urlscan.io logo urlscan.io
SecurityTrails logo

www.pngwing.com Open in urlscan Pro
172.64.192.31  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.pngwing.com/fi/free-png-pypys
Submission: On January 30 via api from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 3 countries across 21 domains to perform 116 HTTP transactions. The main IP is 172.64.192.31, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.pngwing.com. The Cisco Umbrella rank of the primary domain is 134510.
TLS certificate: Issued by GTS CA 1P5 on January 8th 2024. Valid for: 3 months.
This is the only time www.pngwing.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
15 172.64.192.31 13335 (CLOUDFLAR...)
6 142.251.179.154 15169 (GOOGLE)
1 142.251.163.97 15169 (GOOGLE)
1 192.243.59.13 39572 (ADVANCEDH...)
12 172.253.122.155 15169 (GOOGLE)
1 142.251.167.138 15169 (GOOGLE)
11 142.251.163.102 15169 (GOOGLE)
16 172.253.115.132 15169 (GOOGLE)
6 142.251.163.94 15169 (GOOGLE)
4 142.250.192.227 15169 (GOOGLE)
1 74.125.174.103 15169 (GOOGLE)
1 142.251.167.147 15169 (GOOGLE)
1 74.119.119.65 19750 (AS-CRITEO)
1 2 104.18.25.173 ()
2 2 185.167.164.39 198622 (ADFORM)
2 142.251.163.154 ()
11 74.119.119.131 19750 (AS-CRITEO)
1 74.119.119.147 19750 (AS-CRITEO)
1 104.17.25.14 13335 (CLOUDFLAR...)
2 74.119.119.149 19750 (AS-CRITEO)
116 20
15    172.64.192.31 (United States)

ASN13335 (CLOUDFLARENET, US)
www.pngwing.com
assets.pngwing.com
w7.pngwing.com
6    142.251.179.154 (United States)

ASN15169 (GOOGLE, US)
PTR: pd-in-f154.1e100.net
pagead2.googlesyndication.com
1    142.251.163.97 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f97.1e100.net
www.googletagmanager.com
1    192.243.59.13 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
qualitiesstopsallegiance.com
12    172.253.122.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bh-in-f155.1e100.net
googleads.g.doubleclick.net
1    142.251.167.138 (United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f138.1e100.net
www.google-analytics.com
11    142.251.163.102 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f102.1e100.net
fundingchoicesmessages.google.com
16    172.253.115.132 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f132.1e100.net
tpc.googlesyndication.com
6    142.251.163.94 (United States)

ASN15169 (GOOGLE, US)
PTR: wv-in-f94.1e100.net
www.gstatic.com
4    142.250.192.227 (United States)

ASN15169 (GOOGLE, US)
PTR: del11s13-in-f3.1e100.net
csi.gstatic.com
1    74.125.174.103 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s46-in-f7.1e100.net
rr2---sn-ab5sznzd.googlevideo.com
1    142.251.167.147 (United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f147.1e100.net
www.google.com
1    74.119.119.65 (United States)

ASN19750 (AS-CRITEO, US)
ads.us.criteo.com
2    104.18.25.173 (None, )

ASN- ()
a.tribalfusion.com
s.tribalfusion.com
2    185.167.164.39 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    142.251.163.154 (None, )

ASN- ()
cm.g.doubleclick.net
11    74.119.119.131 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
1    74.119.119.147 (United States)

ASN19750 (AS-CRITEO, US)
cat.va.us.criteo.com
1    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    74.119.119.149 (United States)

ASN19750 (AS-CRITEO, US)
csm.us.criteo.net
Apex Domain
Subdomains		 Transfer
22 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
tpc.googlesyndication.com — Cisco Umbrella Rank: 157
379 KB
15 pngwing.com
www.pngwing.com — Cisco Umbrella Rank: 134510
assets.pngwing.com — Cisco Umbrella Rank: 233889
w7.pngwing.com — Cisco Umbrella Rank: 79637
70 KB
14 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
cm.g.doubleclick.net
169 KB
13 criteo.net
static.criteo.net — Cisco Umbrella Rank: 657
imageproxy.us.criteo.net Failed
csm.us.criteo.net — Cisco Umbrella Rank: 3277
47 KB
12 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1143
www.google.com — Cisco Umbrella Rank: 2
70 KB
10 gstatic.com
www.gstatic.com
csi.gstatic.com
90 KB
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 583
1 KB
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 criteo.com
ads.us.criteo.com — Cisco Umbrella Rank: 3179
cat.va.us.criteo.com — Cisco Umbrella Rank: 3347
57 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
5 KB
1 googlevideo.com
rr2---sn-ab5sznzd.googlevideo.com — Cisco Umbrella Rank: 21077
1 MB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
246 B
1 qualitiesstopsallegiance.com
qualitiesstopsallegiance.com — Cisco Umbrella Rank: 150970
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
86 KB
0 temu.com Failed
www.temu.com Failed
0 mediago.io Failed
gtrace.mediago.io Failed
0 mobtrakk.com Failed
sync-dmp.mobtrakk.com Failed
0 adkernel.com Failed
dsp.adkernel.com Failed
0 quantserve.com Failed
cms.quantserve.com Failed
0 googletagservices.com Failed
www.googletagservices.com Failed
0 googleapis.com Failed
fonts.googleapis.com Failed
116 21
Domain Requested by
16 tpc.googlesyndication.com googleads.g.doubleclick.net
12 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
11 static.criteo.net ads.us.criteo.com
cdnjs.cloudflare.com
static.criteo.net
11 fundingchoicesmessages.google.com pagead2.googlesyndication.com
10 assets.pngwing.com www.pngwing.com
assets.pngwing.com
6 www.gstatic.com googleads.g.doubleclick.net
6 pagead2.googlesyndication.com www.pngwing.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
4 csi.gstatic.com www.gstatic.com
4 www.pngwing.com www.pngwing.com
2 csm.us.criteo.net ads.us.criteo.com
2 cm.g.doubleclick.net googleads.g.doubleclick.net
2 c1.adform.net 2 redirects
1 cdnjs.cloudflare.com ads.us.criteo.com
1 cat.va.us.criteo.com ads.us.criteo.com
1 s.tribalfusion.com googleads.g.doubleclick.net
1 a.tribalfusion.com 1 redirects
1 ads.us.criteo.com googleads.g.doubleclick.net
1 www.google.com googleads.g.doubleclick.net
1 rr2---sn-ab5sznzd.googlevideo.com googleads.g.doubleclick.net
1 www.google-analytics.com www.googletagmanager.com
1 qualitiesstopsallegiance.com www.pngwing.com
1 w7.pngwing.com www.pngwing.com
1 www.googletagmanager.com www.pngwing.com
0 imageproxy.us.criteo.net Failed ads.us.criteo.com
0 www.temu.com Failed googleads.g.doubleclick.net
0 gtrace.mediago.io Failed googleads.g.doubleclick.net
0 sync-dmp.mobtrakk.com Failed googleads.g.doubleclick.net
0 dsp.adkernel.com Failed googleads.g.doubleclick.net
0 cms.quantserve.com Failed googleads.g.doubleclick.net
0 www.googletagservices.com Failed googleads.g.doubleclick.net
0 fonts.googleapis.com Failed googleads.g.doubleclick.net
116 31

This site contains links to these domains. Also see Links.

Domain
mailtoui.com
Subject Issuer Validity Valid
pngwing.com
GTS CA 1P5		 2024-01-08 -
2024-04-07		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
qualitiesstopsallegiance.com
R3		 2023-12-25 -
2024-03-24		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.c.docs.google.com
GTS CA 1C3		 2024-01-16 -
2024-03-26		 2 months crt.sh
www.google.com
GTS CA 1C3		 2024-01-02 -
2024-03-26		 3 months crt.sh
*.us.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-01-12 -
2024-04-12		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-15 -
2024-03-10		 3 months crt.sh
*.va.us.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-25 -
2024-02-22		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.us.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-27 -
2024-03-22		 3 months crt.sh

This page contains 9 frames:

Primary Page: https://www.pngwing.com/fi/free-png-pypys
Frame ID: 7A3852845502770DF7025D74D24E97D7
Requests: 35 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20190131/zrt_lookup_fy2021.html
Frame ID: 1550BF77445E9168B37EE875657518A7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&adk=84980950&adf=198458457&lmt=1706650176&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x945_l%7C164x945_r&format=0x0&url=https%3A%2F%2Fwww.pngwing.com%2Ffi%2Ffree-png-pypys&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706650175939&bpp=4&bdt=3245&idt=167&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3524471520251&frm=20&pv=2&ga_vid=1948961691.1706650176&ga_sid=1706650176&ga_hid=2018514282&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080620%2C44795921%2C95321958%2C95320868%2C95320893%2C95323005&oid=2&pvsid=354726131425966&tmod=1420159883&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=187
Frame ID: 32190D4F93327C51ED1931DC6C3DBCDF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&h=280&slotname=6755779896&adk=1820968986&adf=3547721577&pi=t.ma~as.6755779896&w=920&fwrn=4&fwrnh=100&lmt=1706650176&rafmt=1&format=920x280&url=https%3A%2F%2Fwww.pngwing.com%2Ffi%2Ffree-png-pypys&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706650175943&bpp=1&bdt=3249&idt=191&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3524471520251&frm=20&pv=1&ga_vid=1948961691.1706650176&ga_sid=1706650176&ga_hid=2018514282&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=183&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080620%2C44795921%2C95321958%2C95320868%2C95320893%2C95323005&oid=2&pvsid=354726131425966&tmod=1420159883&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=196
Frame ID: 2B03997462BCA93D9A06A17D84039D11
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&h=600&slotname=6755779896&adk=3097730508&adf=449867342&pi=t.ma~as.6755779896&w=300&fwrn=4&fwrnh=100&lmt=1706650176&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.pngwing.com%2Ffi%2Ffree-png-pypys&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706650175944&bpp=1&bdt=3250&idt=204&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C920x280&nras=1&correlator=3524471520251&frm=20&pv=1&ga_vid=1948961691.1706650176&ga_sid=1706650176&ga_hid=2018514282&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1118&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080620%2C44795921%2C95321958%2C95320868%2C95320893%2C95323005&oid=2&pvsid=354726131425966&tmod=1420159883&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=206
Frame ID: A21FD33C853D20D5BD96A688F2FEE2E9
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 33539928D9589EBAF037AC3501CD866C
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2606419576769320&output=html&h=280&slotname=6755779896&adk=3393489949&adf=2897732966&pi=t.ma~as.6755779896&w=1200&fwrn=4&fwrnh=100&lmt=1706650188&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.pngwing.com%2Ffi%2Ffree-png-pypys&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706650188397&bpp=1&bdt=15703&idt=2&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddb17fbc0de342517%3AT%3D1706650176%3ART%3D1706650176%3AS%3DALNI_MYS7sFSNZ2JNL2Oqs0sbffRT8qIHA&gpic=UID%3D00000dbc2e557a6b%3AT%3D1706650176%3ART%3D1706650176%3AS%3DALNI_MYlQOtZR8eVcvzlsyBHbjE9nKk4_Q&eo_id_str=ID%3D58907b6134819514%3AT%3D1706650176%3ART%3D1706650176%3AS%3DAA-AfjYN4aeByAAuH2ctwLlNF7sM&prev_fmts=0x0%2C920x280%2C300x600%2C1600x1200&nras=2&correlator=3524471520251&frm=20&pv=1&ga_vid=1948961691.1706650176&ga_sid=1706650176&ga_hid=2018514282&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1679&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080620%2C44795921%2C95321958%2C95320868%2C95320893%2C95323005&oid=2&psts=AOrYGsm1UtWsKzE706aTRPuZBiBiXsd-md7K_vXXvMjA0ZxbJeODVfbtr95J-aERdAf7I2F879Xh8WIvxH-BAwyOw9MpqyE%2CAOrYGsmuiFPv5uiWXEqzscsJ9vmsr5ih3EA4Bx7wTr-MVDFjmAULAaOGEScT02CS_0w7SgI1Tiu6G0DykK72NSkaCUsi&pvsid=354726131425966&tmod=1420159883&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=5
Frame ID: 2054F6CAF584A3A51E7A12F31114993D
Requests: 6 HTTP requests in this frame

