pdf2png.com Open in urlscan Pro
168.119.148.239  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 39

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 43

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMbzyovoIDfd9conMAi2J0o&google_cver=1

Request Chain 44

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZY8gQ3kuYYjhQY4Igj8VSwAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMbzyovoIDfd9conMAi2J0o&google_cver=1

Request Chain 45

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESECkvUoZ8WJRnMCvqMoH0wG4&google_cver=1 HTTP 307
• https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECkvUoZ8WJRnMCvqMoH0wG4%26google_cver%3D1

Request Chain 46

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjc1NDY5MzI2NDAwODAwNTczOQ%3D%3D

Request Chain 51

• https://googleads.g.doubleclick.net/pagead/adview?ai=CeKdMQSCPZeCwLqnJxtYPoMCO8A_Q-ImJdej99bf3EYbtqZKMDhABIJH01IoBYP2gmYHoA6AB7LPywAHIAQKoAwHIA8kEqgTbAU_QTlFt0C7xUaIBh3JeIZ9YV-9_yLl11J2oBD35ipYUqvaXy3vjtdhYUWMPDgyxAJoSdfbQNv7K7OyymoNPpuSoLsHf-uIu0h8wGkdyfXEccGfVwqUER9au0bW4mg3KYfxQd7EmZqZv60yU7CF2P8GlO_VJvM1Gmu5Pn0wnhuQYumFs6HAaxdpB1HCqfzmgOtZi9DpIWm1mp4rZRyZc1H_7Au-GezU5bTqIX1_fGHxSvm-O29t724-Bw3jNmeUSctibsOhQLkm0b9hHVsd4Yt1yrMDb1tPD6Yw0a8AExOiMjN0EiAX3_6rpTZIFBAgEGAGSBQQIBRgEoAYCgAf8y42_AqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEPrAD9IIHwiAYRABGB8yAooCOgSAQIBASL39wTpY35rN77K1gwOaCSBodHRwczovL21hZG11c2NsZXMuY29tL3N0ZXAtZ29hbIAKAcgLAaIMICoeChzktLEC7rWxArW4sQKsurEC5LSxAu61sQK7u7EC2gwQCgoQgP6V6oHztOEZEgIBA9gTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi04Mjg4MjAzNTAyMDYzNjk1GAA&sigh=8Shvts76yVY&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_BKlya2C1W4d6nbVCKSsipjFsOhTyKmKHhHL8qoVQQlMqpPwpzKpGoZbYQwD2LWMz_cpLGME6A34pBhix2fXj3Ed-kzyj2PDhuBgB&cbvp=2&vis=1 HTTP 302
• https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x44d4be405ca1a47f0000000000000000%22,%222%22:%220x2172a07016f9a10a0000000000000000%22,%223%22:%220xd93ac9d4976aa0270000000000000000%22,%224%22:%220x295a85f232dfbe830000000000000000%22,%225%22:%220x6c5b6f37c4926eeb0000000000000000%22},%22debug_key%22:%2217450966817468519226%22,%22debug_reporting%22:true,%22destination%22:%22https://madmuscles.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22404527596%22],%2222%22:[%22true%22],%224%22:[%2212-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2218221005889591635505%22}&andc=true

Request Chain 57

• https://googleads.g.doubleclick.net/pagead/adview?ai=Clbw5QSCPZY6cMNXovPIP4NmS4Aa0luWHdZXh6aulEobtqZKMDhABIJH01IoBYP2gmYHoA6AB7LPywAHIAQKoAwHIA8kEqgTbAU_QCAYrEF1M597hO-2-tTWGGz3KEN0q2LzYSu_U6jLmobNjjgQdWk1VmmeR0F-wTveFgOqjHc_icC1PdhYteCoFdwQAnrFi0wqiRyFxA3CsXydGrHArJcme3MU2T1BHFcSkDKt_4Ly-euMTR6t0IZHzDf7AXyJsU1SCIsRkmv-kgftPA_YaE0469InvrAmT36hEwck0Rb-ZtxccL4q4mXVJwlxZC6jnFPgNZnDfljkOkyh_nFanCQukXsUtTvD1ukgnYwt5YmJRKoMRQhcyp29atMLtayzzu63118AEqsf06s8EiAXL1pTwTZIFBAgEGAGSBQQIBRgEoAYCgAf8y42_AqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEInGBdIIHwiAYRABGB8yAooCOgSAQIBASL39wTpYq4rP77K1gwOaCSBodHRwczovL21hZG11c2NsZXMuY29tL3N0ZXAtZ29hbIAKAcgLAaIMHCoaChjktLEC7rWxArW4sQKsurEC5LSxAu61sQLaDBAKChCA0Nzg-fPC1FUSAgED2BMN0BUBmBYBgBcBshccChoIABIUcHViLTgyODgyMDM1MDIwNjM2OTUYAA&sigh=YJ9a382GlMs&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_VpFb84IRxz4YnAaEdjhceXoi3jNxr_axX3GC7wm1_PZ-NrwBta4hRR8PiErI6JL22igiObjEYTqPB8ma-7NXhjGIY1An48gwE3kYAQ&cbvp=2&vis=1 HTTP 302
• https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x44d4be405ca1a47f0000000000000000%22,%222%22:%220x2172a07016f9a10a0000000000000000%22,%223%22:%220x59cdf80de3ef02490000000000000000%22,%224%22:%220x2fa83f488e36585a0000000000000000%22,%225%22:%220x6c5b6f37c4926eeb0000000000000000%22},%22debug_key%22:%226937841404341178598%22,%22debug_reporting%22:true,%22destination%22:%22https://madmuscles.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22404527596%22],%2222%22:[%22true%22],%224%22:[%2212-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226312484528502086401%22}&andc=true

Request Chain 79

• https://fw.adsafeprotected.com/rfw/st/1138160/76607944/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1008693280&ias_pubId=pub-8288203502063695&ias_chanId=1&ias_placementId=20161971837&bidurl=https://pdf2png.com/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0jAPHv3VG2oWfzXk62DLuoi&adContainerId=brand_safety_QyCPZcD0B9zYoPwPkrO-qAQ&cbFunctionName=goog_wrapCb_QyCPZcD0B9zYoPwPkrO-qAQ&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fpdf2png.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fpdf2png.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-8288203502063695%26output%3Dhtml%26h%3D90%26slotname%3D7344673714%26adk%3D457190580%26adf%3D4272225274%26pi%3Dt.ma~as.7344673714%26w%3D728%26lmt%3D1703878721%26rafmt%3D12%26format%3D728x90%26url%3Dhttps%253A%252F%252Fpdf2png.com%252F%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1703878721372%26bpp%3D2%26bdt%3D447%26idt%3D349%26shv%3Dr20231207%26mjsv%3Dm202312070101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C300x250%26nras%3D1%26correlator%3D6521839946078%26frm%3D20%26pv%3D1%26ga_vid%3D1575150388.1703878722%26ga_sid%3D1703878722%26ga_hid%3D1811177920%26ga_fc%3D0%26u_tz%3D-480%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D436%26ady%3D328%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C31079714%252C31079979%252C44795922%252C44809531%252C95320884%26oid%3D2%26pvsid%3D2819960440942582%26tmod%3D1278110273%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3Do%257C%257CeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D256%26bc%3D31%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D3%26uci%3Da!3%26fsb%3D1%26dtd%3D353&adsafe_type=d&adsafe_jsinfo=,id:f8c78417-097d-141c-91ad-5cde89669448,c:ybwaGP,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-7949887ccd-f7bs7,rg:va,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:4,mot:0,app:0,maw:0,fm:tZRjtRH+11%7C12%7C131%7C132%7C14*.1138160-76607944%7C141%7C142%7C143%7C151%7C152%7C16%7C17%7C18%7C19%7C1a1,idMap:14*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:43,oid:dff4105d-a681-11ee-a662-32ab0b5ea6e7,v:19.8.466,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
• https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}&ias_xappb=&adContainerId=brand_safety_QyCPZcD0B9zYoPwPkrO-qAQ&cbFunctionName=goog_wrapCb_QyCPZcD0B9zYoPwPkrO-qAQ&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js

