URL: https://pdf2png.com/
Submission: On December 29 via manual from CA — Scanned from CA

Summary

This website contacted 18 IPs in 3 countries across 13 domains to perform 121 HTTP transactions. The main IP is 168.119.148.239, located in Germany and belongs to HETZNER-AS, DE. The main domain is pdf2png.com. The Cisco Umbrella rank of the primary domain is 577385.
TLS certificate: Issued by R3 on December 7th 2023. Valid for: 3 months.
This is the only time pdf2png.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 168.119.148.239 24940 (HETZNER-AS)
23 142.250.72.98 15169 (GOOGLE)
2 5.9.83.149 24940 (HETZNER-AS)
2 18 172.217.13.98 15169 (GOOGLE)
14 172.217.13.110 15169 (GOOGLE)
23 172.217.13.193 15169 (GOOGLE)
2 3 172.217.13.196 15169 (GOOGLE)
3 6 172.217.13.130 15169 (GOOGLE)
2 4 104.18.36.155 13335 (CLOUDFLAR...)
3 4 68.67.160.26 29990 (ASN-APPNEX)
4 172.217.13.194 15169 (GOOGLE)
2 172.217.13.138 15169 (GOOGLE)
3 172.217.13.195 15169 (GOOGLE)
1 2 54.234.41.74 14618 (AMAZON-AES)
8 172.217.13.198 15169 (GOOGLE)
2 13.32.230.19 16509 (AMAZON-02)
8 52.88.79.152 16509 (AMAZON-02)
121 18
Apex Domain
Subdomains
Transfer
46 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
662 KB
20 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515
191 KB
17 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1404
www.google.com — Cisco Umbrella Rank: 2
72 KB
12 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 900
static.adsafeprotected.com — Cisco Umbrella Rank: 602
dt.adsafeprotected.com — Cisco Umbrella Rank: 567
103 KB
8 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
302 KB
8 pdf2png.com
pdf2png.com — Cisco Umbrella Rank: 577385
50 KB
4 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 138
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
3 KB
4 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578
3 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
257 KB
3 gstatic.com
www.gstatic.com
17 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
2 KB
2 monohost.com
stats.monohost.com — Cisco Umbrella Rank: 91154
25 KB
121 13
Domain Requested by
23 tpc.googlesyndication.com googleads.g.doubleclick.net
pdf2png.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
23 pagead2.googlesyndication.com pdf2png.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
14 fundingchoicesmessages.google.com pagead2.googlesyndication.com
14 googleads.g.doubleclick.net 2 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
8 dt.adsafeprotected.com googleads.g.doubleclick.net
8 s0.2mdn.net pdf2png.com
s0.2mdn.net
googleads.g.doubleclick.net
8 pdf2png.com pdf2png.com
4 www.googleadservices.com pdf2png.com
4 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
4 www.googletagservices.com googleads.g.doubleclick.net
3 www.gstatic.com googleads.g.doubleclick.net
3 www.google.com 2 redirects tpc.googlesyndication.com
2 static.adsafeprotected.com googleads.g.doubleclick.net
2 googleads4.g.doubleclick.net pdf2png.com
2 fw.adsafeprotected.com 1 redirects pdf2png.com
2 fonts.googleapis.com googleads.g.doubleclick.net
2 stats.monohost.com pdf2png.com
stats.monohost.com
121 19

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.reddit.com
Subject Issuer Validity Valid
epstosvg.com
R3
2023-12-07 -
2024-03-06
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
stats.monohost.com
R3
2023-11-27 -
2024-02-25
3 months crt.sh
*.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
www.googleadservices.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M01
2023-03-29 -
2024-04-27
a year crt.sh
*.doubleclick.net
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02
2023-07-07 -
2024-08-04
a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M01
2023-05-09 -
2024-06-06
a year crt.sh
www.google.com
GTS CA 1C3
2023-11-20 -
2024-02-12
3 months crt.sh

This page contains 19 frames:

Primary Page: https://pdf2png.com/
Frame ID: 2190FB88DF0CAEBA14CEDFC41DAB1FAC
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Frame ID: C75F79043A89F10D9228EFEE6BAF9B75
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&adk=1812271804&adf=3025194257&lmt=1703878721&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1048576%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x1080_r&format=0x0&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721364&bpp=4&bdt=439&idt=299&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6521839946078&frm=20&pv=2&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=327
Frame ID: FEA32E97239713AFE6EC800944FEE698
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=250&slotname=5999786544&adk=181657078&adf=3955570658&pi=t.ma~as.5999786544&w=300&fwrn=1&fwrnh=100&lmt=1703878721&rafmt=3&format=300x250&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721368&bpp=4&bdt=444&idt=343&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=24&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=349
Frame ID: 6E8596DF3D105DEBFA3CFE13588BE661
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=90&slotname=7344673714&adk=457190580&adf=4272225274&pi=t.ma~as.7344673714&w=728&lmt=1703878721&rafmt=12&format=728x90&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721372&bpp=2&bdt=447&idt=349&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=353
Frame ID: 1A7173F6C2BF07F86525DAF3E1AEDA65
Requests: 28 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=280&slotname=5233499781&adk=1682588528&adf=2362057675&pi=t.ma~as.5233499781&w=728&fwrn=1&fwrnh=100&lmt=1703878721&rafmt=1&format=728x280&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721374&bpp=1&bdt=449&idt=355&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C728x90&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=869&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=373
Frame ID: 79E6A68CB7408D66B20E3EA63559B817
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 7908C6D8CF77EA6B51453D80083320C8
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 7E2DD5577864E5217BA3AC9D0028B710
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQuvOSARjyp8v-ATAB&v=APEucNWjwqlbaz6p7vnm9Hr4v0vh7-Rg_7r19-0t5E3IxnGCbZ57DaammPlQt4fVnxxVfumaX-FyoM235jbJSCwQwWDpDPH7Ng
Frame ID: C25D1826B23ECCCF3CA4D8C691C09C46
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 30E7B166D6C5908091EC3B2FB51482AC
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: E42EB53BBC64F828FA1BDCF883B5000A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: C24A9D178FB85694268EA1823E0AA198
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 218B155E59ECEEB60310E3F80C76BC7B
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 4D0FCB36FAE3FE6BDF566513965D4FCD
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4280298057207270451/CA-ENG_XA-10_0__728x90_BAN-A_HTML5_MOFU-no-Security-SecurityOutcomesReportV1-Security_rptsc030390_105/index.html?ev=01_250
Frame ID: A99744B3E3BD056D8B4172EEE5C99246
Requests: 9 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: DA932770583E8E2E13EB510C943761E9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Frame ID: B75A590E2502106580E61F4274181EAC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 485169FCF9962FE5CA8932A1BDCDF708
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 12852B5AA3F2AFBE3630786C7CCE86E3
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

PDF to PNG – Convert PDF to PNG Online

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • piwik\.js|piwik\.php

Page Statistics

121
Requests

94 %
HTTPS

0 %
IPv6

13
Domains

19
Subdomains

18
IPs

3
Countries

1929 kB
Transfer

4576 kB
Size

15
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 39
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 43
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMbzyovoIDfd9conMAi2J0o&google_cver=1
Request Chain 44
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZY8gQ3kuYYjhQY4Igj8VSwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMbzyovoIDfd9conMAi2J0o&google_cver=1
Request Chain 45
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESECkvUoZ8WJRnMCvqMoH0wG4&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECkvUoZ8WJRnMCvqMoH0wG4%26google_cver%3D1
Request Chain 46
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjc1NDY5MzI2NDAwODAwNTczOQ%3D%3D
Request Chain 51
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CeKdMQSCPZeCwLqnJxtYPoMCO8A_Q-ImJdej99bf3EYbtqZKMDhABIJH01IoBYP2gmYHoA6AB7LPywAHIAQKoAwHIA8kEqgTbAU_QTlFt0C7xUaIBh3JeIZ9YV-9_yLl11J2oBD35ipYUqvaXy3vjtdhYUWMPDgyxAJoSdfbQNv7K7OyymoNPpuSoLsHf-uIu0h8wGkdyfXEccGfVwqUER9au0bW4mg3KYfxQd7EmZqZv60yU7CF2P8GlO_VJvM1Gmu5Pn0wnhuQYumFs6HAaxdpB1HCqfzmgOtZi9DpIWm1mp4rZRyZc1H_7Au-GezU5bTqIX1_fGHxSvm-O29t724-Bw3jNmeUSctibsOhQLkm0b9hHVsd4Yt1yrMDb1tPD6Yw0a8AExOiMjN0EiAX3_6rpTZIFBAgEGAGSBQQIBRgEoAYCgAf8y42_AqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEPrAD9IIHwiAYRABGB8yAooCOgSAQIBASL39wTpY35rN77K1gwOaCSBodHRwczovL21hZG11c2NsZXMuY29tL3N0ZXAtZ29hbIAKAcgLAaIMICoeChzktLEC7rWxArW4sQKsurEC5LSxAu61sQK7u7EC2gwQCgoQgP6V6oHztOEZEgIBA9gTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi04Mjg4MjAzNTAyMDYzNjk1GAA&sigh=8Shvts76yVY&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_BKlya2C1W4d6nbVCKSsipjFsOhTyKmKHhHL8qoVQQlMqpPwpzKpGoZbYQwD2LWMz_cpLGME6A34pBhix2fXj3Ed-kzyj2PDhuBgB&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x44d4be405ca1a47f0000000000000000%22,%222%22:%220x2172a07016f9a10a0000000000000000%22,%223%22:%220xd93ac9d4976aa0270000000000000000%22,%224%22:%220x295a85f232dfbe830000000000000000%22,%225%22:%220x6c5b6f37c4926eeb0000000000000000%22},%22debug_key%22:%2217450966817468519226%22,%22debug_reporting%22:true,%22destination%22:%22https://madmuscles.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22404527596%22],%2222%22:[%22true%22],%224%22:[%2212-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2218221005889591635505%22}&andc=true
Request Chain 57
  • https://googleads.g.doubleclick.net/pagead/adview?ai=Clbw5QSCPZY6cMNXovPIP4NmS4Aa0luWHdZXh6aulEobtqZKMDhABIJH01IoBYP2gmYHoA6AB7LPywAHIAQKoAwHIA8kEqgTbAU_QCAYrEF1M597hO-2-tTWGGz3KEN0q2LzYSu_U6jLmobNjjgQdWk1VmmeR0F-wTveFgOqjHc_icC1PdhYteCoFdwQAnrFi0wqiRyFxA3CsXydGrHArJcme3MU2T1BHFcSkDKt_4Ly-euMTR6t0IZHzDf7AXyJsU1SCIsRkmv-kgftPA_YaE0469InvrAmT36hEwck0Rb-ZtxccL4q4mXVJwlxZC6jnFPgNZnDfljkOkyh_nFanCQukXsUtTvD1ukgnYwt5YmJRKoMRQhcyp29atMLtayzzu63118AEqsf06s8EiAXL1pTwTZIFBAgEGAGSBQQIBRgEoAYCgAf8y42_AqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEInGBdIIHwiAYRABGB8yAooCOgSAQIBASL39wTpYq4rP77K1gwOaCSBodHRwczovL21hZG11c2NsZXMuY29tL3N0ZXAtZ29hbIAKAcgLAaIMHCoaChjktLEC7rWxArW4sQKsurEC5LSxAu61sQLaDBAKChCA0Nzg-fPC1FUSAgED2BMN0BUBmBYBgBcBshccChoIABIUcHViLTgyODgyMDM1MDIwNjM2OTUYAA&sigh=YJ9a382GlMs&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_VpFb84IRxz4YnAaEdjhceXoi3jNxr_axX3GC7wm1_PZ-NrwBta4hRR8PiErI6JL22igiObjEYTqPB8ma-7NXhjGIY1An48gwE3kYAQ&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x44d4be405ca1a47f0000000000000000%22,%222%22:%220x2172a07016f9a10a0000000000000000%22,%223%22:%220x59cdf80de3ef02490000000000000000%22,%224%22:%220x2fa83f488e36585a0000000000000000%22,%225%22:%220x6c5b6f37c4926eeb0000000000000000%22},%22debug_key%22:%226937841404341178598%22,%22debug_reporting%22:true,%22destination%22:%22https://madmuscles.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22404527596%22],%2222%22:[%22true%22],%224%22:[%2212-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226312484528502086401%22}&andc=true
Request Chain 79
  • https://fw.adsafeprotected.com/rfw/st/1138160/76607944/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1008693280&ias_pubId=pub-8288203502063695&ias_chanId=1&ias_placementId=20161971837&bidurl=https://pdf2png.com/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0jAPHv3VG2oWfzXk62DLuoi&adContainerId=brand_safety_QyCPZcD0B9zYoPwPkrO-qAQ&cbFunctionName=goog_wrapCb_QyCPZcD0B9zYoPwPkrO-qAQ&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fpdf2png.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fpdf2png.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-8288203502063695%26output%3Dhtml%26h%3D90%26slotname%3D7344673714%26adk%3D457190580%26adf%3D4272225274%26pi%3Dt.ma~as.7344673714%26w%3D728%26lmt%3D1703878721%26rafmt%3D12%26format%3D728x90%26url%3Dhttps%253A%252F%252Fpdf2png.com%252F%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1703878721372%26bpp%3D2%26bdt%3D447%26idt%3D349%26shv%3Dr20231207%26mjsv%3Dm202312070101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C300x250%26nras%3D1%26correlator%3D6521839946078%26frm%3D20%26pv%3D1%26ga_vid%3D1575150388.1703878722%26ga_sid%3D1703878722%26ga_hid%3D1811177920%26ga_fc%3D0%26u_tz%3D-480%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D436%26ady%3D328%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C31079714%252C31079979%252C44795922%252C44809531%252C95320884%26oid%3D2%26pvsid%3D2819960440942582%26tmod%3D1278110273%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3Do%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D256%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D3%26uci%3Da!3%26fsb%3D1%26dtd%3D353&adsafe_type=d&adsafe_jsinfo=,id:f8c78417-097d-141c-91ad-5cde89669448,c:ybwaGP,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7949887ccd-f7bs7,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,fm:tZRjtRH+11%7C12%7C131%7C132%7C14*.1138160-76607944%7C141%7C142%7C143%7C151%7C152%7C16%7C17%7C18%7C19%7C1a1,idMap:14*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:43,oid:dff4105d-a681-11ee-a662-32ab0b5ea6e7,v:19.8.466,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}&ias_xappb=&adContainerId=brand_safety_QyCPZcD0B9zYoPwPkrO-qAQ&cbFunctionName=goog_wrapCb_QyCPZcD0B9zYoPwPkrO-qAQ&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js

121 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
pdf2png.com/
58 KB
22 KB
Document
General
Full URL
https://pdf2png.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
168.119.148.239 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.239.148.119.168.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2b3bdaf9cdbf39752bf8d68020be11f498e49bfe1f3c22aeef9200fd21a9f530

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=UTF-8
Date
Fri, 29 Dec 2023 19:38:40 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
style.css
pdf2png.com/css/
21 KB
6 KB
Stylesheet
General
Full URL
https://pdf2png.com/css/style.css?28
Requested by
Host: pdf2png.com
URL: https://pdf2png.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
168.119.148.239 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.239.148.119.168.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
5881ea598d800acee8b8201cf012a958b5541926cc7121fa2a7c13dcf9c46da2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pdf2png.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Fri, 29 Dec 2023 19:38:41 GMT
Content-Encoding
gzip
Last-Modified
Fri, 02 Jun 2023 08:01:04 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"6479a1c0-55cf"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=31536000
Connection
keep-alive
Expires
Sat, 28 Dec 2024 19:38:41 GMT
logo.svg
pdf2png.com/images/pdf2png/
3 KB
4 KB
Image
General
Full URL
https://pdf2png.com/images/pdf2png/logo.svg
Requested by
Host: pdf2png.com
URL: https://pdf2png.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
168.119.148.239 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.239.148.119.168.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
9d47990613a10336383f2c71c6888db8cb2fa81dafcb42e0807d95002d5af284

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pdf2png.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Fri, 29 Dec 2023 19:38:41 GMT
Last-Modified
Thu, 04 Jun 2020 22:38:13 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"5ed977d5-cca"
Content-Type
image/svg+xml
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3274
Expires
Sat, 28 Dec 2024 19:38:41 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
145 KB
51 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8288203502063695
Requested by
Host: pdf2png.com
URL: https://pdf2png.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
9204ebfba5eb7bae94b11dff25086998d49c356a381b7e73b6d29b03dad84c0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pdf2png.com/
Origin
https://pdf2png.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 19:38:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51324
x-xss-protection
0
server
cafe
etag
5182482387927569141
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 29 Dec 2023 19:38:41 GMT
Bind.js
pdf2png.com/js/
13 KB
4 KB
Script
General
Full URL
https://pdf2png.com/js/Bind.js?2
Requested by
Host: pdf2png.com
URL: https://pdf2png.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
168.119.148.239 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.239.148.119.168.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
bbd65ceecbecbef5739627cf038a31d47122258d5ae7e320232d9e9893d72c09