Frame: https://ads.us.criteo.com/delivery/r/afr.php?z=ZblqTAAGrE0IaATKAAz0uAvjIHqy1I67Xu27VA&u=%7CA%2Fn6i6JSQpJMRU%2FscTtXFZ8hEwP%2BDEdLmbRxZmehp74%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR6JaQbtbG989nU3FNhChtHNLcfO4j9EQpTfpZlEBbPTMTri3BODJW10YvFNSlvvyzZ5cqKxomYXEyqNu2ceMjqWT_VH3TfSpE5lsEMKlZKFTYb7E69U8dhpa9L91iwkDg8PGT7oSU13p5c5kDWQkQEXPB55XryrpGzorKlyG_Tm2oXDUUXYVGXWg4YUq5eB6Wk9OZ4ZzDxCOlIAD-z-aMVQovYWwJHYjCMJyAU_Vxk8-KMTSeWxh3KkgIuTu9l_pSOlFCD4LoNfr-flSgFgOyE-BbHNxzaMEls9UnsUiAdEzsAveRLChmTQeFIjZ97oM9mbZd-BagQiiXDWomIA8TyG0VleNXAT_T2GN_bfyu1b204EIhVybg2rfXzufuIWScrZ6pRS_3AYIxovPPeiQqC3Y1HrLofV8ru7onbyFWHrhlLBbaaa7krW2lbSweHi1kii5tFn0sWIZnSJl_DqtXsgBB8h-D2myLtcM5FNdGAiTf4xAIgwYFrdzqxpToUaCBkG4nDXUXjoUPPE1Z4XyqmhidMcRAFLIob8LgtUsz32RU2MuYN1epnp9FoEYN602RzSRrEw0ANc1-NQB3W3chjxwbKmjaNm4wlTkmFLJB6hVA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCoM9vTGq5Zc3YGsqJoPMPuOmzsAScge-wXPKhqap0wI23ARABIABg_eiigfADggEXY2EtcHViLTI2MDY0MTk1NzY3NjkzMjDIAQmoAwHIAwKqBN0BT9DpwDtG4trBxqGLQT1n8tx-Tw9CBq7G5imxEPfOYaiPcNN_op7CVEoH5ELMhI7_8s6jt7leNVcq8Ch1mRSp-dCNA5rbFI4uZ_8522k_vNLgPcoz_KxmUQPrFmYxOfyUJBH9DR5X7w9q6UVejUXIizGaA9M9bGkW5lDOgZPV2XfB0VJgCMFjct884vQo_CM3QLSkA5_SKKsAt8hUJ0HpY1dF0iltqZG9pQS17HHaP0L0Q4gajOUXf20-ffw2HRqCkffR2-bBdPLQT_Tm6-xvBQOJY3lKFVhT-Yt0MVWABpXoge6I2ZGvQKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOlj4ivOxh4aEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Sk5fAyVHOJCI4TGGNiH8wkdwbpw%26client%3Dca-pub-2606419576769320%26adurl%3D
Frame ID: EEE59E6ADBA7443ADF216968E32B516F
Requests: 27 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 10DA03D31D0CFA19D5E0F5C1C14918F7
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Metabolomiikka Metabolia Metabolomi TCG BDC, muut, apk, alueella, biokemia png | PNGWing

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

116
Requests

79 %
HTTPS

0 %
IPv6

21
Domains

31
Subdomains

20
IPs

3
Countries

2299 kB
Transfer

3990 kB
Size

9
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 85
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEOq1EEt4joNgYVLUzDEAQ_A&google_cver=1&google_push=AXcoOmQ5eXJlGtZflynEDyL5cMl6mKIbVYUD70VJX-mPi6wlP7DGtxN2yu46Xo6ynr-3v4rbmSohXaqYnBR1TYN1uX5A10i9eD-B22g&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQ5eXJlGtZflynEDyL5cMl6mKIbVYUD70VJX-mPi6wlP7DGtxN2yu46Xo6ynr-3v4rbmSohXaqYnBR1TYN1uX5A10i9eD-B22g%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOq1EEt4joNgYVLUzDEAQ_A&google_cver=1&google_push=AXcoOmQ5eXJlGtZflynEDyL5cMl6mKIbVYUD70VJX-mPi6wlP7DGtxN2yu46Xo6ynr-3v4rbmSohXaqYnBR1TYN1uX5A10i9eD-B22g&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQ5eXJlGtZflynEDyL5cMl6mKIbVYUD70VJX-mPi6wlP7DGtxN2yu46Xo6ynr-3v4rbmSohXaqYnBR1TYN1uX5A10i9eD-B22g%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 86
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEZ7LMRi85YU97nq0-SJ8hw&google_cver=1&google_push=AXcoOmSqbN4KtLt3cWOHjiXuYf-HawZaIJoHDi1f80Nnd9zEKO9o6jfjLmmBnyWhIZx8JB9SftB22ycO6nOY2EXq6BkLZV3gFVbS-Q HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEEZ7LMRi85YU97nq0-SJ8hw&google_cver=1&google_push=AXcoOmSqbN4KtLt3cWOHjiXuYf-HawZaIJoHDi1f80Nnd9zEKO9o6jfjLmmBnyWhIZx8JB9SftB22ycO6nOY2EXq6BkLZV3gFVbS-Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODkzMjAyMjE4MzYwODMzMTAyMg&google_push=AXcoOmSqbN4KtLt3cWOHjiXuYf-HawZaIJoHDi1f80Nnd9zEKO9o6jfjLmmBnyWhIZx8JB9SftB22ycO6nOY2EXq6BkLZV3gFVbS-Q

116 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request free-png-pypys
www.pngwing.com/fi/ 		98 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.pngwing.com/fi/free-png-pypys
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.192.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f34c7efc91e2a8f2d525160dd82d4b34fd346ec7e684c4769d6dfa7a4ca8032
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
X-Frame-Options DENY