121 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
5 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response pdf2png.com/	58 KB 22 KB	384ms 126ms	Document text/html	168.119.148.239 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://pdf2png.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 168.119.148.239 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.239.148.119.168.clients.your-server.de Software nginx/1.18.0 (Ubuntu) / Resource Hash 2b3bdaf9cdbf39752bf8d68020be11f498e49bfe1f3c22aeef9200fd21a9f530 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html;charset=UTF-8 Date Fri, 29 Dec 2023 19:38:40 GMT Server nginx/1.18.0 (Ubuntu) Transfer-Encoding chunked
GET H/1.1	200 OK	style.css pdf2png.com/css/	21 KB 6 KB	216ms 122ms	Stylesheet text/css	168.119.148.239 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://pdf2png.com/css/style.css?28 Requested by Host: pdf2png.com URL: https://pdf2png.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 168.119.148.239 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.239.148.119.168.clients.your-server.de Software nginx/1.18.0 (Ubuntu) / Resource Hash 5881ea598d800acee8b8201cf012a958b5541926cc7121fa2a7c13dcf9c46da2 Request headers accept-language en-CA,en;q=0.9 Referer https://pdf2png.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Fri, 29 Dec 2023 19:38:41 GMT Content-Encoding gzip Last-Modified Fri, 02 Jun 2023 08:01:04 GMT Server nginx/1.18.0 (Ubuntu) ETag W/"6479a1c0-55cf" Transfer-Encoding chunked Content-Type text/css Cache-Control max-age=31536000 Connection keep-alive Expires Sat, 28 Dec 2024 19:38:41 GMT
GET H/1.1	200 OK	logo.svg pdf2png.com/images/pdf2png/	3 KB 4 KB	250ms 124ms	Image image/svg+xml	168.119.148.239 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://pdf2png.com/images/pdf2png/logo.svg Requested by Host: pdf2png.com URL: https://pdf2png.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 168.119.148.239 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.239.148.119.168.clients.your-server.de Software nginx/1.18.0 (Ubuntu) / Resource Hash 9d47990613a10336383f2c71c6888db8cb2fa81dafcb42e0807d95002d5af284 Request headers accept-language en-CA,en;q=0.9 Referer https://pdf2png.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Fri, 29 Dec 2023 19:38:41 GMT Last-Modified Thu, 04 Jun 2020 22:38:13 GMT Server nginx/1.18.0 (Ubuntu) ETag "5ed977d5-cca" Content-Type image/svg+xml Cache-Control max-age=31536000 Connection keep-alive Accept-Ranges bytes Content-Length 3274 Expires Sat, 28 Dec 2024 19:38:41 GMT
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	145 KB 51 KB	151ms 68ms	Script text/javascript	142.250.72.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8288203502063695 Requested by Host: pdf2png.com URL: https://pdf2png.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s32-in-f2.1e100.net Software cafe / Resource Hash 9204ebfba5eb7bae94b11dff25086998d49c356a381b7e73b6d29b03dad84c0c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://pdf2png.com/ Origin https://pdf2png.com accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Fri, 29 Dec 2023 19:38:41 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 51324 x-xss-protection 0 server cafe etag 5182482387927569141 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Fri, 29 Dec 2023 19:38:41 GMT
GET H/1.1	200 OK	Bind.js Show response pdf2png.com/js/	13 KB 4 KB	140ms 120ms	Script application/javascript	168.119.148.239 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://pdf2png.com/js/Bind.js?2 Requested by Host: pdf2png.com URL: https://pdf2png.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 168.119.148.239 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.239.148.119.168.clients.your-server.de Software nginx/1.18.0 (Ubuntu) / Resource Hash bbd65ceecbecbef5739627cf038a31d47122258d5ae7e320232d9e9893d72c09 Request headers accept-language en-CA,en;q=0.9 Referer https://pdf2png.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Fri, 29 Dec 2023 19:38:41 GMT Content-Encoding gzip Last-Modified Tue, 27 Jul 2021 04:28:45 GMT Server nginx/1.18.0 (Ubuntu) ETag W/"60ff8b7d-35fa" Transfer-Encoding chunked Content-Type application/javascript Cache-Control max-age=31536000 Connection keep-alive Expires Sat, 28 Dec 2024 19:38:41 GMT
GET H/1.1	200 OK	App.js Show response pdf2png.com/js/	15 KB 5 KB	239ms 122ms	Script application/javascript	168.119.148.239 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://pdf2png.com/js/App.js?2 Requested by Host: pdf2png.com URL: https://pdf2png.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 168.119.148.239 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.239.148.119.168.clients.your-server.de Software nginx/1.18.0 (Ubuntu) / Resource Hash f588adcc1f6edbff73131fc95d1902cd321820ab39d9567f4d9217b25a956f9c Request headers accept-language en-CA,en;q=0.9 Referer https://pdf2png.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Fri, 29 Dec 2023 19:38:41 GMT Content-Encoding gzip Last-Modified Fri, 12 Nov 2021 15:36:46 GMT Server nginx/1.18.0 (Ubuntu) ETag W/"618e8a0e-3b56" Transfer-Encoding chunked Content-Type application/javascript Cache-Control max-age=31536000 Connection keep-alive Expires Sat, 28 Dec 2024 19:38:41 GMT
GET H/1.1	200 OK	common.min.js Show response pdf2png.com/js/	12 KB 5 KB	245ms 122ms	Script application/javascript	168.119.148.239 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://pdf2png.com/js/common.min.js?7 Requested by Host: pdf2png.com URL: https://pdf2png.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 168.119.148.239 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.239.148.119.168.clients.your-server.de Software nginx/1.18.0 (Ubuntu) / Resource Hash 73ee0c3a0579c7d6d112c7e0fc463d1275169145a7d9bc824da019993d35a53e Request headers accept-language en-CA,en;q=0.9 Referer https://pdf2png.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Fri, 29 Dec 2023 19:38:41 GMT Content-Encoding gzip Last-Modified Wed, 28 Jul 2021 02:29:15 GMT Server nginx/1.18.0 (Ubuntu) ETag W/"6100c0fb-2eb8" Transfer-Encoding chunked Content-Type application/javascript Cache-Control max-age=31536000 Connection keep-alive Expires Sat, 28 Dec 2024 19:38:41 GMT
GET H/1.1	200 OK	focus-visible.min.js Show response pdf2png.com/js/	3 KB 1 KB	260ms 119ms	Script application/javascript	168.119.148.239 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://pdf2png.com/js/focus-visible.min.js?2 Requested by Host: pdf2png.com URL: https://pdf2png.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 168.119.148.239 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.239.148.119.168.clients.your-server.de Software nginx/1.18.0 (Ubuntu) / Resource Hash d0b1e589d2d40e90e08bea159f4f5ee6a529eefa829bb1f46d6c4e9cc8485635 Request headers accept-language en-CA,en;q=0.9 Referer https://pdf2png.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Fri, 29 Dec 2023 19:38:41 GMT Content-Encoding gzip Last-Modified Tue, 27 Jul 2021 05:43:59 GMT Server nginx/1.18.0 (Ubuntu) ETag W/"60ff9d1f-d45" Transfer-Encoding chunked Content-Type application/javascript Cache-Control max-age=31536000 Connection keep-alive Expires Sat, 28 Dec 2024 19:38:41 GMT
GET H/1.1	200 OK	end.css pdf2png.com/css/	15 KB 4 KB	350ms 118ms	Stylesheet text/css	168.119.148.239 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://pdf2png.com/css/end.css?14 Requested by Host: pdf2png.com URL: https://pdf2png.com/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305 Server 168.119.148.239 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.239.148.119.168.clients.your-server.de Software nginx/1.18.0 (Ubuntu) / Resource Hash 473712990545b6200223c726c6dc9e0be97a460d592a5d9e5975ff77a7136f56 Request headers accept-language en-CA,en;q=0.9 Referer https://pdf2png.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Fri, 29 Dec 2023 19:38:41 GMT Content-Encoding gzip Last-Modified Sun, 09 Jan 2022 19:08:46 GMT Server nginx/1.18.0 (Ubuntu) ETag W/"61db32be-3b45" Transfer-Encoding chunked Content-Type text/css Cache-Control max-age=31536000 Connection keep-alive Expires Sat, 28 Dec 2024 19:38:41 GMT
GET H/1.1	200 OK	piwik.js Show response stats.monohost.com/	65 KB 25 KB	475ms 219ms	Script application/javascript	5.9.83.149 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://stats.monohost.com/piwik.js Requested by Host: pdf2png.com URL: https://pdf2png.com/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 5.9.83.149 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.149.83.9.5.clients.your-server.de Software nginx/1.18.0 (Ubuntu) / Resource Hash b39abd9035f703b76dfed940898d572b9864f676eb1912a9142f0639dca6b2ce Request headers accept-language en-CA,en;q=0.9 Referer https://pdf2png.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Date Fri, 29 Dec 2023 19:38:41 GMT Content-Encoding gzip Last-Modified Tue, 19 Dec 2023 07:42:45 GMT Server nginx/1.18.0 (Ubuntu) ETag W/"65814975-1042f" Transfer-Encoding chunked Content-Type application/javascript Connection keep-alive
GET H3	200	show_ads_impl_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/	399 KB 135 KB	162ms 84ms	Script text/javascript	142.250.72.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8288203502063695 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s32-in-f2.1e100.net Software cafe / Resource Hash 756052520d2c7fd14f0d852648bf871b3001bd5036ba36650c7e7e619ae49444 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://pdf2png.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Fri, 29 Dec 2023 19:38:41 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 137924 x-xss-protection 0 server cafe etag 925690544378965138 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Fri, 29 Dec 2023 19:38:41 GMT
GET H2	200	zrt_lookup_fy2021.html Show response googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/ Frame C75F	9 KB 4 KB	134ms 38ms	Document text/html	172.217.13.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20231207/r20190131/zrt_lookup_fy2021.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8288203502063695 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f2.1e100.net Software cafe / Resource Hash 1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://pdf2png.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers age 69208 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4130 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 29 Dec 2023 00:25:13 GMT etag 5585625838579639069 expires Fri, 12 Jan 2024 00:25:13 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame FEA3	193 KB 53 KB	748ms 746ms	Document text/html	172.217.13.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&adk=1812271804&adf=3025194257&lmt=1703878721&plaf=7%3A2&plat=3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1048576%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x1080_r&format=0x0&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721364&bpp=4&bdt=439&idt=299&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6521839946078&frm=20&pv=2&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=327 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f2.1e100.net Software cafe / Resource Hash b648bf9ccc35c6e5794653fd7f530366fccff98d9acc9612230b9bc4a68578c4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://pdf2png.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 54491 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 29 Dec 2023 19:38:42 GMT expires Fri, 29 Dec 2023 19:38:42 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
POST H/1.1	204 No Response	piwik.php stats.monohost.com/	0 250 B	137ms 135ms	Ping text/html	5.9.83.149 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://stats.monohost.com/piwik.php?action_name=PDF%20to%20PNG%20%E2%80%93%20Convert%20PDF%20to%20PNG%20Online&idsite=15&rec=1&r=260977&h=11&m=38&s=41&url=https%3A%2F%2Fpdf2png.com%2F&_id=8de11514c4d8f7f4&_idn=1&send_image=0&_refts=0&pv_id=vYqucI&pf_net=260&pf_srv=126&pf_tfr=101&pf_dm1=247&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200 Requested by Host: stats.monohost.com URL: https://stats.monohost.com/piwik.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 5.9.83.149 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.149.83.9.5.clients.your-server.de Software nginx/1.18.0 (Ubuntu) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://pdf2png.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=utf-8 Response headers Access-Control-Allow-Origin https://pdf2png.com Date Fri, 29 Dec 2023 19:38:41 GMT Access-Control-Allow-Credentials true Server nginx/1.18.0 (Ubuntu) Connection keep-alive Content-Type text/html; charset=UTF-8
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 6E85	103 KB 38 KB	888ms 885ms	Document text/html	172.217.13.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=250&slotname=5999786544&adk=181657078&adf=3955570658&pi=t.ma~as.5999786544&w=300&fwrn=1&fwrnh=100&lmt=1703878721&rafmt=3&format=300x250&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721368&bpp=4&bdt=444&idt=343&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=24&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=349 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f2.1e100.net Software cafe / Resource Hash 8c0f89307efb62b88604ec31c1ef1c4770fe7a1a9d115485478a4cdf86aca42a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://pdf2png.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 38788 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 29 Dec 2023 19:38:42 GMT expires Fri, 29 Dec 2023 19:38:42 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 1A71	22 KB 10 KB	1007ms 1005ms	Document text/html	172.217.13.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=90&slotname=7344673714&adk=457190580&adf=4272225274&pi=t.ma~as.7344673714&w=728&lmt=1703878721&rafmt=12&format=728x90&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721372&bpp=2&bdt=447&idt=349&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=353 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f2.1e100.net Software cafe / Resource Hash 1b77695b01dc7038195f9561025b453e2c11cbcf9b9913da2edecbb7a76ebfe8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://pdf2png.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 10219 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 29 Dec 2023 19:38:42 GMT expires Fri, 29 Dec 2023 19:38:42 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 79E6	103 KB 38 KB	922ms 921ms	Document text/html	172.217.13.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=280&slotname=5233499781&adk=1682588528&adf=2362057675&pi=t.ma~as.5233499781&w=728&fwrn=1&fwrnh=100&lmt=1703878721&rafmt=1&format=728x280&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721374&bpp=1&bdt=449&idt=355&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C728x90&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=869&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=373 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f2.1e100.net Software cafe / Resource Hash 6a2e00be74c0bcf8269b373814250c6def544a364c74366065defa8333eca5d4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://pdf2png.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 38901 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 29 Dec 2023 19:38:42 GMT expires Fri, 29 Dec 2023 19:38:42 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	reactive_library_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/	160 KB 55 KB	72ms 71ms	Script text/javascript	142.250.72.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/reactive_library_fy2021.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s32-in-f2.1e100.net Software cafe / Resource Hash 26dd21437129f3c040cdf9c1fda0677edef7a843d4524cce394f729827587f74 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://pdf2png.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Fri, 29 Dec 2023 19:38:42 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 56005 x-xss-protection 0 server cafe etag 1205812024456056126 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Fri, 29 Dec 2023 19:38:42 GMT
GET H2	200	ca-pub-8288203502063695 Show response fundingchoicesmessages.google.com/i/	182 KB 61 KB	203ms 96ms	Script application/javascript	172.217.13.110 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/i/ca-pub-8288203502063695?ers=2 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.110 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f14.1e100.net Software ESF / Resource Hash 904ee0e91dab3b724ad62dfd717fddd3f14aed27a91626cac5c36f37b91d61db Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-H_mpZEWol_v0lJ7KyeK_Qw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://pdf2png.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Fri, 29 Dec 2023 19:38:42 GMT content-security-policy script-src 'report-sample' 'nonce-H_mpZEWol_v0lJ7KyeK_Qw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* timing-allow-origin * expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	11509155679427418220 tpc.googlesyndication.com/simgad/ Frame 6E85	17 KB 18 KB	187ms 81ms	Image image/png	172.217.13.193 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/11509155679427418220?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qnzDJQAVrHNNwXDXbfmczsFnS00ow Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=250&slotname=5999786544&adk=181657078&adf=3955570658&pi=t.ma~as.5999786544&w=300&fwrn=1&fwrnh=100&lmt=1703878721&rafmt=3&format=300x250&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721368&bpp=4&bdt=444&idt=343&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=24&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=349 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul03s05-in-f1.1e100.net Software sffe / Resource Hash 854e83a289dc1df570ac974bf9cb1b333ea4f1e6da4dab8b6ec670f881be77a0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 23 Dec 2023 00:42:03 GMT x-content-type-options nosniff age 586599 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 17627 x-xss-protection 0 last-modified Mon, 26 Dec 2022 16:18:00 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" expires Sun, 22 Dec 2024 00:42:03 GMT
GET H2	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 6E85	23 KB 9 KB	174ms 69ms	Script text/javascript	172.217.13.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=250&slotname=5999786544&adk=181657078&adf=3955570658&pi=t.ma~as.5999786544&w=300&fwrn=1&fwrnh=100&lmt=1703878721&rafmt=3&format=300x250&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721368&bpp=4&bdt=444&idt=343&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=24&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=349 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul03s05-in-f1.1e100.net Software cafe / Resource Hash 9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Fri, 29 Dec 2023 00:17:56 GMT content-encoding br x-content-type-options nosniff age 69646 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9269 x-xss-protection 0 server cafe etag 11706523405290302210 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 12 Jan 2024 00:17:56 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 6E85	3 KB 1 KB	168ms 78ms	Script text/javascript	172.217.13.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=250&slotname=5999786544&adk=181657078&adf=3955570658&pi=t.ma~as.5999786544&w=300&fwrn=1&fwrnh=100&lmt=1703878721&rafmt=3&format=300x250&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721368&bpp=4&bdt=444&idt=343&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=24&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=349 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul03s05-in-f1.1e100.net Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Fri, 29 Dec 2023 00:27:49 GMT content-encoding br x-content-type-options nosniff age 69053 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 12 Jan 2024 00:27:49 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 6E85	20 KB 9 KB	146ms 41ms	Script text/javascript	172.217.13.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=250&slotname=5999786544&adk=181657078&adf=3955570658&pi=t.ma~as.5999786544&w=300&fwrn=1&fwrnh=100&lmt=1703878721&rafmt=3&format=300x250&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721368&bpp=4&bdt=444&idt=343&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=24&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=349 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul03s05-in-f1.1e100.net Software cafe / Resource Hash 8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Fri, 29 Dec 2023 00:24:56 GMT content-encoding br x-content-type-options nosniff age 69226 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8571 x-xss-protection 0 server cafe etag 5853369240893788875 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 12 Jan 2024 00:24:56 GMT