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pdf2png.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Fri, 29 Dec 2023 19:38:41 GMT
Content-Encoding
gzip
Last-Modified
Tue, 27 Jul 2021 04:28:45 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"60ff8b7d-35fa"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=31536000
Connection
keep-alive
Expires
Sat, 28 Dec 2024 19:38:41 GMT
App.js
pdf2png.com/js/
15 KB
5 KB
Script
General
Full URL
https://pdf2png.com/js/App.js?2
Requested by
Host: pdf2png.com
URL: https://pdf2png.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
168.119.148.239 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.239.148.119.168.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f588adcc1f6edbff73131fc95d1902cd321820ab39d9567f4d9217b25a956f9c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pdf2png.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Fri, 29 Dec 2023 19:38:41 GMT
Content-Encoding
gzip
Last-Modified
Fri, 12 Nov 2021 15:36:46 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"618e8a0e-3b56"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=31536000
Connection
keep-alive
Expires
Sat, 28 Dec 2024 19:38:41 GMT
common.min.js
pdf2png.com/js/
12 KB
5 KB
Script
General
Full URL
https://pdf2png.com/js/common.min.js?7
Requested by
Host: pdf2png.com
URL: https://pdf2png.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
168.119.148.239 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.239.148.119.168.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
73ee0c3a0579c7d6d112c7e0fc463d1275169145a7d9bc824da019993d35a53e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pdf2png.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Fri, 29 Dec 2023 19:38:41 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Jul 2021 02:29:15 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"6100c0fb-2eb8"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=31536000
Connection
keep-alive
Expires
Sat, 28 Dec 2024 19:38:41 GMT
focus-visible.min.js
pdf2png.com/js/
3 KB
1 KB
Script
General
Full URL
https://pdf2png.com/js/focus-visible.min.js?2
Requested by
Host: pdf2png.com
URL: https://pdf2png.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
168.119.148.239 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.239.148.119.168.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
d0b1e589d2d40e90e08bea159f4f5ee6a529eefa829bb1f46d6c4e9cc8485635

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pdf2png.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Fri, 29 Dec 2023 19:38:41 GMT
Content-Encoding
gzip
Last-Modified
Tue, 27 Jul 2021 05:43:59 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"60ff9d1f-d45"
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
max-age=31536000
Connection
keep-alive
Expires
Sat, 28 Dec 2024 19:38:41 GMT
end.css
pdf2png.com/css/
15 KB
4 KB
Stylesheet
General
Full URL
https://pdf2png.com/css/end.css?14
Requested by
Host: pdf2png.com
URL: https://pdf2png.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
168.119.148.239 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.239.148.119.168.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
473712990545b6200223c726c6dc9e0be97a460d592a5d9e5975ff77a7136f56

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pdf2png.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Fri, 29 Dec 2023 19:38:41 GMT
Content-Encoding
gzip
Last-Modified
Sun, 09 Jan 2022 19:08:46 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"61db32be-3b45"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=31536000
Connection
keep-alive
Expires
Sat, 28 Dec 2024 19:38:41 GMT
piwik.js
stats.monohost.com/
65 KB
25 KB
Script
General
Full URL
https://stats.monohost.com/piwik.js
Requested by
Host: pdf2png.com
URL: https://pdf2png.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.9.83.149 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.149.83.9.5.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
b39abd9035f703b76dfed940898d572b9864f676eb1912a9142f0639dca6b2ce

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pdf2png.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date
Fri, 29 Dec 2023 19:38:41 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Dec 2023 07:42:45 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"65814975-1042f"
Transfer-Encoding
chunked
Content-Type
application/javascript
Connection
keep-alive
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/
399 KB
135 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8288203502063695
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
756052520d2c7fd14f0d852648bf871b3001bd5036ba36650c7e7e619ae49444
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pdf2png.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 19:38:41 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137924
x-xss-protection
0
server
cafe
etag
925690544378965138
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Dec 2023 19:38:41 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame C75F
9 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8288203502063695
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pdf2png.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
69208
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 29 Dec 2023 00:25:13 GMT
etag
5585625838579639069
expires
Fri, 12 Jan 2024 00:25:13 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame FEA3
193 KB
53 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&adk=1812271804&adf=3025194257&lmt=1703878721&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1048576%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x1080_r&format=0x0&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721364&bpp=4&bdt=439&idt=299&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6521839946078&frm=20&pv=2&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=327
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
b648bf9ccc35c6e5794653fd7f530366fccff98d9acc9612230b9bc4a68578c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pdf2png.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
54491
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 29 Dec 2023 19:38:42 GMT
expires
Fri, 29 Dec 2023 19:38:42 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
piwik.php
stats.monohost.com/
0
250 B
Ping
General
Full URL
https://stats.monohost.com/piwik.php?action_name=PDF%20to%20PNG%20%E2%80%93%20Convert%20PDF%20to%20PNG%20Online&idsite=15&rec=1&r=260977&h=11&m=38&s=41&url=https%3A%2F%2Fpdf2png.com%2F&_id=8de11514c4d8f7f4&_idn=1&send_image=0&_refts=0&pv_id=vYqucI&pf_net=260&pf_srv=126&pf_tfr=101&pf_dm1=247&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200
Requested by
Host: stats.monohost.com
URL: https://stats.monohost.com/piwik.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
5.9.83.149 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.149.83.9.5.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://pdf2png.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

Access-Control-Allow-Origin
https://pdf2png.com
Date
Fri, 29 Dec 2023 19:38:41 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
ads
googleads.g.doubleclick.net/pagead/ Frame 6E85
103 KB
38 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=250&slotname=5999786544&adk=181657078&adf=3955570658&pi=t.ma~as.5999786544&w=300&fwrn=1&fwrnh=100&lmt=1703878721&rafmt=3&format=300x250&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721368&bpp=4&bdt=444&idt=343&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=24&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=349
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
8c0f89307efb62b88604ec31c1ef1c4770fe7a1a9d115485478a4cdf86aca42a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pdf2png.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
38788
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 29 Dec 2023 19:38:42 GMT
expires
Fri, 29 Dec 2023 19:38:42 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 1A71
22 KB
10 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=90&slotname=7344673714&adk=457190580&adf=4272225274&pi=t.ma~as.7344673714&w=728&lmt=1703878721&rafmt=12&format=728x90&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721372&bpp=2&bdt=447&idt=349&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=353
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
1b77695b01dc7038195f9561025b453e2c11cbcf9b9913da2edecbb7a76ebfe8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pdf2png.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
10219
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 29 Dec 2023 19:38:42 GMT
expires
Fri, 29 Dec 2023 19:38:42 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 79E6
103 KB
38 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=280&slotname=5233499781&adk=1682588528&adf=2362057675&pi=t.ma~as.5233499781&w=728&fwrn=1&fwrnh=100&lmt=1703878721&rafmt=1&format=728x280&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721374&bpp=1&bdt=449&idt=355&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C728x90&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=869&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=373
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
6a2e00be74c0bcf8269b373814250c6def544a364c74366065defa8333eca5d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pdf2png.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
38901
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 29 Dec 2023 19:38:42 GMT
expires
Fri, 29 Dec 2023 19:38:42 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/
160 KB
55 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
26dd21437129f3c040cdf9c1fda0677edef7a843d4524cce394f729827587f74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pdf2png.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 19:38:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56005
x-xss-protection
0
server
cafe
etag
1205812024456056126
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 29 Dec 2023 19:38:42 GMT
ca-pub-8288203502063695
fundingchoicesmessages.google.com/i/
182 KB
61 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-8288203502063695?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f14.1e100.net
Software
ESF /
Resource Hash
904ee0e91dab3b724ad62dfd717fddd3f14aed27a91626cac5c36f37b91d61db
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-H_mpZEWol_v0lJ7KyeK_Qw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pdf2png.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 19:38:42 GMT
content-security-policy
script-src 'report-sample' 'nonce-H_mpZEWol_v0lJ7KyeK_Qw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
11509155679427418220
tpc.googlesyndication.com/simgad/ Frame 6E85
17 KB
18 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/11509155679427418220?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qnzDJQAVrHNNwXDXbfmczsFnS00ow
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=250&slotname=5999786544&adk=181657078&adf=3955570658&pi=t.ma~as.5999786544&w=300&fwrn=1&fwrnh=100&lmt=1703878721&rafmt=3&format=300x250&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721368&bpp=4&bdt=444&idt=343&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=24&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=349
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
sffe /
Resource Hash
854e83a289dc1df570ac974bf9cb1b333ea4f1e6da4dab8b6ec670f881be77a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 00:42:03 GMT
x-content-type-options
nosniff
age
586599
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17627
x-xss-protection
0
last-modified
Mon, 26 Dec 2022 16:18:00 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 22 Dec 2024 00:42:03 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 6E85
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=250&slotname=5999786544&adk=181657078&adf=3955570658&pi=t.ma~as.5999786544&w=300&fwrn=1&fwrnh=100&lmt=1703878721&rafmt=3&format=300x250&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721368&bpp=4&bdt=444&idt=343&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=24&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=349
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
cafe /
Resource Hash
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 00:17:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
69646
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9269
x-xss-protection
0
server
cafe
etag
11706523405290302210
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 Jan 2024 00:17:56 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 6E85
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=250&slotname=5999786544&adk=181657078&adf=3955570658&pi=t.ma~as.5999786544&w=300&fwrn=1&fwrnh=100&lmt=1703878721&rafmt=3&format=300x250&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721368&bpp=4&bdt=444&idt=343&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=24&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=349
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 00:27:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
69053
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 Jan 2024 00:27:49 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 6E85
20 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=250&slotname=5999786544&adk=181657078&adf=3955570658&pi=t.ma~as.5999786544&w=300&fwrn=1&fwrnh=100&lmt=1703878721&rafmt=3&format=300x250&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721368&bpp=4&bdt=444&idt=343&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=24&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=349
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 00:24:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
69226
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 Jan 2024 00:24:56 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 6E85
203 KB
65 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=250&slotname=5999786544&adk=181657078&adf=3955570658&pi=t.ma~as.5999786544&w=300&fwrn=1&fwrnh=100&lmt=1703878721&rafmt=3&format=300x250&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721368&bpp=4&bdt=444&idt=343&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=24&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=349
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 19:38:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Dec 2023 19:38:42 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 6E85
36 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=250&slotname=5999786544&adk=181657078&adf=3955570658&pi=t.ma~as.5999786544&w=300&fwrn=1&fwrnh=100&lmt=1703878721&rafmt=3&format=300x250&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721368&bpp=4&bdt=444&idt=343&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=24&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=349
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
cafe /
Resource Hash
17c51c572c7349afeef2bfedcad431c67244f4a82654b5b8002511fc14346d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 00:25:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
69207
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14812
x-xss-protection
0
server
cafe
etag
15202890134401013038
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 Jan 2024 00:25:15 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 7908
143 B
166 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=250&slotname=5999786544&adk=181657078&adf=3955570658&pi=t.ma~as.5999786544&w=300&fwrn=1&fwrnh=100&lmt=1703878721&rafmt=3&format=300x250&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721368&bpp=4&bdt=444&idt=343&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=24&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=349
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=250&slotname=5999786544&adk=181657078&adf=3955570658&pi=t.ma~as.5999786544&w=300&fwrn=1&fwrnh=100&lmt=1703878721&rafmt=3&format=300x250&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721368&bpp=4&bdt=444&idt=343&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=24&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=349
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
2767
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 29 Dec 2023 18:52:35 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
2253735939007005208
tpc.googlesyndication.com/daca_images/simgad/ Frame 79E6
108 KB
108 KB
Image
General
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/2253735939007005208
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=280&slotname=5233499781&adk=1682588528&adf=2362057675&pi=t.ma~as.5233499781&w=728&fwrn=1&fwrnh=100&lmt=1703878721&rafmt=1&format=728x280&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721374&bpp=1&bdt=449&idt=355&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C728x90&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=869&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=373
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
sffe /
Resource Hash
84bd40cae320d776d11e7d78a6f55e23328182c4dd7f313911fb0bc151d02133
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Wed, 25 Dec 2024 18:43:39 GMT
date
Tue, 26 Dec 2023 18:43:39 GMT
x-content-type-options
nosniff
age
262503
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
110666
x-xss-protection
0
last-modified
Fri, 30 Dec 2022 16:56:52 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 79E6
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=280&slotname=5233499781&adk=1682588528&adf=2362057675&pi=t.ma~as.5233499781&w=728&fwrn=1&fwrnh=100&lmt=1703878721&rafmt=1&format=728x280&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721374&bpp=1&bdt=449&idt=355&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C728x90&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=869&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=373
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
cafe /
Resource Hash
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 00:17:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
69646
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9269
x-xss-protection
0
server
cafe
etag
11706523405290302210
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 Jan 2024 00:17:56 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 79E6
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=280&slotname=5233499781&adk=1682588528&adf=2362057675&pi=t.ma~as.5233499781&w=728&fwrn=1&fwrnh=100&lmt=1703878721&rafmt=1&format=728x280&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721374&bpp=1&bdt=449&idt=355&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C728x90&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=869&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=373
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 00:27:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
69053
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 Jan 2024 00:27:49 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 79E6
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=280&slotname=5233499781&adk=1682588528&adf=2362057675&pi=t.ma~as.5233499781&w=728&fwrn=1&fwrnh=100&lmt=1703878721&rafmt=1&format=728x280&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721374&bpp=1&bdt=449&idt=355&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C728x90&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=869&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=373
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 00:24:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
69226
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 Jan 2024 00:24:56 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 79E6
203 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=280&slotname=5233499781&adk=1682588528&adf=2362057675&pi=t.ma~as.5233499781&w=728&fwrn=1&fwrnh=100&lmt=1703878721&rafmt=1&format=728x280&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721374&bpp=1&bdt=449&idt=355&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C728x90&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=869&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=373
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 19:38:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Dec 2023 19:38:42 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 79E6
36 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=280&slotname=5233499781&adk=1682588528&adf=2362057675&pi=t.ma~as.5233499781&w=728&fwrn=1&fwrnh=100&lmt=1703878721&rafmt=1&format=728x280&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721374&bpp=1&bdt=449&idt=355&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C728x90&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=869&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=373
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
cafe /
Resource Hash
17c51c572c7349afeef2bfedcad431c67244f4a82654b5b8002511fc14346d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 00:25:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
69207
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14812
x-xss-protection
0
server
cafe
etag
15202890134401013038
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 Jan 2024 00:25:15 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 7E2D
143 B
166 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=280&slotname=5233499781&adk=1682588528&adf=2362057675&pi=t.ma~as.5233499781&w=728&fwrn=1&fwrnh=100&lmt=1703878721&rafmt=1&format=728x280&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721374&bpp=1&bdt=449&idt=355&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C728x90&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=869&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=373
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=280&slotname=5233499781&adk=1682588528&adf=2362057675&pi=t.ma~as.5233499781&w=728&fwrn=1&fwrnh=100&lmt=1703878721&rafmt=1&format=728x280&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721374&bpp=1&bdt=449&idt=355&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C728x90&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=869&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=373
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
2767
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 29 Dec 2023 18:52:35 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 7908
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=250&slotname=5999786544&adk=181657078&adf=3955570658&pi=t.ma~as.5999786544&w=300&fwrn=1&fwrnh=100&lmt=1703878721&rafmt=3&format=300x250&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721368&bpp=4&bdt=444&idt=343&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=24&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=349
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 29 Dec 2023 19:38:42 GMT
expires
Fri, 29 Dec 2023 19:38:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 29 Dec 2023 19:38:42 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1A71
42 B
63 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CYmG22hJbbwvvw3yWGaj8PmUDIaajfH2gYyyNz1fc1fE8458GgiIyxF_vUlOdbV1XVds1PPDIbCUeBiBsgqErzLk2E-AIUGRVVz6lnuYG0bx2Fjvg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=90&slotname=7344673714&adk=457190580&adf=4272225274&pi=t.ma~as.7344673714&w=728&lmt=1703878721&rafmt=12&format=728x90&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721372&bpp=2&bdt=447&idt=349&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=353
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Dec 2023 19:38:42 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 1A71
89 KB
31 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=90&slotname=7344673714&adk=457190580&adf=4272225274&pi=t.ma~as.7344673714&w=728&lmt=1703878721&rafmt=12&format=728x90&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721372&bpp=2&bdt=447&idt=349&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=353
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 19:38:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Fri, 29 Dec 2023 19:38:42 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 1A71
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=90&slotname=7344673714&adk=457190580&adf=4272225274&pi=t.ma~as.7344673714&w=728&lmt=1703878721&rafmt=12&format=728x90&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721372&bpp=2&bdt=447&idt=349&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=353
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 00:27:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
69053
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 Jan 2024 00:27:49 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 1A71
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=90&slotname=7344673714&adk=457190580&adf=4272225274&pi=t.ma~as.7344673714&w=728&lmt=1703878721&rafmt=12&format=728x90&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721372&bpp=2&bdt=447&idt=349&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=353
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 00:24:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
69226
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 Jan 2024 00:24:56 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 1A71
203 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=90&slotname=7344673714&adk=457190580&adf=4272225274&pi=t.ma~as.7344673714&w=728&lmt=1703878721&rafmt=12&format=728x90&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721372&bpp=2&bdt=447&idt=349&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=353
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 19:38:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Dec 2023 19:38:42 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame C25D
624 B
246 B
Document
General
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQuvOSARjyp8v-ATAB&v=APEucNWjwqlbaz6p7vnm9Hr4v0vh7-Rg_7r19-0t5E3IxnGCbZ57DaammPlQt4fVnxxVfumaX-FyoM235jbJSCwQwWDpDPH7Ng
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=90&slotname=7344673714&adk=457190580&adf=4272225274&pi=t.ma~as.7344673714&w=728&lmt=1703878721&rafmt=12&format=728x90&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721372&bpp=2&bdt=447&idt=349&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=353
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=90&slotname=7344673714&adk=457190580&adf=4272225274&pi=t.ma~as.7344673714&w=728&lmt=1703878721&rafmt=12&format=728x90&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721372&bpp=2&bdt=447&idt=349&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=353
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 29 Dec 2023 19:38:42 GMT
expires
Fri, 29 Dec 2023 19:38:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 7E2D
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=280&slotname=5233499781&adk=1682588528&adf=2362057675&pi=t.ma~as.5233499781&w=728&fwrn=1&fwrnh=100&lmt=1703878721&rafmt=1&format=728x280&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721374&bpp=1&bdt=449&idt=355&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C728x90&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=869&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=373
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 29 Dec 2023 19:38:43 GMT
expires
Fri, 29 Dec 2023 19:38:43 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 29 Dec 2023 19:38:42 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 6E85
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
78f3e00859258cd6b3d9990cc479f94bfe72af05299f0d275ade0245768f4bfa