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
84dccf99fa659e08-EWR
content-encoding
br
content-security-policy
frame-ancestors 'none'
content-type
text/html; charset=UTF-8
date
Tue, 30 Jan 2024 21:29:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4loA7KnVBJ9%2BNYw1ytUB6Wt7tjy5%2FxP8jBnAntDjyz7tLlvhVN%2BbrJCYksT%2Bb56nTI5vwstOfIBpFrj6QyoPxiMBORh7bmShSFySTvuCWfJ1N%2BCMot5FNqPZ7A7YVejw99w%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-frame-options
DENY
base.css
assets.pngwing.com/public/css/ 		32 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://assets.pngwing.com/public/css/base.css?20221010
Requested by
Host: www.pngwing.com
URL: https://www.pngwing.com/fi/free-png-pypys
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.192.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b76d745e00b46747ed39c9a15afb3334baedafa583fea7110b282c929f798d4c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.pngwing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 21:29:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5484588
cf-polished
origSize=37425
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sat, 08 Oct 2022 08:37:34 GMT
server
cloudflare
etag
W/"634136ce-9231"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8J9Wq9MBZndG00PrQu%2FOB5XaLAoNcne9v1zjhnLiA9tyNofmguKs0zzPDMG%2B8MJogLVEn5u8Hsbqhww2lX4ykeQ10Oy4rw8Y3%2F3uWNyW4knjHaAHWY9nlDtbjr92dYalnE0ireA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31104000
cf-ray
84dccf9b7ceb9e08-EWR
expires
Fri, 22 Nov 2024 09:59:44 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		148 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.pngwing.com
URL: https://www.pngwing.com/fi/free-png-pypys
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.179.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f154.1e100.net
Software
cafe /
Resource Hash
f11813f4bd9e753dd4a2757eb321123745890c9fcb0384f285d9faa586a7cd10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.pngwing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 21:29:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51457
x-xss-protection
0
server
cafe
etag
2075805997161200494
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Tue, 30 Jan 2024 21:29:35 GMT
js
www.googletagmanager.com/gtag/ 		250 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DL3LYM7LC0
Requested by
Host: www.pngwing.com
URL: https://www.pngwing.com/fi/free-png-pypys
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
67b8949811116073f3b2bcca3048dc71584889e0383a221bd165760d29c99236
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.pngwing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 21:29:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
87547
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 30 Jan 2024 21:29:35 GMT
pngwing.svg
www.pngwing.com/public/css/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.pngwing.com/public/css/pngwing.svg
Requested by
Host: www.pngwing.com
URL: https://www.pngwing.com/fi/free-png-pypys
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.192.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6973fee2cde98fdf50adab3d0c19c1a8a8dcc927f01df28fe67dbb4526cd65e9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.pngwing.com/fi/free-png-pypys
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 21:29:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 01 Oct 2020 03:56:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3263
etag
W/"5f75537f-fa5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AxzPiLCqgbIoTtdITOmZKDue5vVRcdDvbOJ8IW1W6RV0l62LV2EzEj%2BT9hrieJ%2BYgxkqxkznutYCspmCijAHabtKLEoTVZh9SG25QT84miQxO3izj0AaVCOAWDA4ysD0qPw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
84dccf9b7cd49e08-EWR
alt-svc
h3=":443"; ma=86400
png-transparent-metabolomics-metabolism-metabolome-tcg-bdc-others-miscellaneous-blue-text.png
w7.pngwing.com/pngs/761/81/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://w7.pngwing.com/pngs/761/81/png-transparent-metabolomics-metabolism-metabolome-tcg-bdc-others-miscellaneous-blue-text.png
Requested by
Host: www.pngwing.com
URL: https://www.pngwing.com/fi/free-png-pypys
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.192.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d72e6e774687d365b01945a9fd6a321d59c850f806c4af6736c005bbcd061bf8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.pngwing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 21:29:32 GMT
cf-cache-status
MISS
last-modified
Sat, 14 Mar 2020 08:39:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5e6c983c-31df"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=egKpUzvmD0TxL0SXWHQbqVmKNqrmxP05Uq2I%2Bzxz%2BCQcRBOdhbwn8HahKyPojj0cunMvN2NYpS3lkeP4Hj8H64gdwPBadLWFn3QfEeXi7a82OGBiWUXp%2FVu%2B1zudWSndPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31104000
accept-ranges
bytes
cf-ray
84dccf9b7cf29e08-EWR
alt-svc
h3=":443"; ma=86400
content-length
12767
expires
Fri, 24 Jan 2025 21:29:32 GMT
email-decode.min.js
www.pngwing.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pngwing.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.pngwing.com
URL: https://www.pngwing.com/fi/free-png-pypys
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.192.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.pngwing.com/fi/free-png-pypys
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 21:29:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 30 Jan 2024 11:50:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65b8e284-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WPUNEhJMy1Ufse7GWqsYLcSCQq7deC6RJfxYMPWFROnL62GRl7s5pe3SR%2FwL7UFtR7wjB2n4rJgNh27KKiRilwQbfs0o6YfzcJzUi144nWY3odK3%2FfjSZZl2YVlh%2FShZOiA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
84dccf9bcd669e08-EWR
expires
Thu, 01 Feb 2024 21:29:32 GMT
invoke.js
qualitiesstopsallegiance.com/11028a078def20a8e59006ba19f41753/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://qualitiesstopsallegiance.com/11028a078def20a8e59006ba19f41753/invoke.js
Requested by
Host: www.pngwing.com
URL: https://www.pngwing.com/fi/free-png-pypys
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.243.59.13 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx/1.19.5 /
Resource Hash

Request headers

Referer
https://www.pngwing.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Tue, 30 Jan 2024 21:29:48 GMT
Server
nginx/1.19.5
Accept-CH
Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Content-Type
application/javascript
Connection
keep-alive
Content-Length
0
search.svg
assets.pngwing.com/public/css/ 		792 B
902 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.pngwing.com/public/css/search.svg
Requested by
Host: assets.pngwing.com
URL: https://assets.pngwing.com/public/css/base.css?20221010
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.192.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a903e3e73b7b338c7be7e66ad5e65ff509221abdd7e6a828c2163558983d361e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://assets.pngwing.com/public/css/base.css?20221010
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 21:29:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 28 Sep 2022 02:22:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3924
etag
W/"6333afcc-318"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XY5pMoUAgl6zB0jLNpwe10nd4UHO5YQePJMeceIKVGZM1nhZRfy47Lnakd6nzYe41Je0KD9GQB4g3AfQCaid8HBu1ZMZmV0Q0nSTH%2FOJBRHo4Ss7IEhB%2Fi5nPIGwrQdTwuMGxY4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
84dccf9bde564358-EWR
alt-svc
h3=":443"; ma=86400
pw.js
assets.pngwing.com/public/ 		61 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.pngwing.com/public/pw.js?2023
Requested by
Host: www.pngwing.com
URL: https://www.pngwing.com/fi/free-png-pypys
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.192.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4852e58b654f278f26b4c5573249d53c3f4e3bac28389c826188cb51682de9a6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.pngwing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 21:29:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6253531
cf-polished
origSize=68607
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 19 Nov 2023 12:20:11 GMT
server
cloudflare
etag
W/"6559fd7b-10bff"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fg0UJ%2FhA%2BdD71x8q612mj9lMu4iisxTnHX6hLeCP9PiwbX4sZx8TUJ51cfN0Pm1teSz3UvtlnTNWS7gyp6uVgGFLCp5sbLVJrWoecB53OudCXouNwaZV1Ua%2BVtYklTRwDeWnYiY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=31104000
cf-ray
84dccf9bfe8b4358-EWR
expires
Wed, 13 Nov 2024 12:24:01 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/ 		406 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.179.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f154.1e100.net
Software
cafe /
Resource Hash
e73fa54234be538390e33e10d5cc21c7fde0d267bacb51b2f66b8b9f9a2c9109
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.pngwing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 21:29:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
140854
x-xss-protection
0
server
cafe
etag
5018614276708523
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 30 Jan 2024 21:29:35 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240124/r20190131/ Frame 1550 		9 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240124/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.pngwing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
52239
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jan 2024 06:58:57 GMT
etag
3890843268177463596
expires
Tue, 13 Feb 2024 06:58:57 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/g/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-DL3LYM7LC0&gtm=45je41t0v9122403094&_p=1706650172755&gcd=11l1l1l1l1&dma=0&cid=1948961691.1706650176&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1706650175&sct=1&seg=0&dl=https%3A%2F%2Fwww.pngwing.com%2Ffi%2Ffree-png-pypys&dt=Metabolomiikka%20Metabolia%20Metabolomi%20TCG%20BDC%2C%20muut%2C%20apk%2C%20alueella%2C%20biokemia%20png%20%7C%20PNGWing&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=6646
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DL3LYM7LC0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f138.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.pngwing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 21:29:36 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.pngwing.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 3219 		204 KB
55 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&adk=84980950&adf=198458457&lmt=1706650176&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x945_l%7C164x945_r&format=0x0&url=https%3A%2F%2Fwww.pngwing.com%2Ffi%2Ffree-png-pypys&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706650175939&bpp=4&bdt=3245&idt=167&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3524471520251&frm=20&pv=2&ga_vid=1948961691.1706650176&ga_sid=1706650176&ga_hid=2018514282&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080620%2C44795921%2C95321958%2C95320868%2C95320893%2C95323005&oid=2&pvsid=354726131425966&tmod=1420159883&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=187
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
cafe /
Resource Hash
488331cd580120dea03e17b1b7abdaade1255e3edb082f80adf97ba3b2db031d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.pngwing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
56031
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jan 2024 21:29:36 GMT
expires
Tue, 30 Jan 2024 21:29:36 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=HEADER&cls=header_container&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: www.pngwing.com
URL: https://www.pngwing.com/fi/free-png-pypys
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.pngwing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 21:29:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 2B03 		120 KB
40 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&h=280&slotname=6755779896&adk=1820968986&adf=3547721577&pi=t.ma~as.6755779896&w=920&fwrn=4&fwrnh=100&lmt=1706650176&rafmt=1&format=920x280&url=https%3A%2F%2Fwww.pngwing.com%2Ffi%2Ffree-png-pypys&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706650175943&bpp=1&bdt=3249&idt=191&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3524471520251&frm=20&pv=1&ga_vid=1948961691.1706650176&ga_sid=1706650176&ga_hid=2018514282&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=183&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080620%2C44795921%2C95321958%2C95320868%2C95320893%2C95323005&oid=2&pvsid=354726131425966&tmod=1420159883&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=196
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
cafe /
Resource Hash
e738a1f12d893677e2d231f674bbd4c8579efb646d94cff5b9b7bcb5945394d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.pngwing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
41107
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jan 2024 21:29:36 GMT
expires
Tue, 30 Jan 2024 21:29:36 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A21F 		153 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&h=600&slotname=6755779896&adk=3097730508&adf=449867342&pi=t.ma~as.6755779896&w=300&fwrn=4&fwrnh=100&lmt=1706650176&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.pngwing.com%2Ffi%2Ffree-png-pypys&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706650175944&bpp=1&bdt=3250&idt=204&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C920x280&nras=1&correlator=3524471520251&frm=20&pv=1&ga_vid=1948961691.1706650176&ga_sid=1706650176&ga_hid=2018514282&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1118&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080620%2C44795921%2C95321958%2C95320868%2C95320893%2C95323005&oid=2&pvsid=354726131425966&tmod=1420159883&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=206
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
cafe /
Resource Hash
e748461e4c05c8d92e84fe606cba2f1c2ea97854587e023c97c20b119ddc46f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.pngwing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46999
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jan 2024 21:29:36 GMT
expires
Tue, 30 Jan 2024 21:29:36 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/ 		165 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f154.1e100.net
Software
cafe /
Resource Hash
e2cce6e94b674055da0065bb54f19025b274b48828fbf940e8e16c90bba5187b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.pngwing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 21:29:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57007
x-xss-protection
0
server
cafe
etag
10042419222268064031
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 30 Jan 2024 21:29:36 GMT
ca-pub-2606419576769320
fundingchoicesmessages.google.com/i/ 		183 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-2606419576769320?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f102.1e100.net
Software
ESF /
Resource Hash
30aa488cbf5a7fd7d688ae6a5b997f9756631252c3bfdd2480765bb85ebb1e29
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-RhDpz_7DESg8B07TEk2-TQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.pngwing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 21:29:36 GMT
content-security-policy
script-src 'report-sample' 'nonce-RhDpz_7DESg8B07TEk2-TQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjOsKoxSXF4KohxXDe6Q7TdSC-qPKU6SYQ1zI8Y2oF4gfhz5heALGBxnMmCyAuyH7OVAHEjH9eMHEC8bsvL5kEvr5kkgBiLSB-J_mK6RsQ7_DxYHkTPp2VL2I66-mC6ayXgZitAsgH4ri66awFQMy3bjqr4frprFvOTGfdA8Qxz6ezpgDxYtYZrKuBeErgDNY5QNwSPYN1GhA7pc9gDQHiz5kzWH8Dcdntc6x1QCzEw3HgytO1bAI_Lu-9xAwAc5JZTg"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 2B03 		0
0
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/ Frame 2B03 		2 KB
903 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&h=280&slotname=6755779896&adk=1820968986&adf=3547721577&pi=t.ma~as.6755779896&w=920&fwrn=4&fwrnh=100&lmt=1706650176&rafmt=1&format=920x280&url=https%3A%2F%2Fwww.pngwing.com%2Ffi%2Ffree-png-pypys&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706650175943&bpp=1&bdt=3249&idt=191&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3524471520251&frm=20&pv=1&ga_vid=1948961691.1706650176&ga_sid=1706650176&ga_hid=2018514282&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=183&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080620%2C44795921%2C95321958%2C95320868%2C95320893%2C95323005&oid=2&pvsid=354726131425966&tmod=1420159883&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=196
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f132.1e100.net
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:06:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
40993
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Feb 2024 10:06:23 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/ Frame 2B03 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&h=280&slotname=6755779896&adk=1820968986&adf=3547721577&pi=t.ma~as.6755779896&w=920&fwrn=4&fwrnh=100&lmt=1706650176&rafmt=1&format=920x280&url=https%3A%2F%2Fwww.pngwing.com%2Ffi%2Ffree-png-pypys&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706650175943&bpp=1&bdt=3249&idt=191&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3524471520251&frm=20&pv=1&ga_vid=1948961691.1706650176&ga_sid=1706650176&ga_hid=2018514282&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=183&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080620%2C44795921%2C95321958%2C95320868%2C95320893%2C95323005&oid=2&pvsid=354726131425966&tmod=1420159883&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=196
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f132.1e100.net
Software
cafe /
Resource Hash
7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 22:42:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
82010
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9319
x-xss-protection
0
server
cafe
etag
3610546441309021303
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Feb 2024 22:42:46 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/ Frame 2B03 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&h=280&slotname=6755779896&adk=1820968986&adf=3547721577&pi=t.ma~as.6755779896&w=920&fwrn=4&fwrnh=100&lmt=1706650176&rafmt=1&format=920x280&url=https%3A%2F%2Fwww.pngwing.com%2Ffi%2Ffree-png-pypys&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706650175943&bpp=1&bdt=3249&idt=191&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3524471520251&frm=20&pv=1&ga_vid=1948961691.1706650176&ga_sid=1706650176&ga_hid=2018514282&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=183&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080620%2C44795921%2C95321958%2C95320868%2C95320893%2C95323005&oid=2&pvsid=354726131425966&tmod=1420159883&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=196
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 07:01:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
52094
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Feb 2024 07:01:22 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/ Frame 2B03 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&h=280&slotname=6755779896&adk=1820968986&adf=3547721577&pi=t.ma~as.6755779896&w=920&fwrn=4&fwrnh=100&lmt=1706650176&rafmt=1&format=920x280&url=https%3A%2F%2Fwww.pngwing.com%2Ffi%2Ffree-png-pypys&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706650175943&bpp=1&bdt=3249&idt=191&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3524471520251&frm=20&pv=1&ga_vid=1948961691.1706650176&ga_sid=1706650176&ga_hid=2018514282&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=183&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080620%2C44795921%2C95321958%2C95320868%2C95320893%2C95323005&oid=2&pvsid=354726131425966&tmod=1420159883&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=196
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f132.1e100.net
Software
cafe /
Resource Hash
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 20:57:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
1946
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8501
x-xss-protection
0
server
cafe
etag
9351358253902147912
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Feb 2024 20:57:10 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 2B03 		0
0
ddb466d8785cb75acd721f17b1b8dd87.js
www.gstatic.com/mysidia/ Frame 2B03 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/ddb466d8785cb75acd721f17b1b8dd87.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&h=280&slotname=6755779896&adk=1820968986&adf=3547721577&pi=t.ma~as.6755779896&w=920&fwrn=4&fwrnh=100&lmt=1706650176&rafmt=1&format=920x280&url=https%3A%2F%2Fwww.pngwing.com%2Ffi%2Ffree-png-pypys&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706650175943&bpp=1&bdt=3249&idt=191&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3524471520251&frm=20&pv=1&ga_vid=1948961691.1706650176&ga_sid=1706650176&ga_hid=2018514282&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=183&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080620%2C44795921%2C95321958%2C95320868%2C95320893%2C95323005&oid=2&pvsid=354726131425966&tmod=1420159883&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=196
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f94.1e100.net
Software
sffe /
Resource Hash
54090d5321bc8e3a05531aacf2ef2b7769f24e94b14f4a0687587375fffa2523
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sat, 27 Jan 2024 15:43:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
279990
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15487
x-xss-protection
0
last-modified
Thu, 25 Jan 2024 03:17:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 26 Apr 2024 15:43:07 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/1455858185517545246/ Frame 2B03 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1455858185517545246/14763004658117789537?w=600&h=314&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&h=280&slotname=6755779896&adk=1820968986&adf=3547721577&pi=t.ma~as.6755779896&w=920&fwrn=4&fwrnh=100&lmt=1706650176&rafmt=1&format=920x280&url=https%3A%2F%2Fwww.pngwing.com%2Ffi%2Ffree-png-pypys&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706650175943&bpp=1&bdt=3249&idt=191&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3524471520251&frm=20&pv=1&ga_vid=1948961691.1706650176&ga_sid=1706650176&ga_hid=2018514282&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=183&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080620%2C44795921%2C95321958%2C95320868%2C95320893%2C95323005&oid=2&pvsid=354726131425966&tmod=1420159883&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=196
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f132.1e100.net
Software
sffe /
Resource Hash
b0ba1c47fe9e4f283d90a908e831d0d76116db560376cef367eb405586e6505e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