GET H2	200	ufs_web_display.js Show response www.googletagservices.com/activeview/js/current/ Frame 6E85	203 KB 65 KB	79ms 76ms	Script text/javascript	172.217.13.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=250&slotname=5999786544&adk=181657078&adf=3955570658&pi=t.ma~as.5999786544&w=300&fwrn=1&fwrnh=100&lmt=1703878721&rafmt=3&format=300x250&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721368&bpp=4&bdt=444&idt=343&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=24&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=349 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f2.1e100.net Software sffe / Resource Hash 566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Fri, 29 Dec 2023 19:38:42 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 65731 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1702472459035717" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Fri, 29 Dec 2023 19:38:42 GMT
GET H2	200	one_click_handler_one_afma_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 6E85	36 KB 15 KB	229ms 139ms	Script text/javascript	172.217.13.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/one_click_handler_one_afma_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=250&slotname=5999786544&adk=181657078&adf=3955570658&pi=t.ma~as.5999786544&w=300&fwrn=1&fwrnh=100&lmt=1703878721&rafmt=3&format=300x250&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721368&bpp=4&bdt=444&idt=343&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=24&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=349 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul03s05-in-f1.1e100.net Software cafe / Resource Hash 17c51c572c7349afeef2bfedcad431c67244f4a82654b5b8002511fc14346d48 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Fri, 29 Dec 2023 00:25:15 GMT content-encoding br x-content-type-options nosniff age 69207 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14812 x-xss-protection 0 server cafe etag 15202890134401013038 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 12 Jan 2024 00:25:15 GMT
GET H3	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame 7908	143 B 166 B	39ms 38ms	Document text/html	172.217.13.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=250&slotname=5999786544&adk=181657078&adf=3955570658&pi=t.ma~as.5999786544&w=300&fwrn=1&fwrnh=100&lmt=1703878721&rafmt=3&format=300x250&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721368&bpp=4&bdt=444&idt=343&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=24&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=349 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.13.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f2.1e100.net Software cafe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=250&slotname=5999786544&adk=181657078&adf=3955570658&pi=t.ma~as.5999786544&w=300&fwrn=1&fwrnh=100&lmt=1703878721&rafmt=3&format=300x250&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721368&bpp=4&bdt=444&idt=343&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=24&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=349 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers age 2767 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=3600 content-encoding gzip content-length 145 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 29 Dec 2023 18:52:35 GMT server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	2253735939007005208 tpc.googlesyndication.com/daca_images/simgad/ Frame 79E6	108 KB 108 KB	134ms 99ms	Image image/jpeg	172.217.13.193 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/daca_images/simgad/2253735939007005208 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=280&slotname=5233499781&adk=1682588528&adf=2362057675&pi=t.ma~as.5233499781&w=728&fwrn=1&fwrnh=100&lmt=1703878721&rafmt=1&format=728x280&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721374&bpp=1&bdt=449&idt=355&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C728x90&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=869&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=373 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul03s05-in-f1.1e100.net Software sffe / Resource Hash 84bd40cae320d776d11e7d78a6f55e23328182c4dd7f313911fb0bc151d02133 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers expires Wed, 25 Dec 2024 18:43:39 GMT date Tue, 26 Dec 2023 18:43:39 GMT x-content-type-options nosniff age 262503 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 110666 x-xss-protection 0 last-modified Fri, 30 Dec 2022 16:56:52 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" allow-fenced-frame-automatic-beacons true
GET H2	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 79E6	23 KB 9 KB	114ms 80ms	Script text/javascript	172.217.13.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=280&slotname=5233499781&adk=1682588528&adf=2362057675&pi=t.ma~as.5233499781&w=728&fwrn=1&fwrnh=100&lmt=1703878721&rafmt=1&format=728x280&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721374&bpp=1&bdt=449&idt=355&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C728x90&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=869&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=373 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul03s05-in-f1.1e100.net Software cafe / Resource Hash 9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Fri, 29 Dec 2023 00:17:56 GMT content-encoding br x-content-type-options nosniff age 69646 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9269 x-xss-protection 0 server cafe etag 11706523405290302210 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 12 Jan 2024 00:17:56 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 79E6	3 KB 1 KB	167ms 147ms	Script text/javascript	172.217.13.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=280&slotname=5233499781&adk=1682588528&adf=2362057675&pi=t.ma~as.5233499781&w=728&fwrn=1&fwrnh=100&lmt=1703878721&rafmt=1&format=728x280&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721374&bpp=1&bdt=449&idt=355&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C728x90&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=869&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=373 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul03s05-in-f1.1e100.net Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Fri, 29 Dec 2023 00:27:49 GMT content-encoding br x-content-type-options nosniff age 69053 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 12 Jan 2024 00:27:49 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 79E6	20 KB 8 KB	79ms 46ms	Script text/javascript	172.217.13.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=280&slotname=5233499781&adk=1682588528&adf=2362057675&pi=t.ma~as.5233499781&w=728&fwrn=1&fwrnh=100&lmt=1703878721&rafmt=1&format=728x280&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721374&bpp=1&bdt=449&idt=355&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C728x90&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=869&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=373 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul03s05-in-f1.1e100.net Software cafe / Resource Hash 8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Fri, 29 Dec 2023 00:24:56 GMT content-encoding br x-content-type-options nosniff age 69226 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8571 x-xss-protection 0 server cafe etag 5853369240893788875 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 12 Jan 2024 00:24:56 GMT
GET H2	200	ufs_web_display.js Show response www.googletagservices.com/activeview/js/current/ Frame 79E6	203 KB 64 KB	89ms 88ms	Script text/javascript	172.217.13.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=280&slotname=5233499781&adk=1682588528&adf=2362057675&pi=t.ma~as.5233499781&w=728&fwrn=1&fwrnh=100&lmt=1703878721&rafmt=1&format=728x280&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721374&bpp=1&bdt=449&idt=355&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C728x90&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=869&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=373 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f2.1e100.net Software sffe / Resource Hash 566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Fri, 29 Dec 2023 19:38:42 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 65731 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1702472459035717" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Fri, 29 Dec 2023 19:38:42 GMT
GET H2	200	one_click_handler_one_afma_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 79E6	36 KB 15 KB	165ms 145ms	Script text/javascript	172.217.13.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/one_click_handler_one_afma_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=280&slotname=5233499781&adk=1682588528&adf=2362057675&pi=t.ma~as.5233499781&w=728&fwrn=1&fwrnh=100&lmt=1703878721&rafmt=1&format=728x280&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721374&bpp=1&bdt=449&idt=355&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C728x90&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=869&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=373 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul03s05-in-f1.1e100.net Software cafe / Resource Hash 17c51c572c7349afeef2bfedcad431c67244f4a82654b5b8002511fc14346d48 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Fri, 29 Dec 2023 00:25:15 GMT content-encoding br x-content-type-options nosniff age 69207 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14812 x-xss-protection 0 server cafe etag 15202890134401013038 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 12 Jan 2024 00:25:15 GMT
GET H3	200	s Show response googleads.g.doubleclick.net/pagead/drt/ Frame 7E2D	143 B 166 B	41ms 40ms	Document text/html	172.217.13.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=280&slotname=5233499781&adk=1682588528&adf=2362057675&pi=t.ma~as.5233499781&w=728&fwrn=1&fwrnh=100&lmt=1703878721&rafmt=1&format=728x280&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721374&bpp=1&bdt=449&idt=355&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C728x90&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=869&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=373 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.13.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f2.1e100.net Software cafe / Resource Hash 18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=280&slotname=5233499781&adk=1682588528&adf=2362057675&pi=t.ma~as.5233499781&w=728&fwrn=1&fwrnh=100&lmt=1703878721&rafmt=1&format=728x280&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721374&bpp=1&bdt=449&idt=355&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C728x90&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=869&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=373 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers age 2767 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=3600 content-encoding gzip content-length 145 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 29 Dec 2023 18:52:35 GMT server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame 7908 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 17 B	68ms 67ms	Document text/html	172.217.13.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=250&slotname=5999786544&adk=181657078&adf=3955570658&pi=t.ma~as.5999786544&w=300&fwrn=1&fwrnh=100&lmt=1703878721&rafmt=3&format=300x250&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721368&bpp=4&bdt=444&idt=343&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=24&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=349 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.13.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 29 Dec 2023 19:38:42 GMT expires Fri, 29 Dec 2023 19:38:42 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 29 Dec 2023 19:38:42 GMT location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 1A71	42 B 63 B	69ms 66ms	Image image/gif	142.250.72.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CYmG22hJbbwvvw3yWGaj8PmUDIaajfH2gYyyNz1fc1fE8458GgiIyxF_vUlOdbV1XVds1PPDIbCUeBiBsgqErzLk2E-AIUGRVVz6lnuYG0bx2Fjvg Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=90&slotname=7344673714&adk=457190580&adf=4272225274&pi=t.ma~as.7344673714&w=728&lmt=1703878721&rafmt=12&format=728x90&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721372&bpp=2&bdt=447&idt=349&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=353 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s32-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Fri, 29 Dec 2023 19:38:42 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	dv3.js Show response pagead2.googlesyndication.com/pagead/js/ Frame 1A71	89 KB 31 KB	108ms 105ms	Script text/javascript	142.250.72.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/dv3.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=90&slotname=7344673714&adk=457190580&adf=4272225274&pi=t.ma~as.7344673714&w=728&lmt=1703878721&rafmt=12&format=728x90&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721372&bpp=2&bdt=447&idt=349&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=353 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s32-in-f2.1e100.net Software cafe / Resource Hash 38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Fri, 29 Dec 2023 19:38:42 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31485 x-xss-protection 0 server cafe etag 7119415641918660631 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=600 timing-allow-origin * expires Fri, 29 Dec 2023 19:38:42 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 1A71	3 KB 1 KB	120ms 111ms	Script text/javascript	172.217.13.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=90&slotname=7344673714&adk=457190580&adf=4272225274&pi=t.ma~as.7344673714&w=728&lmt=1703878721&rafmt=12&format=728x90&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721372&bpp=2&bdt=447&idt=349&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=353 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul03s05-in-f1.1e100.net Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Fri, 29 Dec 2023 00:27:49 GMT content-encoding br x-content-type-options nosniff age 69053 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 12 Jan 2024 00:27:49 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 1A71	20 KB 8 KB	125ms 123ms	Script text/javascript	172.217.13.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=90&slotname=7344673714&adk=457190580&adf=4272225274&pi=t.ma~as.7344673714&w=728&lmt=1703878721&rafmt=12&format=728x90&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721372&bpp=2&bdt=447&idt=349&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=353 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul03s05-in-f1.1e100.net Software cafe / Resource Hash 8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Fri, 29 Dec 2023 00:24:56 GMT content-encoding br x-content-type-options nosniff age 69226 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8571 x-xss-protection 0 server cafe etag 5853369240893788875 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 12 Jan 2024 00:24:56 GMT
GET H3	200	ufs_web_display.js Show response www.googletagservices.com/activeview/js/current/ Frame 1A71	203 KB 64 KB	81ms 78ms	Script text/javascript	172.217.13.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=90&slotname=7344673714&adk=457190580&adf=4272225274&pi=t.ma~as.7344673714&w=728&lmt=1703878721&rafmt=12&format=728x90&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721372&bpp=2&bdt=447&idt=349&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=353 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.13.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f2.1e100.net Software sffe / Resource Hash 566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Fri, 29 Dec 2023 19:38:42 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 65731 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1702472459035717" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Fri, 29 Dec 2023 19:38:42 GMT
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame C25D	624 B 246 B	74ms 72ms	Document text/html	172.217.13.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQuvOSARjyp8v-ATAB&v=APEucNWjwqlbaz6p7vnm9Hr4v0vh7-Rg_7r19-0t5E3IxnGCbZ57DaammPlQt4fVnxxVfumaX-FyoM235jbJSCwQwWDpDPH7Ng Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=90&slotname=7344673714&adk=457190580&adf=4272225274&pi=t.ma~as.7344673714&w=728&lmt=1703878721&rafmt=12&format=728x90&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721372&bpp=2&bdt=447&idt=349&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=353 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.13.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f2.1e100.net Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=90&slotname=7344673714&adk=457190580&adf=4272225274&pi=t.ma~as.7344673714&w=728&lmt=1703878721&rafmt=12&format=728x90&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721372&bpp=2&bdt=447&idt=349&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=353 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 222 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 29 Dec 2023 19:38:42 GMT expires Fri, 29 Dec 2023 19:38:42 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	si Show response googleads.g.doubleclick.net/pagead/drt/ Frame 7E2D Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 17 B	154ms 153ms	Document text/html	172.217.13.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=280&slotname=5233499781&adk=1682588528&adf=2362057675&pi=t.ma~as.5233499781&w=728&fwrn=1&fwrnh=100&lmt=1703878721&rafmt=1&format=728x280&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721374&bpp=1&bdt=449&idt=355&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C728x90&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=869&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=373 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.13.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 29 Dec 2023 19:38:43 GMT expires Fri, 29 Dec 2023 19:38:43 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe x-content-type-options nosniff x-xss-protection 0 Redirect headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-length 0 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 29 Dec 2023 19:38:42 GMT location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET DATA	200 OK	truncated / Frame 6E85	215 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 78f3e00859258cd6b3d9990cc479f94bfe72af05299f0d275ade0245768f4bfa Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Content-Type image/png