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 30E7
9 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pdf2png.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
69361
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 29 Dec 2023 00:22:41 GMT
etag
5585625838579639069
expires
Fri, 12 Jan 2024 00:22:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxWOr00F0q5qj8e6bXvA2rfI1w3n4zRChq5_Rm0UNHmP9_a0Sgb79mGZWXM9HDvy5GMum4dZN23_EZK5mHLT0RjEXWluSLFwBSd9m5jfj_OCd56mHKbb-llilQ611320TZuJkMjnoA==
fundingchoicesmessages.google.com/f/
3 KB
2 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWOr00F0q5qj8e6bXvA2rfI1w3n4zRChq5_Rm0UNHmP9_a0Sgb79mGZWXM9HDvy5GMum4dZN23_EZK5mHLT0RjEXWluSLFwBSd9m5jfj_OCd56mHKbb-llilQ611320TZuJkMjnoA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAzODc4NzIyLDk3MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9wZGYycG5nLmNvbS8iLG51bGwsW1s4LCJVdkZCUVIzNFM1VSJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMxTgAzZgX7fv5x3yC2FM5A7d8L4hw/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f14.1e100.net
Software
ESF /
Resource Hash
e0687dac6050104c11d04ddee964b0369b1c1d3631cbabff5317a21f0fc5bf1d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-HIBMiyv3byiGqTLgn2RH9A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pdf2png.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 19:38:43 GMT
content-security-policy
script-src 'report-sample' 'nonce-HIBMiyv3byiGqTLgn2RH9A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame C25D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMbzyovoIDfd9conMAi2J0o&google_cver=1
43 B
773 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMbzyovoIDfd9conMAi2J0o&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQuvOSARjyp8v-ATAB&v=APEucNWjwqlbaz6p7vnm9Hr4v0vh7-Rg_7r19-0t5E3IxnGCbZ57DaammPlQt4fVnxxVfumaX-FyoM235jbJSCwQwWDpDPH7Ng
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Dec 2023 19:38:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LGXcmxkan%2BeqL1EaH%2FDK5l%2BunZphreP4C%2BdkhgcXoTBAIqsyMHAhjt1si0At19ocHu%2FHK0nXUtkege2UJ4AJ9mxSdzpm6bMyawpGDY0tCknWxu%2Bh%2Bg567YbzqSNxUFETQy7LP7ZF53cj5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83d48143fa6139de-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 29 Dec 2023 19:38:43 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMbzyovoIDfd9conMAi2J0o&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame C25D
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZY8gQ3kuYYjhQY4Igj8VSwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMbzyovoIDfd9conMAi2J0o&google_cver=1
43 B
737 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMbzyovoIDfd9conMAi2J0o&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQuvOSARjyp8v-ATAB&v=APEucNWjwqlbaz6p7vnm9Hr4v0vh7-Rg_7r19-0t5E3IxnGCbZ57DaammPlQt4fVnxxVfumaX-FyoM235jbJSCwQwWDpDPH7Ng
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Dec 2023 19:38:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lX4ERqMfBv9UgJE23XsfC8%2FIez0oPzkAPDElGZk9Tt5xlRtCbyWjUMYxiCL388q1KLJn9uartpgDj71H%2BtFhqTHBdgSRGhshF4na%2BN4qIWbBMv%2Boo2lzhe5TJygOaTH%2BiEkstAZJZYIZhA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
83d481447b3239de-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 29 Dec 2023 19:38:43 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMbzyovoIDfd9conMAi2J0o&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame C25D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESECkvUoZ8WJRnMCvqMoH0wG4&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECkvUoZ8WJRnMCvqMoH0wG4%26google_cver%3D1
43 B
890 B
Image
General
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECkvUoZ8WJRnMCvqMoH0wG4%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQuvOSARjyp8v-ATAB&v=APEucNWjwqlbaz6p7vnm9Hr4v0vh7-Rg_7r19-0t5E3IxnGCbZ57DaammPlQt4fVnxxVfumaX-FyoM235jbJSCwQwWDpDPH7Ng
Protocol
H2
Server
68.67.160.26 Jersey City, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Dec 2023 19:38:43 GMT
an-x-request-uuid
d993c953-e4dd-4744-b292-50b80ed764ed
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
153.92.40.253; 153.92.40.253; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 29 Dec 2023 19:38:43 GMT
an-x-request-uuid
f81300f0-e139-483e-89a5-9dc81ae3d028
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECkvUoZ8WJRnMCvqMoH0wG4%26google_cver%3D1
cache-control
no-store, no-cache, private
x-proxy-origin
153.92.40.253; 153.92.40.253; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C25D
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjc1NDY5MzI2NDAwODAwNTczOQ%3D%3D
170 B
243 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjc1NDY5MzI2NDAwODAwNTczOQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQuvOSARjyp8v-ATAB&v=APEucNWjwqlbaz6p7vnm9Hr4v0vh7-Rg_7r19-0t5E3IxnGCbZ57DaammPlQt4fVnxxVfumaX-FyoM235jbJSCwQwWDpDPH7Ng
Protocol
H2
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Dec 2023 19:38:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 29 Dec 2023 19:38:43 GMT
an-x-request-uuid
08832454-b0f0-420d-aae2-9c6a007f6e3b
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjc1NDY5MzI2NDAwODAwNTczOQ%3D%3D
x-proxy-origin
153.92.40.253; 153.92.40.253; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame 79E6
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a4c4b5501e7c0c5fe27180504b880968ee47d11ba331091dbcb136fdaa9c87ca

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1A71
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2289344319674&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Dec 2023 19:38:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1A71
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2289344319674&version=m202309260101&ct=76&x=1&cor=2318422490171003400
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Dec 2023 19:38:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 1A71
110 KB
41 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CkvBffbBdDxoSCP86LwcwjQrFnspeR8pU9wEE-5oxvMqwg2cqZpnDUFIQdybB1rqrNmvBi6zd3rwwAVvFhvgMuadGy4RvtUiiqNlU2sNctKcoXC5be42dmKrnTfupD1aY9UCf-J5hU0bMSNuq21PzhhxQE-XiiEeD76uUskhd_A6asfN8&dbm_d=AKAmf-BT5roYLryknkxDksv0AVMcDZ_Wo5k3tfPOni0kU3Zsw5tE9JquhzmrLCePbbxpTF2Ys80SIn-80NDbdcvh1nXUvdKjdw8PtlzFa4MYgLrUtEp5mvLfMakqRixKmR1_iQIpqTPPpZ11a4Tw2FCAfdjDquaEHAGGifygvWx1LfVpa92q61Zsb1XEgdI2BU6_aI-Y7ls7wbULjrfXAvwUY0cP8ySzdCJ-8yJC5dL9tDaFvYDbl-x2Qzt4ZK07slrYchXabQYY6Vl1rhnpIA48Yr9xpSDJvMMkXXs-G5m451gXYfNQDystS9-AlqTW65zEGI3j0BNr7jcSumm7aNNw0TvMXLg7FEcS1rPte91vH1ezz8cSJC3VkIdQPMVS9GVZC2ter1qOdJQ13ptLMWGwlahIcz0ke_10L6Nuq3zc3khGXe3ctkPmNExAACjYbfG58k9QXtCIT8efK-ybXDFj4E7u1yIal7yluhs2jhmB7WXHoPy0kgEgkAyyxvEhASIQEvBiEFS87TuUp5735FT9OxzJNlSNuVNZnLv_ieyNKaV8jnVo4NmOCpEpRxNy5Ix-GTQLdihBrjxh22u46JEDwRP_czkrquYKdFRnGny5WAdvR8vLZE7_KHB073k0jIcERV3zzGSrt_7K8oBt5FraeMuwVL8wHJT5tVr9ru_VBErndW8dOJzf73tMxMW2Es_GDecQKUur5hLPgMhZEjE6mlFwnJRaf4mcQfcOzL1hoWQx9EqVTZkwJX0soxiy7Zmk74QjuoZRB0UqnL6GZwbLrvdJPIrimxlGqQqcS1VkBsysl4wqJa3mLb2q4baKzDilfLfJgrJWt_p-thTeXFaLw2Hfq3FiWZgqVkg24jN2fNqDwzgfsoTjzQR2yohj1tJKOconseTppgNvXKb_oUcavMzH7t1IJmdjsvP4N39FkyiB-NHyeHLtuH3Z1FevxvD-jeyAZf6vJtgENHzAhQ6Ui02PVFxplTggYrUqDFdH31l4K2gOn1UKtUUBhK35JKsVsp9AjwqIOGEcNS_lEwB28VpKLIyP8cas1B6TzvGhUFo7uhYbvmiIf0RNvtyp2NMAWNK8Zki-kQnEuFZZPOaaboUkf5iCYS1G3wMuhykZiovZhd0ReLf6RmWFb2t-j9w7V55Z-rK-tOKYv0oWk8dfJcbWvV6mLZ2gafNujmNXxsdLKKz0PAD2ybsQHLf0aueDHfma9ibnz54Hy0JxANIET0anCFSol59e9EK7LCizUSMoKYlVa3tpTyuL9QYJWo4-nPxr6T0xdjkZY52Vo494fqiglA9eLCgn0dy7kqYnGp7tYEO3wqJlBVp9u-0F_Ox7Xu38tEAO8Cg3dslUYib3ac19ysJ6iTE2BeZiqm7WbhJMNxn_13RCbm_-FZzM1Z-_AO856g165wimKrHHoiO1TjQWB3aczddVfXOvJhDQA9Dhmn6nMy-6Nj5140RHcY-6gsVzMFJW3IhHqa1sTtULLxWmASrU_se-JkSDRTG8lnRC4fkGbDxzSMI1d9VbvGJr82SOWfvBh2qttXWStt8jtqwQuAmRliTuBEC_lwSxtqUMxuTPg6ccqyFkE0vR2831i0omKIIdHv0lvtuGr7KvwnSZ0QUzD_UCtrZi7IydcteGtoKd545e706fSy4bp8pChUA9BY4K9b99i4zVzgzm6ywJZUtEx7N-l5HzunpUh__8qxtUXxMaU4jb0ApS-uZMCTWrPU3ZVJi8Qv-DZiyOvLI2o8ogeFLkfjIB-tPKwxcZU5tcdt5Jc-iK8W1O-0RcjXHV1RpZ64JYP93f6j0Iuusk0LlIZEinuVbuuW_lj0rR06udglKM1rBKqMtSxUOSM4g2DJvasgQMtrvN5N1vardjejXE2wCAPYoUQXK4eYjiqV-qMAOJJ-plVE6m4z9n9LcnjPtlysRq7X5IIgpziIsspuZqAQlCh8ibSmskNCvl76tLJDjvejMdvLAdogaHKirP8HZfUVl_U2xjYFr8yCaKp77G9mtyj0abUQHwCXdn140KM7OvqnpkkNVzFeifDA_rAwBckpxKWmlzdnJjFWggRA9FuzTUtWFl6FJMuZk2GX5uP_tB55vKN9fg8t-Yu1brXkGPl3GZPML9rGEs7X1FVrWW2hAjy9hc2b44u7By5lSY3bwBdukMGa2v6Efczawnq4FK4MxlRZ0US4IUtlg1ojz5RVYWPf454LHXU3cruTqe6HHHwLAubTEdojlLnGx3UZDzf80w9liLbYXko5g-eflX_RM4MPAHbe8wYQQckeNE8KITiWpoPfF9fzi95RoCd2vyggao1chPje3noVHRDJ3YKz3-0CE96CJMrU-cz_jetPr32Yqn0-AUxoKqkGsRu_uhjc3y9eBsmE_g4kKiBb1s_iWoiEk2tkXOYPkrYE0vDwuCeE8-gZGTlubh5u4cC2Rj92pgMRAefDnO39fR24LCWd5AkSOtenCC_aS-NzDa8xwtsWpKFJ9EVRZxedpcUEKBadAnK6bckueF6wG5JnIPM9kT3ok7VYT9p9RY9G9kQNQbkLQVS_hfT0ImhTxWzljiY4KGxrHS6Ep1f05zyN6djzCksZgS7z2OvsLnxoLxbjyz2nWr3-mUaFzHeBa4rCtE8RrmxaR3CNpqz8jiQo8qb69FTxEM0ohJRRqHo_6vDYTQcrc6AfYevTyMDwQJ6Fi7cI6B8coVdKOUZd0xtrtTE53PQKDEVDDZar0UOUCAmmNqkMQKyeUAozuFsd7zfDM2rNz56itpqkWWk_rg-9K17pqjxIEMHuOvNq0upMwjxVn3axs-I5k8rBek7ANq74a9d2ALcgVT3EXTSGof5QZ0EsQBHYTACYq792C7LcgqeJYHzyb0Dm-Uhpgd8doAECkIzfkTs6fRhCnED6EixgeCiVoodFAVNs8JGQuDZ8tZUrwo0CvTR2gkik2lvpObytpuQvkKX7NCvhpjgN4ZluFoAaJ_K6utyps-th7dBIrIZR8wW3Xn3AzJX-DAx4eJgGRvBHWPsf3RcEGJl9GBsMFNpFdiGixdqLvNRAofpWZO0WC6S1aedlEkkDIlemhdCGz8EBwbUkW7JhKZ7f94uxoExOzUJBz2coLUJgJOfTctVm7vGv-7gSUZ0PayeERIzJjZp1dOi6XzGpY_AjKV-6-nJ52VN0HQLPsFqFN2VdlmBk1X0e4bq9teyEvp9DH_u2BwHQDVoCjpsD6-OvUc7VoVtjj2fWmTDpgVM--I7-pudjiaZx4q0JNdfF9AZI1yZ8wLHj5BrYm65Kg5yL-w5bd8GhY2JUfRkbHTJFhUpHk1KzWLN--szETjuY7vkF4w8lReNN9JQRtJjke_1x6k76DsUSANqYaKgiOWpVxHlYZ2uo6Ph7WHbWBnCicFXekUSBWbbNstFTpd3TEQq_WIUQnlXEnIUxuSBItTsa7rL0CK8n2n8FzMwTHRqoH4pGh0XstgOFrr3U0TPeP6VMZKC8pIwdiiXcALGjgCiXQ_qz5cLmavkBN2v48UCys6TCrjcoE7QDxT8PPthFcuL8anFbbwq74bReljohGwhYwIEGqlricl48SAcIIm3tcN8CenZxw82o6gSAz5pqUO4Q8zgvtQHaLec7dRp971AxtOCRh3Ph_uyl9uLPWkJ3qOBw9LgkSa9fF9RzoGJDD7aRxqJw4UcxvUxy20nfIbq6eFqdpdh0KppWfZxnl39mmzZnw30V_lr8ROa0P4qoRVA6s9Kijhjg&cid=CAQSTgAvHhf_jxcrQdke7La2tnG_P4_TSlJCnBRNYeyo6U6xStKOExBbzGEdSQaERHzs5-6wZIrdl1NtCmpa0m9iLvcMYjy_ME0J9fwyOZ2DLRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fpdf2png.com%2F&ds=l&xdt=1&iif=1&cor=2318422490171003400&adk=250412561&idt=114&cac=0&dtd=14
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
cafe /
Resource Hash
63a00137e7dac57beaa887d85025f97a6b8cdebdf67992a47939d8d7c6373263
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=90&slotname=7344673714&adk=457190580&adf=4272225274&pi=t.ma~as.7344673714&w=728&lmt=1703878721&rafmt=12&format=728x90&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721372&bpp=2&bdt=447&idt=349&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=353
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Dec 2023 19:38:43 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42162
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 6E85
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CeKdMQSCPZeCwLqnJxtYPoMCO8A_Q-ImJdej99bf3EYbtqZKMDhABIJH01IoBYP2gmYHoA6AB7LPywAHIAQKoAwHIA8kEqgTbAU_QTlFt0C7xUaIBh3JeIZ9YV-9_yLl11J2oBD35ipYUqva...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x44d4be405ca1a47f0000000000000000%22,%222%22:%220x2172a07016f9a10a0000000000000000%22,%223%22:%220xd93ac9...
0
0
Fetch
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x44d4be405ca1a47f0000000000000000%22,%222%22:%220x2172a07016f9a10a0000000000000000%22,%223%22:%220xd93ac9d4976aa0270000000000000000%22,%224%22:%220x295a85f232dfbe830000000000000000%22,%225%22:%220x6c5b6f37c4926eeb0000000000000000%22},%22debug_key%22:%2217450966817468519226%22,%22debug_reporting%22:true,%22destination%22:%22https://madmuscles.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22404527596%22],%2222%22:[%22true%22],%224%22:[%2212-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2218221005889591635505%22}&andc=true
Requested by
Host: pdf2png.com
URL: https://pdf2png.com/
Protocol
H3
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 19:38:43 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x44d4be405ca1a47f0000000000000000","2":"0x2172a07016f9a10a0000000000000000","3":"0xd93ac9d4976aa0270000000000000000","4":"0x295a85f232dfbe830000000000000000","5":"0x6c5b6f37c4926eeb0000000000000000"},"debug_key":"17450966817468519226","debug_reporting":true,"destination":"https://madmuscles.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["404527596"],"22":["true"],"4":["12-29"],"6":["true"]},"priority":"500","source_event_id":"18221005889591635505"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 29 Dec 2023 19:38:43 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 29 Dec 2023 19:38:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x44d4be405ca1a47f0000000000000000","2":"0x2172a07016f9a10a0000000000000000","3":"0xd93ac9d4976aa0270000000000000000","4":"0x295a85f232dfbe830000000000000000","5":"0x6c5b6f37c4926eeb0000000000000000"},"debug_key":"17450966817468519226","debug_reporting":true,"destination":"https://madmuscles.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["404527596"],"22":["true"],"4":["12-29"],"6":["true"]},"priority":"500","source_event_id":"18221005889591635505"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
css2
fonts.googleapis.com/ Frame 30E7
4 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f10.1e100.net
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 29 Dec 2023 19:38:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 29 Dec 2023 18:20:21 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 29 Dec 2023 19:38:43 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 30E7
205 B
650 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f3.1e100.net
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 22 Dec 2023 20:11:11 GMT
x-content-type-options
nosniff
age
602852
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sat, 21 Dec 2024 20:11:11 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 30E7
604 B
696 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f3.1e100.net
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 11:53:01 GMT
x-content-type-options
nosniff
age
546342
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 22 Dec 2024 11:53:01 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 30E7
16 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
cafe /
Resource Hash
41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 16:41:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
10605
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6766
x-xss-protection
0
server
cafe
etag
14924840246271906451
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 Jan 2024 16:41:58 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 30E7
22 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
cafe /
Resource Hash
db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 21:44:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
78832
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9210
x-xss-protection
0
server
cafe
etag
13914886398874665762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 11 Jan 2024 21:44:51 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 79E6
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=Clbw5QSCPZY6cMNXovPIP4NmS4Aa0luWHdZXh6aulEobtqZKMDhABIJH01IoBYP2gmYHoA6AB7LPywAHIAQKoAwHIA8kEqgTbAU_QCAYrEF1M597hO-2-tTWGGz3KEN0q2LzYSu_U6jLmobN...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x44d4be405ca1a47f0000000000000000%22,%222%22:%220x2172a07016f9a10a0000000000000000%22,%223%22:%220x59cdf8...
0
0
Fetch
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x44d4be405ca1a47f0000000000000000%22,%222%22:%220x2172a07016f9a10a0000000000000000%22,%223%22:%220x59cdf80de3ef02490000000000000000%22,%224%22:%220x2fa83f488e36585a0000000000000000%22,%225%22:%220x6c5b6f37c4926eeb0000000000000000%22},%22debug_key%22:%226937841404341178598%22,%22debug_reporting%22:true,%22destination%22:%22https://madmuscles.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22404527596%22],%2222%22:[%22true%22],%224%22:[%2212-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226312484528502086401%22}&andc=true
Requested by
Host: pdf2png.com
URL: https://pdf2png.com/
Protocol
H3
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 19:38:43 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0x44d4be405ca1a47f0000000000000000","2":"0x2172a07016f9a10a0000000000000000","3":"0x59cdf80de3ef02490000000000000000","4":"0x2fa83f488e36585a0000000000000000","5":"0x6c5b6f37c4926eeb0000000000000000"},"debug_key":"6937841404341178598","debug_reporting":true,"destination":"https://madmuscles.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["404527596"],"22":["true"],"4":["12-29"],"6":["true"]},"priority":"500","source_event_id":"6312484528502086401"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 29 Dec 2023 19:38:43 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 29 Dec 2023 19:38:43 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x44d4be405ca1a47f0000000000000000","2":"0x2172a07016f9a10a0000000000000000","3":"0x59cdf80de3ef02490000000000000000","4":"0x2fa83f488e36585a0000000000000000","5":"0x6c5b6f37c4926eeb0000000000000000"},"debug_key":"6937841404341178598","debug_reporting":true,"destination":"https://madmuscles.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["404527596"],"22":["true"],"4":["12-29"],"6":["true"]},"priority":"500","source_event_id":"6312484528502086401"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
pagead2.googlesyndication.com/bg/ Frame E42E
50 KB
19 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=250&slotname=5999786544&adk=181657078&adf=3955570658&pi=t.ma~as.5999786544&w=300&fwrn=1&fwrnh=100&lmt=1703878721&rafmt=3&format=300x250&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721368&bpp=4&bdt=444&idt=343&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=24&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=349
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
sffe /
Resource Hash
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 23:57:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
243678
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19632
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 25 Dec 2024 23:57:25 GMT
AGSKWxWJjEiS6tuDr7rbierZcZUfdCB3mILS-zeK6gZ0KMt_qjcRInrZaBPvAH2OJnAN3X8sla4TTKIF_pgh8KBiiRtGBf7hBCnxQd1EFlqUd2Wak_leW5eRUPACmHCHMWUapT54Cz5ATg==
fundingchoicesmessages.google.com/f/
13 KB
6 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWJjEiS6tuDr7rbierZcZUfdCB3mILS-zeK6gZ0KMt_qjcRInrZaBPvAH2OJnAN3X8sla4TTKIF_pgh8KBiiRtGBf7hBCnxQd1EFlqUd2Wak_leW5eRUPACmHCHMWUapT54Cz5ATg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAzODc4NzIzLDE4MzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vcGRmMnBuZy5jb20vIixudWxsLFtbOCwiVXZGQlFSMzRTNVUiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMxTgAzZgX7fv5x3yC2FM5A7d8L4hw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f14.1e100.net
Software
ESF /
Resource Hash
5fd5cda89c9b848380c5360e075bcc0e1f0cc815a6b1374d3d2d0c0f31377d84
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-GgRQjuBGxtl7BozLDeeKtQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pdf2png.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 19:38:43 GMT
content-security-policy
script-src 'report-sample' 'nonce-GgRQjuBGxtl7BozLDeeKtQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame
0
0
Preflight
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x44d4be405ca1a47f0000000000000000%22,%222%22:%220x2172a07016f9a10a0000000000000000%22,%223%22:%220xd93ac9d4976aa0270000000000000000%22,%224%22:%220x295a85f232dfbe830000000000000000%22,%225%22:%220x6c5b6f37c4926eeb0000000000000000%22},%22debug_key%22:%2217450966817468519226%22,%22debug_reporting%22:true,%22destination%22:%22https://madmuscles.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22404527596%22],%2222%22:[%22true%22],%224%22:[%2212-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2218221005889591635505%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 29 Dec 2023 19:38:43 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
pagead2.googlesyndication.com/bg/ Frame C24A
50 KB
19 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=280&slotname=5233499781&adk=1682588528&adf=2362057675&pi=t.ma~as.5233499781&w=728&fwrn=1&fwrnh=100&lmt=1703878721&rafmt=1&format=728x280&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721374&bpp=1&bdt=449&idt=355&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C728x90&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=869&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=373
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
sffe /
Resource Hash
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 23:57:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
243678
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19632
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 25 Dec 2024 23:57:25 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame
0
0
Preflight
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x44d4be405ca1a47f0000000000000000%22,%222%22:%220x2172a07016f9a10a0000000000000000%22,%223%22:%220x59cdf80de3ef02490000000000000000%22,%224%22:%220x2fa83f488e36585a0000000000000000%22,%225%22:%220x6c5b6f37c4926eeb0000000000000000%22},%22debug_key%22:%226937841404341178598%22,%22debug_reporting%22:true,%22destination%22:%22https://madmuscles.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22404527596%22],%2222%22:[%22true%22],%224%22:[%2212-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226312484528502086401%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 29 Dec 2023 19:38:43 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
skeleton.js
fw.adsafeprotected.com/rjss/st/1138160/76607944/ Frame 1A71
255 KB
77 KB
Script
General
Full URL
https://fw.adsafeprotected.com/rjss/st/1138160/76607944/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1008693280&ias_pubId=pub-8288203502063695&ias_chanId=1&ias_placementId=20161971837&bidurl=https://pdf2png.com/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0jAPHv3VG2oWfzXk62DLuoi
Requested by
Host: pdf2png.com
URL: https://pdf2png.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.234.41.74 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-234-41-74.compute-1.amazonaws.com
Software
/
Resource Hash
f402ef263113b51977477e2be7a1c3d8f54b50e66947477e35233fa399d01300