allow-fenced-frame-automatic-beacons
true
date
Tue, 30 Jan 2024 21:29:36 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35407
x-xss-protection
0
last-modified
Tue, 19 Dec 2023 20:16:57 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 29 Jan 2025 21:29:36 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/5362363511657872625/ Frame 2B03 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/5362363511657872625/14763004658117789537?w=100&h=100&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&h=280&slotname=6755779896&adk=1820968986&adf=3547721577&pi=t.ma~as.6755779896&w=920&fwrn=4&fwrnh=100&lmt=1706650176&rafmt=1&format=920x280&url=https%3A%2F%2Fwww.pngwing.com%2Ffi%2Ffree-png-pypys&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706650175943&bpp=1&bdt=3249&idt=191&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=3524471520251&frm=20&pv=1&ga_vid=1948961691.1706650176&ga_sid=1706650176&ga_hid=2018514282&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=183&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080620%2C44795921%2C95321958%2C95320868%2C95320893%2C95323005&oid=2&pvsid=354726131425966&tmod=1420159883&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=196
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f132.1e100.net
Software
sffe /
Resource Hash
cc2507f7017b5687ea44a563970092c6e2abd849ec77a703e8a4bc7d28670f56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 29 Jan 2025 21:11:41 GMT
date
Tue, 30 Jan 2024 21:11:41 GMT
x-content-type-options
nosniff
age
1075
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1836
x-xss-protection
0
last-modified
Mon, 10 Jul 2023 14:23:59 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
truncated
/ Frame 2B03 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fe9b4812b34f03b4aa2867ce74492d7205303ab48a3335020facca79cdc6c59b

