041aad1800fdde83f0b740e3a3fb0
c26b77c6cc88bc95e9bb68a5908ec852cf79c0676a1b9627152d62c70ea67ab4
c97932f3da61852fbe1b8294dddbf7ac4095d70129c45ddf0af406fccba4ed2f
cbfbb43c40c2d60574de473d09004b600b0627e8cfe35a8b93256a937dc3eb71
cc39a3e66767ea760347b2a0fd69bfdb9d3914d010b3a3f64a601c26bb0c779a
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
d8382618b0128ed13d48dea24c252499164156044e096626f6692ce27637157e
da118132dcf3e8b44366d1b9daad7bf14f149ab30add024eef45caf44fdae6fc
ddf9f40dc824c54651002c71d911dd0f2d118f3afe5bdc7ea19f60b988bcf11c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8efda6409951118f0a371a2475a9bd335b52d741991b2bf41c9c6fdcb594678
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2ab0e402d5cb9de893e263a2c44e57f57fec3974b0d981bfe84dec3dae83a1
f0e5a21bf5c95e4c1bce2be98a3656ebcc6d42a21f41c4e3ebf69dd815702e54
f1e90bd84ccee1e504dbf33d30b3f26e59dcf07f7b663debfcc9f3ee1580ae14