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Dec 2023 19:38:43 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_278.js
s0.2mdn.net/879366/ Frame 1A71
111 KB
39 KB
Script
General
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Requested by
Host: pdf2png.com
URL: https://pdf2png.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 00:20:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69504
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39806
x-xss-protection
0
last-modified
Tue, 14 Mar 2023 18:44:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 30 Dec 2023 00:20:19 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 1A71
11 KB
4 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CkvBffbBdDxoSCP86LwcwjQrFnspeR8pU9wEE-5oxvMqwg2cqZpnDUFIQdybB1rqrNmvBi6zd3rwwAVvFhvgMuadGy4RvtUiiqNlU2sNctKcoXC5be42dmKrnTfupD1aY9UCf-J5hU0bMSNuq21PzhhxQE-XiiEeD76uUskhd_A6asfN8&dbm_d=AKAmf-BT5roYLryknkxDksv0AVMcDZ_Wo5k3tfPOni0kU3Zsw5tE9JquhzmrLCePbbxpTF2Ys80SIn-80NDbdcvh1nXUvdKjdw8PtlzFa4MYgLrUtEp5mvLfMakqRixKmR1_iQIpqTPPpZ11a4Tw2FCAfdjDquaEHAGGifygvWx1LfVpa92q61Zsb1XEgdI2BU6_aI-Y7ls7wbULjrfXAvwUY0cP8ySzdCJ-8yJC5dL9tDaFvYDbl-x2Qzt4ZK07slrYchXabQYY6Vl1rhnpIA48Yr9xpSDJvMMkXXs-G5m451gXYfNQDystS9-AlqTW65zEGI3j0BNr7jcSumm7aNNw0TvMXLg7FEcS1rPte91vH1ezz8cSJC3VkIdQPMVS9GVZC2ter1qOdJQ13ptLMWGwlahIcz0ke_10L6Nuq3zc3khGXe3ctkPmNExAACjYbfG58k9QXtCIT8efK-ybXDFj4E7u1yIal7yluhs2jhmB7WXHoPy0kgEgkAyyxvEhASIQEvBiEFS87TuUp5735FT9OxzJNlSNuVNZnLv_ieyNKaV8jnVo4NmOCpEpRxNy5Ix-GTQLdihBrjxh22u46JEDwRP_czkrquYKdFRnGny5WAdvR8vLZE7_KHB073k0jIcERV3zzGSrt_7K8oBt5FraeMuwVL8wHJT5tVr9ru_VBErndW8dOJzf73tMxMW2Es_GDecQKUur5hLPgMhZEjE6mlFwnJRaf4mcQfcOzL1hoWQx9EqVTZkwJX0soxiy7Zmk74QjuoZRB0UqnL6GZwbLrvdJPIrimxlGqQqcS1VkBsysl4wqJa3mLb2q4baKzDilfLfJgrJWt_p-thTeXFaLw2Hfq3FiWZgqVkg24jN2fNqDwzgfsoTjzQR2yohj1tJKOconseTppgNvXKb_oUcavMzH7t1IJmdjsvP4N39FkyiB-NHyeHLtuH3Z1FevxvD-jeyAZf6vJtgENHzAhQ6Ui02PVFxplTggYrUqDFdH31l4K2gOn1UKtUUBhK35JKsVsp9AjwqIOGEcNS_lEwB28VpKLIyP8cas1B6TzvGhUFo7uhYbvmiIf0RNvtyp2NMAWNK8Zki-kQnEuFZZPOaaboUkf5iCYS1G3wMuhykZiovZhd0ReLf6RmWFb2t-j9w7V55Z-rK-tOKYv0oWk8dfJcbWvV6mLZ2gafNujmNXxsdLKKz0PAD2ybsQHLf0aueDHfma9ibnz54Hy0JxANIET0anCFSol59e9EK7LCizUSMoKYlVa3tpTyuL9QYJWo4-nPxr6T0xdjkZY52Vo494fqiglA9eLCgn0dy7kqYnGp7tYEO3wqJlBVp9u-0F_Ox7Xu38tEAO8Cg3dslUYib3ac19ysJ6iTE2BeZiqm7WbhJMNxn_13RCbm_-FZzM1Z-_AO856g165wimKrHHoiO1TjQWB3aczddVfXOvJhDQA9Dhmn6nMy-6Nj5140RHcY-6gsVzMFJW3IhHqa1sTtULLxWmASrU_se-JkSDRTG8lnRC4fkGbDxzSMI1d9VbvGJr82SOWfvBh2qttXWStt8jtqwQuAmRliTuBEC_lwSxtqUMxuTPg6ccqyFkE0vR2831i0omKIIdHv0lvtuGr7KvwnSZ0QUzD_UCtrZi7IydcteGtoKd545e706fSy4bp8pChUA9BY4K9b99i4zVzgzm6ywJZUtEx7N-l5HzunpUh__8qxtUXxMaU4jb0ApS-uZMCTWrPU3ZVJi8Qv-DZiyOvLI2o8ogeFLkfjIB-tPKwxcZU5tcdt5Jc-iK8W1O-0RcjXHV1RpZ64JYP93f6j0Iuusk0LlIZEinuVbuuW_lj0rR06udglKM1rBKqMtSxUOSM4g2DJvasgQMtrvN5N1vardjejXE2wCAPYoUQXK4eYjiqV-qMAOJJ-plVE6m4z9n9LcnjPtlysRq7X5IIgpziIsspuZqAQlCh8ibSmskNCvl76tLJDjvejMdvLAdogaHKirP8HZfUVl_U2xjYFr8yCaKp77G9mtyj0abUQHwCXdn140KM7OvqnpkkNVzFeifDA_rAwBckpxKWmlzdnJjFWggRA9FuzTUtWFl6FJMuZk2GX5uP_tB55vKN9fg8t-Yu1brXkGPl3GZPML9rGEs7X1FVrWW2hAjy9hc2b44u7By5lSY3bwBdukMGa2v6Efczawnq4FK4MxlRZ0US4IUtlg1ojz5RVYWPf454LHXU3cruTqe6HHHwLAubTEdojlLnGx3UZDzf80w9liLbYXko5g-eflX_RM4MPAHbe8wYQQckeNE8KITiWpoPfF9fzi95RoCd2vyggao1chPje3noVHRDJ3YKz3-0CE96CJMrU-cz_jetPr32Yqn0-AUxoKqkGsRu_uhjc3y9eBsmE_g4kKiBb1s_iWoiEk2tkXOYPkrYE0vDwuCeE8-gZGTlubh5u4cC2Rj92pgMRAefDnO39fR24LCWd5AkSOtenCC_aS-NzDa8xwtsWpKFJ9EVRZxedpcUEKBadAnK6bckueF6wG5JnIPM9kT3ok7VYT9p9RY9G9kQNQbkLQVS_hfT0ImhTxWzljiY4KGxrHS6Ep1f05zyN6djzCksZgS7z2OvsLnxoLxbjyz2nWr3-mUaFzHeBa4rCtE8RrmxaR3CNpqz8jiQo8qb69FTxEM0ohJRRqHo_6vDYTQcrc6AfYevTyMDwQJ6Fi7cI6B8coVdKOUZd0xtrtTE53PQKDEVDDZar0UOUCAmmNqkMQKyeUAozuFsd7zfDM2rNz56itpqkWWk_rg-9K17pqjxIEMHuOvNq0upMwjxVn3axs-I5k8rBek7ANq74a9d2ALcgVT3EXTSGof5QZ0EsQBHYTACYq792C7LcgqeJYHzyb0Dm-Uhpgd8doAECkIzfkTs6fRhCnED6EixgeCiVoodFAVNs8JGQuDZ8tZUrwo0CvTR2gkik2lvpObytpuQvkKX7NCvhpjgN4ZluFoAaJ_K6utyps-th7dBIrIZR8wW3Xn3AzJX-DAx4eJgGRvBHWPsf3RcEGJl9GBsMFNpFdiGixdqLvNRAofpWZO0WC6S1aedlEkkDIlemhdCGz8EBwbUkW7JhKZ7f94uxoExOzUJBz2coLUJgJOfTctVm7vGv-7gSUZ0PayeERIzJjZp1dOi6XzGpY_AjKV-6-nJ52VN0HQLPsFqFN2VdlmBk1X0e4bq9teyEvp9DH_u2BwHQDVoCjpsD6-OvUc7VoVtjj2fWmTDpgVM--I7-pudjiaZx4q0JNdfF9AZI1yZ8wLHj5BrYm65Kg5yL-w5bd8GhY2JUfRkbHTJFhUpHk1KzWLN--szETjuY7vkF4w8lReNN9JQRtJjke_1x6k76DsUSANqYaKgiOWpVxHlYZ2uo6Ph7WHbWBnCicFXekUSBWbbNstFTpd3TEQq_WIUQnlXEnIUxuSBItTsa7rL0CK8n2n8FzMwTHRqoH4pGh0XstgOFrr3U0TPeP6VMZKC8pIwdiiXcALGjgCiXQ_qz5cLmavkBN2v48UCys6TCrjcoE7QDxT8PPthFcuL8anFbbwq74bReljohGwhYwIEGqlricl48SAcIIm3tcN8CenZxw82o6gSAz5pqUO4Q8zgvtQHaLec7dRp971AxtOCRh3Ph_uyl9uLPWkJ3qOBw9LgkSa9fF9RzoGJDD7aRxqJw4UcxvUxy20nfIbq6eFqdpdh0KppWfZxnl39mmzZnw30V_lr8ROa0P4qoRVA6s9Kijhjg&cid=CAQSTgAvHhf_jxcrQdke7La2tnG_P4_TSlJCnBRNYeyo6U6xStKOExBbzGEdSQaERHzs5-6wZIrdl1NtCmpa0m9iLvcMYjy_ME0J9fwyOZ2DLRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fpdf2png.com%2F&ds=l&xdt=1&iif=1&cor=2318422490171003400&adk=250412561&idt=114&cac=0&dtd=14
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 14:54:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
17025
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
14415875674906819925
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 Jan 2024 14:54:58 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 1A71
31 KB
12 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CkvBffbBdDxoSCP86LwcwjQrFnspeR8pU9wEE-5oxvMqwg2cqZpnDUFIQdybB1rqrNmvBi6zd3rwwAVvFhvgMuadGy4RvtUiiqNlU2sNctKcoXC5be42dmKrnTfupD1aY9UCf-J5hU0bMSNuq21PzhhxQE-XiiEeD76uUskhd_A6asfN8&dbm_d=AKAmf-BT5roYLryknkxDksv0AVMcDZ_Wo5k3tfPOni0kU3Zsw5tE9JquhzmrLCePbbxpTF2Ys80SIn-80NDbdcvh1nXUvdKjdw8PtlzFa4MYgLrUtEp5mvLfMakqRixKmR1_iQIpqTPPpZ11a4Tw2FCAfdjDquaEHAGGifygvWx1LfVpa92q61Zsb1XEgdI2BU6_aI-Y7ls7wbULjrfXAvwUY0cP8ySzdCJ-8yJC5dL9tDaFvYDbl-x2Qzt4ZK07slrYchXabQYY6Vl1rhnpIA48Yr9xpSDJvMMkXXs-G5m451gXYfNQDystS9-AlqTW65zEGI3j0BNr7jcSumm7aNNw0TvMXLg7FEcS1rPte91vH1ezz8cSJC3VkIdQPMVS9GVZC2ter1qOdJQ13ptLMWGwlahIcz0ke_10L6Nuq3zc3khGXe3ctkPmNExAACjYbfG58k9QXtCIT8efK-ybXDFj4E7u1yIal7yluhs2jhmB7WXHoPy0kgEgkAyyxvEhASIQEvBiEFS87TuUp5735FT9OxzJNlSNuVNZnLv_ieyNKaV8jnVo4NmOCpEpRxNy5Ix-GTQLdihBrjxh22u46JEDwRP_czkrquYKdFRnGny5WAdvR8vLZE7_KHB073k0jIcERV3zzGSrt_7K8oBt5FraeMuwVL8wHJT5tVr9ru_VBErndW8dOJzf73tMxMW2Es_GDecQKUur5hLPgMhZEjE6mlFwnJRaf4mcQfcOzL1hoWQx9EqVTZkwJX0soxiy7Zmk74QjuoZRB0UqnL6GZwbLrvdJPIrimxlGqQqcS1VkBsysl4wqJa3mLb2q4baKzDilfLfJgrJWt_p-thTeXFaLw2Hfq3FiWZgqVkg24jN2fNqDwzgfsoTjzQR2yohj1tJKOconseTppgNvXKb_oUcavMzH7t1IJmdjsvP4N39FkyiB-NHyeHLtuH3Z1FevxvD-jeyAZf6vJtgENHzAhQ6Ui02PVFxplTggYrUqDFdH31l4K2gOn1UKtUUBhK35JKsVsp9AjwqIOGEcNS_lEwB28VpKLIyP8cas1B6TzvGhUFo7uhYbvmiIf0RNvtyp2NMAWNK8Zki-kQnEuFZZPOaaboUkf5iCYS1G3wMuhykZiovZhd0ReLf6RmWFb2t-j9w7V55Z-rK-tOKYv0oWk8dfJcbWvV6mLZ2gafNujmNXxsdLKKz0PAD2ybsQHLf0aueDHfma9ibnz54Hy0JxANIET0anCFSol59e9EK7LCizUSMoKYlVa3tpTyuL9QYJWo4-nPxr6T0xdjkZY52Vo494fqiglA9eLCgn0dy7kqYnGp7tYEO3wqJlBVp9u-0F_Ox7Xu38tEAO8Cg3dslUYib3ac19ysJ6iTE2BeZiqm7WbhJMNxn_13RCbm_-FZzM1Z-_AO856g165wimKrHHoiO1TjQWB3aczddVfXOvJhDQA9Dhmn6nMy-6Nj5140RHcY-6gsVzMFJW3IhHqa1sTtULLxWmASrU_se-JkSDRTG8lnRC4fkGbDxzSMI1d9VbvGJr82SOWfvBh2qttXWStt8jtqwQuAmRliTuBEC_lwSxtqUMxuTPg6ccqyFkE0vR2831i0omKIIdHv0lvtuGr7KvwnSZ0QUzD_UCtrZi7IydcteGtoKd545e706fSy4bp8pChUA9BY4K9b99i4zVzgzm6ywJZUtEx7N-l5HzunpUh__8qxtUXxMaU4jb0ApS-uZMCTWrPU3ZVJi8Qv-DZiyOvLI2o8ogeFLkfjIB-tPKwxcZU5tcdt5Jc-iK8W1O-0RcjXHV1RpZ64JYP93f6j0Iuusk0LlIZEinuVbuuW_lj0rR06udglKM1rBKqMtSxUOSM4g2DJvasgQMtrvN5N1vardjejXE2wCAPYoUQXK4eYjiqV-qMAOJJ-plVE6m4z9n9LcnjPtlysRq7X5IIgpziIsspuZqAQlCh8ibSmskNCvl76tLJDjvejMdvLAdogaHKirP8HZfUVl_U2xjYFr8yCaKp77G9mtyj0abUQHwCXdn140KM7OvqnpkkNVzFeifDA_rAwBckpxKWmlzdnJjFWggRA9FuzTUtWFl6FJMuZk2GX5uP_tB55vKN9fg8t-Yu1brXkGPl3GZPML9rGEs7X1FVrWW2hAjy9hc2b44u7By5lSY3bwBdukMGa2v6Efczawnq4FK4MxlRZ0US4IUtlg1ojz5RVYWPf454LHXU3cruTqe6HHHwLAubTEdojlLnGx3UZDzf80w9liLbYXko5g-eflX_RM4MPAHbe8wYQQckeNE8KITiWpoPfF9fzi95RoCd2vyggao1chPje3noVHRDJ3YKz3-0CE96CJMrU-cz_jetPr32Yqn0-AUxoKqkGsRu_uhjc3y9eBsmE_g4kKiBb1s_iWoiEk2tkXOYPkrYE0vDwuCeE8-gZGTlubh5u4cC2Rj92pgMRAefDnO39fR24LCWd5AkSOtenCC_aS-NzDa8xwtsWpKFJ9EVRZxedpcUEKBadAnK6bckueF6wG5JnIPM9kT3ok7VYT9p9RY9G9kQNQbkLQVS_hfT0ImhTxWzljiY4KGxrHS6Ep1f05zyN6djzCksZgS7z2OvsLnxoLxbjyz2nWr3-mUaFzHeBa4rCtE8RrmxaR3CNpqz8jiQo8qb69FTxEM0ohJRRqHo_6vDYTQcrc6AfYevTyMDwQJ6Fi7cI6B8coVdKOUZd0xtrtTE53PQKDEVDDZar0UOUCAmmNqkMQKyeUAozuFsd7zfDM2rNz56itpqkWWk_rg-9K17pqjxIEMHuOvNq0upMwjxVn3axs-I5k8rBek7ANq74a9d2ALcgVT3EXTSGof5QZ0EsQBHYTACYq792C7LcgqeJYHzyb0Dm-Uhpgd8doAECkIzfkTs6fRhCnED6EixgeCiVoodFAVNs8JGQuDZ8tZUrwo0CvTR2gkik2lvpObytpuQvkKX7NCvhpjgN4ZluFoAaJ_K6utyps-th7dBIrIZR8wW3Xn3AzJX-DAx4eJgGRvBHWPsf3RcEGJl9GBsMFNpFdiGixdqLvNRAofpWZO0WC6S1aedlEkkDIlemhdCGz8EBwbUkW7JhKZ7f94uxoExOzUJBz2coLUJgJOfTctVm7vGv-7gSUZ0PayeERIzJjZp1dOi6XzGpY_AjKV-6-nJ52VN0HQLPsFqFN2VdlmBk1X0e4bq9teyEvp9DH_u2BwHQDVoCjpsD6-OvUc7VoVtjj2fWmTDpgVM--I7-pudjiaZx4q0JNdfF9AZI1yZ8wLHj5BrYm65Kg5yL-w5bd8GhY2JUfRkbHTJFhUpHk1KzWLN--szETjuY7vkF4w8lReNN9JQRtJjke_1x6k76DsUSANqYaKgiOWpVxHlYZ2uo6Ph7WHbWBnCicFXekUSBWbbNstFTpd3TEQq_WIUQnlXEnIUxuSBItTsa7rL0CK8n2n8FzMwTHRqoH4pGh0XstgOFrr3U0TPeP6VMZKC8pIwdiiXcALGjgCiXQ_qz5cLmavkBN2v48UCys6TCrjcoE7QDxT8PPthFcuL8anFbbwq74bReljohGwhYwIEGqlricl48SAcIIm3tcN8CenZxw82o6gSAz5pqUO4Q8zgvtQHaLec7dRp971AxtOCRh3Ph_uyl9uLPWkJ3qOBw9LgkSa9fF9RzoGJDD7aRxqJw4UcxvUxy20nfIbq6eFqdpdh0KppWfZxnl39mmzZnw30V_lr8ROa0P4qoRVA6s9Kijhjg&cid=CAQSTgAvHhf_jxcrQdke7La2tnG_P4_TSlJCnBRNYeyo6U6xStKOExBbzGEdSQaERHzs5-6wZIrdl1NtCmpa0m9iLvcMYjy_ME0J9fwyOZ2DLRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fpdf2png.com%2F&ds=l&xdt=1&iif=1&cor=2318422490171003400&adk=250412561&idt=114&cac=0&dtd=14
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Thu, 28 Dec 2023 23:42:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
71774
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11872
x-xss-protection
0
server
cafe
etag
16225921609732785849
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 11 Jan 2024 23:42:29 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame 1A71
41 KB
14 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: pdf2png.com
URL: https://pdf2png.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sat, 23 Dec 2023 13:17:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
541293
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 22 Dec 2024 13:17:10 GMT
truncated
/ Frame 1A71
210 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4e602aaebe61525de94b0d6f337c6f0f093e4c11a45ffc196ac396fea8d9032f