GET H3	200	zrt_lookup_fy2021.html Show response googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/ Frame 30E7	9 KB 4 KB	39ms 39ms	Document text/html	172.217.13.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.13.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f2.1e100.net Software cafe / Resource Hash 1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://pdf2png.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers age 69361 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4130 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Fri, 29 Dec 2023 00:22:41 GMT etag 5585625838579639069 expires Fri, 12 Jan 2024 00:22:41 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	AGSKWxWOr00F0q5qj8e6bXvA2rfI1w3n4zRChq5_Rm0UNHmP9_a0Sgb79mGZWXM9HDvy5GMum4dZN23_EZK5mHLT0RjEXWluSLFwBSd9m5jfj_OCd56mHKbb-llilQ611320TZuJkMjnoA== Show response fundingchoicesmessages.google.com/f/	3 KB 2 KB	92ms 88ms	Script application/javascript	172.217.13.110 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxWOr00F0q5qj8e6bXvA2rfI1w3n4zRChq5_Rm0UNHmP9_a0Sgb79mGZWXM9HDvy5GMum4dZN23_EZK5mHLT0RjEXWluSLFwBSd9m5jfj_OCd56mHKbb-llilQ611320TZuJkMjnoA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAzODc4NzIyLDk3MDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9wZGYycG5nLmNvbS8iLG51bGwsW1s4LCJVdkZCUVIzNFM1VSJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMxTgAzZgX7fv5x3yC2FM5A7d8L4hw/m=kernel_loader,loader_js_executable Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.110 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f14.1e100.net Software ESF / Resource Hash e0687dac6050104c11d04ddee964b0369b1c1d3631cbabff5317a21f0fc5bf1d Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-HIBMiyv3byiGqTLgn2RH9A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://pdf2png.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Fri, 29 Dec 2023 19:38:43 GMT content-security-policy script-src 'report-sample' 'nonce-HIBMiyv3byiGqTLgn2RH9A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* timing-allow-origin * expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	rum dsum-sec.casalemedia.com/ Frame C25D Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMbzyovoIDfd9conMAi2J0o&google_cver=1	43 B 773 B	60ms 60ms	Image image/gif	104.18.36.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMbzyovoIDfd9conMAi2J0o&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQuvOSARjyp8v-ATAB&v=APEucNWjwqlbaz6p7vnm9Hr4v0vh7-Rg_7r19-0t5E3IxnGCbZ57DaammPlQt4fVnxxVfumaX-FyoM235jbJSCwQwWDpDPH7Ng Protocol H3 Server 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Fri, 29 Dec 2023 19:38:43 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LGXcmxkan%2BeqL1EaH%2FDK5l%2BunZphreP4C%2BdkhgcXoTBAIqsyMHAhjt1si0At19ocHu%2FHK0nXUtkege2UJ4AJ9mxSdzpm6bMyawpGDY0tCknWxu%2Bh%2Bg567YbzqSNxUFETQy7LP7ZF53cj5Q%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 83d48143fa6139de-YYZ alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Fri, 29 Dec 2023 19:38:43 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMbzyovoIDfd9conMAi2J0o&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	rum dsum-sec.casalemedia.com/ Frame C25D Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZY8gQ3kuYYjhQY4Igj8VSwAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMbzyovoIDfd9conMAi2J0o&google_cver=1	43 B 737 B	65ms 64ms	Image image/gif	104.18.36.155 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMbzyovoIDfd9conMAi2J0o&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQuvOSARjyp8v-ATAB&v=APEucNWjwqlbaz6p7vnm9Hr4v0vh7-Rg_7r19-0t5E3IxnGCbZ57DaammPlQt4fVnxxVfumaX-FyoM235jbJSCwQwWDpDPH7Ng Protocol H3 Server 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Fri, 29 Dec 2023 19:38:43 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lX4ERqMfBv9UgJE23XsfC8%2FIez0oPzkAPDElGZk9Tt5xlRtCbyWjUMYxiCL388q1KLJn9uartpgDj71H%2BtFhqTHBdgSRGhshF4na%2BN4qIWbBMv%2Boo2lzhe5TJygOaTH%2BiEkstAZJZYIZhA%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 83d481447b3239de-YYZ alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Fri, 29 Dec 2023 19:38:43 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMbzyovoIDfd9conMAi2J0o&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	bounce ib.adnxs.com/ Frame C25D Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESECkvUoZ8WJRnMCvqMoH0wG4&google_cver=1 https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECkvUoZ8WJRnMCvqMoH0wG4%26google_cver%3D1	43 B 890 B	47ms 42ms	Image image/gif	68.67.160.26 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECkvUoZ8WJRnMCvqMoH0wG4%26google_cver%3D1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQuvOSARjyp8v-ATAB&v=APEucNWjwqlbaz6p7vnm9Hr4v0vh7-Rg_7r19-0t5E3IxnGCbZ57DaammPlQt4fVnxxVfumaX-FyoM235jbJSCwQwWDpDPH7Ng Protocol H2 Server 68.67.160.26 Jersey City, United States, ASN29990 (ASN-APPNEX, US), Reverse DNS 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Fri, 29 Dec 2023 19:38:43 GMT an-x-request-uuid d993c953-e4dd-4744-b292-50b80ed764ed server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true x-proxy-origin 153.92.40.253; 153.92.40.253; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Fri, 29 Dec 2023 19:38:43 GMT an-x-request-uuid f81300f0-e139-483e-89a5-9dc81ae3d028 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 location https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESECkvUoZ8WJRnMCvqMoH0wG4%26google_cver%3D1 cache-control no-store, no-cache, private x-proxy-origin 153.92.40.253; 153.92.40.253; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame C25D Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjc1NDY5MzI2NDAwODAwNTczOQ%3D%3D	170 B 243 B	66ms 62ms	Image image/png	172.217.13.130 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjc1NDY5MzI2NDAwODAwNTczOQ%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOrkQEQuvOSARjyp8v-ATAB&v=APEucNWjwqlbaz6p7vnm9Hr4v0vh7-Rg_7r19-0t5E3IxnGCbZ57DaammPlQt4fVnxxVfumaX-FyoM235jbJSCwQwWDpDPH7Ng Protocol H2 Server 172.217.13.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s05-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Fri, 29 Dec 2023 19:38:43 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Fri, 29 Dec 2023 19:38:43 GMT an-x-request-uuid 08832454-b0f0-420d-aae2-9c6a007f6e3b server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjc1NDY5MzI2NDAwODAwNTczOQ%3D%3D x-proxy-origin 153.92.40.253; 153.92.40.253; 567.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET DATA	200 OK	truncated / Frame 79E6	213 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a4c4b5501e7c0c5fe27180504b880968ee47d11ba331091dbcb136fdaa9c87ca Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Content-Type image/png
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 1A71	0 20 B	71ms 70ms	Ping image/gif	142.250.72.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2289344319674&version=m202309260101 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s32-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Fri, 29 Dec 2023 19:38:43 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 1A71	0 20 B	69ms 68ms	Ping image/gif	142.250.72.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2289344319674&version=m202309260101&ct=76&x=1&cor=2318422490171003400 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s32-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Fri, 29 Dec 2023 19:38:43 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 1A71	110 KB 41 KB	104ms 104ms	Script text/javascript	172.217.13.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CkvBffbBdDxoSCP86LwcwjQrFnspeR8pU9wEE-5oxvMqwg2cqZpnDUFIQdybB1rqrNmvBi6zd3rwwAVvFhvgMuadGy4RvtUiiqNlU2sNctKcoXC5be42dmKrnTfupD1aY9UCf-J5hU0bMSNuq21PzhhxQE-XiiEeD76uUskhd_A6asfN8&dbm_d=AKAmf-BT5roYLryknkxDksv0AVMcDZ_Wo5k3tfPOni0kU3Zsw5tE9JquhzmrLCePbbxpTF2Ys80SIn-80NDbdcvh1nXUvdKjdw8PtlzFa4MYgLrUtEp5mvLfMakqRixKmR1_iQIpqTPPpZ11a4Tw2FCAfdjDquaEHAGGifygvWx1LfVpa92q61Zsb1XEgdI2BU6_aI-Y7ls7wbULjrfXAvwUY0cP8ySzdCJ-8yJC5dL9tDaFvYDbl-x2Qzt4ZK07slrYchXabQYY6Vl1rhnpIA48Yr9xpSDJvMMkXXs-G5m451gXYfNQDystS9-AlqTW65zEGI3j0BNr7jcSumm7aNNw0TvMXLg7FEcS1rPte91vH1ezz8cSJC3VkIdQPMVS9GVZC2ter1qOdJQ13ptLMWGwlahIcz0ke_10L6Nuq3zc3khGXe3ctkPmNExAACjYbfG58k9QXtCIT8efK-ybXDFj4E7u1yIal7yluhs2jhmB7WXHoPy0kgEgkAyyxvEhASIQEvBiEFS87TuUp5735FT9OxzJNlSNuVNZnLv_ieyNKaV8jnVo4NmOCpEpRxNy5Ix-GTQLdihBrjxh22u46JEDwRP_czkrquYKdFRnGny5WAdvR8vLZE7_KHB073k0jIcERV3zzGSrt_7K8oBt5FraeMuwVL8wHJT5tVr9ru_VBErndW8dOJzf73tMxMW2Es_GDecQKUur5hLPgMhZEjE6mlFwnJRaf4mcQfcOzL1hoWQx9EqVTZkwJX0soxiy7Zmk74QjuoZRB0UqnL6GZwbLrvdJPIrimxlGqQqcS1VkBsysl4wqJa3mLb2q4baKzDilfLfJgrJWt_p-thTeXFaLw2Hfq3FiWZgqVkg24jN2fNqDwzgfsoTjzQR2yohj1tJKOconseTppgNvXKb_oUcavMzH7t1IJmdjsvP4N39FkyiB-NHyeHLtuH3Z1FevxvD-jeyAZf6vJtgENHzAhQ6Ui02PVFxplTggYrUqDFdH31l4K2gOn1UKtUUBhK35JKsVsp9AjwqIOGEcNS_lEwB28VpKLIyP8cas1B6TzvGhUFo7uhYbvmiIf0RNvtyp2NMAWNK8Zki-kQnEuFZZPOaaboUkf5iCYS1G3wMuhykZiovZhd0ReLf6RmWFb2t-j9w7V55Z-rK-tOKYv0oWk8dfJcbWvV6mLZ2gafNujmNXxsdLKKz0PAD2ybsQHLf0aueDHfma9ibnz54Hy0JxANIET0anCFSol59e9EK7LCizUSMoKYlVa3tpTyuL9QYJWo4-nPxr6T0xdjkZY52Vo494fqiglA9eLCgn0dy7kqYnGp7tYEO3wqJlBVp9u-0F_Ox7Xu38tEAO8Cg3dslUYib3ac19ysJ6iTE2BeZiqm7WbhJMNxn_13RCbm_-FZzM1Z-_AO856g165wimKrHHoiO1TjQWB3aczddVfXOvJhDQA9Dhmn6nMy-6Nj5140RHcY-6gsVzMFJW3IhHqa1sTtULLxWmASrU_se-JkSDRTG8lnRC4fkGbDxzSMI1d9VbvGJr82SOWfvBh2qttXWStt8jtqwQuAmRliTuBEC_lwSxtqUMxuTPg6ccqyFkE0vR2831i0omKIIdHv0lvtuGr7KvwnSZ0QUzD_UCtrZi7IydcteGtoKd545e706fSy4bp8pChUA9BY4K9b99i4zVzgzm6ywJZUtEx7N-l5HzunpUh__8qxtUXxMaU4jb0ApS-uZMCTWrPU3ZVJi8Qv-DZiyOvLI2o8ogeFLkfjIB-tPKwxcZU5tcdt5Jc-iK8W1O-0RcjXHV1RpZ64JYP93f6j0Iuusk0LlIZEinuVbuuW_lj0rR06udglKM1rBKqMtSxUOSM4g2DJvasgQMtrvN5N1vardjejXE2wCAPYoUQXK4eYjiqV-qMAOJJ-plVE6m4z9n9LcnjPtlysRq7X5IIgpziIsspuZqAQlCh8ibSmskNCvl76tLJDjvejMdvLAdogaHKirP8HZfUVl_U2xjYFr8yCaKp77G9mtyj0abUQHwCXdn140KM7OvqnpkkNVzFeifDA_rAwBckpxKWmlzdnJjFWggRA9FuzTUtWFl6FJMuZk2GX5uP_tB55vKN9fg8t-Yu1brXkGPl3GZPML9rGEs7X1FVrWW2hAjy9hc2b44u7By5lSY3bwBdukMGa2v6Efczawnq4FK4MxlRZ0US4IUtlg1ojz5RVYWPf454LHXU3cruTqe6HHHwLAubTEdojlLnGx3UZDzf80w9liLbYXko5g-eflX_RM4MPAHbe8wYQQckeNE8KITiWpoPfF9fzi95RoCd2vyggao1chPje3noVHRDJ3YKz3-0CE96CJMrU-cz_jetPr32Yqn0-AUxoKqkGsRu_uhjc3y9eBsmE_g4kKiBb1s_iWoiEk2tkXOYPkrYE0vDwuCeE8-gZGTlubh5u4cC2Rj92pgMRAefDnO39fR24LCWd5AkSOtenCC_aS-NzDa8xwtsWpKFJ9EVRZxedpcUEKBadAnK6bckueF6wG5JnIPM9kT3ok7VYT9p9RY9G9kQNQbkLQVS_hfT0ImhTxWzljiY4KGxrHS6Ep1f05zyN6djzCksZgS7z2OvsLnxoLxbjyz2nWr3-mUaFzHeBa4rCtE8RrmxaR3CNpqz8jiQo8qb69FTxEM0ohJRRqHo_6vDYTQcrc6AfYevTyMDwQJ6Fi7cI6B8coVdKOUZd0xtrtTE53PQKDEVDDZar0UOUCAmmNqkMQKyeUAozuFsd7zfDM2rNz56itpqkWWk_rg-9K17pqjxIEMHuOvNq0upMwjxVn3axs-I5k8rBek7ANq74a9d2ALcgVT3EXTSGof5QZ0EsQBHYTACYq792C7LcgqeJYHzyb0Dm-Uhpgd8doAECkIzfkTs6fRhCnED6EixgeCiVoodFAVNs8JGQuDZ8tZUrwo0CvTR2gkik2lvpObytpuQvkKX7NCvhpjgN4ZluFoAaJ_K6utyps-th7dBIrIZR8wW3Xn3AzJX-DAx4eJgGRvBHWPsf3RcEGJl9GBsMFNpFdiGixdqLvNRAofpWZO0WC6S1aedlEkkDIlemhdCGz8EBwbUkW7JhKZ7f94uxoExOzUJBz2coLUJgJOfTctVm7vGv-7gSUZ0PayeERIzJjZp1dOi6XzGpY_AjKV-6-nJ52VN0HQLPsFqFN2VdlmBk1X0e4bq9teyEvp9DH_u2BwHQDVoCjpsD6-OvUc7VoVtjj2fWmTDpgVM--I7-pudjiaZx4q0JNdfF9AZI1yZ8wLHj5BrYm65Kg5yL-w5bd8GhY2JUfRkbHTJFhUpHk1KzWLN--szETjuY7vkF4w8lReNN9JQRtJjke_1x6k76DsUSANqYaKgiOWpVxHlYZ2uo6Ph7WHbWBnCicFXekUSBWbbNstFTpd3TEQq_WIUQnlXEnIUxuSBItTsa7rL0CK8n2n8FzMwTHRqoH4pGh0XstgOFrr3U0TPeP6VMZKC8pIwdiiXcALGjgCiXQ_qz5cLmavkBN2v48UCys6TCrjcoE7QDxT8PPthFcuL8anFbbwq74bReljohGwhYwIEGqlricl48SAcIIm3tcN8CenZxw82o6gSAz5pqUO4Q8zgvtQHaLec7dRp971AxtOCRh3Ph_uyl9uLPWkJ3qOBw9LgkSa9fF9RzoGJDD7aRxqJw4UcxvUxy20nfIbq6eFqdpdh0KppWfZxnl39mmzZnw30V_lr8ROa0P4qoRVA6s9Kijhjg&cid=CAQSTgAvHhf_jxcrQdke7La2tnG_P4_TSlJCnBRNYeyo6U6xStKOExBbzGEdSQaERHzs5-6wZIrdl1NtCmpa0m9iLvcMYjy_ME0J9fwyOZ2DLRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fpdf2png.com%2F&ds=l&xdt=1&iif=1&cor=2318422490171003400&adk=250412561&idt=114&cac=0&dtd=14 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.13.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f2.1e100.net Software cafe / Resource Hash 63a00137e7dac57beaa887d85025f97a6b8cdebdf67992a47939d8d7c6373263 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=90&slotname=7344673714&adk=457190580&adf=4272225274&pi=t.ma~as.7344673714&w=728&lmt=1703878721&rafmt=12&format=728x90&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721372&bpp=2&bdt=447&idt=349&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=353 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Fri, 29 Dec 2023 19:38:43 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42162 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.googleadservices.com/pagead/ar-adview/ Frame 6E85 Redirect Chain https://googleads.g.doubleclick.net/pagead/adview?ai=CeKdMQSCPZeCwLqnJxtYPoMCO8A_Q-ImJdej99bf3EYbtqZKMDhABIJH01IoBYP2gmYHoA6AB7LPywAHIAQKoAwHIA8kEqgTbAU_QTlFt0C7xUaIBh3JeIZ9YV-9_yLl11J2oBD35ipYUqva... https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x44d4be405ca1a47f0000000000000000%22,%222%22:%220x2172a07016f9a10a0000000000000000%22,%223%22:%220xd93ac9...	0 0	170ms 76ms	Fetch text/css	172.217.13.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x44d4be405ca1a47f0000000000000000%22,%222%22:%220x2172a07016f9a10a0000000000000000%22,%223%22:%220xd93ac9d4976aa0270000000000000000%22,%224%22:%220x295a85f232dfbe830000000000000000%22,%225%22:%220x6c5b6f37c4926eeb0000000000000000%22},%22debug_key%22:%2217450966817468519226%22,%22debug_reporting%22:true,%22destination%22:%22https://madmuscles.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22404527596%22],%2222%22:[%22true%22],%224%22:[%2212-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2218221005889591635505%22}&andc=true Requested by Host: pdf2png.com URL: https://pdf2png.com/ Protocol H3 Server 172.217.13.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul03s05-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Fri, 29 Dec 2023 19:38:43 GMT x-content-type-options nosniff attribution-reporting-register-source {"aggregation_keys":{"1":"0x44d4be405ca1a47f0000000000000000","2":"0x2172a07016f9a10a0000000000000000","3":"0xd93ac9d4976aa0270000000000000000","4":"0x295a85f232dfbe830000000000000000","5":"0x6c5b6f37c4926eeb0000000000000000"},"debug_key":"17450966817468519226","debug_reporting":true,"destination":"https://madmuscles.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["404527596"],"22":["true"],"4":["12-29"],"6":["true"]},"priority":"500","source_event_id":"18221005889591635505"} server cafe content-type text/css; charset=UTF-8 access-control-allow-origin https://googleads.g.doubleclick.net p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 29 Dec 2023 19:38:43 GMT Redirect headers content-security-policy script-src 'none'; object-src 'none' date Fri, 29 Dec 2023 19:38:43 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x44d4be405ca1a47f0000000000000000","2":"0x2172a07016f9a10a0000000000000000","3":"0xd93ac9d4976aa0270000000000000000","4":"0x295a85f232dfbe830000000000000000","5":"0x6c5b6f37c4926eeb0000000000000000"},"debug_key":"17450966817468519226","debug_reporting":true,"destination":"https://madmuscles.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["404527596"],"22":["true"],"4":["12-29"],"6":["true"]},"priority":"500","source_event_id":"18221005889591635505"}&andc=true access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	200	css2 fonts.googleapis.com/ Frame 30E7	4 KB 1 KB	157ms 61ms	Stylesheet text/css	172.217.13.138 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.138 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s05-in-f10.1e100.net Software ESF / Resource Hash 2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 29 Dec 2023 19:38:43 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 29 Dec 2023 18:20:21 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 29 Dec 2023 19:38:43 GMT
GET H2	200	feedback_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame 30E7	205 B 650 B	143ms 39ms	Image image/png	172.217.13.195 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.195 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul03s05-in-f3.1e100.net Software sffe / Resource Hash 4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Fri, 22 Dec 2023 20:11:11 GMT x-content-type-options nosniff age 602852 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 205 x-xss-protection 0 last-modified Thu, 20 Jul 2023 22:48:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Sat, 21 Dec 2024 20:11:11 GMT
GET H2	200	settings_grey600_24dp.png www.gstatic.com/images/icons/material/system/2x/ Frame 30E7	604 B 696 B	144ms 39ms	Image image/png	172.217.13.195 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.195 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul03s05-in-f3.1e100.net Software sffe / Resource Hash 5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 23 Dec 2023 11:53:01 GMT x-content-type-options nosniff age 546342 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 604 x-xss-protection 0 last-modified Thu, 20 Jul 2023 22:48:00 GMT server sffe vary Origin report-to {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cross-origin-opener-policy-report-only same-origin; report-to="static-on-bigtable" expires Sun, 22 Dec 2024 11:53:01 GMT
GET H2	200	fullscreen_api_adapter_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 30E7	16 KB 7 KB	39ms 34ms	Script text/javascript	172.217.13.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/fullscreen_api_adapter_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul03s05-in-f1.1e100.net Software cafe / Resource Hash 41b43f64c3e5d7f9eca80634429adb1b8e0a1c5e1fe67ad71ec651a991ebfe68 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Fri, 29 Dec 2023 16:41:58 GMT content-encoding br x-content-type-options nosniff age 10605 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6766 x-xss-protection 0 server cafe etag 14924840246271906451 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 12 Jan 2024 16:41:58 GMT
GET H2	200	interstitial_ad_frame_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 30E7	22 KB 9 KB	42ms 38ms	Script text/javascript	172.217.13.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/interstitial_ad_frame_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul03s05-in-f1.1e100.net Software cafe / Resource Hash db2bdaad0dc9232fadb3de900bf039a0f356521698f213df1edf601e02a5870d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 28 Dec 2023 21:44:51 GMT content-encoding br x-content-type-options nosniff age 78832 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9210 x-xss-protection 0 server cafe etag 13914886398874665762 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 11 Jan 2024 21:44:51 GMT