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
4b0ef9dfa83525e0607f42119c034d23.js
www.gstatic.com/mysidia/ Frame A21F 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/4b0ef9dfa83525e0607f42119c034d23.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&h=600&slotname=6755779896&adk=3097730508&adf=449867342&pi=t.ma~as.6755779896&w=300&fwrn=4&fwrnh=100&lmt=1706650176&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.pngwing.com%2Ffi%2Ffree-png-pypys&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706650175944&bpp=1&bdt=3250&idt=204&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C920x280&nras=1&correlator=3524471520251&frm=20&pv=1&ga_vid=1948961691.1706650176&ga_sid=1706650176&ga_hid=2018514282&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1118&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080620%2C44795921%2C95321958%2C95320868%2C95320893%2C95323005&oid=2&pvsid=354726131425966&tmod=1420159883&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f94.1e100.net
Software
sffe /
Resource Hash
97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 05:23:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
144392
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4079
x-xss-protection
0
last-modified
Wed, 24 Jan 2024 22:40:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 28 Apr 2024 05:23:05 GMT
d46a26767d443eb108b95a3841e0fad1.js
www.gstatic.com/mysidia/ Frame A21F 		147 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/d46a26767d443eb108b95a3841e0fad1.js?tag=video_mra/web_raspberry_ms
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&h=600&slotname=6755779896&adk=3097730508&adf=449867342&pi=t.ma~as.6755779896&w=300&fwrn=4&fwrnh=100&lmt=1706650176&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.pngwing.com%2Ffi%2Ffree-png-pypys&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706650175944&bpp=1&bdt=3250&idt=204&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C920x280&nras=1&correlator=3524471520251&frm=20&pv=1&ga_vid=1948961691.1706650176&ga_sid=1706650176&ga_hid=2018514282&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1118&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080620%2C44795921%2C95321958%2C95320868%2C95320893%2C95323005&oid=2&pvsid=354726131425966&tmod=1420159883&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f94.1e100.net
Software
sffe /
Resource Hash
4fd0283a3453e726708958914348b695770cd02068dcdfd64a9349d9c30ef30e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Sun, 28 Jan 2024 00:13:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
249360
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
54977
x-xss-protection
0
last-modified
Wed, 24 Jan 2024 22:40:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sat, 27 Apr 2024 00:13:37 GMT
css
fonts.googleapis.com/ Frame A21F 		0
0
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/ Frame A21F 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&h=600&slotname=6755779896&adk=3097730508&adf=449867342&pi=t.ma~as.6755779896&w=300&fwrn=4&fwrnh=100&lmt=1706650176&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.pngwing.com%2Ffi%2Ffree-png-pypys&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706650175944&bpp=1&bdt=3250&idt=204&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C920x280&nras=1&correlator=3524471520251&frm=20&pv=1&ga_vid=1948961691.1706650176&ga_sid=1706650176&ga_hid=2018514282&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1118&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080620%2C44795921%2C95321958%2C95320868%2C95320893%2C95323005&oid=2&pvsid=354726131425966&tmod=1420159883&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=206
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f132.1e100.net
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 10:06:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
40994
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Feb 2024 10:06:23 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/ Frame A21F 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&h=600&slotname=6755779896&adk=3097730508&adf=449867342&pi=t.ma~as.6755779896&w=300&fwrn=4&fwrnh=100&lmt=1706650176&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.pngwing.com%2Ffi%2Ffree-png-pypys&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706650175944&bpp=1&bdt=3250&idt=204&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C920x280&nras=1&correlator=3524471520251&frm=20&pv=1&ga_vid=1948961691.1706650176&ga_sid=1706650176&ga_hid=2018514282&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1118&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080620%2C44795921%2C95321958%2C95320868%2C95320893%2C95323005&oid=2&pvsid=354726131425966&tmod=1420159883&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=206
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f132.1e100.net
Software
cafe /
Resource Hash
7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 22:42:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
82011
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9319
x-xss-protection
0
server
cafe
etag
3610546441309021303
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Feb 2024 22:42:46 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/ Frame A21F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&h=600&slotname=6755779896&adk=3097730508&adf=449867342&pi=t.ma~as.6755779896&w=300&fwrn=4&fwrnh=100&lmt=1706650176&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.pngwing.com%2Ffi%2Ffree-png-pypys&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706650175944&bpp=1&bdt=3250&idt=204&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C920x280&nras=1&correlator=3524471520251&frm=20&pv=1&ga_vid=1948961691.1706650176&ga_sid=1706650176&ga_hid=2018514282&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1118&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080620%2C44795921%2C95321958%2C95320868%2C95320893%2C95323005&oid=2&pvsid=354726131425966&tmod=1420159883&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=206
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 07:01:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
52095
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Feb 2024 07:01:22 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/ Frame A21F 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&h=600&slotname=6755779896&adk=3097730508&adf=449867342&pi=t.ma~as.6755779896&w=300&fwrn=4&fwrnh=100&lmt=1706650176&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.pngwing.com%2Ffi%2Ffree-png-pypys&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706650175944&bpp=1&bdt=3250&idt=204&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C920x280&nras=1&correlator=3524471520251&frm=20&pv=1&ga_vid=1948961691.1706650176&ga_sid=1706650176&ga_hid=2018514282&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1118&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080620%2C44795921%2C95321958%2C95320868%2C95320893%2C95323005&oid=2&pvsid=354726131425966&tmod=1420159883&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f132.1e100.net
Software
cafe /
Resource Hash
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 20:57:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
1946
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8501
x-xss-protection
0
server
cafe
etag
9351358253902147912
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Feb 2024 20:57:10 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame A21F 		0
0
5ff8bb2821e31fbf08fa14f5007a6efe.js
www.gstatic.com/mysidia/ Frame A21F 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/5ff8bb2821e31fbf08fa14f5007a6efe.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&h=600&slotname=6755779896&adk=3097730508&adf=449867342&pi=t.ma~as.6755779896&w=300&fwrn=4&fwrnh=100&lmt=1706650176&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.pngwing.com%2Ffi%2Ffree-png-pypys&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706650175944&bpp=1&bdt=3250&idt=204&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C920x280&nras=1&correlator=3524471520251&frm=20&pv=1&ga_vid=1948961691.1706650176&ga_sid=1706650176&ga_hid=2018514282&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1118&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080620%2C44795921%2C95321958%2C95320868%2C95320893%2C95323005&oid=2&pvsid=354726131425966&tmod=1420159883&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f94.1e100.net
Software
sffe /
Resource Hash
54db8dca7039b548a0aa4e5e22fcea2a4e536b8aaec0b13a750dbc61ca3f3538
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Fri, 26 Jan 2024 23:23:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
338781
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15476
x-xss-protection
0
last-modified
Tue, 23 Jan 2024 00:40:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 25 Apr 2024 23:23:16 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/ Frame 3353 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.pngwing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
10356
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jan 2024 18:37:01 GMT
etag
3890843268177463596
expires
Tue, 13 Feb 2024 18:37:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxVF3ifuIdsVRlE2stk49nkdM3rPxwK6aizLHb1MdwTLlh7qhJCJuj2zyYG38p1pWlAooehMy7DWmMLj1coyJkuRtKkPceyc-WbX_ymb9I_Q17eqbj7t8nXIt3k7ssj5AcaO-6IdFg==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVF3ifuIdsVRlE2stk49nkdM3rPxwK6aizLHb1MdwTLlh7qhJCJuj2zyYG38p1pWlAooehMy7DWmMLj1coyJkuRtKkPceyc-WbX_ymb9I_Q17eqbj7t8nXIt3k7ssj5AcaO-6IdFg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2NjUwMTc3LDgyMDAwMDAwXSxudWxsLG51bGwsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL3d3dy5wbmd3aW5nLmNvbS9maS9mcmVlLXBuZy1weXB5cyIsbnVsbCxbWzgsImxNSXpkQUtLREVZIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE5LCIyIl0sWzE3LCJbMF0iXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.lMIzdAKKDEY.es5.O/am=wA/d=1/rs=AJlcJMzmB6bdT_BMgeeZSzvNF8-3Z93uig/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f102.1e100.net
Software
ESF /
Resource Hash
eab58a707e312636d5debdb007ae3a0f99435edd7047b0053e4104388e686621
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-O1oD-9lp1FtIOgyOk1ohJg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.pngwing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 21:29:37 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-O1oD-9lp1FtIOgyOk1ohJg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJwNxz0LQWEYBuDjySMfJZkwG2RiUzaTYlGKIpOSLGeShYl_IO87GJRRWAwGi7IRiZIYpDhIFh8Lg3u4hss80XnNLiXicSmL0J42sHSfaAtl5Uw1OCTOdAGfR6MAqAWNSqD7XcgEj9eVbO8rOcALD-eNPjCMhvX3hGBrUvBUFbwCQwmHTEWwCtaeYH9f8GAmeARpTXAW2iy5A_WY5CZUU5IbEMpJjsMzL_kLxd2cK2C3GMfrU9dgay2PwT8dXViF"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
css2
fonts.googleapis.com/ Frame 3353 		0
0
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3353 		205 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f94.1e100.net
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 15:18:25 GMT
x-content-type-options
nosniff
age
22272
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 29 Jan 2025 15:18:25 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3353 		604 B
919 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f94.1e100.net
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 15:08:37 GMT
x-content-type-options
nosniff
age
22860
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 29 Jan 2025 15:08:37 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/elements/html/ Frame 3353 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f132.1e100.net
Software
cafe /
Resource Hash
1984c4bb2ce10d00cb478c4ab216301e04502e25f2025b30dbeeb019172beb0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 23:43:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
78387
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6823
x-xss-protection
0
server
cafe
etag
14359709190881042667
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 12 Feb 2024 23:43:10 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/elements/html/ Frame 3353 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240124/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f132.1e100.net
Software
cafe /
Resource Hash
c6f8aad2c2e01e81032eb3ce744f73450e33b1718dd95ee9cb968e76b8512f59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 07:23:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
50754
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9451
x-xss-protection
0
server
cafe
etag
11136001603933606047
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Feb 2024 07:23:43 GMT
AGSKWxX9FPh-ro6twPN0qfCC-Dv587-jf32h24ayXwlp4PSuq_rZusyBU9jkknwnj7JJllVSA5uJUUzVAP3iGNwf5GRmXwclpFxpm7tvPm2uOYae1B_FW0jgHyrDFKlKfETLa5IlDE878g==
fundingchoicesmessages.google.com/f/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxX9FPh-ro6twPN0qfCC-Dv587-jf32h24ayXwlp4PSuq_rZusyBU9jkknwnj7JJllVSA5uJUUzVAP3iGNwf5GRmXwclpFxpm7tvPm2uOYae1B_FW0jgHyrDFKlKfETLa5IlDE878g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2NjUwMTc3LDE4OTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHBzOi8vd3d3LnBuZ3dpbmcuY29tL2ZpL2ZyZWUtcG5nLXB5cHlzIixudWxsLFtbOCwibE1JemRBS0tERVkiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.lMIzdAKKDEY.es5.O/am=wA/d=1/rs=AJlcJMzmB6bdT_BMgeeZSzvNF8-3Z93uig/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f102.1e100.net
Software
ESF /
Resource Hash
311125729804fcddf437f9d0b65f700649496043f55e2d4605c542692c6725c4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-9V8yVHDtj0-q_-KYtzGktw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.pngwing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 21:29:37 GMT
content-security-policy
script-src 'report-sample' 'nonce-9V8yVHDtj0-q_-KYtzGktw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJwNxzsIQWEYBuDjyyeXkkyYDScTm5nFYFGKIpOSLGeShYnRJv8_GJRRWAwGi7IRiZIYLBwki8vC4B2e4bFODT6rRwmrHmUZOtAWVt4T7aCsnKkGx8SZLuBXdQqCVtCpBIbfhSzweF3J8b6SC3zwcN_oA6NoxHhPCLYnBc80wWswlXDIVARrYO8LDgwED-eCx5DWBWehw5K70IhJbkE1JbkJoZzkODzzkr9Q3C-4Ak6bebI59UyOdr2n_QEV9Fg5"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
rda_video_bg_pattern.png
googleads.g.doubleclick.net/pagead/images/ Frame A21F 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/images/rda_video_bg_pattern.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&h=600&slotname=6755779896&adk=3097730508&adf=449867342&pi=t.ma~as.6755779896&w=300&fwrn=4&fwrnh=100&lmt=1706650176&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.pngwing.com%2Ffi%2Ffree-png-pypys&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706650175944&bpp=1&bdt=3250&idt=204&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C920x280&nras=1&correlator=3524471520251&frm=20&pv=1&ga_vid=1948961691.1706650176&ga_sid=1706650176&ga_hid=2018514282&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1118&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080620%2C44795921%2C95321958%2C95320868%2C95320893%2C95323005&oid=2&pvsid=354726131425966&tmod=1420159883&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=206
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
cafe /
Resource Hash
c7f42fd7e961148cbacb3643b669d55768ded74e587cd30d429a4e8112c05a5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&h=600&slotname=6755779896&adk=3097730508&adf=449867342&pi=t.ma~as.6755779896&w=300&fwrn=4&fwrnh=100&lmt=1706650176&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.pngwing.com%2Ffi%2Ffree-png-pypys&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706650175944&bpp=1&bdt=3250&idt=204&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C920x280&nras=1&correlator=3524471520251&frm=20&pv=1&ga_vid=1948961691.1706650176&ga_sid=1706650176&ga_hid=2018514282&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1118&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080620%2C44795921%2C95321958%2C95320868%2C95320893%2C95323005&oid=2&pvsid=354726131425966&tmod=1420159883&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=206
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 17:38:35 GMT
x-content-type-options
nosniff
server
cafe
age
13862
etag
9923804599063086578
vary
Accept-Encoding
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2033
x-xss-protection
0
expires
Wed, 31 Jan 2024 17:38:35 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/1856135345385549033/ Frame A21F 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1856135345385549033/14763004658117789537?w=100&h=100&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&h=600&slotname=6755779896&adk=3097730508&adf=449867342&pi=t.ma~as.6755779896&w=300&fwrn=4&fwrnh=100&lmt=1706650176&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.pngwing.com%2Ffi%2Ffree-png-pypys&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706650175944&bpp=1&bdt=3250&idt=204&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C920x280&nras=1&correlator=3524471520251&frm=20&pv=1&ga_vid=1948961691.1706650176&ga_sid=1706650176&ga_hid=2018514282&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1118&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080620%2C44795921%2C95321958%2C95320868%2C95320893%2C95323005&oid=2&pvsid=354726131425966&tmod=1420159883&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=206
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f132.1e100.net
Software
sffe /
Resource Hash
17cc7a160a8086504535742f98211272bbbce44d9702dfaa2b33ec637a515181
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 29 Jan 2025 21:13:09 GMT
date
Tue, 30 Jan 2024 21:13:09 GMT
x-content-type-options
nosniff
age
988
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2021
x-xss-protection
0
last-modified
Fri, 24 Jun 2022 03:22:42 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
truncated
/ Frame A21F 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
81cacd6b187878c8eb795e61e66c648ee76c410dafc63852de35290c1e56f9f1