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame 218B
14 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f10.1e100.net
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 29 Dec 2023 19:38:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 29 Dec 2023 19:17:36 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 29 Dec 2023 19:38:43 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 218B
2 KB
822 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 16:41:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
10607
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 Jan 2024 16:41:56 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 218B
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
cafe /
Resource Hash
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 00:17:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
69647
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9269
x-xss-protection
0
server
cafe
etag
11706523405290302210
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 Jan 2024 00:17:56 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 218B
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 00:27:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
69054
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 Jan 2024 00:27:49 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 218B
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 00:24:56 GMT
content-encoding
br
x-content-type-options
nosniff
age
69227
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 Jan 2024 00:24:56 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 218B
203 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f2.1e100.net
Software
sffe /
Resource Hash
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 19:38:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65731
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1702472459035717"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 29 Dec 2023 19:38:43 GMT
f9d9b65dbd646119ce96bad0f484d579.js
www.gstatic.com/mysidia/ Frame 218B
37 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f3.1e100.net
Software
sffe /
Resource Hash
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Wed, 27 Dec 2023 11:46:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
201119
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15460
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 22:13:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 26 Mar 2024 11:46:44 GMT
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 4D0F
38 KB
13 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
17677
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 29 Dec 2023 14:44:06 GMT
expires
Sat, 28 Dec 2024 14:44:06 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/4280298057207270451/CA-ENG_XA-10_0__728x90_BAN-A_HTML5_MOFU-no-Security-SecurityOutcomesReportV1-Security_rptsc030390_105/ Frame A997
393 KB
198 KB
Document
General
Full URL
https://s0.2mdn.net/sadbundle/4280298057207270451/CA-ENG_XA-10_0__728x90_BAN-A_HTML5_MOFU-no-Security-SecurityOutcomesReportV1-Security_rptsc030390_105/index.html?ev=01_250
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
904ba425a1eff73e164be1a2fb487f25299a159625d10b0acf82b6cc8d4bbde3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
197210
allow-fenced-frame-automatic-beacons
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
202357
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 27 Dec 2023 12:51:53 GMT
expires
Thu, 26 Dec 2024 12:51:53 GMT
last-modified
Thu, 16 Nov 2023 19:44:00 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 1A71
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv3SdxO3CHJDU-9tAlPeo1YYm649OjYUY5jrkz94aZEkn2D6dHptnI50GfEJz1KmsLcroUwWtUTKsjDxIB_qQinEIuJLgrqUOaGPwSuNVKzovc3MHhjP_wdIc_9t5i-WN0hAv1j8xcKTgqf9SBqc-SQFsPo37uGkFlW3mjQCYodKeoxsjdjADy_hyKyVGLBC-Acep6sKGnqYtPTHp_EujmNjCjBewvKSgeYgaiUcVn0jSfLuWn-kOFtszlM4JXhAr8UmaHjf5Lqdlma9AQISqQH6_ABiL3_na60-np2NomjzIDwNSKCK79_AlHWuxiylNdQFmrH0xSbMqwXj0eakO_9-0uJ7kQZK13dtuvqL48qAhU_MptvpL9P2v0GD8jhBnRdje3nwa5GwHRvImltSt-mDjqBf4gFm7X843EsBfvzTrEaL-pHW0ttt6P22YoB0GfqJG2BOu3TBZM3cc3LfqWcisGMhvTIC14BjsH5KLIjRnYX9kOxG7uP3FWOiKw75s4uzsl3Uqqhs9C-wV92G1HLekfuDN-AZ0kzAjK8pFz1Zw2-Plp_bHYTqHcot3bUe7w9iinA4y5btO4M7ajeZOJIVxxT3kLlT40Uv2obZAHiKID1G4zkPSNLLgvhPpuG7Te_yx88MPR1WdMzlZvGRpE7QYpx_pPR3-CfklAuOyONqTPKqblnXaCbd3Tz4RXhveAHOeaJjFuqUQlkpX7IseLMY5MmdFEgC__NwqD5exKMvXW83Zr-H6nZytaYzKFEzzx0g7BBFciKGzW4ph_uRa1sU3_zngI7G2LVW03dlWDCNSrasS5b8556mr5ySFhAK6m3OGgU7-4TuuZazxyUTSWPO5PTwk14wV4yIfvg5qgF0tAGEXWvgTXmKMxz4fDumlTwD02AktUr97tLkxrMkJ2lzBAXOt5aG_dj_RNSjHMjdmPQczoT6-IFaVPynoWQ-Gx4q9x3qn32L8atvRJ1bv6NIeJGm8-C_TBzdzGv8sBifiGdu3Y_cJeIBH5Ub2iUpQv0QJBgLEBbO0dxJMYYfc7b6vWMPI83kYeDXJXseOUKUsVAXWOClvq-uhGrXD6rMGTqx98h5EMx_vhZ-YwL1dO1yUgssh0v0S-Y35aSx2PTfevFKPy63ive6IXQOYH5X_Nqjz5JFYqtkvezp-lhmDmeWEXhbrHg2iOPogT9Z4JwufwejrAPTr_or0YNy_FIJ5z1kAy6ZQYqveKYr3OOjl7Qz4y1w6aP__b6ZHkMrBL3JPEoqhbtuee2CIhxFGY8N_pn2FlPz5QrrRXDaRMLQ2g-rqHZQYof_h3MASe146dOs-iX8DGs05BEogXmw28dDGu9LCoVvOl6fVXiPgZ9mPoSvCBbAkOBVWqaM2GxEny460qjkgDR1otizVoRfkWfzE8eMIUVDIM3SYj7o_5jNEKTZkXJkByjQGIzGp5OUyYzJJ1uEqY&sai=AMfl-YRQG3cId_AGxqHyHNFp19N6S8QGbagow4-_iKr70aVNbjqKBkVbvnyCkFMeIU-w4qSugvCK50VXVzllf_dFF4a6HbLUR0K8rpOyBwsTS4sbnrgTKjVffUJdYnjb7RPRF-nTTmCFqvkd1KWibRT2z3bKUXq0k7uTCn_wXaAw6aFP5BXAaKxvG4OPFgbKgnkbWhIUKR7GsAOHQKNnHjoeIQorspsHR4Sf6GQHbpVIpvaopZ9KUW-hZbQ6ZlXjr3o5TeKCyHbWllZVyfqm8a8rwQXt1ZW7mtusR4Hx1igMWkjpxWUrwdlA5Jopp5iDu6o&sig=Cg0ArKJSzCA0-0QDNszJEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=307&cbvp=1&cstd=303&cisv=r20231207.62249&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: pdf2png.com
URL: https://pdf2png.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 29 Dec 2023 19:38:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
4.js
static.adsafeprotected.com/ Frame 1A71
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1138160/76607944/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1008693280&ias_pubId=pub-8288203502063695&ias_chanId=1&ias_placementId=20161971837&bidurl=ht...
  • https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}&ias_xappb=&adContainerId=brand_safety_QyCPZcD0B9zYoPwPkrO-qAQ&cbFunctionName=goog_wrapCb_QyCPZcD0B9zYoPwPkrO-qAQ&true_pb=https%3A%2F%2F...
1 KB
1 KB
Script
General
Full URL
https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}&ias_xappb=&adContainerId=brand_safety_QyCPZcD0B9zYoPwPkrO-qAQ&cbFunctionName=goog_wrapCb_QyCPZcD0B9zYoPwPkrO-qAQ&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=90&slotname=7344673714&adk=457190580&adf=4272225274&pi=t.ma~as.7344673714&w=728&lmt=1703878721&rafmt=12&format=728x90&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721372&bpp=2&bdt=447&idt=349&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=353
Protocol
H2
Server
13.32.230.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-230-19.atl56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-amz-version-id
vKEhI2DDF7x4y1d6KCleNAEq1uB6J8K1
content-encoding
gzip
via
1.1 b0c9ad1d0c780fc497c9cf1d8077809a.cloudfront.net (CloudFront)
date
Fri, 29 Dec 2023 10:51:37 GMT
x-amz-cf-pop
ATL56-C4
age
112757
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Wed, 13 Dec 2023 19:37:39 GMT
server
AmazonS3
etag
W/"33dffa7df253125904b2f354b5bb5e8d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
nholEYEposhjqh07BqHEAXettC4sMLyvqfnluAh-sfvtC77AS8GMaQ==