GET H3	200	/ www.googleadservices.com/pagead/ar-adview/ Frame 79E6 Redirect Chain https://googleads.g.doubleclick.net/pagead/adview?ai=Clbw5QSCPZY6cMNXovPIP4NmS4Aa0luWHdZXh6aulEobtqZKMDhABIJH01IoBYP2gmYHoA6AB7LPywAHIAQKoAwHIA8kEqgTbAU_QCAYrEF1M597hO-2-tTWGGz3KEN0q2LzYSu_U6jLmobN... https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x44d4be405ca1a47f0000000000000000%22,%222%22:%220x2172a07016f9a10a0000000000000000%22,%223%22:%220x59cdf8...	0 0	170ms 74ms	Fetch text/css	172.217.13.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x44d4be405ca1a47f0000000000000000%22,%222%22:%220x2172a07016f9a10a0000000000000000%22,%223%22:%220x59cdf80de3ef02490000000000000000%22,%224%22:%220x2fa83f488e36585a0000000000000000%22,%225%22:%220x6c5b6f37c4926eeb0000000000000000%22},%22debug_key%22:%226937841404341178598%22,%22debug_reporting%22:true,%22destination%22:%22https://madmuscles.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22404527596%22],%2222%22:[%22true%22],%224%22:[%2212-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226312484528502086401%22}&andc=true Requested by Host: pdf2png.com URL: https://pdf2png.com/ Protocol H3 Server 172.217.13.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul03s05-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Fri, 29 Dec 2023 19:38:43 GMT x-content-type-options nosniff attribution-reporting-register-source {"aggregation_keys":{"1":"0x44d4be405ca1a47f0000000000000000","2":"0x2172a07016f9a10a0000000000000000","3":"0x59cdf80de3ef02490000000000000000","4":"0x2fa83f488e36585a0000000000000000","5":"0x6c5b6f37c4926eeb0000000000000000"},"debug_key":"6937841404341178598","debug_reporting":true,"destination":"https://madmuscles.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["404527596"],"22":["true"],"4":["12-29"],"6":["true"]},"priority":"500","source_event_id":"6312484528502086401"} server cafe content-type text/css; charset=UTF-8 access-control-allow-origin https://googleads.g.doubleclick.net p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 29 Dec 2023 19:38:43 GMT Redirect headers content-security-policy script-src 'none'; object-src 'none' date Fri, 29 Dec 2023 19:38:43 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x44d4be405ca1a47f0000000000000000","2":"0x2172a07016f9a10a0000000000000000","3":"0x59cdf80de3ef02490000000000000000","4":"0x2fa83f488e36585a0000000000000000","5":"0x6c5b6f37c4926eeb0000000000000000"},"debug_key":"6937841404341178598","debug_reporting":true,"destination":"https://madmuscles.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["404527596"],"22":["true"],"4":["12-29"],"6":["true"]},"priority":"500","source_event_id":"6312484528502086401"}&andc=true access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js Show response pagead2.googlesyndication.com/bg/ Frame E42E	50 KB 19 KB	40ms 40ms	Script text/javascript	142.250.72.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=250&slotname=5999786544&adk=181657078&adf=3955570658&pi=t.ma~as.5999786544&w=300&fwrn=1&fwrnh=100&lmt=1703878721&rafmt=3&format=300x250&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721368&bpp=4&bdt=444&idt=343&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=985&ady=24&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=349 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s32-in-f2.1e100.net Software sffe / Resource Hash 80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 26 Dec 2023 23:57:25 GMT content-encoding br x-content-type-options nosniff age 243678 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19632 x-xss-protection 0 last-modified Tue, 28 Nov 2023 18:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 25 Dec 2024 23:57:25 GMT
GET H3	200	AGSKWxWJjEiS6tuDr7rbierZcZUfdCB3mILS-zeK6gZ0KMt_qjcRInrZaBPvAH2OJnAN3X8sla4TTKIF_pgh8KBiiRtGBf7hBCnxQd1EFlqUd2Wak_leW5eRUPACmHCHMWUapT54Cz5ATg== Show response fundingchoicesmessages.google.com/f/	13 KB 6 KB	94ms 93ms	Script application/javascript	172.217.13.110 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxWJjEiS6tuDr7rbierZcZUfdCB3mILS-zeK6gZ0KMt_qjcRInrZaBPvAH2OJnAN3X8sla4TTKIF_pgh8KBiiRtGBf7hBCnxQd1EFlqUd2Wak_leW5eRUPACmHCHMWUapT54Cz5ATg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAzODc4NzIzLDE4MzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vcGRmMnBuZy5jb20vIixudWxsLFtbOCwiVXZGQlFSMzRTNVUiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0 Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMxTgAzZgX7fv5x3yC2FM5A7d8L4hw/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.13.110 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f14.1e100.net Software ESF / Resource Hash 5fd5cda89c9b848380c5360e075bcc0e1f0cc815a6b1374d3d2d0c0f31377d84 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-GgRQjuBGxtl7BozLDeeKtQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://pdf2png.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Fri, 29 Dec 2023 19:38:43 GMT content-security-policy script-src 'report-sample' 'nonce-GgRQjuBGxtl7BozLDeeKtQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* timing-allow-origin * expires Mon, 01 Jan 1990 00:00:00 GMT
OPTIONS H2	204	/ www.googleadservices.com/pagead/ar-adview/ Frame	0 0	183ms 69ms	Preflight text/html	172.217.13.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x44d4be405ca1a47f0000000000000000%22,%222%22:%220x2172a07016f9a10a0000000000000000%22,%223%22:%220xd93ac9d4976aa0270000000000000000%22,%224%22:%220x295a85f232dfbe830000000000000000%22,%225%22:%220x6c5b6f37c4926eeb0000000000000000%22},%22debug_key%22:%2217450966817468519226%22,%22debug_reporting%22:true,%22destination%22:%22https://madmuscles.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22404527596%22],%2222%22:[%22true%22],%224%22:[%2212-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2218221005889591635505%22}&andc=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul03s05-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers attribution-reporting-eligible Access-Control-Request-Method GET Origin https://googleads.g.doubleclick.net Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers attribution-reporting-eligible access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://googleads.g.doubleclick.net alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html; charset=UTF-8 date Fri, 29 Dec 2023 19:38:43 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js Show response pagead2.googlesyndication.com/bg/ Frame C24A	50 KB 19 KB	38ms 37ms	Script text/javascript	142.250.72.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=280&slotname=5233499781&adk=1682588528&adf=2362057675&pi=t.ma~as.5233499781&w=728&fwrn=1&fwrnh=100&lmt=1703878721&rafmt=1&format=728x280&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&fwr=0&fwrattr=false&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721374&bpp=1&bdt=449&idt=355&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250%2C728x90&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=869&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=373 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s32-in-f2.1e100.net Software sffe / Resource Hash 80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 26 Dec 2023 23:57:25 GMT content-encoding br x-content-type-options nosniff age 243678 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19632 x-xss-protection 0 last-modified Tue, 28 Nov 2023 18:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 25 Dec 2024 23:57:25 GMT
OPTIONS H2	204	/ www.googleadservices.com/pagead/ar-adview/ Frame	0 0	177ms 68ms	Preflight text/html	172.217.13.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x44d4be405ca1a47f0000000000000000%22,%222%22:%220x2172a07016f9a10a0000000000000000%22,%223%22:%220x59cdf80de3ef02490000000000000000%22,%224%22:%220x2fa83f488e36585a0000000000000000%22,%225%22:%220x6c5b6f37c4926eeb0000000000000000%22},%22debug_key%22:%226937841404341178598%22,%22debug_reporting%22:true,%22destination%22:%22https://madmuscles.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22404527596%22],%2222%22:[%22true%22],%224%22:[%2212-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%226312484528502086401%22}&andc=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul03s05-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers attribution-reporting-eligible Access-Control-Request-Method GET Origin https://googleads.g.doubleclick.net Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers attribution-reporting-eligible access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://googleads.g.doubleclick.net alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html; charset=UTF-8 date Fri, 29 Dec 2023 19:38:43 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	skeleton.js Show response fw.adsafeprotected.com/rjss/st/1138160/76607944/ Frame 1A71	255 KB 77 KB	150ms 52ms	Script application/javascript	54.234.41.74 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://fw.adsafeprotected.com/rjss/st/1138160/76607944/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1008693280&ias_pubId=pub-8288203502063695&ias_chanId=1&ias_placementId=20161971837&bidurl=https://pdf2png.com/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0jAPHv3VG2oWfzXk62DLuoi Requested by Host: pdf2png.com URL: https://pdf2png.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.234.41.74 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-234-41-74.compute-1.amazonaws.com Software / Resource Hash f402ef263113b51977477e2be7a1c3d8f54b50e66947477e35233fa399d01300 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Fri, 29 Dec 2023 19:38:43 GMT content-encoding gzip vary accept-encoding content-type application/javascript;charset=utf-8 access-control-allow-origin fw.adsafeprotected.com cache-control no-cache access-control-allow-credentials true expires Wed, 31 Dec 1969 23:59:59 GMT
GET H2	200	express_html_inpage_rendering_lib_200_278.js Show response s0.2mdn.net/879366/ Frame 1A71	111 KB 39 KB	146ms 39ms	Script text/javascript	172.217.13.198 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js Requested by Host: pdf2png.com URL: https://pdf2png.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.198 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul03s05-in-f6.1e100.net Software sffe / Resource Hash 1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Origin https://googleads.g.doubleclick.net accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Fri, 29 Dec 2023 00:20:19 GMT content-encoding gzip x-content-type-options nosniff age 69504 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 39806 x-xss-protection 0 last-modified Tue, 14 Mar 2023 18:44:05 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 30 Dec 2023 00:20:19 GMT
GET H3	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/ Frame 1A71	11 KB 4 KB	41ms 40ms	Script text/javascript	142.250.72.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CkvBffbBdDxoSCP86LwcwjQrFnspeR8pU9wEE-5oxvMqwg2cqZpnDUFIQdybB1rqrNmvBi6zd3rwwAVvFhvgMuadGy4RvtUiiqNlU2sNctKcoXC5be42dmKrnTfupD1aY9UCf-J5hU0bMSNuq21PzhhxQE-XiiEeD76uUskhd_A6asfN8&dbm_d=AKAmf-BT5roYLryknkxDksv0AVMcDZ_Wo5k3tfPOni0kU3Zsw5tE9JquhzmrLCePbbxpTF2Ys80SIn-80NDbdcvh1nXUvdKjdw8PtlzFa4MYgLrUtEp5mvLfMakqRixKmR1_iQIpqTPPpZ11a4Tw2FCAfdjDquaEHAGGifygvWx1LfVpa92q61Zsb1XEgdI2BU6_aI-Y7ls7wbULjrfXAvwUY0cP8ySzdCJ-8yJC5dL9tDaFvYDbl-x2Qzt4ZK07slrYchXabQYY6Vl1rhnpIA48Yr9xpSDJvMMkXXs-G5m451gXYfNQDystS9-AlqTW65zEGI3j0BNr7jcSumm7aNNw0TvMXLg7FEcS1rPte91vH1ezz8cSJC3VkIdQPMVS9GVZC2ter1qOdJQ13ptLMWGwlahIcz0ke_10L6Nuq3zc3khGXe3ctkPmNExAACjYbfG58k9QXtCIT8efK-ybXDFj4E7u1yIal7yluhs2jhmB7WXHoPy0kgEgkAyyxvEhASIQEvBiEFS87TuUp5735FT9OxzJNlSNuVNZnLv_ieyNKaV8jnVo4NmOCpEpRxNy5Ix-GTQLdihBrjxh22u46JEDwRP_czkrquYKdFRnGny5WAdvR8vLZE7_KHB073k0jIcERV3zzGSrt_7K8oBt5FraeMuwVL8wHJT5tVr9ru_VBErndW8dOJzf73tMxMW2Es_GDecQKUur5hLPgMhZEjE6mlFwnJRaf4mcQfcOzL1hoWQx9EqVTZkwJX0soxiy7Zmk74QjuoZRB0UqnL6GZwbLrvdJPIrimxlGqQqcS1VkBsysl4wqJa3mLb2q4baKzDilfLfJgrJWt_p-thTeXFaLw2Hfq3FiWZgqVkg24jN2fNqDwzgfsoTjzQR2yohj1tJKOconseTppgNvXKb_oUcavMzH7t1IJmdjsvP4N39FkyiB-NHyeHLtuH3Z1FevxvD-jeyAZf6vJtgENHzAhQ6Ui02PVFxplTggYrUqDFdH31l4K2gOn1UKtUUBhK35JKsVsp9AjwqIOGEcNS_lEwB28VpKLIyP8cas1B6TzvGhUFo7uhYbvmiIf0RNvtyp2NMAWNK8Zki-kQnEuFZZPOaaboUkf5iCYS1G3wMuhykZiovZhd0ReLf6RmWFb2t-j9w7V55Z-rK-tOKYv0oWk8dfJcbWvV6mLZ2gafNujmNXxsdLKKz0PAD2ybsQHLf0aueDHfma9ibnz54Hy0JxANIET0anCFSol59e9EK7LCizUSMoKYlVa3tpTyuL9QYJWo4-nPxr6T0xdjkZY52Vo494fqiglA9eLCgn0dy7kqYnGp7tYEO3wqJlBVp9u-0F_Ox7Xu38tEAO8Cg3dslUYib3ac19ysJ6iTE2BeZiqm7WbhJMNxn_13RCbm_-FZzM1Z-_AO856g165wimKrHHoiO1TjQWB3aczddVfXOvJhDQA9Dhmn6nMy-6Nj5140RHcY-6gsVzMFJW3IhHqa1sTtULLxWmASrU_se-JkSDRTG8lnRC4fkGbDxzSMI1d9VbvGJr82SOWfvBh2qttXWStt8jtqwQuAmRliTuBEC_lwSxtqUMxuTPg6ccqyFkE0vR2831i0omKIIdHv0lvtuGr7KvwnSZ0QUzD_UCtrZi7IydcteGtoKd545e706fSy4bp8pChUA9BY4K9b99i4zVzgzm6ywJZUtEx7N-l5HzunpUh__8qxtUXxMaU4jb0ApS-uZMCTWrPU3ZVJi8Qv-DZiyOvLI2o8ogeFLkfjIB-tPKwxcZU5tcdt5Jc-iK8W1O-0RcjXHV1RpZ64JYP93f6j0Iuusk0LlIZEinuVbuuW_lj0rR06udglKM1rBKqMtSxUOSM4g2DJvasgQMtrvN5N1vardjejXE2wCAPYoUQXK4eYjiqV-qMAOJJ-plVE6m4z9n9LcnjPtlysRq7X5IIgpziIsspuZqAQlCh8ibSmskNCvl76tLJDjvejMdvLAdogaHKirP8HZfUVl_U2xjYFr8yCaKp77G9mtyj0abUQHwCXdn140KM7OvqnpkkNVzFeifDA_rAwBckpxKWmlzdnJjFWggRA9FuzTUtWFl6FJMuZk2GX5uP_tB55vKN9fg8t-Yu1brXkGPl3GZPML9rGEs7X1FVrWW2hAjy9hc2b44u7By5lSY3bwBdukMGa2v6Efczawnq4FK4MxlRZ0US4IUtlg1ojz5RVYWPf454LHXU3cruTqe6HHHwLAubTEdojlLnGx3UZDzf80w9liLbYXko5g-eflX_RM4MPAHbe8wYQQckeNE8KITiWpoPfF9fzi95RoCd2vyggao1chPje3noVHRDJ3YKz3-0CE96CJMrU-cz_jetPr32Yqn0-AUxoKqkGsRu_uhjc3y9eBsmE_g4kKiBb1s_iWoiEk2tkXOYPkrYE0vDwuCeE8-gZGTlubh5u4cC2Rj92pgMRAefDnO39fR24LCWd5AkSOtenCC_aS-NzDa8xwtsWpKFJ9EVRZxedpcUEKBadAnK6bckueF6wG5JnIPM9kT3ok7VYT9p9RY9G9kQNQbkLQVS_hfT0ImhTxWzljiY4KGxrHS6Ep1f05zyN6djzCksZgS7z2OvsLnxoLxbjyz2nWr3-mUaFzHeBa4rCtE8RrmxaR3CNpqz8jiQo8qb69FTxEM0ohJRRqHo_6vDYTQcrc6AfYevTyMDwQJ6Fi7cI6B8coVdKOUZd0xtrtTE53PQKDEVDDZar0UOUCAmmNqkMQKyeUAozuFsd7zfDM2rNz56itpqkWWk_rg-9K17pqjxIEMHuOvNq0upMwjxVn3axs-I5k8rBek7ANq74a9d2ALcgVT3EXTSGof5QZ0EsQBHYTACYq792C7LcgqeJYHzyb0Dm-Uhpgd8doAECkIzfkTs6fRhCnED6EixgeCiVoodFAVNs8JGQuDZ8tZUrwo0CvTR2gkik2lvpObytpuQvkKX7NCvhpjgN4ZluFoAaJ_K6utyps-th7dBIrIZR8wW3Xn3AzJX-DAx4eJgGRvBHWPsf3RcEGJl9GBsMFNpFdiGixdqLvNRAofpWZO0WC6S1aedlEkkDIlemhdCGz8EBwbUkW7JhKZ7f94uxoExOzUJBz2coLUJgJOfTctVm7vGv-7gSUZ0PayeERIzJjZp1dOi6XzGpY_AjKV-6-nJ52VN0HQLPsFqFN2VdlmBk1X0e4bq9teyEvp9DH_u2BwHQDVoCjpsD6-OvUc7VoVtjj2fWmTDpgVM--I7-pudjiaZx4q0JNdfF9AZI1yZ8wLHj5BrYm65Kg5yL-w5bd8GhY2JUfRkbHTJFhUpHk1KzWLN--szETjuY7vkF4w8lReNN9JQRtJjke_1x6k76DsUSANqYaKgiOWpVxHlYZ2uo6Ph7WHbWBnCicFXekUSBWbbNstFTpd3TEQq_WIUQnlXEnIUxuSBItTsa7rL0CK8n2n8FzMwTHRqoH4pGh0XstgOFrr3U0TPeP6VMZKC8pIwdiiXcALGjgCiXQ_qz5cLmavkBN2v48UCys6TCrjcoE7QDxT8PPthFcuL8anFbbwq74bReljohGwhYwIEGqlricl48SAcIIm3tcN8CenZxw82o6gSAz5pqUO4Q8zgvtQHaLec7dRp971AxtOCRh3Ph_uyl9uLPWkJ3qOBw9LgkSa9fF9RzoGJDD7aRxqJw4UcxvUxy20nfIbq6eFqdpdh0KppWfZxnl39mmzZnw30V_lr8ROa0P4qoRVA6s9Kijhjg&cid=CAQSTgAvHhf_jxcrQdke7La2tnG_P4_TSlJCnBRNYeyo6U6xStKOExBbzGEdSQaERHzs5-6wZIrdl1NtCmpa0m9iLvcMYjy_ME0J9fwyOZ2DLRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fpdf2png.com%2F&ds=l&xdt=1&iif=1&cor=2318422490171003400&adk=250412561&idt=114&cac=0&dtd=14 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s32-in-f2.1e100.net Software cafe / Resource Hash 712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Fri, 29 Dec 2023 14:54:58 GMT content-encoding br x-content-type-options nosniff age 17025 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4206 x-xss-protection 0 server cafe etag 14415875674906819925 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 12 Jan 2024 14:54:58 GMT
GET H3	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 1A71	31 KB 12 KB	38ms 37ms	Script text/javascript	142.250.72.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CkvBffbBdDxoSCP86LwcwjQrFnspeR8pU9wEE-5oxvMqwg2cqZpnDUFIQdybB1rqrNmvBi6zd3rwwAVvFhvgMuadGy4RvtUiiqNlU2sNctKcoXC5be42dmKrnTfupD1aY9UCf-J5hU0bMSNuq21PzhhxQE-XiiEeD76uUskhd_A6asfN8&dbm_d=AKAmf-BT5roYLryknkxDksv0AVMcDZ_Wo5k3tfPOni0kU3Zsw5tE9JquhzmrLCePbbxpTF2Ys80SIn-80NDbdcvh1nXUvdKjdw8PtlzFa4MYgLrUtEp5mvLfMakqRixKmR1_iQIpqTPPpZ11a4Tw2FCAfdjDquaEHAGGifygvWx1LfVpa92q61Zsb1XEgdI2BU6_aI-Y7ls7wbULjrfXAvwUY0cP8ySzdCJ-8yJC5dL9tDaFvYDbl-x2Qzt4ZK07slrYchXabQYY6Vl1rhnpIA48Yr9xpSDJvMMkXXs-G5m451gXYfNQDystS9-AlqTW65zEGI3j0BNr7jcSumm7aNNw0TvMXLg7FEcS1rPte91vH1ezz8cSJC3VkIdQPMVS9GVZC2ter1qOdJQ13ptLMWGwlahIcz0ke_10L6Nuq3zc3khGXe3ctkPmNExAACjYbfG58k9QXtCIT8efK-ybXDFj4E7u1yIal7yluhs2jhmB7WXHoPy0kgEgkAyyxvEhASIQEvBiEFS87TuUp5735FT9OxzJNlSNuVNZnLv_ieyNKaV8jnVo4NmOCpEpRxNy5Ix-GTQLdihBrjxh22u46JEDwRP_czkrquYKdFRnGny5WAdvR8vLZE7_KHB073k0jIcERV3zzGSrt_7K8oBt5FraeMuwVL8wHJT5tVr9ru_VBErndW8dOJzf73tMxMW2Es_GDecQKUur5hLPgMhZEjE6mlFwnJRaf4mcQfcOzL1hoWQx9EqVTZkwJX0soxiy7Zmk74QjuoZRB0UqnL6GZwbLrvdJPIrimxlGqQqcS1VkBsysl4wqJa3mLb2q4baKzDilfLfJgrJWt_p-thTeXFaLw2Hfq3FiWZgqVkg24jN2fNqDwzgfsoTjzQR2yohj1tJKOconseTppgNvXKb_oUcavMzH7t1IJmdjsvP4N39FkyiB-NHyeHLtuH3Z1FevxvD-jeyAZf6vJtgENHzAhQ6Ui02PVFxplTggYrUqDFdH31l4K2gOn1UKtUUBhK35JKsVsp9AjwqIOGEcNS_lEwB28VpKLIyP8cas1B6TzvGhUFo7uhYbvmiIf0RNvtyp2NMAWNK8Zki-kQnEuFZZPOaaboUkf5iCYS1G3wMuhykZiovZhd0ReLf6RmWFb2t-j9w7V55Z-rK-tOKYv0oWk8dfJcbWvV6mLZ2gafNujmNXxsdLKKz0PAD2ybsQHLf0aueDHfma9ibnz54Hy0JxANIET0anCFSol59e9EK7LCizUSMoKYlVa3tpTyuL9QYJWo4-nPxr6T0xdjkZY52Vo494fqiglA9eLCgn0dy7kqYnGp7tYEO3wqJlBVp9u-0F_Ox7Xu38tEAO8Cg3dslUYib3ac19ysJ6iTE2BeZiqm7WbhJMNxn_13RCbm_-FZzM1Z-_AO856g165wimKrHHoiO1TjQWB3aczddVfXOvJhDQA9Dhmn6nMy-6Nj5140RHcY-6gsVzMFJW3IhHqa1sTtULLxWmASrU_se-JkSDRTG8lnRC4fkGbDxzSMI1d9VbvGJr82SOWfvBh2qttXWStt8jtqwQuAmRliTuBEC_lwSxtqUMxuTPg6ccqyFkE0vR2831i0omKIIdHv0lvtuGr7KvwnSZ0QUzD_UCtrZi7IydcteGtoKd545e706fSy4bp8pChUA9BY4K9b99i4zVzgzm6ywJZUtEx7N-l5HzunpUh__8qxtUXxMaU4jb0ApS-uZMCTWrPU3ZVJi8Qv-DZiyOvLI2o8ogeFLkfjIB-tPKwxcZU5tcdt5Jc-iK8W1O-0RcjXHV1RpZ64JYP93f6j0Iuusk0LlIZEinuVbuuW_lj0rR06udglKM1rBKqMtSxUOSM4g2DJvasgQMtrvN5N1vardjejXE2wCAPYoUQXK4eYjiqV-qMAOJJ-plVE6m4z9n9LcnjPtlysRq7X5IIgpziIsspuZqAQlCh8ibSmskNCvl76tLJDjvejMdvLAdogaHKirP8HZfUVl_U2xjYFr8yCaKp77G9mtyj0abUQHwCXdn140KM7OvqnpkkNVzFeifDA_rAwBckpxKWmlzdnJjFWggRA9FuzTUtWFl6FJMuZk2GX5uP_tB55vKN9fg8t-Yu1brXkGPl3GZPML9rGEs7X1FVrWW2hAjy9hc2b44u7By5lSY3bwBdukMGa2v6Efczawnq4FK4MxlRZ0US4IUtlg1ojz5RVYWPf454LHXU3cruTqe6HHHwLAubTEdojlLnGx3UZDzf80w9liLbYXko5g-eflX_RM4MPAHbe8wYQQckeNE8KITiWpoPfF9fzi95RoCd2vyggao1chPje3noVHRDJ3YKz3-0CE96CJMrU-cz_jetPr32Yqn0-AUxoKqkGsRu_uhjc3y9eBsmE_g4kKiBb1s_iWoiEk2tkXOYPkrYE0vDwuCeE8-gZGTlubh5u4cC2Rj92pgMRAefDnO39fR24LCWd5AkSOtenCC_aS-NzDa8xwtsWpKFJ9EVRZxedpcUEKBadAnK6bckueF6wG5JnIPM9kT3ok7VYT9p9RY9G9kQNQbkLQVS_hfT0ImhTxWzljiY4KGxrHS6Ep1f05zyN6djzCksZgS7z2OvsLnxoLxbjyz2nWr3-mUaFzHeBa4rCtE8RrmxaR3CNpqz8jiQo8qb69FTxEM0ohJRRqHo_6vDYTQcrc6AfYevTyMDwQJ6Fi7cI6B8coVdKOUZd0xtrtTE53PQKDEVDDZar0UOUCAmmNqkMQKyeUAozuFsd7zfDM2rNz56itpqkWWk_rg-9K17pqjxIEMHuOvNq0upMwjxVn3axs-I5k8rBek7ANq74a9d2ALcgVT3EXTSGof5QZ0EsQBHYTACYq792C7LcgqeJYHzyb0Dm-Uhpgd8doAECkIzfkTs6fRhCnED6EixgeCiVoodFAVNs8JGQuDZ8tZUrwo0CvTR2gkik2lvpObytpuQvkKX7NCvhpjgN4ZluFoAaJ_K6utyps-th7dBIrIZR8wW3Xn3AzJX-DAx4eJgGRvBHWPsf3RcEGJl9GBsMFNpFdiGixdqLvNRAofpWZO0WC6S1aedlEkkDIlemhdCGz8EBwbUkW7JhKZ7f94uxoExOzUJBz2coLUJgJOfTctVm7vGv-7gSUZ0PayeERIzJjZp1dOi6XzGpY_AjKV-6-nJ52VN0HQLPsFqFN2VdlmBk1X0e4bq9teyEvp9DH_u2BwHQDVoCjpsD6-OvUc7VoVtjj2fWmTDpgVM--I7-pudjiaZx4q0JNdfF9AZI1yZ8wLHj5BrYm65Kg5yL-w5bd8GhY2JUfRkbHTJFhUpHk1KzWLN--szETjuY7vkF4w8lReNN9JQRtJjke_1x6k76DsUSANqYaKgiOWpVxHlYZ2uo6Ph7WHbWBnCicFXekUSBWbbNstFTpd3TEQq_WIUQnlXEnIUxuSBItTsa7rL0CK8n2n8FzMwTHRqoH4pGh0XstgOFrr3U0TPeP6VMZKC8pIwdiiXcALGjgCiXQ_qz5cLmavkBN2v48UCys6TCrjcoE7QDxT8PPthFcuL8anFbbwq74bReljohGwhYwIEGqlricl48SAcIIm3tcN8CenZxw82o6gSAz5pqUO4Q8zgvtQHaLec7dRp971AxtOCRh3Ph_uyl9uLPWkJ3qOBw9LgkSa9fF9RzoGJDD7aRxqJw4UcxvUxy20nfIbq6eFqdpdh0KppWfZxnl39mmzZnw30V_lr8ROa0P4qoRVA6s9Kijhjg&cid=CAQSTgAvHhf_jxcrQdke7La2tnG_P4_TSlJCnBRNYeyo6U6xStKOExBbzGEdSQaERHzs5-6wZIrdl1NtCmpa0m9iLvcMYjy_ME0J9fwyOZ2DLRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fpdf2png.com%2F&ds=l&xdt=1&iif=1&cor=2318422490171003400&adk=250412561&idt=114&cac=0&dtd=14 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s32-in-f2.1e100.net Software cafe / Resource Hash 565592ede82822decb298ebd1e6f56e9c6a680b1a79cd4208513a834295e4c43 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Thu, 28 Dec 2023 23:42:29 GMT content-encoding br x-content-type-options nosniff age 71774 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11872 x-xss-protection 0 server cafe etag 16225921609732785849 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Thu, 11 Jan 2024 23:42:29 GMT
GET H3	200	Q12zgMmT.js Show response tpc.googlesyndication.com/sodar/ Frame 1A71	41 KB 14 KB	48ms 47ms	Script text/javascript	172.217.13.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Requested by Host: pdf2png.com URL: https://pdf2png.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.13.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul03s05-in-f1.1e100.net Software sffe / Resource Hash 435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sat, 23 Dec 2023 13:17:10 GMT content-encoding br x-content-type-options nosniff age 541293 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13937 x-xss-protection 0 last-modified Fri, 25 Aug 2023 23:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sun, 22 Dec 2024 13:17:10 GMT
GET DATA	200 OK	truncated / Frame 1A71	210 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 4e602aaebe61525de94b0d6f337c6f0f093e4c11a45ffc196ac396fea8d9032f Request headers accept-language en-CA,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Content-Type image/png
GET H2	200	css fonts.googleapis.com/ Frame 218B	14 KB 1 KB	73ms 71ms	Stylesheet text/css	172.217.13.138 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.138 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s05-in-f10.1e100.net Software ESF / Resource Hash aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 29 Dec 2023 19:38:43 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 29 Dec 2023 19:17:36 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 29 Dec 2023 19:38:43 GMT