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/svg+xml
csi
csi.gstatic.com/ Frame A21F 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~ls0vg93k&c=3432581682408&slotId=1716290841204&qqid=CJnOiayHhoQDFVaGOgUdaXcJbQ&sei=44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=rda&ulv=1&ua_e=1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d46a26767d443eb108b95a3841e0fad1.js?tag=video_mra/web_raspberry_ms
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.192.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
del11s13-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 21:29:38 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/14088536538987356759/ Frame A21F 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14088536538987356759/14763004658117789537
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&h=600&slotname=6755779896&adk=3097730508&adf=449867342&pi=t.ma~as.6755779896&w=300&fwrn=4&fwrnh=100&lmt=1706650176&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.pngwing.com%2Ffi%2Ffree-png-pypys&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706650175944&bpp=1&bdt=3250&idt=204&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C920x280&nras=1&correlator=3524471520251&frm=20&pv=1&ga_vid=1948961691.1706650176&ga_sid=1706650176&ga_hid=2018514282&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1118&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080620%2C44795921%2C95321958%2C95320868%2C95320893%2C95323005&oid=2&pvsid=354726131425966&tmod=1420159883&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=206
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f132.1e100.net
Software
sffe /
Resource Hash
5789b3efdcb3487cf62cfbbe6c8c4c79b5c6a26700855c3c83925859c0d50edc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires
Wed, 29 Jan 2025 16:12:53 GMT
date
Tue, 30 Jan 2024 16:12:53 GMT
x-content-type-options
nosniff
age
19004
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30444
x-xss-protection
0
last-modified
Wed, 15 Nov 2023 13:41:09 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
videoplayback
rr2---sn-ab5sznzd.googlevideo.com/ Frame A21F 		1 MB
1 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://rr2---sn-ab5sznzd.googlevideo.com/videoplayback?expire=1706678976&ei=QGq5Za3xMIGfn88PgIqj8Ak&ip=185.213.80.244&id=2eb02ca0d83137c7&itag=18&source=youtube&requiressl=yes&xpc=Eghovf3BOnoBAQ==&mh=g9&mm=31&mn=sn-ab5sznzd&ms=au&mv=m&mvi=2&pl=24&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=21.083&lmt=1699232129751384&mt=1706649887&cpn=Olj_LpaBoyJNQs6k&txp=6218224&sparams=expire,ei,ip,id,itag,source,requiressl,xpc,susc,acao,ctier,mime,vprv,dur,lmt&sig=AJfQdSswRQIhAMCQ2jCG1Xcj7C6su-pyyJG-aTJUJLme7g7v62-VbULmAiAGuy8jr4ZytpZybd_uMhg19sepSYFJwV2w_DR84s6Jmg==&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AAO5W4owRQIgELdBe_rJRBFr_lguOCOuqxcI2Q7WZwk3RcfEfn_7fSkCIQDcb2X7Kn6kUtU7sroq-C8DgT909y4dmKnOIPRLrsEkfA==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&h=600&slotname=6755779896&adk=3097730508&adf=449867342&pi=t.ma~as.6755779896&w=300&fwrn=4&fwrnh=100&lmt=1706650176&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.pngwing.com%2Ffi%2Ffree-png-pypys&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706650175944&bpp=1&bdt=3250&idt=204&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C920x280&nras=1&correlator=3524471520251&frm=20&pv=1&ga_vid=1948961691.1706650176&ga_sid=1706650176&ga_hid=2018514282&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1118&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080620%2C44795921%2C95321958%2C95320868%2C95320893%2C95323005&oid=2&pvsid=354726131425966&tmod=1420159883&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=206
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
74.125.174.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lga34s46-in-f7.1e100.net
Software
gvs 1.0 /
Resource Hash
27761d1e16ba385ac746251030f05d72ce6ef91e737c31a8763deecb61912d55
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Range
bytes=0-

Response headers

Date
Tue, 30 Jan 2024 21:29:41 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 06 Nov 2023 00:55:29 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-1356553/1356554
Cache-Control
private, max-age=28495
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
1356554
Expires
Tue, 30 Jan 2024 21:29:41 GMT
truncated
/ Frame A21F 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4600cf482ffdbc2e5cd23175e0f8aef1ab81eeb9a8d60cb1ba9196c75b37a6a8