Redirect headers

pragma
no-cache
date
Fri, 29 Dec 2023 19:38:43 GMT
server
nginx
x-server-name
app43.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}&ias_xappb=&adContainerId=brand_safety_QyCPZcD0B9zYoPwPkrO-qAQ&cbFunctionName=goog_wrapCb_QyCPZcD0B9zYoPwPkrO-qAQ&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame DA93
91 KB
23 KB
Script
General
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=90&slotname=7344673714&adk=457190580&adf=4272225274&pi=t.ma~as.7344673714&w=728&lmt=1703878721&rafmt=12&format=728x90&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721372&bpp=2&bdt=447&idt=349&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=353
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.230.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-230-19.atl56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Sun, 02 Apr 2023 06:31:15 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 b0c9ad1d0c780fc497c9cf1d8077809a.cloudfront.net (CloudFront)
x-amz-cf-pop
ATL56-C4
age
23461649
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
JdO0Qsagb3Le8dgDrUHSf-v-4BB_OeRJjhIJoTeooZ3WYSQuIUMAIA==
dt
dt.adsafeprotected.com/ Frame 1A71
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1138160&asId=f8c78417-097d-141c-91ad-5cde89669448&tv=%7Bc:ybwaHy,pingTime:-3,time:87,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:42%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:87,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:42,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B76~0%5D,as:%5B76~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tZRjtRH+11%7C12%7C131%7C132%7C14*.1138160-76607944%7C141%7C142%7C143%7C151%7C152%7C16%7C17%7C18%7C19%7C1a1,idMap:14*,rmeas:1,rend:0,renddet:DIV,siq:43%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=90&slotname=7344673714&adk=457190580&adf=4272225274&pi=t.ma~as.7344673714&w=728&lmt=1703878721&rafmt=12&format=728x90&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721372&bpp=2&bdt=447&idt=349&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=353
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.88.79.152 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-79-152.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Dec 2023 19:38:43 GMT
server
nginx
x-server-name
dt22.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 1A71
43 B
216 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1138160&asId=f8c78417-097d-141c-91ad-5cde89669448&tv=%7Bc:ybwaHz,pingTime:-6,time:88,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:88,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:42,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B77~0%5D,as:%5B77~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tZRjtRH+11%7C12%7C131%7C132%7C14*.1138160-76607944%7C141%7C142%7C143%7C151%7C152%7C16%7C17%7C18%7C19%7C1a1,idMap:14*,rmeas:1,rend:0,renddet:DIV,siq:43%7D&tpiLookup=ao:pdf2png.com*&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=90&slotname=7344673714&adk=457190580&adf=4272225274&pi=t.ma~as.7344673714&w=728&lmt=1703878721&rafmt=12&format=728x90&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721372&bpp=2&bdt=447&idt=349&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=353
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.88.79.152 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-79-152.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Dec 2023 19:38:43 GMT
server
nginx
x-server-name
dt23.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 1A71
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1138160&asId=f8c78417-097d-141c-91ad-5cde89669448&tv=%7Bc:ybwaIj,pingTime:-2,time:134,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1806,beZ:1807,mfA:1812,cmA:1814,inA:1814,inZ:1820,prA:1820,prZ:1843,si:1849,poA:1850,poZ:1876,cmZ:1876,mfZ:1876,loA:1894,loZ:1898,ltA:1940,ltZ:1940%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:true%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:42%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:134,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:42,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B123~0%5D,as:%5B123~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tZRjtRH+11%7C12%7C131%7C132%7C14*.1138160-76607944%7C141%7C142%7C143%7C151%7C152%7C16%7C17%7C18%7C19%7C1a1,idMap:14*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:DIV,siq:43,sinceFw:90,readyFired:true%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=90&slotname=7344673714&adk=457190580&adf=4272225274&pi=t.ma~as.7344673714&w=728&lmt=1703878721&rafmt=12&format=728x90&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721372&bpp=2&bdt=447&idt=349&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=353
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.88.79.152 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-79-152.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Dec 2023 19:38:43 GMT
server
nginx
x-server-name
dt24.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 4D0F
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 02:22:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
62172
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 28 Dec 2024 02:22:31 GMT
gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
pagead2.googlesyndication.com/bg/ Frame B75A
50 KB
19 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js
Requested by
Host: pdf2png.com
URL: https://pdf2png.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
sffe /
Resource Hash
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Tue, 26 Dec 2023 23:57:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
243678
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19632
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 25 Dec 2024 23:57:25 GMT
truncated
/ Frame A997
174 KB
174 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a41eac9c41aa92533ab6cf9375a1b497c4dbf4c92fa39004b886302a3b11cd04

Request headers

Referer
Origin
https://s0.2mdn.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
application/octet-stream;charset=utf-8
truncated
/ Frame A997
72 KB
72 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
29a5f3793d5ea14a97c6237a7c6f80e3bb381f93101c9514cfbfa2444f5ca4e9