GET H3	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 218B	2 KB 822 B	64ms 64ms	Script text/javascript	172.217.13.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.13.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul03s05-in-f1.1e100.net Software cafe / Resource Hash 41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Fri, 29 Dec 2023 16:41:56 GMT content-encoding br x-content-type-options nosniff age 10607 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 795 x-xss-protection 0 server cafe etag 4925184154378345226 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 12 Jan 2024 16:41:56 GMT
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 218B	23 KB 9 KB	64ms 64ms	Script text/javascript	172.217.13.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.13.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul03s05-in-f1.1e100.net Software cafe / Resource Hash 9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Fri, 29 Dec 2023 00:17:56 GMT content-encoding br x-content-type-options nosniff age 69647 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9269 x-xss-protection 0 server cafe etag 11706523405290302210 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 12 Jan 2024 00:17:56 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 218B	3 KB 1 KB	65ms 64ms	Script text/javascript	172.217.13.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.13.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul03s05-in-f1.1e100.net Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Fri, 29 Dec 2023 00:27:49 GMT content-encoding br x-content-type-options nosniff age 69054 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 12 Jan 2024 00:27:49 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 218B	20 KB 8 KB	65ms 65ms	Script text/javascript	172.217.13.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.13.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul03s05-in-f1.1e100.net Software cafe / Resource Hash 8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Fri, 29 Dec 2023 00:24:56 GMT content-encoding br x-content-type-options nosniff age 69227 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8571 x-xss-protection 0 server cafe etag 5853369240893788875 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 12 Jan 2024 00:24:56 GMT
GET H3	200	ufs_web_display.js Show response www.googletagservices.com/activeview/js/current/ Frame 218B	203 KB 64 KB	65ms 64ms	Script text/javascript	172.217.13.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.13.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f2.1e100.net Software sffe / Resource Hash 566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Fri, 29 Dec 2023 19:38:43 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 65731 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1702472459035717" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Fri, 29 Dec 2023 19:38:43 GMT
GET H2	200	f9d9b65dbd646119ce96bad0f484d579.js Show response www.gstatic.com/mysidia/ Frame 218B	37 KB 15 KB	58ms 57ms	Script text/javascript	172.217.13.195 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231207/r20110914/zrt_lookup_fy2021.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.195 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul03s05-in-f3.1e100.net Software sffe / Resource Hash 457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Wed, 27 Dec 2023 11:46:44 GMT content-encoding gzip x-content-type-options nosniff age 201119 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15460 x-xss-protection 0 last-modified Thu, 07 Dec 2023 22:13:01 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Tue, 26 Mar 2024 11:46:44 GMT
GET H3	200	62bHydCX.html Show response tpc.googlesyndication.com/sodar/ Frame 4D0F	38 KB 13 KB	48ms 40ms	Document text/html	172.217.13.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/62bHydCX.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.13.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul03s05-in-f1.1e100.net Software sffe / Resource Hash eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers accept-ranges bytes age 17677 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding br content-length 13045 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Fri, 29 Dec 2023 14:44:06 GMT expires Sat, 28 Dec 2024 14:44:06 GMT last-modified Fri, 25 Aug 2023 23:48:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	index.html Show response s0.2mdn.net/sadbundle/4280298057207270451/CA-ENG_XA-10_0__728x90_BAN-A_HTML5_MOFU-no-Security-SecurityOutcomesReportV1-Security_rptsc030390_105/ Frame A997	393 KB 198 KB	115ms 38ms	Document text/html	172.217.13.198 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/4280298057207270451/CA-ENG_XA-10_0__728x90_BAN-A_HTML5_MOFU-no-Security-SecurityOutcomesReportV1-Security_rptsc030390_105/index.html?ev=01_250 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.13.198 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul03s05-in-f6.1e100.net Software sffe / Resource Hash 904ba425a1eff73e164be1a2fb487f25299a159625d10b0acf82b6cc8d4bbde3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 197210 allow-fenced-frame-automatic-beacons true alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 202357 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" cross-origin-resource-policy cross-origin date Wed, 27 Dec 2023 12:51:53 GMT expires Thu, 26 Dec 2024 12:51:53 GMT last-modified Thu, 16 Nov 2023 19:44:00 GMT report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-dns-prefetch-control off x-xss-protection 0
GET H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 1A71	0 0	92ms 81ms	Fetch image/gif	172.217.13.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv3SdxO3CHJDU-9tAlPeo1YYm649OjYUY5jrkz94aZEkn2D6dHptnI50GfEJz1KmsLcroUwWtUTKsjDxIB_qQinEIuJLgrqUOaGPwSuNVKzovc3MHhjP_wdIc_9t5i-WN0hAv1j8xcKTgqf9SBqc-SQFsPo37uGkFlW3mjQCYodKeoxsjdjADy_hyKyVGLBC-Acep6sKGnqYtPTHp_EujmNjCjBewvKSgeYgaiUcVn0jSfLuWn-kOFtszlM4JXhAr8UmaHjf5Lqdlma9AQISqQH6_ABiL3_na60-np2NomjzIDwNSKCK79_AlHWuxiylNdQFmrH0xSbMqwXj0eakO_9-0uJ7kQZK13dtuvqL48qAhU_MptvpL9P2v0GD8jhBnRdje3nwa5GwHRvImltSt-mDjqBf4gFm7X843EsBfvzTrEaL-pHW0ttt6P22YoB0GfqJG2BOu3TBZM3cc3LfqWcisGMhvTIC14BjsH5KLIjRnYX9kOxG7uP3FWOiKw75s4uzsl3Uqqhs9C-wV92G1HLekfuDN-AZ0kzAjK8pFz1Zw2-Plp_bHYTqHcot3bUe7w9iinA4y5btO4M7ajeZOJIVxxT3kLlT40Uv2obZAHiKID1G4zkPSNLLgvhPpuG7Te_yx88MPR1WdMzlZvGRpE7QYpx_pPR3-CfklAuOyONqTPKqblnXaCbd3Tz4RXhveAHOeaJjFuqUQlkpX7IseLMY5MmdFEgC__NwqD5exKMvXW83Zr-H6nZytaYzKFEzzx0g7BBFciKGzW4ph_uRa1sU3_zngI7G2LVW03dlWDCNSrasS5b8556mr5ySFhAK6m3OGgU7-4TuuZazxyUTSWPO5PTwk14wV4yIfvg5qgF0tAGEXWvgTXmKMxz4fDumlTwD02AktUr97tLkxrMkJ2lzBAXOt5aG_dj_RNSjHMjdmPQczoT6-IFaVPynoWQ-Gx4q9x3qn32L8atvRJ1bv6NIeJGm8-C_TBzdzGv8sBifiGdu3Y_cJeIBH5Ub2iUpQv0QJBgLEBbO0dxJMYYfc7b6vWMPI83kYeDXJXseOUKUsVAXWOClvq-uhGrXD6rMGTqx98h5EMx_vhZ-YwL1dO1yUgssh0v0S-Y35aSx2PTfevFKPy63ive6IXQOYH5X_Nqjz5JFYqtkvezp-lhmDmeWEXhbrHg2iOPogT9Z4JwufwejrAPTr_or0YNy_FIJ5z1kAy6ZQYqveKYr3OOjl7Qz4y1w6aP__b6ZHkMrBL3JPEoqhbtuee2CIhxFGY8N_pn2FlPz5QrrRXDaRMLQ2g-rqHZQYof_h3MASe146dOs-iX8DGs05BEogXmw28dDGu9LCoVvOl6fVXiPgZ9mPoSvCBbAkOBVWqaM2GxEny460qjkgDR1otizVoRfkWfzE8eMIUVDIM3SYj7o_5jNEKTZkXJkByjQGIzGp5OUyYzJJ1uEqY&sai=AMfl-YRQG3cId_AGxqHyHNFp19N6S8QGbagow4-_iKr70aVNbjqKBkVbvnyCkFMeIU-w4qSugvCK50VXVzllf_dFF4a6HbLUR0K8rpOyBwsTS4sbnrgTKjVffUJdYnjb7RPRF-nTTmCFqvkd1KWibRT2z3bKUXq0k7uTCn_wXaAw6aFP5BXAaKxvG4OPFgbKgnkbWhIUKR7GsAOHQKNnHjoeIQorspsHR4Sf6GQHbpVIpvaopZ9KUW-hZbQ6ZlXjr3o5TeKCyHbWllZVyfqm8a8rwQXt1ZW7mtusR4Hx1igMWkjpxWUrwdlA5Jopp5iDu6o&sig=Cg0ArKJSzCA0-0QDNszJEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=307&cbvp=1&cstd=303&cisv=r20231207.62249&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl= Requested by Host: pdf2png.com URL: https://pdf2png.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s05-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Fri, 29 Dec 2023 19:38:43 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * content-type image/gif cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	200	4.js Show response static.adsafeprotected.com/ Frame 1A71 Redirect Chain https://fw.adsafeprotected.com/rfw/st/1138160/76607944/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1008693280&ias_pubId=pub-8288203502063695&ias_chanId=1&ias_placementId=20161971837&bidurl=ht... https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}&ias_xappb=&adContainerId=brand_safety_QyCPZcD0B9zYoPwPkrO-qAQ&cbFunctionName=goog_wrapCb_QyCPZcD0B9zYoPwPkrO-qAQ&true_pb=https%3A%2F%2F...	1 KB 1 KB	141ms 82ms	Script application/javascript	13.32.230.19 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}&ias_xappb=&adContainerId=brand_safety_QyCPZcD0B9zYoPwPkrO-qAQ&cbFunctionName=goog_wrapCb_QyCPZcD0B9zYoPwPkrO-qAQ&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=90&slotname=7344673714&adk=457190580&adf=4272225274&pi=t.ma~as.7344673714&w=728&lmt=1703878721&rafmt=12&format=728x90&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721372&bpp=2&bdt=447&idt=349&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=353 Protocol H2 Server 13.32.230.19 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-230-19.atl56.r.cloudfront.net Software AmazonS3 / Resource Hash 27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers x-amz-version-id vKEhI2DDF7x4y1d6KCleNAEq1uB6J8K1 content-encoding gzip via 1.1 b0c9ad1d0c780fc497c9cf1d8077809a.cloudfront.net (CloudFront) date Fri, 29 Dec 2023 10:51:37 GMT x-amz-cf-pop ATL56-C4 age 112757 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Wed, 13 Dec 2023 19:37:39 GMT server AmazonS3 etag W/"33dffa7df253125904b2f354b5bb5e8d" vary Accept-Encoding content-type application/javascript cache-control max-age=604800 x-amz-cf-id nholEYEposhjqh07BqHEAXettC4sMLyvqfnluAh-sfvtC77AS8GMaQ== Redirect headers pragma no-cache date Fri, 29 Dec 2023 19:38:43 GMT server nginx x-server-name app43.va.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" location https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}&ias_xappb=&adContainerId=brand_safety_QyCPZcD0B9zYoPwPkrO-qAQ&cbFunctionName=goog_wrapCb_QyCPZcD0B9zYoPwPkrO-qAQ&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js cache-control no-cache content-length 0
GET H2	200	sca.17.6.2.js Show response static.adsafeprotected.com/ Frame DA93	91 KB 23 KB	217ms 66ms	Script application/javascript	13.32.230.19 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/sca.17.6.2.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=90&slotname=7344673714&adk=457190580&adf=4272225274&pi=t.ma~as.7344673714&w=728&lmt=1703878721&rafmt=12&format=728x90&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721372&bpp=2&bdt=447&idt=349&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=353 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.230.19 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-230-19.atl56.r.cloudfront.net Software AmazonS3 / Resource Hash 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 02 Apr 2023 06:31:15 GMT x-amz-version-id go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy content-encoding gzip via 1.1 b0c9ad1d0c780fc497c9cf1d8077809a.cloudfront.net (CloudFront) x-amz-cf-pop ATL56-C4 age 23461649 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Tue, 20 Sep 2022 19:21:34 GMT server AmazonS3 etag W/"1f3488247c90bb5de253d3d0cb3b7458" vary Accept-Encoding content-type application/javascript cache-control max-age=315360000 x-amz-cf-id JdO0Qsagb3Le8dgDrUHSf-v-4BB_OeRJjhIJoTeooZ3WYSQuIUMAIA==
GET H2	200	dt dt.adsafeprotected.com/ Frame 1A71	43 B 215 B	286ms 91ms	Image image/gif	52.88.79.152 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1138160&asId=f8c78417-097d-141c-91ad-5cde89669448&tv=%7Bc:ybwaHy,pingTime:-3,time:87,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:42%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:87,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:42,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B76~0%5D,as:%5B76~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tZRjtRH+11%7C12%7C131%7C132%7C14*.1138160-76607944%7C141%7C142%7C143%7C151%7C152%7C16%7C17%7C18%7C19%7C1a1,idMap:14*,rmeas:1,rend:0,renddet:DIV,siq:43%7D&br=c Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=90&slotname=7344673714&adk=457190580&adf=4272225274&pi=t.ma~as.7344673714&w=728&lmt=1703878721&rafmt=12&format=728x90&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721372&bpp=2&bdt=447&idt=349&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=353 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.88.79.152 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-88-79-152.us-west-2.compute.amazonaws.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Fri, 29 Dec 2023 19:38:43 GMT server nginx x-server-name dt22.or.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H2	200	dt dt.adsafeprotected.com/ Frame 1A71	43 B 216 B	276ms 86ms	Image image/gif	52.88.79.152 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1138160&asId=f8c78417-097d-141c-91ad-5cde89669448&tv=%7Bc:ybwaHz,pingTime:-6,time:88,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:88,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:42,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B77~0%5D,as:%5B77~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tZRjtRH+11%7C12%7C131%7C132%7C14*.1138160-76607944%7C141%7C142%7C143%7C151%7C152%7C16%7C17%7C18%7C19%7C1a1,idMap:14*,rmeas:1,rend:0,renddet:DIV,siq:43%7D&tpiLookup=ao:pdf2png.com*&br=c Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=90&slotname=7344673714&adk=457190580&adf=4272225274&pi=t.ma~as.7344673714&w=728&lmt=1703878721&rafmt=12&format=728x90&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721372&bpp=2&bdt=447&idt=349&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=353 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.88.79.152 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-88-79-152.us-west-2.compute.amazonaws.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Fri, 29 Dec 2023 19:38:43 GMT server nginx x-server-name dt23.or.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H2	200	dt dt.adsafeprotected.com/ Frame 1A71	43 B 215 B	235ms 87ms	Image image/gif	52.88.79.152 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1138160&asId=f8c78417-097d-141c-91ad-5cde89669448&tv=%7Bc:ybwaIj,pingTime:-2,time:134,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1806,beZ:1807,mfA:1812,cmA:1814,inA:1814,inZ:1820,prA:1820,prZ:1843,si:1849,poA:1850,poZ:1876,cmZ:1876,mfZ:1876,loA:1894,loZ:1898,ltA:1940,ltZ:1940%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:true%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:42%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:134,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:42,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B123~0%5D,as:%5B123~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tZRjtRH+11%7C12%7C131%7C132%7C14*.1138160-76607944%7C141%7C142%7C143%7C151%7C152%7C16%7C17%7C18%7C19%7C1a1,idMap:14*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:DIV,siq:43,sinceFw:90,readyFired:true%7D&br=c Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=90&slotname=7344673714&adk=457190580&adf=4272225274&pi=t.ma~as.7344673714&w=728&lmt=1703878721&rafmt=12&format=728x90&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721372&bpp=2&bdt=447&idt=349&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=353 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.88.79.152 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-88-79-152.us-west-2.compute.amazonaws.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Fri, 29 Dec 2023 19:38:43 GMT server nginx x-server-name dt24.or.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H3	200	Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response pagead2.googlesyndication.com/bg/ Frame 4D0F	39 KB 15 KB	38ms 37ms	Script text/javascript	142.250.72.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s32-in-f2.1e100.net Software sffe / Resource Hash 0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Fri, 29 Dec 2023 02:22:31 GMT content-encoding br x-content-type-options nosniff age 62172 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15165 x-xss-protection 0 last-modified Tue, 28 Nov 2023 18:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 28 Dec 2024 02:22:31 GMT
GET H3	200	gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js Show response pagead2.googlesyndication.com/bg/ Frame B75A	50 KB 19 KB	38ms 37ms	Script text/javascript	142.250.72.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js Requested by Host: pdf2png.com URL: https://pdf2png.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s32-in-f2.1e100.net Software sffe / Resource Hash 80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 26 Dec 2023 23:57:25 GMT content-encoding br x-content-type-options nosniff age 243678 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19632 x-xss-protection 0 last-modified Tue, 28 Nov 2023 18:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 25 Dec 2024 23:57:25 GMT
GET DATA	200 OK	truncated / Frame A997	174 KB 174 KB		Font application/octet-stream
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash a41eac9c41aa92533ab6cf9375a1b497c4dbf4c92fa39004b886302a3b11cd04 Request headers Referer Origin https://s0.2mdn.net accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Content-Type application/octet-stream;charset=utf-8
GET DATA	200 OK	truncated / Frame A997	72 KB 72 KB		Font application/font-woff
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 29a5f3793d5ea14a97c6237a7c6f80e3bb381f93101c9514cfbfa2444f5ca4e9 Request headers Referer Origin https://s0.2mdn.net accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Content-Type application/font-woff;charset=utf-8