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
csi
csi.gstatic.com/ Frame A21F 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~ls0vg93s&c=3432581682408&slotId=1716290841204&qqid=CJnOiayHhoQDFVaGOgUdaXcJbQ&umsem=0&ape=1&ple=1&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252F4b0ef9dfa83525e0607f42119c034d23.js%253Ftag%253Dclient_fast_engine_2019&encoded_body_size=0&transfer_size=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d46a26767d443eb108b95a3841e0fad1.js?tag=video_mra/web_raspberry_ms
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.192.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
del11s13-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 21:29:38 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame A21F 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~ls0vg94q&c=3432581682408&slotId=1716290841204&qqid=CJnOiayHhoQDFVaGOgUdaXcJbQ&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252Fd46a26767d443eb108b95a3841e0fad1.js%253Ftag%253Dvideo_mra%252Fweb_raspberry_ms&encoded_body_size=0&transfer_size=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d46a26767d443eb108b95a3841e0fad1.js?tag=video_mra/web_raspberry_ms
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.192.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
del11s13-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 21:29:38 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame A21F 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~ls0vg94q&c=3432581682408&slotId=1716290841204&qqid=CJnOiayHhoQDFVaGOgUdaXcJbQ&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252F5ff8bb2821e31fbf08fa14f5007a6efe.js%253Ftag%253Dmysidia_one_click_handler_one_afma_2019&encoded_body_size=0&transfer_size=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/d46a26767d443eb108b95a3841e0fad1.js?tag=video_mra/web_raspberry_ms
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.192.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
del11s13-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 21:29:38 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
oas.js
fundingchoicesmessages.google.com/f/AGSKWxWUd4jIUOMhgwKx6jaUVIrgG5h2wUi0WdUiP9UhpQa3aTdNBDTGcWM_wQtx7JTWYqzjYCgnERVnT0T50LCGb2MZMZ7zc7Q8JWqBZ-UD6SziyRyyNYqO1LRJunG-fQFkhnnjR3DMbcPAwk62StYeDy5VuWwGP... 		54 B
110 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWUd4jIUOMhgwKx6jaUVIrgG5h2wUi0WdUiP9UhpQa3aTdNBDTGcWM_wQtx7JTWYqzjYCgnERVnT0T50LCGb2MZMZ7zc7Q8JWqBZ-UD6SziyRyyNYqO1LRJunG-fQFkhnnjR3DMbcPAwk62StYeDy5VuWwGPwgTnkehjE19EnN8mSlOBlM1EfwNa6d4/_/tradead__adssource./adbrite2./adserver1-/oas.js
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.lMIzdAKKDEY.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMwUwk8S3lvqCRjdd4FHf7_IJcArdw/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f102.1e100.net
Software
ESF /
Resource Hash
8fe56c48ec5abf75949984e0c9a796e898254cfe97e4eadcd638b9393def8eee
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-uKFhZO1qtvAHKlknOOEUEQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.pngwing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 21:29:37 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-uKFhZO1qtvAHKlknOOEUEQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJwNxz0IQWEUBuDrcIQkmTAbZGIzsxgsSlFkUpLlTrIwMdjl-wabUVgMBosyKCJREoOFi2TxszB4h2d4LBOdz-JWwl63sgwdaAsrz4l2UFbOVINj4kwX8Hs1CoJa0KgEut-FzPB4Xcn-vpITfPBw3egDw2jEcE8ItiUFz1TBazCWcMhUBKtg6wkO9AUP5oJHkNYEZ6HNkjvQiEluQTUluQmhnOQ4PPOSv1DcL7gCDqtpvDl1jfbprd7R_wFwg1jZ"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
google_top_exp.js
pagead2.googlesyndication.com/pagead/js/ 		47 B
67 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/google_top_exp.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.lMIzdAKKDEY.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMwUwk8S3lvqCRjdd4FHf7_IJcArdw/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f154.1e100.net
Software
cafe /
Resource Hash
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.pngwing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 12:53:49 GMT
content-encoding
br
x-content-type-options
nosniff
age
30948
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
server
cafe
etag
13036835877489095579
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Feb 2024 12:53:49 GMT
AGSKWxVwzPwPyqDlNynvG3SkylV3_gbwch0LbfKYJD6n1ZQo9bfgpKVFf9pu1D2feuXffztiFawmOgUhErj7lZKg442l7VHNOSPC1w2DshLqtcn89gLBV8Kbc11ZEZf4XjBrHTiPpqwK4Q==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVwzPwPyqDlNynvG3SkylV3_gbwch0LbfKYJD6n1ZQo9bfgpKVFf9pu1D2feuXffztiFawmOgUhErj7lZKg442l7VHNOSPC1w2DshLqtcn89gLBV8Kbc11ZEZf4XjBrHTiPpqwK4Q==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.lMIzdAKKDEY.es5.O/am=wA/d=1/rs=AJlcJMzmB6bdT_BMgeeZSzvNF8-3Z93uig/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f102.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Jy4do1z5tEIZJLKOdkYtwQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.pngwing.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 30 Jan 2024 21:29:38 GMT
content-security-policy
script-src 'report-sample' 'nonce-Jy4do1z5tEIZJLKOdkYtwQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmLw0JBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIib49CVp2vZBE7c6pcAAM4MIEM"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.pngwing.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVwzPwPyqDlNynvG3SkylV3_gbwch0LbfKYJD6n1ZQo9bfgpKVFf9pu1D2feuXffztiFawmOgUhErj7lZKg442l7VHNOSPC1w2DshLqtcn89gLBV8Kbc11ZEZf4XjBrHTiPpqwK4Q==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVwzPwPyqDlNynvG3SkylV3_gbwch0LbfKYJD6n1ZQo9bfgpKVFf9pu1D2feuXffztiFawmOgUhErj7lZKg442l7VHNOSPC1w2DshLqtcn89gLBV8Kbc11ZEZf4XjBrHTiPpqwK4Q==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.lMIzdAKKDEY.es5.O/am=wA/d=1/rs=AJlcJMzmB6bdT_BMgeeZSzvNF8-3Z93uig/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f102.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-vYsI2Y3z8nAOZO6G9LrRJw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.pngwing.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 30 Jan 2024 21:29:38 GMT
content-security-policy
script-src 'report-sample' 'nonce-vYsI2Y3z8nAOZO6G9LrRJw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmJw0JBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIib49CVp2vZBDqWb5IEAMpSH-w"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.pngwing.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVwzPwPyqDlNynvG3SkylV3_gbwch0LbfKYJD6n1ZQo9bfgpKVFf9pu1D2feuXffztiFawmOgUhErj7lZKg442l7VHNOSPC1w2DshLqtcn89gLBV8Kbc11ZEZf4XjBrHTiPpqwK4Q==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVwzPwPyqDlNynvG3SkylV3_gbwch0LbfKYJD6n1ZQo9bfgpKVFf9pu1D2feuXffztiFawmOgUhErj7lZKg442l7VHNOSPC1w2DshLqtcn89gLBV8Kbc11ZEZf4XjBrHTiPpqwK4Q==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.lMIzdAKKDEY.es5.O/am=wA/d=1/rs=AJlcJMzmB6bdT_BMgeeZSzvNF8-3Z93uig/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f102.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-4FB-p4w1XsqMM7XT5HFdJw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.pngwing.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 30 Jan 2024 21:29:38 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-4FB-p4w1XsqMM7XT5HFdJw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmII1JBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIib49CVp2vZBH58vSIBANJcINw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.pngwing.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVwzPwPyqDlNynvG3SkylV3_gbwch0LbfKYJD6n1ZQo9bfgpKVFf9pu1D2feuXffztiFawmOgUhErj7lZKg442l7VHNOSPC1w2DshLqtcn89gLBV8Kbc11ZEZf4XjBrHTiPpqwK4Q==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVwzPwPyqDlNynvG3SkylV3_gbwch0LbfKYJD6n1ZQo9bfgpKVFf9pu1D2feuXffztiFawmOgUhErj7lZKg442l7VHNOSPC1w2DshLqtcn89gLBV8Kbc11ZEZf4XjBrHTiPpqwK4Q==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.lMIzdAKKDEY.es5.O/am=wA/d=1/rs=AJlcJMzmB6bdT_BMgeeZSzvNF8-3Z93uig/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f102.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce--dt8yUmy_8vxmSeJHr_a1g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.pngwing.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 30 Jan 2024 21:29:38 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce--dt8yUmy_8vxmSeJHr_a1g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmLw1JBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIib49CVp2vZBA48XSoJAM6HIF4"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.pngwing.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVJLyRqayANUhdPcpxkypCrH3w6VYnD8_7ZEXr-cI0bWQxrQ9aEbp_QAXU6FV65in-2NBxchdWUor2bB6m7L3e0CGcFyPOoQE0DnI_KYA_yqQM4zpKiiCAO0AKkedKge_MS2SOvKQ==
fundingchoicesmessages.google.com/f/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVJLyRqayANUhdPcpxkypCrH3w6VYnD8_7ZEXr-cI0bWQxrQ9aEbp_QAXU6FV65in-2NBxchdWUor2bB6m7L3e0CGcFyPOoQE0DnI_KYA_yqQM4zpKiiCAO0AKkedKge_MS2SOvKQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzA2NjUwMTc3LDkyMDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cHM6Ly93d3cucG5nd2luZy5jb20vZmkvZnJlZS1wbmctcHlweXMiLG51bGwsW1s4LCJsTUl6ZEFLS0RFWSJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.lMIzdAKKDEY.es5.O/am=wA/d=1/rs=AJlcJMzmB6bdT_BMgeeZSzvNF8-3Z93uig/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f102.1e100.net
Software
ESF /
Resource Hash
5bba5e5bdc70318f5852a13da924eb1c4f80525a63e62e2b435d07358537a456
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce--E2yQosoT8ridinGSfCUkg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.pngwing.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 21:29:37 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce--E2yQosoT8ridinGSfCUkg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
reporting-endpoints
default="/_/ContributorGlobalRouterHttp/web-reports?context=eJwNxzsIQWEYBuDj4xOSZMJskInNbDJYlKLIpCTLmWRhYjPK_w82o1wGg8GiDIpIlMRg4SBZXBYG7_AMj2Wi81ncSsTrVpahA21h5TnRDkrKmapwjJ_pAn6vRkFQ8xoVQfe7kBkeryvZ31dygg8erht9YBgJG-5xwbaE4JkqeA3GIg7psmAVbF3BgZ7gwVzwCFKa4Ay0WHIb6lHJTagkJTcglJUcg2dO8hcK-wWXwWE1jTenjtHer62m-j9241jR"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVTHkhD-duh0EHTgV06dN1fRNFhFZ3eLJ12aNSwO9ZYVwNyW1lV6ad8qetqJYMfQUmkGMrJURzfr2y7LqfIB_rk7K-n4tBipUJQqjkJmBFMaIMnkEILEQXw5rF4ch4-9R0ix762ug==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVTHkhD-duh0EHTgV06dN1fRNFhFZ3eLJ12aNSwO9ZYVwNyW1lV6ad8qetqJYMfQUmkGMrJURzfr2y7LqfIB_rk7K-n4tBipUJQqjkJmBFMaIMnkEILEQXw5rF4ch4-9R0ix762ug==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.lMIzdAKKDEY.es5.O/am=wA/d=1/rs=AJlcJMzmB6bdT_BMgeeZSzvNF8-3Z93uig/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f102.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-zsu8ZcyiVI969z061gWjeQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.pngwing.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 30 Jan 2024 21:29:38 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-zsu8ZcyiVI969z061gWjeQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmJw0ZBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIib49CVp2vZBC5c3aoDAM1JIHw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.pngwing.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVwzPwPyqDlNynvG3SkylV3_gbwch0LbfKYJD6n1ZQo9bfgpKVFf9pu1D2feuXffztiFawmOgUhErj7lZKg442l7VHNOSPC1w2DshLqtcn89gLBV8Kbc11ZEZf4XjBrHTiPpqwK4Q==