Request headers

Referer
Origin
https://s0.2mdn.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
view
googleads4.g.doubleclick.net/pcs/ Frame 1A71
0
0
Fetch
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv3SdxO3CHJDU-9tAlPeo1YYm649OjYUY5jrkz94aZEkn2D6dHptnI50GfEJz1KmsLcroUwWtUTKsjDxIB_qQinEIuJLgrqUOaGPwSuNVKzovc3MHhjP_wdIc_9t5i-WN0hAv1j8xcKTgqf9SBqc-SQFsPo37uGkFlW3mjQCYodKeoxsjdjADy_hyKyVGLBC-Acep6sKGnqYtPTHp_EujmNjCjBewvKSgeYgaiUcVn0jSfLuWn-kOFtszlM4JXhAr8UmaHjf5Lqdlma9AQISqQH6_ABiL3_na60-np2NomjzIDwNSKCK79_AlHWuxiylNdQFmrH0xSbMqwXj0eakO_9-0uJ7kQZK13dtuvqL48qAhU_MptvpL9P2v0GD8jhBnRdje3nwa5GwHRvImltSt-mDjqBf4gFm7X843EsBfvzTrEaL-pHW0ttt6P22YoB0GfqJG2BOu3TBZM3cc3LfqWcisGMhvTIC14BjsH5KLIjRnYX9kOxG7uP3FWOiKw75s4uzsl3Uqqhs9C-wV92G1HLekfuDN-AZ0kzAjK8pFz1Zw2-Plp_bHYTqHcot3bUe7w9iinA4y5btO4M7ajeZOJIVxxT3kLlT40Uv2obZAHiKID1G4zkPSNLLgvhPpuG7Te_yx88MPR1WdMzlZvGRpE7QYpx_pPR3-CfklAuOyONqTPKqblnXaCbd3Tz4RXhveAHOeaJjFuqUQlkpX7IseLMY5MmdFEgC__NwqD5exKMvXW83Zr-H6nZytaYzKFEzzx0g7BBFciKGzW4ph_uRa1sU3_zngI7G2LVW03dlWDCNSrasS5b8556mr5ySFhAK6m3OGgU7-4TuuZazxyUTSWPO5PTwk14wV4yIfvg5qgF0tAGEXWvgTXmKMxz4fDumlTwD02AktUr97tLkxrMkJ2lzBAXOt5aG_dj_RNSjHMjdmPQczoT6-IFaVPynoWQ-Gx4q9x3qn32L8atvRJ1bv6NIeJGm8-C_TBzdzGv8sBifiGdu3Y_cJeIBH5Ub2iUpQv0QJBgLEBbO0dxJMYYfc7b6vWMPI83kYeDXJXseOUKUsVAXWOClvq-uhGrXD6rMGTqx98h5EMx_vhZ-YwL1dO1yUgssh0v0S-Y35aSx2PTfevFKPy63ive6IXQOYH5X_Nqjz5JFYqtkvezp-lhmDmeWEXhbrHg2iOPogT9Z4JwufwejrAPTr_or0YNy_FIJ5z1kAy6ZQYqveKYr3OOjl7Qz4y1w6aP__b6ZHkMrBL3JPEoqhbtuee2CIhxFGY8N_pn2FlPz5QrrRXDaRMLQ2g-rqHZQYof_h3MASe146dOs-iX8DGs05BEogXmw28dDGu9LCoVvOl6fVXiPgZ9mPoSvCBbAkOBVWqaM2GxEny460qjkgDR1otizVoRfkWfzE8eMIUVDIM3SYj7o_5jNEKTZkXJkByjQGIzGp5OUyYzJJ1uEqY&sai=AMfl-YRQG3cId_AGxqHyHNFp19N6S8QGbagow4-_iKr70aVNbjqKBkVbvnyCkFMeIU-w4qSugvCK50VXVzllf_dFF4a6HbLUR0K8rpOyBwsTS4sbnrgTKjVffUJdYnjb7RPRF-nTTmCFqvkd1KWibRT2z3bKUXq0k7uTCn_wXaAw6aFP5BXAaKxvG4OPFgbKgnkbWhIUKR7GsAOHQKNnHjoeIQorspsHR4Sf6GQHbpVIpvaopZ9KUW-hZbQ6ZlXjr3o5TeKCyHbWllZVyfqm8a8rwQXt1ZW7mtusR4Hx1igMWkjpxWUrwdlA5Jopp5iDu6o&sig=Cg0ArKJSzCA0-0QDNszJEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=574&vt=11&dtpt=267&dett=3&cstd=303&cisv=r20231207.62249&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: pdf2png.com
URL: https://pdf2png.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s05-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 19:38:43 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
dt
dt.adsafeprotected.com/ Frame 1A71
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1138160&asId=f8c78417-097d-141c-91ad-5cde89669448&tv=%7Bc:ybwaKt,time:268,type:e,env:%7Bgcd2:%7Bappl:0,cnst:na%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:268,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:42,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B257~0%5D,as:%5B257~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tZRjtRH+11%7C12%7C131%7C132%7C14*.1138160-76607944%7C141%7C142%7C143%7C151%7C152%7C16%7C17%7C18%7C19%7C1a1,idMap:14*,rmeas:1,rend:0,renddet:DIV,siq:43%7D&br=c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=90&slotname=7344673714&adk=457190580&adf=4272225274&pi=t.ma~as.7344673714&w=728&lmt=1703878721&rafmt=12&format=728x90&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721372&bpp=2&bdt=447&idt=349&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=353
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.88.79.152 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-79-152.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Dec 2023 19:38:43 GMT
server
nginx
x-server-name
dt25.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
Cisco-Secure-stacked-2C.png
s0.2mdn.net/sadbundle/4280298057207270451/CA-ENG_XA-10_0__728x90_BAN-A_HTML5_MOFU-no-Security-SecurityOutcomesReportV1-Security_rptsc030390_105/ Frame A997
2 KB
2 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/4280298057207270451/CA-ENG_XA-10_0__728x90_BAN-A_HTML5_MOFU-no-Security-SecurityOutcomesReportV1-Security_rptsc030390_105/Cisco-Secure-stacked-2C.png?
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=90&slotname=7344673714&adk=457190580&adf=4272225274&pi=t.ma~as.7344673714&w=728&lmt=1703878721&rafmt=12&format=728x90&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721372&bpp=2&bdt=447&idt=349&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=353
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
1bebc953b8e78faae364b1b688176478a08e53b52da8f002451ab6cca91ebeac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4280298057207270451/CA-ENG_XA-10_0__728x90_BAN-A_HTML5_MOFU-no-Security-SecurityOutcomesReportV1-Security_rptsc030390_105/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Tue, 24 Dec 2024 04:20:44 GMT
date
Mon, 25 Dec 2023 04:20:44 GMT
x-content-type-options
nosniff
age
400679
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2040
x-xss-protection
0
last-modified
Thu, 16 Nov 2023 19:44:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
Cisco-Secure-linear-2C.png
s0.2mdn.net/sadbundle/4280298057207270451/CA-ENG_XA-10_0__728x90_BAN-A_HTML5_MOFU-no-Security-SecurityOutcomesReportV1-Security_rptsc030390_105/ Frame A997
1 KB
1 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/4280298057207270451/CA-ENG_XA-10_0__728x90_BAN-A_HTML5_MOFU-no-Security-SecurityOutcomesReportV1-Security_rptsc030390_105/Cisco-Secure-linear-2C.png?
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=90&slotname=7344673714&adk=457190580&adf=4272225274&pi=t.ma~as.7344673714&w=728&lmt=1703878721&rafmt=12&format=728x90&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721372&bpp=2&bdt=447&idt=349&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=353
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
b73d0007f3cd26e7d031bcefc8dc54a8d01d5d797564f6b33985e5bb2a735e7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4280298057207270451/CA-ENG_XA-10_0__728x90_BAN-A_HTML5_MOFU-no-Security-SecurityOutcomesReportV1-Security_rptsc030390_105/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Tue, 24 Dec 2024 04:20:44 GMT
date
Mon, 25 Dec 2023 04:20:44 GMT
x-content-type-options
nosniff
age
400679
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1421
x-xss-protection
0
last-modified
Thu, 16 Nov 2023 19:44:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
SORv3_springs_F-copy-2.png
s0.2mdn.net/sadbundle/4280298057207270451/CA-ENG_XA-10_0__728x90_BAN-A_HTML5_MOFU-no-Security-SecurityOutcomesReportV1-Security_rptsc030390_105/ Frame A997
29 KB
29 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/4280298057207270451/CA-ENG_XA-10_0__728x90_BAN-A_HTML5_MOFU-no-Security-SecurityOutcomesReportV1-Security_rptsc030390_105/SORv3_springs_F-copy-2.png?
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=90&slotname=7344673714&adk=457190580&adf=4272225274&pi=t.ma~as.7344673714&w=728&lmt=1703878721&rafmt=12&format=728x90&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721372&bpp=2&bdt=447&idt=349&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=353
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
7af5eb9a149065c5dc8d4638a8bb4ffb840a5c1227317a8ca95847e8a217c269
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4280298057207270451/CA-ENG_XA-10_0__728x90_BAN-A_HTML5_MOFU-no-Security-SecurityOutcomesReportV1-Security_rptsc030390_105/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Tue, 24 Dec 2024 04:20:44 GMT
date
Mon, 25 Dec 2023 04:20:44 GMT
x-content-type-options
nosniff
age
400679
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29651
x-xss-protection
0
last-modified
Thu, 16 Nov 2023 19:44:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
Cisco-Secure-stacked-2C.png
s0.2mdn.net/sadbundle/4280298057207270451/CA-ENG_XA-10_0__728x90_BAN-A_HTML5_MOFU-no-Security-SecurityOutcomesReportV1-Security_rptsc030390_105/ Frame A997
2 KB
2 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/4280298057207270451/CA-ENG_XA-10_0__728x90_BAN-A_HTML5_MOFU-no-Security-SecurityOutcomesReportV1-Security_rptsc030390_105/Cisco-Secure-stacked-2C.png?
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4280298057207270451/CA-ENG_XA-10_0__728x90_BAN-A_HTML5_MOFU-no-Security-SecurityOutcomesReportV1-Security_rptsc030390_105/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
1bebc953b8e78faae364b1b688176478a08e53b52da8f002451ab6cca91ebeac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4280298057207270451/CA-ENG_XA-10_0__728x90_BAN-A_HTML5_MOFU-no-Security-SecurityOutcomesReportV1-Security_rptsc030390_105/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Tue, 24 Dec 2024 04:20:44 GMT
date
Mon, 25 Dec 2023 04:20:44 GMT
x-content-type-options
nosniff
age
400679
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2040
x-xss-protection
0
last-modified
Thu, 16 Nov 2023 19:44:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
Cisco-Secure-linear-2C.png
s0.2mdn.net/sadbundle/4280298057207270451/CA-ENG_XA-10_0__728x90_BAN-A_HTML5_MOFU-no-Security-SecurityOutcomesReportV1-Security_rptsc030390_105/ Frame A997
1 KB
1 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/4280298057207270451/CA-ENG_XA-10_0__728x90_BAN-A_HTML5_MOFU-no-Security-SecurityOutcomesReportV1-Security_rptsc030390_105/Cisco-Secure-linear-2C.png?
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4280298057207270451/CA-ENG_XA-10_0__728x90_BAN-A_HTML5_MOFU-no-Security-SecurityOutcomesReportV1-Security_rptsc030390_105/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
b73d0007f3cd26e7d031bcefc8dc54a8d01d5d797564f6b33985e5bb2a735e7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4280298057207270451/CA-ENG_XA-10_0__728x90_BAN-A_HTML5_MOFU-no-Security-SecurityOutcomesReportV1-Security_rptsc030390_105/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Tue, 24 Dec 2024 04:20:44 GMT
date
Mon, 25 Dec 2023 04:20:44 GMT
x-content-type-options
nosniff
age
400679
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1421
x-xss-protection
0
last-modified
Thu, 16 Nov 2023 19:44:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
SORv3_springs_F-copy-2.png
s0.2mdn.net/sadbundle/4280298057207270451/CA-ENG_XA-10_0__728x90_BAN-A_HTML5_MOFU-no-Security-SecurityOutcomesReportV1-Security_rptsc030390_105/ Frame A997
29 KB
29 KB
Image
General
Full URL
https://s0.2mdn.net/sadbundle/4280298057207270451/CA-ENG_XA-10_0__728x90_BAN-A_HTML5_MOFU-no-Security-SecurityOutcomesReportV1-Security_rptsc030390_105/SORv3_springs_F-copy-2.png?
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4280298057207270451/CA-ENG_XA-10_0__728x90_BAN-A_HTML5_MOFU-no-Security-SecurityOutcomesReportV1-Security_rptsc030390_105/index.html?ev=01_250
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f6.1e100.net
Software
sffe /
Resource Hash
7af5eb9a149065c5dc8d4638a8bb4ffb840a5c1227317a8ca95847e8a217c269
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4280298057207270451/CA-ENG_XA-10_0__728x90_BAN-A_HTML5_MOFU-no-Security-SecurityOutcomesReportV1-Security_rptsc030390_105/index.html?ev=01_250
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires
Tue, 24 Dec 2024 04:20:44 GMT
date
Mon, 25 Dec 2023 04:20:44 GMT
x-content-type-options
nosniff
age
400679
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29651
x-xss-protection
0
last-modified
Thu, 16 Nov 2023 19:44:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons
true
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
4beb257d823162731fd225050401b8127bcc6a6833406210f817385d7ad539f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pdf2png.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 19:38:44 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12247
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pdf2png.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 19:38:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 29 Dec 2023 19:38:44 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 6E85
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsupNuLGT_IkhJRgcqdnLcQhV1jUFW5PYHOoRp7wdP_di69omvzar9Jm_a3QMUFWoCkcik09F8v7JJT_suGMyYbbFPx_Zm0VkKsFJRBrTQyqitSzuATHXq3Mwc801EX1S0s5GpmdcqSLQ3n2O6TUrSZ8fyPv&sai=AMfl-YSK5rN-mjJVOosQPltt338NMhBIveXe5aqnmN6ycVLRu_Sfg32qDQWbXC_Y2cwgT0IbhRuH8i8TJWhBcBiHbFiQnNwaZ1qvUV73QyYr2z54Gv2FETXW3TTbtBVEJppBh6fni1_jfxoxl8dAU--e&sig=Cg0ArKJSzGuLreXYKLwPEAE&cid=CAQSTgAvHhf_BKlya2C1W4d6nbVCKSsipjFsOhTyKmKHhHL8qoVQQlMqpPwpzKpGoZbYQwD2LWMz_cpLGME6A34pBhix2fXj3Ed-kzyj2PDhuBgB&id=lidar2&mcvt=1015&p=0,0,250,300&mtos=1015,1015,1015,1015,1015&tos=1015,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=181657078&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703878721718&rpt=1290&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Dec 2023 19:38:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 79E6
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvl4jBKLU8SoKOfOUHAz4UXc_g3mVJf9Du1GYmI-hjxJ4FkFdpLxfzWvB8wBLpvH0zZuVUIgfT7uurMVlzlqEzw4PD3V5sJ8XXoxHamTFPz-DdnrVzs8bNJJVkw0qHOaKq0xKXvL_f7L8P-gqXbARSPeDlG&sai=AMfl-YQhq79cUXSjFHVfRxSxfm7VJaaSjmdkn0s_YN1XCqrISrDOU-hQdpwte3GtQ-NCLce3qVVy2LHFHRdCL8b-kxfWauW78UwTDMZdsmygxBoOblIwFVC66scfmHSMEZlla9FoqZKbIq5tJmoRopaZ8g&sig=Cg0ArKJSzGPO9PBk-V_MEAE&cid=CAQSTwAvHhf_VpFb84IRxz4YnAaEdjhceXoi3jNxr_axX3GC7wm1_PZ-NrwBta4hRR8PiErI6JL22igiObjEYTqPB8ma-7NXhjGIY1An48gwE3kYAQ&id=lidar2&mcvt=1019&p=0,154,280,574&mtos=1019,1019,1019,1019,1019&tos=1019,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1682588528&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703878721749&rpt=1308&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Dec 2023 19:38:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4D0F
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BshgKQyCPZcD0B9zYoPwPkrO-qAQAAAAAOAHgBAI&bg=!Hh2lHVLNAAY3kmNgF5I7ADQBe5WfONbxsQ8bH0H5k2XXUPA4gVEuCBTps-55poR86l9CbTOUYp_PNxIdezNsuwYgAOO-AgAAAQlSAAAAA2gBB5kDEIha9jLPTbHk5REo97IM7WkfZMbzL9OuJINOgJPsQWS4sPQTnZjA0AiSx19e4883LDHRQ3gkL1Z_ASuoIV5J705oUDdEG04d6zFdcKPjoPVY5ZC2Bkja_nv23Rll6dPHTElXYunKY9M-tRJBPjzvanXnWhf6jaqd0Pjt0bpFJJHDTadv8no1pTlnv0iJGChvta4J1x6_hgaXKNQkqP8NmlU1yPqQqE2o44Lysa7UpmH57lRdbb-js7oqFY-mUTLhlL2Td3ZYSIB_dKbSqeiulOcQSu9yI_UP2l7jFq114b3AtYJ4IQ7hKCEf3dsAgDJqpC2YVxx0FvDzXw6TQUQ2-5rc1nc8v54oYmj6iO3TVGh1ZHHohkmTEhlxfCPA3pc5UuR9x_CWPxb8-hMvU_7fSVoccAhz9Fu2P3duhiavhSXeoS5PTpgXrGiaQJw7JTLCec-KX8MWmTJnum-czgjPUvdltk_WeyDThFC-Jsaop2VXa39K8vuHgTbkXtiChtV1egycByaCBl-B27W8BMpc6o5vi6C22IaDDI_aZ4VHnazjEfKfKjKe3A5aN21ep0WQ9VBAZk8H-Lg0c14IN8rk2uTBua0c0fK-MxtkyL2lBeZS8ZFqEWo2gSFXt-EXA-7JERGn6B9zGtnKfrfdyQQ-Fi4acrNNAvjX0nuRok7X2c1kDNGzukZzO5IQvEy54mxVSVnfTSrPox--95xaXCNaDkzxBKuDZ99ozESUhru_-vllO0NNR9NcBCVhOVKOnEhmj1DYzQGAviU9_LzIJa8f9RZX06dXmIvhpEiwQJxd1rlO3T-SReqGZySNAajTK7bAzT9PlE02zYy8cHXl02STEs9btjUusvccvFebMgeJqZWC5-IQdrRyAUOYLI3bg0LrR2ATKEZid3bZjXffCRxmZIvE_xIo0OGOLlYjBmUU7e-cGcwtzW0fvfptZBMHehR210i9aOIsabLvUPKJ1UZHjDpRWDKjY3PriTdeydH3EXiOzGNtAhcXeDnv09thwmos2THEjlOVbr63LmMxUPOIvr8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Dec 2023 19:38:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4851
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pdf2png.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
407738
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 25 Dec 2023 02:23:06 GMT
expires
Tue, 24 Dec 2024 02:23:06 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 1285
829 B
998 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.13.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f4.1e100.net
Software
GSE /
Resource Hash
4af106e1b28e5f9da0068dd69c4457d8602bdd628260a560f384f0955f361778
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-pBoiGKv8tqU2k5LzgqEUtA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://pdf2png.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-pBoiGKv8tqU2k5LzgqEUtA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 29 Dec 2023 19:38:44 GMT
expires
Fri, 29 Dec 2023 19:38:44 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 4851
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 02:22:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
62173
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 28 Dec 2024 02:22:31 GMT
dt
dt.adsafeprotected.com/ Frame 1A71
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1138160&asId=f8c78417-097d-141c-91ad-5cde89669448&tv=%7Bc:ybwaSl,pingTime:-10,time:756,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHw0ODB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjEwOSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1703878724289%7C%7C0f218ac41ec4ae243a926ce93ac9ac14%7C%7Cf5ef61ca1e560a2377dfd6c236fd3eb9%7C%7Cede9adf0f34a12e58594047b44c3ae34%7C%7C17873efff9920c059252ee97f6447a11%7C%7C33ba4a3dc08eda3505df8395eac09911%7C%7Cb7ceef33f51a1c2013741ed8e2585360%7C%7C76e416c38c7c97e4ba73f6a12a70ff8a%7C%7C1663701684%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.88.79.152 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-79-152.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Dec 2023 19:38:44 GMT
server
nginx
x-server-name
dt15.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sodar
pagead2.googlesyndication.com/pagead/ Frame 1285
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=2819960440942582&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame 4851
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?GZl5iA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul03s05-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 19:38:44 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 1A71
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstNfuD3OvnTKa5lKVujpIr0IVO9tD8qmH0HC3jq7cPEjfKFjchcpD7obecJtZnkAOsKYMCBPRRclkZRYmC_Ly-VEEcsW5oa80yaNt7cFmD-Hd4PFwZtb-4cb1DnI4D2Dz7PK3XwKivjaLXpUJvYDJVyxWF-&sai=AMfl-YQJ82Bgwh2mY7nuikqkiYk_zyUNbbXnhVgHghMvSRK79CpuVOjzajkqfJwjSZxL2VNcsakjqQhcaterVPTU1txz3kG6xSgwuERyV9EKMGJ6rJury2q_Iemx3fdU0xHE06fjLEoCFjXcCMRlN8qN&sig=Cg0ArKJSzJC0dAwY9CaoEAE&cid=CAQSTgAvHhf_jxcrQdke7La2tnG_P4_TSlJCnBRNYeyo6U6xStKOExBbzGEdSQaERHzs5-6wZIrdl1NtCmpa0m9iLvcMYjy_ME0J9fwyOZ2DLRgB&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=457190580&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703878721727&rpt=1702&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Dec 2023 19:38:44 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
px.gif
fundingchoicesmessages.google.com/img/
43 B
68 B
Image
General
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=10.90880673946079
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f14.1e100.net
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-65g3fk-humTUeDwvi9OReA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pdf2png.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 19:38:44 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-65g3fk-humTUeDwvi9OReA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
px.gif
fundingchoicesmessages.google.com/img/
43 B
68 B
Image
General
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=8.731790631024717
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f14.1e100.net
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-aTQlTrRlkroSsmwm7FWX1A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pdf2png.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 19:38:44 GMT
content-security-policy
script-src 'report-sample' 'nonce-aTQlTrRlkroSsmwm7FWX1A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxX28-eIPqxRaCih4sIabqPTH4AsQqlh0fhlEo-OLOFHg_CXiKdGXPDI21ISUkJhaNNPm1vpN-9yyImnSaOlWJ9HN9H1Ht3zTrP1W5By3E7As4tCgQwrEIAAA7rNJI_mAiAXXFF_lw==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX28-eIPqxRaCih4sIabqPTH4AsQqlh0fhlEo-OLOFHg_CXiKdGXPDI21ISUkJhaNNPm1vpN-9yyImnSaOlWJ9HN9H1Ht3zTrP1W5By3E7As4tCgQwrEIAAA7rNJI_mAiAXXFF_lw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMxTgAzZgX7fv5x3yC2FM5A7d8L4hw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ABwbfo6xnIcj1L26GBWF6A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pdf2png.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 29 Dec 2023 19:38:44 GMT
content-security-policy
script-src 'report-sample' 'nonce-ABwbfo6xnIcj1L26GBWF6A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://pdf2png.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 1A71
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1138160&asId=f8c78417-097d-141c-91ad-5cde89669448&tv=%7Bc:ybwaXz,time:1080,type:e,im:%7Bpci:%7Btdr:1006%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1080,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:42,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1070~0%5D,as:%5B1070~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:100,fm:tZRjtRH+11%7C12%7C131%7C132%7C14*.1138160-76607944%7C141%7C142%7C143%7C151%7C152%7C16%7C17%7C18%7C19%7C1a1,idMap:14*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:43,sis:453%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.88.79.152 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-79-152.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Dec 2023 19:38:44 GMT
server
nginx
x-server-name
dt10.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=2819960440942582&bg=!hoWlhcrNAAY3kmNgF5I7ADQBe5WfOOB7hRi1-OwHGr3YkXStGQ5f0VJXKBNqBS6YOx1iSTG22dgwUCOaULeu--EV0RCuAgAAAGxSAAAAA2gBB5kC8ESNq8IsYcQGUcM_pK4_4tr2-U4Rpsp64nIaA-RA4ysDLtn_QIEGnuUjnDNmSM62WQpzPEoPO28vDO3rA0ZWx0SE4H2mfnvIjMMeReB5JiYK5H8f1DRbF-ILj3xUgu63joIdY32Fn0l9Z9V02qRz9YA9b0QjPNGcKjb7Hh5MT4RMNgMLotoANFX7oFVzkH_KBj5UU7XQmWsIZOXMaUOOAy1J_ump4YJ_-rur5mNo7olPnIkpUH489BaADhvXZYb_QBgkhXMYNAghn09hpp1Svj2FgLkDO2fsPiooOagSewcayjPwrd0kqSf-40cjU_KBNfS4t_yHobHpxM5f8_-ngW-14oTw3t9VUDpgIbyiu84g8AVcsci_IbaQUrtVQPN3rITnlV4C8WlnNaGUuzOqHe5hC6DcD9TjngLOhCf-q2Ae7jwwTpdMsoV72K6DkmCDEUzn2ey9Mmr9tH0731dFwbSuMWnHq3AmvhmnDZ6VySZfq8w4fwfDgJF9rfYxENcbU9xZhTL9MCEF7oyCP87JVn5l36qYvBxntJFjH2ZWcL9-i4e-tP-OxCkyu7s-HzicbLaS3uv_V_m-IZP7aK5HcVU4sBL4-0c0UrAE_9CTWBuT747FCoQBJqJy3VSLh2eeg0wH_xu0xTOmyFBE4-YvxUAuleB1XV5mzGKZ46pDxdlDChvUaKOOQB1JHn-_js34SfLGuQ7GiPIcOtDVZeuOHtQ_s9ShqjZd0IyS7jBBkWkvu9-IIoipH9sCpTIMnB9jF_kWWLweBIcjPqACbyaNzBsYHfBk_sz5ChC8d-R6yiTs1ZicL82sZDEe80kjoIIvG6-maSpksPTHz2shWOVZoEMkpd3V339ttIwNkcO_lLCrdG2wPlUxgIAoOIQqYXAxeaiD9ViVviV3pABlkjPmjLtlIDPZMTbatSz8pU0mksmnSbvgB93k8I2nCQWuwZURKD4klSR91NWZ9S5SgUlWfrTEiThzsqyeSGIQMjfHGLDz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pdf2png.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