GET H3	200	view googleads4.g.doubleclick.net/pcs/ Frame 1A71	0 0	92ms 91ms	Fetch image/gif	172.217.13.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv3SdxO3CHJDU-9tAlPeo1YYm649OjYUY5jrkz94aZEkn2D6dHptnI50GfEJz1KmsLcroUwWtUTKsjDxIB_qQinEIuJLgrqUOaGPwSuNVKzovc3MHhjP_wdIc_9t5i-WN0hAv1j8xcKTgqf9SBqc-SQFsPo37uGkFlW3mjQCYodKeoxsjdjADy_hyKyVGLBC-Acep6sKGnqYtPTHp_EujmNjCjBewvKSgeYgaiUcVn0jSfLuWn-kOFtszlM4JXhAr8UmaHjf5Lqdlma9AQISqQH6_ABiL3_na60-np2NomjzIDwNSKCK79_AlHWuxiylNdQFmrH0xSbMqwXj0eakO_9-0uJ7kQZK13dtuvqL48qAhU_MptvpL9P2v0GD8jhBnRdje3nwa5GwHRvImltSt-mDjqBf4gFm7X843EsBfvzTrEaL-pHW0ttt6P22YoB0GfqJG2BOu3TBZM3cc3LfqWcisGMhvTIC14BjsH5KLIjRnYX9kOxG7uP3FWOiKw75s4uzsl3Uqqhs9C-wV92G1HLekfuDN-AZ0kzAjK8pFz1Zw2-Plp_bHYTqHcot3bUe7w9iinA4y5btO4M7ajeZOJIVxxT3kLlT40Uv2obZAHiKID1G4zkPSNLLgvhPpuG7Te_yx88MPR1WdMzlZvGRpE7QYpx_pPR3-CfklAuOyONqTPKqblnXaCbd3Tz4RXhveAHOeaJjFuqUQlkpX7IseLMY5MmdFEgC__NwqD5exKMvXW83Zr-H6nZytaYzKFEzzx0g7BBFciKGzW4ph_uRa1sU3_zngI7G2LVW03dlWDCNSrasS5b8556mr5ySFhAK6m3OGgU7-4TuuZazxyUTSWPO5PTwk14wV4yIfvg5qgF0tAGEXWvgTXmKMxz4fDumlTwD02AktUr97tLkxrMkJ2lzBAXOt5aG_dj_RNSjHMjdmPQczoT6-IFaVPynoWQ-Gx4q9x3qn32L8atvRJ1bv6NIeJGm8-C_TBzdzGv8sBifiGdu3Y_cJeIBH5Ub2iUpQv0QJBgLEBbO0dxJMYYfc7b6vWMPI83kYeDXJXseOUKUsVAXWOClvq-uhGrXD6rMGTqx98h5EMx_vhZ-YwL1dO1yUgssh0v0S-Y35aSx2PTfevFKPy63ive6IXQOYH5X_Nqjz5JFYqtkvezp-lhmDmeWEXhbrHg2iOPogT9Z4JwufwejrAPTr_or0YNy_FIJ5z1kAy6ZQYqveKYr3OOjl7Qz4y1w6aP__b6ZHkMrBL3JPEoqhbtuee2CIhxFGY8N_pn2FlPz5QrrRXDaRMLQ2g-rqHZQYof_h3MASe146dOs-iX8DGs05BEogXmw28dDGu9LCoVvOl6fVXiPgZ9mPoSvCBbAkOBVWqaM2GxEny460qjkgDR1otizVoRfkWfzE8eMIUVDIM3SYj7o_5jNEKTZkXJkByjQGIzGp5OUyYzJJ1uEqY&sai=AMfl-YRQG3cId_AGxqHyHNFp19N6S8QGbagow4-_iKr70aVNbjqKBkVbvnyCkFMeIU-w4qSugvCK50VXVzllf_dFF4a6HbLUR0K8rpOyBwsTS4sbnrgTKjVffUJdYnjb7RPRF-nTTmCFqvkd1KWibRT2z3bKUXq0k7uTCn_wXaAw6aFP5BXAaKxvG4OPFgbKgnkbWhIUKR7GsAOHQKNnHjoeIQorspsHR4Sf6GQHbpVIpvaopZ9KUW-hZbQ6ZlXjr3o5TeKCyHbWllZVyfqm8a8rwQXt1ZW7mtusR4Hx1igMWkjpxWUrwdlA5Jopp5iDu6o&sig=Cg0ArKJSzCA0-0QDNszJEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=574&vt=11&dtpt=267&dett=3&cstd=303&cisv=r20231207.62249&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl= Requested by Host: pdf2png.com URL: https://pdf2png.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.13.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s05-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Fri, 29 Dec 2023 19:38:43 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	200	dt dt.adsafeprotected.com/ Frame 1A71	43 B 215 B	105ms 90ms	Image image/gif	52.88.79.152 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1138160&asId=f8c78417-097d-141c-91ad-5cde89669448&tv=%7Bc:ybwaKt,time:268,type:e,env:%7Bgcd2:%7Bappl:0,cnst:na%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:268,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:42,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B257~0%5D,as:%5B257~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tZRjtRH+11%7C12%7C131%7C132%7C14*.1138160-76607944%7C141%7C142%7C143%7C151%7C152%7C16%7C17%7C18%7C19%7C1a1,idMap:14*,rmeas:1,rend:0,renddet:DIV,siq:43%7D&br=c Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=90&slotname=7344673714&adk=457190580&adf=4272225274&pi=t.ma~as.7344673714&w=728&lmt=1703878721&rafmt=12&format=728x90&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721372&bpp=2&bdt=447&idt=349&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=353 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.88.79.152 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-88-79-152.us-west-2.compute.amazonaws.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Fri, 29 Dec 2023 19:38:43 GMT server nginx x-server-name dt25.or.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H3	200	Cisco-Secure-stacked-2C.png s0.2mdn.net/sadbundle/4280298057207270451/CA-ENG_XA-10_0__728x90_BAN-A_HTML5_MOFU-no-Security-SecurityOutcomesReportV1-Security_rptsc030390_105/ Frame A997	2 KB 2 KB	48ms 45ms	Image image/png	172.217.13.198 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/4280298057207270451/CA-ENG_XA-10_0__728x90_BAN-A_HTML5_MOFU-no-Security-SecurityOutcomesReportV1-Security_rptsc030390_105/Cisco-Secure-stacked-2C.png? Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=90&slotname=7344673714&adk=457190580&adf=4272225274&pi=t.ma~as.7344673714&w=728&lmt=1703878721&rafmt=12&format=728x90&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721372&bpp=2&bdt=447&idt=349&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=353 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.13.198 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul03s05-in-f6.1e100.net Software sffe / Resource Hash 1bebc953b8e78faae364b1b688176478a08e53b52da8f002451ab6cca91ebeac Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/4280298057207270451/CA-ENG_XA-10_0__728x90_BAN-A_HTML5_MOFU-no-Security-SecurityOutcomesReportV1-Security_rptsc030390_105/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers expires Tue, 24 Dec 2024 04:20:44 GMT date Mon, 25 Dec 2023 04:20:44 GMT x-content-type-options nosniff age 400679 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2040 x-xss-protection 0 last-modified Thu, 16 Nov 2023 19:44:00 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" allow-fenced-frame-automatic-beacons true
GET H3	200	Cisco-Secure-linear-2C.png s0.2mdn.net/sadbundle/4280298057207270451/CA-ENG_XA-10_0__728x90_BAN-A_HTML5_MOFU-no-Security-SecurityOutcomesReportV1-Security_rptsc030390_105/ Frame A997	1 KB 1 KB	49ms 46ms	Image image/png	172.217.13.198 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/4280298057207270451/CA-ENG_XA-10_0__728x90_BAN-A_HTML5_MOFU-no-Security-SecurityOutcomesReportV1-Security_rptsc030390_105/Cisco-Secure-linear-2C.png? Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=90&slotname=7344673714&adk=457190580&adf=4272225274&pi=t.ma~as.7344673714&w=728&lmt=1703878721&rafmt=12&format=728x90&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721372&bpp=2&bdt=447&idt=349&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=353 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.13.198 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul03s05-in-f6.1e100.net Software sffe / Resource Hash b73d0007f3cd26e7d031bcefc8dc54a8d01d5d797564f6b33985e5bb2a735e7f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/4280298057207270451/CA-ENG_XA-10_0__728x90_BAN-A_HTML5_MOFU-no-Security-SecurityOutcomesReportV1-Security_rptsc030390_105/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers expires Tue, 24 Dec 2024 04:20:44 GMT date Mon, 25 Dec 2023 04:20:44 GMT x-content-type-options nosniff age 400679 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1421 x-xss-protection 0 last-modified Thu, 16 Nov 2023 19:44:00 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" allow-fenced-frame-automatic-beacons true
GET H3	200	SORv3_springs_F-copy-2.png s0.2mdn.net/sadbundle/4280298057207270451/CA-ENG_XA-10_0__728x90_BAN-A_HTML5_MOFU-no-Security-SecurityOutcomesReportV1-Security_rptsc030390_105/ Frame A997	29 KB 29 KB	51ms 48ms	Image image/png	172.217.13.198 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/4280298057207270451/CA-ENG_XA-10_0__728x90_BAN-A_HTML5_MOFU-no-Security-SecurityOutcomesReportV1-Security_rptsc030390_105/SORv3_springs_F-copy-2.png? Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8288203502063695&output=html&h=90&slotname=7344673714&adk=457190580&adf=4272225274&pi=t.ma~as.7344673714&w=728&lmt=1703878721&rafmt=12&format=728x90&url=https%3A%2F%2Fpdf2png.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1703878721372&bpp=2&bdt=447&idt=349&shv=r20231207&mjsv=m202312070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x250&nras=1&correlator=6521839946078&frm=20&pv=1&ga_vid=1575150388.1703878722&ga_sid=1703878722&ga_hid=1811177920&ga_fc=0&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=328&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079714%2C31079979%2C44795922%2C44809531%2C95320884&oid=2&pvsid=2819960440942582&tmod=1278110273&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=256&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=353 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.13.198 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul03s05-in-f6.1e100.net Software sffe / Resource Hash 7af5eb9a149065c5dc8d4638a8bb4ffb840a5c1227317a8ca95847e8a217c269 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/4280298057207270451/CA-ENG_XA-10_0__728x90_BAN-A_HTML5_MOFU-no-Security-SecurityOutcomesReportV1-Security_rptsc030390_105/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers expires Tue, 24 Dec 2024 04:20:44 GMT date Mon, 25 Dec 2023 04:20:44 GMT x-content-type-options nosniff age 400679 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29651 x-xss-protection 0 last-modified Thu, 16 Nov 2023 19:44:00 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" allow-fenced-frame-automatic-beacons true
GET H3	200	Cisco-Secure-stacked-2C.png s0.2mdn.net/sadbundle/4280298057207270451/CA-ENG_XA-10_0__728x90_BAN-A_HTML5_MOFU-no-Security-SecurityOutcomesReportV1-Security_rptsc030390_105/ Frame A997	2 KB 2 KB	38ms 38ms	Image image/png	172.217.13.198 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/4280298057207270451/CA-ENG_XA-10_0__728x90_BAN-A_HTML5_MOFU-no-Security-SecurityOutcomesReportV1-Security_rptsc030390_105/Cisco-Secure-stacked-2C.png? Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/4280298057207270451/CA-ENG_XA-10_0__728x90_BAN-A_HTML5_MOFU-no-Security-SecurityOutcomesReportV1-Security_rptsc030390_105/index.html?ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.13.198 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul03s05-in-f6.1e100.net Software sffe / Resource Hash 1bebc953b8e78faae364b1b688176478a08e53b52da8f002451ab6cca91ebeac Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/4280298057207270451/CA-ENG_XA-10_0__728x90_BAN-A_HTML5_MOFU-no-Security-SecurityOutcomesReportV1-Security_rptsc030390_105/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers expires Tue, 24 Dec 2024 04:20:44 GMT date Mon, 25 Dec 2023 04:20:44 GMT x-content-type-options nosniff age 400679 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2040 x-xss-protection 0 last-modified Thu, 16 Nov 2023 19:44:00 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" allow-fenced-frame-automatic-beacons true
GET H3	200	Cisco-Secure-linear-2C.png s0.2mdn.net/sadbundle/4280298057207270451/CA-ENG_XA-10_0__728x90_BAN-A_HTML5_MOFU-no-Security-SecurityOutcomesReportV1-Security_rptsc030390_105/ Frame A997	1 KB 1 KB	40ms 40ms	Image image/png	172.217.13.198 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/4280298057207270451/CA-ENG_XA-10_0__728x90_BAN-A_HTML5_MOFU-no-Security-SecurityOutcomesReportV1-Security_rptsc030390_105/Cisco-Secure-linear-2C.png? Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/4280298057207270451/CA-ENG_XA-10_0__728x90_BAN-A_HTML5_MOFU-no-Security-SecurityOutcomesReportV1-Security_rptsc030390_105/index.html?ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.13.198 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul03s05-in-f6.1e100.net Software sffe / Resource Hash b73d0007f3cd26e7d031bcefc8dc54a8d01d5d797564f6b33985e5bb2a735e7f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/4280298057207270451/CA-ENG_XA-10_0__728x90_BAN-A_HTML5_MOFU-no-Security-SecurityOutcomesReportV1-Security_rptsc030390_105/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers expires Tue, 24 Dec 2024 04:20:44 GMT date Mon, 25 Dec 2023 04:20:44 GMT x-content-type-options nosniff age 400679 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1421 x-xss-protection 0 last-modified Thu, 16 Nov 2023 19:44:00 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" allow-fenced-frame-automatic-beacons true
GET H3	200	SORv3_springs_F-copy-2.png s0.2mdn.net/sadbundle/4280298057207270451/CA-ENG_XA-10_0__728x90_BAN-A_HTML5_MOFU-no-Security-SecurityOutcomesReportV1-Security_rptsc030390_105/ Frame A997	29 KB 29 KB	38ms 38ms	Image image/png	172.217.13.198 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/4280298057207270451/CA-ENG_XA-10_0__728x90_BAN-A_HTML5_MOFU-no-Security-SecurityOutcomesReportV1-Security_rptsc030390_105/SORv3_springs_F-copy-2.png? Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/4280298057207270451/CA-ENG_XA-10_0__728x90_BAN-A_HTML5_MOFU-no-Security-SecurityOutcomesReportV1-Security_rptsc030390_105/index.html?ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.13.198 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul03s05-in-f6.1e100.net Software sffe / Resource Hash 7af5eb9a149065c5dc8d4638a8bb4ffb840a5c1227317a8ca95847e8a217c269 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://s0.2mdn.net/sadbundle/4280298057207270451/CA-ENG_XA-10_0__728x90_BAN-A_HTML5_MOFU-no-Security-SecurityOutcomesReportV1-Security_rptsc030390_105/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers expires Tue, 24 Dec 2024 04:20:44 GMT date Mon, 25 Dec 2023 04:20:44 GMT x-content-type-options nosniff age 400679 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29651 x-xss-protection 0 last-modified Thu, 16 Nov 2023 19:44:00 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" allow-fenced-frame-automatic-beacons true
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	16 KB 12 KB	69ms 67ms	XHR application/json	142.250.72.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231207&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s32-in-f2.1e100.net Software cafe / Resource Hash 4beb257d823162731fd225050401b8127bcc6a6833406210f817385d7ad539f1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://pdf2png.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Fri, 29 Dec 2023 19:38:44 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12247 x-xss-protection 0
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 6 KB	71ms 70ms	Script text/javascript	172.217.13.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312070101/show_ads_impl_fy2021.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.13.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul03s05-in-f1.1e100.net Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://pdf2png.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Fri, 29 Dec 2023 19:38:44 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Fri, 29 Dec 2023 19:38:44 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 6E85	42 B 64 B	68ms 68ms	Fetch image/gif	142.250.72.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsupNuLGT_IkhJRgcqdnLcQhV1jUFW5PYHOoRp7wdP_di69omvzar9Jm_a3QMUFWoCkcik09F8v7JJT_suGMyYbbFPx_Zm0VkKsFJRBrTQyqitSzuATHXq3Mwc801EX1S0s5GpmdcqSLQ3n2O6TUrSZ8fyPv&sai=AMfl-YSK5rN-mjJVOosQPltt338NMhBIveXe5aqnmN6ycVLRu_Sfg32qDQWbXC_Y2cwgT0IbhRuH8i8TJWhBcBiHbFiQnNwaZ1qvUV73QyYr2z54Gv2FETXW3TTbtBVEJppBh6fni1_jfxoxl8dAU--e&sig=Cg0ArKJSzGuLreXYKLwPEAE&cid=CAQSTgAvHhf_BKlya2C1W4d6nbVCKSsipjFsOhTyKmKHhHL8qoVQQlMqpPwpzKpGoZbYQwD2LWMz_cpLGME6A34pBhix2fXj3Ed-kzyj2PDhuBgB&id=lidar2&mcvt=1015&p=0,0,250,300&mtos=1015,1015,1015,1015,1015&tos=1015,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=181657078&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703878721718&rpt=1290&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s32-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Fri, 29 Dec 2023 19:38:44 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 79E6	42 B 64 B	68ms 68ms	Fetch image/gif	142.250.72.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvl4jBKLU8SoKOfOUHAz4UXc_g3mVJf9Du1GYmI-hjxJ4FkFdpLxfzWvB8wBLpvH0zZuVUIgfT7uurMVlzlqEzw4PD3V5sJ8XXoxHamTFPz-DdnrVzs8bNJJVkw0qHOaKq0xKXvL_f7L8P-gqXbARSPeDlG&sai=AMfl-YQhq79cUXSjFHVfRxSxfm7VJaaSjmdkn0s_YN1XCqrISrDOU-hQdpwte3GtQ-NCLce3qVVy2LHFHRdCL8b-kxfWauW78UwTDMZdsmygxBoOblIwFVC66scfmHSMEZlla9FoqZKbIq5tJmoRopaZ8g&sig=Cg0ArKJSzGPO9PBk-V_MEAE&cid=CAQSTwAvHhf_VpFb84IRxz4YnAaEdjhceXoi3jNxr_axX3GC7wm1_PZ-NrwBta4hRR8PiErI6JL22igiObjEYTqPB8ma-7NXhjGIY1An48gwE3kYAQ&id=lidar2&mcvt=1019&p=0,154,280,574&mtos=1019,1019,1019,1019,1019&tos=1019,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1682588528&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703878721749&rpt=1308&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s32-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Fri, 29 Dec 2023 19:38:44 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 4D0F	0 20 B	68ms 67ms	Image image/gif	142.250.72.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BshgKQyCPZcD0B9zYoPwPkrO-qAQAAAAAOAHgBAI&bg=!Hh2lHVLNAAY3kmNgF5I7ADQBe5WfONbxsQ8bH0H5k2XXUPA4gVEuCBTps-55poR86l9CbTOUYp_PNxIdezNsuwYgAOO-AgAAAQlSAAAAA2gBB5kDEIha9jLPTbHk5REo97IM7WkfZMbzL9OuJINOgJPsQWS4sPQTnZjA0AiSx19e4883LDHRQ3gkL1Z_ASuoIV5J705oUDdEG04d6zFdcKPjoPVY5ZC2Bkja_nv23Rll6dPHTElXYunKY9M-tRJBPjzvanXnWhf6jaqd0Pjt0bpFJJHDTadv8no1pTlnv0iJGChvta4J1x6_hgaXKNQkqP8NmlU1yPqQqE2o44Lysa7UpmH57lRdbb-js7oqFY-mUTLhlL2Td3ZYSIB_dKbSqeiulOcQSu9yI_UP2l7jFq114b3AtYJ4IQ7hKCEf3dsAgDJqpC2YVxx0FvDzXw6TQUQ2-5rc1nc8v54oYmj6iO3TVGh1ZHHohkmTEhlxfCPA3pc5UuR9x_CWPxb8-hMvU_7fSVoccAhz9Fu2P3duhiavhSXeoS5PTpgXrGiaQJw7JTLCec-KX8MWmTJnum-czgjPUvdltk_WeyDThFC-Jsaop2VXa39K8vuHgTbkXtiChtV1egycByaCBl-B27W8BMpc6o5vi6C22IaDDI_aZ4VHnazjEfKfKjKe3A5aN21ep0WQ9VBAZk8H-Lg0c14IN8rk2uTBua0c0fK-MxtkyL2lBeZS8ZFqEWo2gSFXt-EXA-7JERGn6B9zGtnKfrfdyQQ-Fi4acrNNAvjX0nuRok7X2c1kDNGzukZzO5IQvEy54mxVSVnfTSrPox--95xaXCNaDkzxBKuDZ99ozESUhru_-vllO0NNR9NcBCVhOVKOnEhmj1DYzQGAviU9_LzIJa8f9RZX06dXmIvhpEiwQJxd1rlO3T-SReqGZySNAajTK7bAzT9PlE02zYy8cHXl02STEs9btjUusvccvFebMgeJqZWC5-IQdrRyAUOYLI3bg0LrR2ATKEZid3bZjXffCRxmZIvE_xIo0OGOLlYjBmUU7e-cGcwtzW0fvfptZBMHehR210i9aOIsabLvUPKJ1UZHjDpRWDKjY3PriTdeydH3EXiOzGNtAhcXeDnv09thwmos2THEjlOVbr63LmMxUPOIvr8 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s32-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Fri, 29 Dec 2023 19:38:44 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4851	13 KB 5 KB	38ms 38ms	Document text/html	172.217.13.193 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.13.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul03s05-in-f1.1e100.net Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://pdf2png.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers accept-ranges bytes age 407738 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Mon, 25 Dec 2023 02:23:06 GMT expires Tue, 24 Dec 2024 02:23:06 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame 1285	829 B 998 B	74ms 66ms	Document text/html	172.217.13.196 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.13.196 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul03s05-in-f4.1e100.net Software GSE / Resource Hash 4af106e1b28e5f9da0068dd69c4457d8602bdd628260a560f384f0955f361778 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-pBoiGKv8tqU2k5LzgqEUtA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://pdf2png.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language en-CA,en;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-pBoiGKv8tqU2k5LzgqEUtA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Fri, 29 Dec 2023 19:38:44 GMT expires Fri, 29 Dec 2023 19:38:44 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response pagead2.googlesyndication.com/bg/ Frame 4851	39 KB 15 KB	42ms 42ms	Script text/javascript	142.250.72.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s32-in-f2.1e100.net Software sffe / Resource Hash 0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Fri, 29 Dec 2023 02:22:31 GMT content-encoding br x-content-type-options nosniff age 62173 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15165 x-xss-protection 0 last-modified Tue, 28 Nov 2023 18:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Sat, 28 Dec 2024 02:22:31 GMT
GET H2	200	dt dt.adsafeprotected.com/ Frame 1A71	43 B 215 B	87ms 87ms	Image image/gif	52.88.79.152 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1138160&asId=f8c78417-097d-141c-91ad-5cde89669448&tv=%7Bc:ybwaSl,pingTime:-10,time:756,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHw0ODB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjAuMC42MDk5LjEwOSBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1703878724289%7C%7C0f218ac41ec4ae243a926ce93ac9ac14%7C%7Cf5ef61ca1e560a2377dfd6c236fd3eb9%7C%7Cede9adf0f34a12e58594047b44c3ae34%7C%7C17873efff9920c059252ee97f6447a11%7C%7C33ba4a3dc08eda3505df8395eac09911%7C%7Cb7ceef33f51a1c2013741ed8e2585360%7C%7C76e416c38c7c97e4ba73f6a12a70ff8a%7C%7C1663701684%7D Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.88.79.152 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-88-79-152.us-west-2.compute.amazonaws.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Fri, 29 Dec 2023 19:38:44 GMT server nginx x-server-name dt15.or.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 1285	0 0	64ms 64ms	Image text/html	142.250.72.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231207&jk=2819960440942582&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s32-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 4851	0 10 B	39ms 37ms	Image text/plain	172.217.13.193 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?GZl5iA Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.13.193 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul03s05-in-f1.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Fri, 29 Dec 2023 19:38:44 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 1A71	42 B 64 B	68ms 67ms	Fetch image/gif	142.250.72.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstNfuD3OvnTKa5lKVujpIr0IVO9tD8qmH0HC3jq7cPEjfKFjchcpD7obecJtZnkAOsKYMCBPRRclkZRYmC_Ly-VEEcsW5oa80yaNt7cFmD-Hd4PFwZtb-4cb1DnI4D2Dz7PK3XwKivjaLXpUJvYDJVyxWF-&sai=AMfl-YQJ82Bgwh2mY7nuikqkiYk_zyUNbbXnhVgHghMvSRK79CpuVOjzajkqfJwjSZxL2VNcsakjqQhcaterVPTU1txz3kG6xSgwuERyV9EKMGJ6rJury2q_Iemx3fdU0xHE06fjLEoCFjXcCMRlN8qN&sig=Cg0ArKJSzJC0dAwY9CaoEAE&cid=CAQSTgAvHhf_jxcrQdke7La2tnG_P4_TSlJCnBRNYeyo6U6xStKOExBbzGEdSQaERHzs5-6wZIrdl1NtCmpa0m9iLvcMYjy_ME0J9fwyOZ2DLRgB&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=457190580&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703878721727&rpt=1702&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s32-in-f2.1e100.net Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Fri, 29 Dec 2023 19:38:44 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	px.gif fundingchoicesmessages.google.com/img/	43 B 68 B	75ms 74ms	Image image/gif	172.217.13.110 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=10.90880673946079 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.13.110 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f14.1e100.net Software ESF / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-65g3fk-humTUeDwvi9OReA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://pdf2png.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Fri, 29 Dec 2023 19:38:44 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-65g3fk-humTUeDwvi9OReA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type image/gif cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	px.gif fundingchoicesmessages.google.com/img/	43 B 68 B	75ms 74ms	Image image/gif	172.217.13.110 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=8.731790631024717 Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.13.110 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f14.1e100.net Software ESF / Resource Hash 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-aTQlTrRlkroSsmwm7FWX1A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://pdf2png.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Fri, 29 Dec 2023 19:38:44 GMT content-security-policy script-src 'report-sample' 'nonce-aTQlTrRlkroSsmwm7FWX1A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type image/gif cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* expires Mon, 01 Jan 1990 00:00:00 GMT