gen_204
pagead2.googlesyndication.com/pagead/ Frame 1A71
0
20 B
Ping
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2289344319674&version=m202309260101&ct=76&x=1&cor=2318422490171003400
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Dec 2023 19:38:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
.160x600._topad.-karbonn-ad-
fundingchoicesmessages.google.com/f/AGSKWxV8sQPUDSExWYJKbtEGZM8iAqwIPjHKD2o6YieO5oOs8VWiaAMWffpjFqgeOLZENFEjKbcF6Am4SDcNwhilBpzZO653KpcdZ6HfeECRnneH9q2aW46MRDJ1P4QG9E-LCoJIG9_aCm-RQgpGwLBUevbPzs9dI...
54 B
109 B
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxV8sQPUDSExWYJKbtEGZM8iAqwIPjHKD2o6YieO5oOs8VWiaAMWffpjFqgeOLZENFEjKbcF6Am4SDcNwhilBpzZO653KpcdZ6HfeECRnneH9q2aW46MRDJ1P4QG9E-LCoJIG9_aCm-RQgpGwLBUevbPzs9dIU45UxHV47lo-LZ_-zPU9JE-t8lAnlRN/__400x68._affiliate/banners/.160x600._topad.-karbonn-ad-
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.UvFBQR34S5U.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMz3yAw6EdmQsjd3aj68pMJW_AFq6g/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f14.1e100.net
Software
ESF /
Resource Hash
52864abea5320eefb79c2b18ccaa69d727fbd6ef79062deee34d2c0c029f1d91
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-YCkEnfxkT273qqbXQg7joA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pdf2png.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 19:38:45 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-YCkEnfxkT273qqbXQg7joA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
google_top_exp.js
pagead2.googlesyndication.com/pagead/js/
47 B
67 B
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.UvFBQR34S5U.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMz3yAw6EdmQsjd3aj68pMJW_AFq6g/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s32-in-f2.1e100.net
Software
cafe /
Resource Hash
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pdf2png.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 17:47:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
6660
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
server
cafe
etag
13036835877489095579
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 12 Jan 2024 17:47:45 GMT
AGSKWxX28-eIPqxRaCih4sIabqPTH4AsQqlh0fhlEo-OLOFHg_CXiKdGXPDI21ISUkJhaNNPm1vpN-9yyImnSaOlWJ9HN9H1Ht3zTrP1W5By3E7As4tCgQwrEIAAA7rNJI_mAiAXXFF_lw==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX28-eIPqxRaCih4sIabqPTH4AsQqlh0fhlEo-OLOFHg_CXiKdGXPDI21ISUkJhaNNPm1vpN-9yyImnSaOlWJ9HN9H1Ht3zTrP1W5By3E7As4tCgQwrEIAAA7rNJI_mAiAXXFF_lw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMxTgAzZgX7fv5x3yC2FM5A7d8L4hw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-JTq1Y9SBgUpLUbiQk3FnNQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pdf2png.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 29 Dec 2023 19:38:45 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-JTq1Y9SBgUpLUbiQk3FnNQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://pdf2png.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxX28-eIPqxRaCih4sIabqPTH4AsQqlh0fhlEo-OLOFHg_CXiKdGXPDI21ISUkJhaNNPm1vpN-9yyImnSaOlWJ9HN9H1Ht3zTrP1W5By3E7As4tCgQwrEIAAA7rNJI_mAiAXXFF_lw==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX28-eIPqxRaCih4sIabqPTH4AsQqlh0fhlEo-OLOFHg_CXiKdGXPDI21ISUkJhaNNPm1vpN-9yyImnSaOlWJ9HN9H1Ht3zTrP1W5By3E7As4tCgQwrEIAAA7rNJI_mAiAXXFF_lw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMxTgAzZgX7fv5x3yC2FM5A7d8L4hw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-KeEh-Ra01Ghinxd28t2b6w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pdf2png.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 29 Dec 2023 19:38:45 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-KeEh-Ra01Ghinxd28t2b6w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://pdf2png.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxX28-eIPqxRaCih4sIabqPTH4AsQqlh0fhlEo-OLOFHg_CXiKdGXPDI21ISUkJhaNNPm1vpN-9yyImnSaOlWJ9HN9H1Ht3zTrP1W5By3E7As4tCgQwrEIAAA7rNJI_mAiAXXFF_lw==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX28-eIPqxRaCih4sIabqPTH4AsQqlh0fhlEo-OLOFHg_CXiKdGXPDI21ISUkJhaNNPm1vpN-9yyImnSaOlWJ9HN9H1Ht3zTrP1W5By3E7As4tCgQwrEIAAA7rNJI_mAiAXXFF_lw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMxTgAzZgX7fv5x3yC2FM5A7d8L4hw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-AuR9sYWgoK36EOC9GaoMGg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pdf2png.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 29 Dec 2023 19:38:45 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-AuR9sYWgoK36EOC9GaoMGg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://pdf2png.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxX28-eIPqxRaCih4sIabqPTH4AsQqlh0fhlEo-OLOFHg_CXiKdGXPDI21ISUkJhaNNPm1vpN-9yyImnSaOlWJ9HN9H1Ht3zTrP1W5By3E7As4tCgQwrEIAAA7rNJI_mAiAXXFF_lw==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX28-eIPqxRaCih4sIabqPTH4AsQqlh0fhlEo-OLOFHg_CXiKdGXPDI21ISUkJhaNNPm1vpN-9yyImnSaOlWJ9HN9H1Ht3zTrP1W5By3E7As4tCgQwrEIAAA7rNJI_mAiAXXFF_lw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMxTgAzZgX7fv5x3yC2FM5A7d8L4hw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-3x7EKiPsxo6vqnaH8b0meQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pdf2png.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 29 Dec 2023 19:38:45 GMT
content-security-policy
script-src 'report-sample' 'nonce-3x7EKiPsxo6vqnaH8b0meQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://pdf2png.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUQquSprj4XJ9AEwvhWB23VS4pzuyAbOVw8eZYZPGAcmMA6pNvRJI4lpa_2wR3hAZ6AOmrXVNMNUqZi4OTKAN0ANuRmcEsHTWKaalVDRPbcojKHu7zgd0b9gz0CDIOGn7yRFDswoA==
fundingchoicesmessages.google.com/f/
3 KB
2 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUQquSprj4XJ9AEwvhWB23VS4pzuyAbOVw8eZYZPGAcmMA6pNvRJI4lpa_2wR3hAZ6AOmrXVNMNUqZi4OTKAN0ANuRmcEsHTWKaalVDRPbcojKHu7zgd0b9gz0CDIOGn7yRFDswoA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAzODc4NzI1LDI3MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9wZGYycG5nLmNvbS8iLG51bGwsW1s4LCJVdkZCUVIzNFM1VSJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMxTgAzZgX7fv5x3yC2FM5A7d8L4hw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f14.1e100.net
Software
ESF /
Resource Hash
826085085397ed931904bea9f279d698f9112ee49c3b63f4cf7be27b41663352
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-gMPEkvtQ3NOHKv12dKjp4A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pdf2png.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date
Fri, 29 Dec 2023 19:38:45 GMT
content-security-policy
script-src 'report-sample' 'nonce-gMPEkvtQ3NOHKv12dKjp4A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVW6XT5gLIRSg338GBP0N2_oE2Dp4aH5pSqDGUjQyiy0-9Z_yrgiy12dw2DfVNQLliHqDZLtC-x5JVeqGxPG1AlxQEEef7PqaIYs7rFhaffZrmOzPvAuuf7svgdVEnjnm_wQ9NInA==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVW6XT5gLIRSg338GBP0N2_oE2Dp4aH5pSqDGUjQyiy0-9Z_yrgiy12dw2DfVNQLliHqDZLtC-x5JVeqGxPG1AlxQEEef7PqaIYs7rFhaffZrmOzPvAuuf7svgdVEnjnm_wQ9NInA==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMxTgAzZgX7fv5x3yC2FM5A7d8L4hw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-BaaCN-Jc8kYzNfaMohaaig' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pdf2png.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 29 Dec 2023 19:38:45 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-BaaCN-Jc8kYzNfaMohaaig' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://pdf2png.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxX28-eIPqxRaCih4sIabqPTH4AsQqlh0fhlEo-OLOFHg_CXiKdGXPDI21ISUkJhaNNPm1vpN-9yyImnSaOlWJ9HN9H1Ht3zTrP1W5By3E7As4tCgQwrEIAAA7rNJI_mAiAXXFF_lw==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxX28-eIPqxRaCih4sIabqPTH4AsQqlh0fhlEo-OLOFHg_CXiKdGXPDI21ISUkJhaNNPm1vpN-9yyImnSaOlWJ9HN9H1Ht3zTrP1W5By3E7As4tCgQwrEIAAA7rNJI_mAiAXXFF_lw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMxTgAzZgX7fv5x3yC2FM5A7d8L4hw/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.13.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yul02s04-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-rDgK8TitCpRLLfB2zBG2zg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pdf2png.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 29 Dec 2023 19:38:45 GMT
content-security-policy
script-src 'report-sample' 'nonce-rDgK8TitCpRLLfB2zBG2zg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://pdf2png.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 1A71
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1138160&asId=f8c78417-097d-141c-91ad-5cde89669448&tv=%7Bc:ybwbeI,pingTime:1,time:2143,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:42%7D,%7Bpiv:100,vs:i,r:,t:1142%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1142,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:42,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1131~0,0~100%5D,as:%5B1131~728.90%5D%7D%7D,%7Bsl:i,t:1142,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:118,fm:tZRjtRH+11%7C12%7C131%7C132%7C14*.1138160-76607944%7C141%7C142%7C143%7C151%7C152%7C16%7C17%7C18%7C19%7C1a1,idMap:14*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:43,sis:453%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.88.79.152 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-79-152.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Dec 2023 19:38:45 GMT
server
nginx
x-server-name
dt03.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 1A71
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1138160&asId=f8c78417-097d-141c-91ad-5cde89669448&tv=%7Bc:ybwbeI,pingTime:1,time:2144,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:42%7D,%7Bpiv:100,vs:i,r:,t:1142%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1002,o:1142,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:42,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1131~0,0~100%5D,as:%5B1131~728.90%5D%7D%7D,%7Bsl:i,t:1142,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:118,fm:tZRjtRH+11%7C12%7C131%7C132%7C14*.1138160-76607944%7C141%7C142%7C143%7C151%7C152%7C16%7C17%7C18%7C19%7C1a1,idMap:14*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:43,sis:453%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.88.79.152 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-88-79-152.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Dec 2023 19:38:45 GMT
server
nginx
x-server-name
dt09.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| event object| documentPictureInPicture object| adsbygoogle object| _paq function| Bind object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| App function| Ajax function| Notice function| SmoothScroll function| SortableList function| applyFocusVisiblePolyfill object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log function| google_sa_impl number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| googlefc boolean| adsbygoogle_ama_fc_has_run object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| ZjhkN2Q4MWE4YjQ5ZmRmN2xvYWRlcl9qcw== string| ZjhkN2Q4MWE4YjQ5ZmRmN2NhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady object| googletag object| GoogleGcLKhOms object| google_image_requests boolean| google_empty_script_included boolean| 4382336c-b3cd-4036-bfc3-4af908566cff

15 Cookies

Domain/Path Name / Value
pdf2png.com/ Name: mojolicious
Value: eyJjb3VudGVyIjoxLCJleHBpcmF0aW9uIjozMTUzNjAwMCwiZXhwaXJlcyI6MTczNTQxNDcyMH0---9b1b0b757340ceede3f40bdf53ab239e41dd45f7
pdf2png.com/ Name: _pk_id.15.3d06
Value: 8de11514c4d8f7f4.1703878722.
pdf2png.com/ Name: _pk_ses.15.3d06
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUmZcHE5wGcoJjcXSoUZ7I6yZxaLLl3gk6EIJQ0UlRsQnLEru025p-r_ogL5
.doubleclick.net/ Name: DSID
Value: NO_DATA
.pdf2png.com/ Name: __gads
Value: ID=187dab530d90ce6e:T=1703878721:RT=1703878721:S=ALNI_MbVcF4NrUlOPqG7ekCYWzF4rqkqHg
.pdf2png.com/ Name: __gpi
Value: UID=00000daf68d66c5b:T=1703878721:RT=1703878721:S=ALNI_MZw5AkI9X4KeiPObg4MJBMoPapwgA
.casalemedia.com/ Name: CMID
Value: ZY8gQ3kuYYjhQY4Igj8VSwAA
.casalemedia.com/ Name: CMPS
Value: 477
.casalemedia.com/ Name: CMPRO
Value: 477
.doubleclick.net/ Name: APC
Value: AfxxVi4LK5rJW899jzk-Okr6YUJRWZt6WP2W2Vs5ETv7FCjxygk60Q
.adnxs.com/ Name: uuid2
Value: 2754693264008005739
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2Hb^v##bR!1yIE`fS1ueD1W-044)d+]Uf_Bt(pREN.BJTnvD?@u9'ED<UF3/(rArWn*@x%nugO%v4VB%nn:o*/8im
.googleadservices.com/ Name: ar_debug
Value: 1
.pdf2png.com/ Name: FCNEC
Value: %5B%5B%22AKsRol8LIE1KZJ-pxouS1JKohsZf2RRekTXoNVz0NvMbHQb2Vdxychf2OSTTqyTp1CsCWHkZ6KcQ9Ze3eV1ZAaHUZN2bFUcaX1_15Lqpy18jwR-4ow_GY3O59hyhjNaDCKrruXz7kQgSLYBpv-jn4euHlll-38j30g%3D%3D%22%5D%5D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cm.g.doubleclick.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
fonts.googleapis.com
fundingchoicesmessages.google.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
pagead2.googlesyndication.com
pdf2png.com
s0.2mdn.net
static.adsafeprotected.com
stats.monohost.com
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
104.18.36.155
13.32.230.19
142.250.72.98
168.119.148.239
172.217.13.110
172.217.13.130
172.217.13.138
172.217.13.193
172.217.13.194
172.217.13.195
172.217.13.196
172.217.13.198
172.217.13.98
5.9.83.149
52.88.79.152
54.234.41.74
68.67.160.26
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
17c51c572c7349afeef2bfedcad431c67244f4a82654b5b8002511fc14346d48
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b77695b01dc7038195f9561025b453e2c11cbcf9b9913da2edecbb7a76ebfe8
1bebc953b8e78faae364b1b688176478a08e53b52da8f002451ab6cca91ebeac
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
26dd21437129f3c040cdf9c1fda0677edef7a843d4524cce394f729827587f74
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
29a5f3793d5ea14a97c6237a7c6f80e3bb381f93101c9514cfbfa2444f5ca4e9
2b3bdaf9cdbf39752bf8d68020be11f498e49bfe1f3c22aeef9200fd21a9f530
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d
473712990545b6200223c726c6dc9e0be97a460d592a5d9e5975ff77a7136f56
4af106e1b28e5f9da0068dd69c4457d8602bdd628260a560f384f0955f361778
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4beb257d823162731fd225050401b8127bcc6a6833406210f817385d7ad539f1
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e602aaebe61525de94b0d6f337c6f0f093e4c11a45ffc196ac396fea8d9032f
52864abea5320eefb79c2b18ccaa69d727fbd6ef79062deee34d2c0c029f1d91
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43
566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a
5881ea598d800acee8b8201cf012a958b5541926cc7121fa2a7c13dcf9c46da2
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5fd5cda89c9b848380c5360e075bcc0e1f0cc815a6b1374d3d2d0c0f31377d84
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63a00137e7dac57beaa887d85025f97a6b8cdebdf67992a47939d8d7c6373263
6a2e00be74c0bcf8269b373814250c6def544a364c74366065defa8333eca5d4
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
73ee0c3a0579c7d6d112c7e0fc463d1275169145a7d9bc824da019993d35a53e
756052520d2c7fd14f0d852648bf871b3001bd5036ba36650c7e7e619ae49444
78f3e00859258cd6b3d9990cc479f94bfe72af05299f0d275ade0245768f4bfa
7af5eb9a149065c5dc8d4638a8bb4ffb840a5c1227317a8ca95847e8a217c269
80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346
826085085397ed931904bea9f279d698f9112ee49c3b63f4cf7be27b41663352
84bd40cae320d776d11e7d78a6f55e23328182c4dd7f313911fb0bc151d02133
854e83a289dc1df570ac974bf9cb1b333ea4f1e6da4dab8b6ec670f881be77a0
8c0f89307efb62b88604ec31c1ef1c4770fe7a1a9d115485478a4cdf86aca42a
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
904ba425a1eff73e164be1a2fb487f25299a159625d10b0acf82b6cc8d4bbde3
904ee0e91dab3b724ad62dfd717fddd3f14aed27a91626cac5c36f37b91d61db
9204ebfba5eb7bae94b11dff25086998d49c356a381b7e73b6d29b03dad84c0c
9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5
9d47990613a10336383f2c71c6888db8cb2fa81dafcb42e0807d95002d5af284
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a41eac9c41aa92533ab6cf9375a1b497c4dbf4c92fa39004b886302a3b11cd04
a4c4b5501e7c0c5fe27180504b880968ee47d11ba331091dbcb136fdaa9c87ca
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b39abd9035f703b76dfed940898d572b9864f676eb1912a9142f0639dca6b2ce
b648bf9ccc35c6e5794653fd7f530366fccff98d9acc9612230b9bc4a68578c4
b73d0007f3cd26e7d031bcefc8dc54a8d01d5d797564f6b33985e5bb2a735e7f
bbd65ceecbecbef5739627cf038a31d47122258d5ae7e320232d9e9893d72c09
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
d0b1e589d2d40e90e08bea159f4f5ee6a529eefa829bb1f46d6c4e9cc8485635
db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d
e0687dac6050104c11d04ddee964b0369b1c1d3631cbabff5317a21f0fc5bf1d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f402ef263113b51977477e2be7a1c3d8f54b50e66947477e35233fa399d01300
f588adcc1f6edbff73131fc95d1902cd321820ab39d9567f4d9217b25a956f9c