POST H3	204	AGSKWxX28-eIPqxRaCih4sIabqPTH4AsQqlh0fhlEo-OLOFHg_CXiKdGXPDI21ISUkJhaNNPm1vpN-9yyImnSaOlWJ9HN9H1Ht3zTrP1W5By3E7As4tCgQwrEIAAA7rNJI_mAiAXXFF_lw== Show response fundingchoicesmessages.google.com/el/	0 28 B	161ms 69ms	XHR text/html	172.217.13.110 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxX28-eIPqxRaCih4sIabqPTH4AsQqlh0fhlEo-OLOFHg_CXiKdGXPDI21ISUkJhaNNPm1vpN-9yyImnSaOlWJ9HN9H1Ht3zTrP1W5By3E7As4tCgQwrEIAAA7rNJI_mAiAXXFF_lw== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMxTgAzZgX7fv5x3yC2FM5A7d8L4hw/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.13.110 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f14.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-ABwbfo6xnIcj1L26GBWF6A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://pdf2png.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type text/plain Response headers date Fri, 29 Dec 2023 19:38:44 GMT content-security-policy script-src 'report-sample' 'nonce-ABwbfo6xnIcj1L26GBWF6A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF access-control-max-age 86400 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site content-type text/html; charset=utf-8 access-control-allow-origin https://pdf2png.com access-control-allow-methods POST, GET, OPTIONS cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	dt dt.adsafeprotected.com/ Frame 1A71	43 B 215 B	90ms 90ms	Image image/gif	52.88.79.152 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1138160&asId=f8c78417-097d-141c-91ad-5cde89669448&tv=%7Bc:ybwaXz,time:1080,type:e,im:%7Bpci:%7Btdr:1006%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:1080,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:42,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1070~0%5D,as:%5B1070~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:100,fm:tZRjtRH+11%7C12%7C131%7C132%7C14*.1138160-76607944%7C141%7C142%7C143%7C151%7C152%7C16%7C17%7C18%7C19%7C1a1,idMap:14*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:43,sis:453%7D&br=c Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.88.79.152 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-88-79-152.us-west-2.compute.amazonaws.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Fri, 29 Dec 2023 19:38:44 GMT server nginx x-server-name dt10.or.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	67ms 66ms	Image text/html	142.250.72.98 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231207&jk=2819960440942582&bg=!hoWlhcrNAAY3kmNgF5I7ADQBe5WfOOB7hRi1-OwHGr3YkXStGQ5f0VJXKBNqBS6YOx1iSTG22dgwUCOaULeu--EV0RCuAgAAAGxSAAAAA2gBB5kC8ESNq8IsYcQGUcM_pK4_4tr2-U4Rpsp64nIaA-RA4ysDLtn_QIEGnuUjnDNmSM62WQpzPEoPO28vDO3rA0ZWx0SE4H2mfnvIjMMeReB5JiYK5H8f1DRbF-ILj3xUgu63joIdY32Fn0l9Z9V02qRz9YA9b0QjPNGcKjb7Hh5MT4RMNgMLotoANFX7oFVzkH_KBj5UU7XQmWsIZOXMaUOOAy1J_ump4YJ_-rur5mNo7olPnIkpUH489BaADhvXZYb_QBgkhXMYNAghn09hpp1Svj2FgLkDO2fsPiooOagSewcayjPwrd0kqSf-40cjU_KBNfS4t_yHobHpxM5f8_-ngW-14oTw3t9VUDpgIbyiu84g8AVcsci_IbaQUrtVQPN3rITnlV4C8WlnNaGUuzOqHe5hC6DcD9TjngLOhCf-q2Ae7jwwTpdMsoV72K6DkmCDEUzn2ey9Mmr9tH0731dFwbSuMWnHq3AmvhmnDZ6VySZfq8w4fwfDgJF9rfYxENcbU9xZhTL9MCEF7oyCP87JVn5l36qYvBxntJFjH2ZWcL9-i4e-tP-OxCkyu7s-HzicbLaS3uv_V_m-IZP7aK5HcVU4sBL4-0c0UrAE_9CTWBuT747FCoQBJqJy3VSLh2eeg0wH_xu0xTOmyFBE4-YvxUAuleB1XV5mzGKZ46pDxdlDChvUaKOOQB1JHn-_js34SfLGuQ7GiPIcOtDVZeuOHtQ_s9ShqjZd0IyS7jBBkWkvu9-IIoipH9sCpTIMnB9jF_kWWLweBIcjPqACbyaNzBsYHfBk_sz5ChC8d-R6yiTs1ZicL82sZDEe80kjoIIvG6-maSpksPTHz2shWOVZoEMkpd3V339ttIwNkcO_lLCrdG2wPlUxgIAoOIQqYXAxeaiD9ViVviV3pABlkjPmjLtlIDPZMTbatSz8pU0mksmnSbvgB93k8I2nCQWuwZURKD4klSR91NWZ9S5SgUlWfrTEiThzsqyeSGIQMjfHGLDz Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s32-in-f2.1e100.net Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language en-CA,en;q=0.9 Referer https://pdf2png.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 1A71	0 20 B	65ms 64ms	Ping image/gif	142.250.72.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2289344319674&version=m202309260101&ct=76&x=1&cor=2318422490171003400 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s32-in-f2.1e100.net Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Fri, 29 Dec 2023 19:38:45 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	.160x600._topad.-karbonn-ad- Show response fundingchoicesmessages.google.com/f/AGSKWxV8sQPUDSExWYJKbtEGZM8iAqwIPjHKD2o6YieO5oOs8VWiaAMWffpjFqgeOLZENFEjKbcF6Am4SDcNwhilBpzZO653KpcdZ6HfeECRnneH9q2aW46MRDJ1P4QG9E-LCoJIG9_aCm-RQgpGwLBUevbPzs9dI...	54 B 109 B	71ms 71ms	Script application/javascript	172.217.13.110 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxV8sQPUDSExWYJKbtEGZM8iAqwIPjHKD2o6YieO5oOs8VWiaAMWffpjFqgeOLZENFEjKbcF6Am4SDcNwhilBpzZO653KpcdZ6HfeECRnneH9q2aW46MRDJ1P4QG9E-LCoJIG9_aCm-RQgpGwLBUevbPzs9dIU45UxHV47lo-LZ_-zPU9JE-t8lAnlRN/__400x68._affiliate/banners/.160x600._topad.-karbonn-ad- Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.UvFBQR34S5U.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMz3yAw6EdmQsjd3aj68pMJW_AFq6g/m=ad_blocking_detection_executable Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.13.110 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f14.1e100.net Software ESF / Resource Hash 52864abea5320eefb79c2b18ccaa69d727fbd6ef79062deee34d2c0c029f1d91 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-YCkEnfxkT273qqbXQg7joA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://pdf2png.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Fri, 29 Dec 2023 19:38:45 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-YCkEnfxkT273qqbXQg7joA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	google_top_exp.js Show response pagead2.googlesyndication.com/pagead/js/	47 B 67 B	38ms 38ms	Script text/javascript	142.250.72.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.UvFBQR34S5U.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMz3yAw6EdmQsjd3aj68pMJW_AFq6g/m=ad_blocking_detection_executable Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.72.98 Plainview, United States, ASN15169 (GOOGLE, US), Reverse DNS lga34s32-in-f2.1e100.net Software cafe / Resource Hash ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://pdf2png.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Fri, 29 Dec 2023 17:47:45 GMT content-encoding br x-content-type-options nosniff age 6660 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 server cafe etag 13036835877489095579 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Fri, 12 Jan 2024 17:47:45 GMT
POST H3	204	AGSKWxX28-eIPqxRaCih4sIabqPTH4AsQqlh0fhlEo-OLOFHg_CXiKdGXPDI21ISUkJhaNNPm1vpN-9yyImnSaOlWJ9HN9H1Ht3zTrP1W5By3E7As4tCgQwrEIAAA7rNJI_mAiAXXFF_lw== Show response fundingchoicesmessages.google.com/el/	0 28 B	69ms 69ms	XHR text/html	172.217.13.110 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxX28-eIPqxRaCih4sIabqPTH4AsQqlh0fhlEo-OLOFHg_CXiKdGXPDI21ISUkJhaNNPm1vpN-9yyImnSaOlWJ9HN9H1Ht3zTrP1W5By3E7As4tCgQwrEIAAA7rNJI_mAiAXXFF_lw== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMxTgAzZgX7fv5x3yC2FM5A7d8L4hw/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.13.110 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f14.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-JTq1Y9SBgUpLUbiQk3FnNQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://pdf2png.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type text/plain Response headers date Fri, 29 Dec 2023 19:38:45 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-JTq1Y9SBgUpLUbiQk3FnNQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://pdf2png.com content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
POST H3	204	AGSKWxX28-eIPqxRaCih4sIabqPTH4AsQqlh0fhlEo-OLOFHg_CXiKdGXPDI21ISUkJhaNNPm1vpN-9yyImnSaOlWJ9HN9H1Ht3zTrP1W5By3E7As4tCgQwrEIAAA7rNJI_mAiAXXFF_lw== Show response fundingchoicesmessages.google.com/el/	0 28 B	68ms 67ms	XHR text/html	172.217.13.110 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxX28-eIPqxRaCih4sIabqPTH4AsQqlh0fhlEo-OLOFHg_CXiKdGXPDI21ISUkJhaNNPm1vpN-9yyImnSaOlWJ9HN9H1Ht3zTrP1W5By3E7As4tCgQwrEIAAA7rNJI_mAiAXXFF_lw== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMxTgAzZgX7fv5x3yC2FM5A7d8L4hw/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.13.110 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f14.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-KeEh-Ra01Ghinxd28t2b6w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://pdf2png.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type text/plain Response headers date Fri, 29 Dec 2023 19:38:45 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-KeEh-Ra01Ghinxd28t2b6w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://pdf2png.com content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
POST H3	204	AGSKWxX28-eIPqxRaCih4sIabqPTH4AsQqlh0fhlEo-OLOFHg_CXiKdGXPDI21ISUkJhaNNPm1vpN-9yyImnSaOlWJ9HN9H1Ht3zTrP1W5By3E7As4tCgQwrEIAAA7rNJI_mAiAXXFF_lw== Show response fundingchoicesmessages.google.com/el/	0 28 B	68ms 67ms	XHR text/html	172.217.13.110 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxX28-eIPqxRaCih4sIabqPTH4AsQqlh0fhlEo-OLOFHg_CXiKdGXPDI21ISUkJhaNNPm1vpN-9yyImnSaOlWJ9HN9H1Ht3zTrP1W5By3E7As4tCgQwrEIAAA7rNJI_mAiAXXFF_lw== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMxTgAzZgX7fv5x3yC2FM5A7d8L4hw/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.13.110 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f14.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-AuR9sYWgoK36EOC9GaoMGg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://pdf2png.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type text/plain Response headers date Fri, 29 Dec 2023 19:38:45 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-AuR9sYWgoK36EOC9GaoMGg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF access-control-max-age 86400 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site content-type text/html; charset=utf-8 access-control-allow-origin https://pdf2png.com access-control-allow-methods POST, GET, OPTIONS cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
POST H3	204	AGSKWxX28-eIPqxRaCih4sIabqPTH4AsQqlh0fhlEo-OLOFHg_CXiKdGXPDI21ISUkJhaNNPm1vpN-9yyImnSaOlWJ9HN9H1Ht3zTrP1W5By3E7As4tCgQwrEIAAA7rNJI_mAiAXXFF_lw== Show response fundingchoicesmessages.google.com/el/	0 28 B	68ms 68ms	XHR text/html	172.217.13.110 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxX28-eIPqxRaCih4sIabqPTH4AsQqlh0fhlEo-OLOFHg_CXiKdGXPDI21ISUkJhaNNPm1vpN-9yyImnSaOlWJ9HN9H1Ht3zTrP1W5By3E7As4tCgQwrEIAAA7rNJI_mAiAXXFF_lw== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMxTgAzZgX7fv5x3yC2FM5A7d8L4hw/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.13.110 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f14.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-3x7EKiPsxo6vqnaH8b0meQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://pdf2png.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type text/plain Response headers date Fri, 29 Dec 2023 19:38:45 GMT content-security-policy script-src 'report-sample' 'nonce-3x7EKiPsxo6vqnaH8b0meQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF access-control-max-age 86400 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site content-type text/html; charset=utf-8 access-control-allow-origin https://pdf2png.com access-control-allow-methods POST, GET, OPTIONS cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
GET H3	200	AGSKWxUQquSprj4XJ9AEwvhWB23VS4pzuyAbOVw8eZYZPGAcmMA6pNvRJI4lpa_2wR3hAZ6AOmrXVNMNUqZi4OTKAN0ANuRmcEsHTWKaalVDRPbcojKHu7zgd0b9gz0CDIOGn7yRFDswoA== Show response fundingchoicesmessages.google.com/f/	3 KB 2 KB	79ms 78ms	Script application/javascript	172.217.13.110 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/f/AGSKWxUQquSprj4XJ9AEwvhWB23VS4pzuyAbOVw8eZYZPGAcmMA6pNvRJI4lpa_2wR3hAZ6AOmrXVNMNUqZi4OTKAN0ANuRmcEsHTWKaalVDRPbcojKHu7zgd0b9gz0CDIOGn7yRFDswoA==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAzODc4NzI1LDI3MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly9wZGYycG5nLmNvbS8iLG51bGwsW1s4LCJVdkZCUVIzNFM1VSJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMxTgAzZgX7fv5x3yC2FM5A7d8L4hw/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.13.110 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f14.1e100.net Software ESF / Resource Hash 826085085397ed931904bea9f279d698f9112ee49c3b63f4cf7be27b41663352 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-gMPEkvtQ3NOHKv12dKjp4A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-CA,en;q=0.9 Referer https://pdf2png.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Fri, 29 Dec 2023 19:38:45 GMT content-security-policy script-src 'report-sample' 'nonce-gMPEkvtQ3NOHKv12dKjp4A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site x-frame-options SAMEORIGIN content-type application/javascript; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* timing-allow-origin * expires Mon, 01 Jan 1990 00:00:00 GMT
POST H3	204	AGSKWxVW6XT5gLIRSg338GBP0N2_oE2Dp4aH5pSqDGUjQyiy0-9Z_yrgiy12dw2DfVNQLliHqDZLtC-x5JVeqGxPG1AlxQEEef7PqaIYs7rFhaffZrmOzPvAuuf7svgdVEnjnm_wQ9NInA== Show response fundingchoicesmessages.google.com/el/	0 28 B	69ms 69ms	XHR text/html	172.217.13.110 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxVW6XT5gLIRSg338GBP0N2_oE2Dp4aH5pSqDGUjQyiy0-9Z_yrgiy12dw2DfVNQLliHqDZLtC-x5JVeqGxPG1AlxQEEef7PqaIYs7rFhaffZrmOzPvAuuf7svgdVEnjnm_wQ9NInA== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMxTgAzZgX7fv5x3yC2FM5A7d8L4hw/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.13.110 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f14.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-BaaCN-Jc8kYzNfaMohaaig' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://pdf2png.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type text/plain Response headers date Fri, 29 Dec 2023 19:38:45 GMT content-security-policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-BaaCN-Jc8kYzNfaMohaaig' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF access-control-max-age 86400 vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site content-type text/html; charset=utf-8 access-control-allow-origin https://pdf2png.com access-control-allow-methods POST, GET, OPTIONS cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
POST H3	204	AGSKWxX28-eIPqxRaCih4sIabqPTH4AsQqlh0fhlEo-OLOFHg_CXiKdGXPDI21ISUkJhaNNPm1vpN-9yyImnSaOlWJ9HN9H1Ht3zTrP1W5By3E7As4tCgQwrEIAAA7rNJI_mAiAXXFF_lw== Show response fundingchoicesmessages.google.com/el/	0 28 B	70ms 70ms	XHR text/html	172.217.13.110 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fundingchoicesmessages.google.com/el/AGSKWxX28-eIPqxRaCih4sIabqPTH4AsQqlh0fhlEo-OLOFHg_CXiKdGXPDI21ISUkJhaNNPm1vpN-9yyImnSaOlWJ9HN9H1Ht3zTrP1W5By3E7As4tCgQwrEIAAA7rNJI_mAiAXXFF_lw== Requested by Host: URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.UvFBQR34S5U.es5.O/am=wA/d=1/rs=AJlcJMxTgAzZgX7fv5x3yC2FM5A7d8L4hw/m=kernel_loader,loader_js_executable Protocol H3 Security QUIC, , AES_128_GCM Server 172.217.13.110 , United States, ASN15169 (GOOGLE, US), Reverse DNS yul02s04-in-f14.1e100.net Software ESF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-rDgK8TitCpRLLfB2zBG2zg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://pdf2png.com/ accept-language en-CA,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type text/plain Response headers date Fri, 29 Dec 2023 19:38:45 GMT content-security-policy script-src 'report-sample' 'nonce-rDgK8TitCpRLLfB2zBG2zg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 pragma no-cache accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version cross-origin-opener-policy same-origin server ESF vary Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site access-control-max-age 86400 access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://pdf2png.com content-type text/html; charset=utf-8 cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true permissions-policy ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=* x-frame-options SAMEORIGIN expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	dt dt.adsafeprotected.com/ Frame 1A71	43 B 215 B	88ms 86ms	Image image/gif	52.88.79.152 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1138160&asId=f8c78417-097d-141c-91ad-5cde89669448&tv=%7Bc:ybwbeI,pingTime:1,time:2143,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:42%7D,%7Bpiv:100,vs:i,r:,t:1142%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:1142,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:42,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1131~0,0~100%5D,as:%5B1131~728.90%5D%7D%7D,%7Bsl:i,t:1142,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:118,fm:tZRjtRH+11%7C12%7C131%7C132%7C14*.1138160-76607944%7C141%7C142%7C143%7C151%7C152%7C16%7C17%7C18%7C19%7C1a1,idMap:14*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:43,sis:453%7D&br=c Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.88.79.152 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-88-79-152.us-west-2.compute.amazonaws.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Fri, 29 Dec 2023 19:38:45 GMT server nginx x-server-name dt03.or.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H2	200	dt dt.adsafeprotected.com/ Frame 1A71	43 B 215 B	87ms 85ms	Image image/gif	52.88.79.152 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1138160&asId=f8c78417-097d-141c-91ad-5cde89669448&tv=%7Bc:ybwbeI,pingTime:1,time:2144,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:42%7D,%7Bpiv:100,vs:i,r:,t:1142%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1002,o:1142,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:42,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1131~0,0~100%5D,as:%5B1131~728.90%5D%7D%7D,%7Bsl:i,t:1142,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:118,fm:tZRjtRH+11%7C12%7C131%7C132%7C14*.1138160-76607944%7C141%7C142%7C143%7C151%7C152%7C16%7C17%7C18%7C19%7C1a1,idMap:14*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:43,sis:453%7D&br=c Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.88.79.152 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-88-79-152.us-west-2.compute.amazonaws.com Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language en-CA,en;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Fri, 29 Dec 2023 19:38:45 GMT server nginx x-server-name dt09.or.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43