fundingchoicesmessages.google.com/el/ 		0
29 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVwzPwPyqDlNynvG3SkylV3_gbwch0LbfKYJD6n1ZQo9bfgpKVFf9pu1D2feuXffztiFawmOgUhErj7lZKg442l7VHNOSPC1w2DshLqtcn89gLBV8Kbc11ZEZf4XjBrHTiPpqwK4Q==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.lMIzdAKKDEY.es5.O/am=wA/d=1/rs=AJlcJMzmB6bdT_BMgeeZSzvNF8-3Z93uig/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.163.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wv-in-f102.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-1UV1WMBE4TarCFpXEFvK9w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.pngwing.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 30 Jan 2024 21:29:38 GMT
content-security-policy
script-src 'report-sample' 'nonce-1UV1WMBE4TarCFpXEFvK9w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
reporting-endpoints
default="/_/ContributorLoggingHttp/web-reports?context=eJzjctHikmJw0pBiqGV4xtQKxAXZz5kqgJjxzwsmTiB-J_mK6RsQ7_DxYJkSOIN1DhA7pc9gDQHistvnWOuAWIib49CVp2vZBD6c_e4CAM2zIOw"
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://www.pngwing.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame A21F 		42 B
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CRTREQGq5ZZmuDdaM6tkP6e6l6AarkquddLnh8oCbEojTx7-WRxABIPDY1i1g_eiigfADoAHX_5nTA8gBCakCUepBnQ0xsj6oAwHIA8sEqgTiAU_QKXQgqLQSkJ1YfXvTfFTLjbgHy4nvDic6id9gwd3zmJsvPwmSzeMxcmDd5nLfZZjVZk-k2wTDyQgYRHMzAcqT7dv8R70XQzEiuPW8PFU_bAvTKow3niERayVVzYyHWqG6COiZlRZjFKuoJkGyJ315quofQYr3TwUBgrlu5auh7ci9hoqo75KFlHxjuYvaIH9lciPeDsWcWRArLQ714MEn4kyVv1vvCgIRe8b233tm8cTUksQOi3cpYEx540axz9ubLPVi047a_3nLye3sMrv1oqc_2KmEytsOoseZmTSKO4_ABICF26PdBIgFru-8tU2gBi6AB_vPvSuoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAfKqbECqAfrpbECqAfqsbECqAeZtbECqAe-t7EC2AcA0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOli9zIesh4aEA5oJmgFodHRwczovL3d3dy5pbmZpbmVvbi5jb20vY21zL2VuL3Byb2R1Y3QvdW5pdmVyc2FsLXNlcmlhbC1idXMvdXNiLXBlcmlwaGVyYWwtY29udHJvbGxlcnMtZm9yLXN1cGVyc3BlZWQvZXotdXNiLXN4My1maWZvLXRvLXVzYi01Z2Jwcy1wZXJpcGhlcmFsLWNvbnRyb2xsZXIvsQl9LdligSBFBIAKAcgLAeALAYAMAdoMEAoKEIDO8ejcg_aMaxICAQOqDQJDQcgNAbgTnBvYEwrQFQGYFgH4FgGAFwE&sigh=uyRgFVbQNoU&cid=CAQSTgAvHhf_Y1CwT8i36pDWUxN5V9ROvNjWP3ziKNLgkglh_olU_WzN1LwKrRb8z2sUlSJRdofh863pRCZvOCrBDKImOh7a6TAoLEpKGXKEOg&label=adresume
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&h=600&slotname=6755779896&adk=3097730508&adf=449867342&pi=t.ma~as.6755779896&w=300&fwrn=4&fwrnh=100&lmt=1706650176&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.pngwing.com%2Ffi%2Ffree-png-pypys&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706650175944&bpp=1&bdt=3250&idt=204&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C920x280&nras=1&correlator=3524471520251&frm=20&pv=1&ga_vid=1948961691.1706650176&ga_sid=1706650176&ga_hid=2018514282&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1118&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080620%2C44795921%2C95321958%2C95320868%2C95320893%2C95323005&oid=2&pvsid=354726131425966&tmod=1420159883&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=206
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&h=600&slotname=6755779896&adk=3097730508&adf=449867342&pi=t.ma~as.6755779896&w=300&fwrn=4&fwrnh=100&lmt=1706650176&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.pngwing.com%2Ffi%2Ffree-png-pypys&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706650175944&bpp=1&bdt=3250&idt=204&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C920x280&nras=1&correlator=3524471520251&frm=20&pv=1&ga_vid=1948961691.1706650176&ga_sid=1706650176&ga_hid=2018514282&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1118&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080620%2C44795921%2C95321958%2C95320868%2C95320893%2C95323005&oid=2&pvsid=354726131425966&tmod=1420159883&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=206
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 21:29:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame A21F 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CRTREQGq5ZZmuDdaM6tkP6e6l6AarkquddLnh8oCbEojTx7-WRxABIPDY1i1g_eiigfADoAHX_5nTA8gBCakCUepBnQ0xsj6oAwHIA8sEqgTiAU_QKXQgqLQSkJ1YfXvTfFTLjbgHy4nvDic6id9gwd3zmJsvPwmSzeMxcmDd5nLfZZjVZk-k2wTDyQgYRHMzAcqT7dv8R70XQzEiuPW8PFU_bAvTKow3niERayVVzYyHWqG6COiZlRZjFKuoJkGyJ315quofQYr3TwUBgrlu5auh7ci9hoqo75KFlHxjuYvaIH9lciPeDsWcWRArLQ714MEn4kyVv1vvCgIRe8b233tm8cTUksQOi3cpYEx540axz9ubLPVi047a_3nLye3sMrv1oqc_2KmEytsOoseZmTSKO4_ABICF26PdBIgFru-8tU2gBi6AB_vPvSuoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAfKqbECqAfrpbECqAfqsbECqAeZtbECqAe-t7EC2AcA0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOli9zIesh4aEA5oJmgFodHRwczovL3d3dy5pbmZpbmVvbi5jb20vY21zL2VuL3Byb2R1Y3QvdW5pdmVyc2FsLXNlcmlhbC1idXMvdXNiLXBlcmlwaGVyYWwtY29udHJvbGxlcnMtZm9yLXN1cGVyc3BlZWQvZXotdXNiLXN4My1maWZvLXRvLXVzYi01Z2Jwcy1wZXJpcGhlcmFsLWNvbnRyb2xsZXIvsQl9LdligSBFBIAKAcgLAeALAYAMAdoMEAoKEIDO8ejcg_aMaxICAQOqDQJDQcgNAbgTnBvYEwrQFQGYFgH4FgGAFwE&sigh=uyRgFVbQNoU&cid=CAQSTgAvHhf_Y1CwT8i36pDWUxN5V9ROvNjWP3ziKNLgkglh_olU_WzN1LwKrRb8z2sUlSJRdofh863pRCZvOCrBDKImOh7a6TAoLEpKGXKEOg&label=part2viewed
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&h=600&slotname=6755779896&adk=3097730508&adf=449867342&pi=t.ma~as.6755779896&w=300&fwrn=4&fwrnh=100&lmt=1706650176&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.pngwing.com%2Ffi%2Ffree-png-pypys&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706650175944&bpp=1&bdt=3250&idt=204&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C920x280&nras=1&correlator=3524471520251&frm=20&pv=1&ga_vid=1948961691.1706650176&ga_sid=1706650176&ga_hid=2018514282&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1118&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080620%2C44795921%2C95321958%2C95320868%2C95320893%2C95323005&oid=2&pvsid=354726131425966&tmod=1420159883&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=206
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&h=600&slotname=6755779896&adk=3097730508&adf=449867342&pi=t.ma~as.6755779896&w=300&fwrn=4&fwrnh=100&lmt=1706650176&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.pngwing.com%2Ffi%2Ffree-png-pypys&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706650175944&bpp=1&bdt=3250&idt=204&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C920x280&nras=1&correlator=3524471520251&frm=20&pv=1&ga_vid=1948961691.1706650176&ga_sid=1706650176&ga_hid=2018514282&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1118&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080620%2C44795921%2C95321958%2C95320868%2C95320893%2C95323005&oid=2&pvsid=354726131425966&tmod=1420159883&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=206
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 21:29:41 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame A21F 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CRTREQGq5ZZmuDdaM6tkP6e6l6AarkquddLnh8oCbEojTx7-WRxABIPDY1i1g_eiigfADoAHX_5nTA8gBCakCUepBnQ0xsj6oAwHIA8sEqgTiAU_QKXQgqLQSkJ1YfXvTfFTLjbgHy4nvDic6id9gwd3zmJsvPwmSzeMxcmDd5nLfZZjVZk-k2wTDyQgYRHMzAcqT7dv8R70XQzEiuPW8PFU_bAvTKow3niERayVVzYyHWqG6COiZlRZjFKuoJkGyJ315quofQYr3TwUBgrlu5auh7ci9hoqo75KFlHxjuYvaIH9lciPeDsWcWRArLQ714MEn4kyVv1vvCgIRe8b233tm8cTUksQOi3cpYEx540axz9ubLPVi047a_3nLye3sMrv1oqc_2KmEytsOoseZmTSKO4_ABICF26PdBIgFru-8tU2gBi6AB_vPvSuoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAfKqbECqAfrpbECqAfqsbECqAeZtbECqAe-t7EC2AcA0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOli9zIesh4aEA5oJmgFodHRwczovL3d3dy5pbmZpbmVvbi5jb20vY21zL2VuL3Byb2R1Y3QvdW5pdmVyc2FsLXNlcmlhbC1idXMvdXNiLXBlcmlwaGVyYWwtY29udHJvbGxlcnMtZm9yLXN1cGVyc3BlZWQvZXotdXNiLXN4My1maWZvLXRvLXVzYi01Z2Jwcy1wZXJpcGhlcmFsLWNvbnRyb2xsZXIvsQl9LdligSBFBIAKAcgLAeALAYAMAdoMEAoKEIDO8ejcg_aMaxICAQOqDQJDQcgNAbgTnBvYEwrQFQGYFgH4FgGAFwE&sigh=uyRgFVbQNoU&cid=CAQSTgAvHhf_Y1CwT8i36pDWUxN5V9ROvNjWP3ziKNLgkglh_olU_WzN1LwKrRb8z2sUlSJRdofh863pRCZvOCrBDKImOh7a6TAoLEpKGXKEOg&label=videoplaytime25
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&h=600&slotname=6755779896&adk=3097730508&adf=449867342&pi=t.ma~as.6755779896&w=300&fwrn=4&fwrnh=100&lmt=1706650176&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.pngwing.com%2Ffi%2Ffree-png-pypys&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706650175944&bpp=1&bdt=3250&idt=204&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C920x280&nras=1&correlator=3524471520251&frm=20&pv=1&ga_vid=1948961691.1706650176&ga_sid=1706650176&ga_hid=2018514282&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1118&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080620%2C44795921%2C95321958%2C95320868%2C95320893%2C95323005&oid=2&pvsid=354726131425966&tmod=1420159883&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=206
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&h=600&slotname=6755779896&adk=3097730508&adf=449867342&pi=t.ma~as.6755779896&w=300&fwrn=4&fwrnh=100&lmt=1706650176&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.pngwing.com%2Ffi%2Ffree-png-pypys&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706650175944&bpp=1&bdt=3250&idt=204&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C920x280&nras=1&correlator=3524471520251&frm=20&pv=1&ga_vid=1948961691.1706650176&ga_sid=1706650176&ga_hid=2018514282&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1118&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080620%2C44795921%2C95321958%2C95320868%2C95320893%2C95323005&oid=2&pvsid=354726131425966&tmod=1420159883&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=206
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 21:29:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crop.svg
assets.pngwing.com/public/css/ 		266 B
656 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.pngwing.com/public/css/crop.svg
Requested by
Host: assets.pngwing.com
URL: https://assets.pngwing.com/public/css/base.css?20221010
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.192.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2f8985c5c94a8d8b7a7086e55ed61fd1fa0cfd5c570c87a2bb40b6d20614176

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://assets.pngwing.com/public/css/base.css?20221010
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 21:29:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 01 Jul 2021 01:10:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6644
etag
W/"60dd15f5-10a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ySuolmhQYd2M2In3mKy7QgQje%2FxP47PEkhjTkYhsA5Y1W0F1%2FgPCWplM6xGI3FO%2B6TQm0t0cP7iMxEM4F7iOwcHqfSlRnGhOm5d%2FHNxDlxQn6uRskHmE5BPdOphVxsbH7H27v7E%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
84dccffd9fda4358-EWR
alt-svc
h3=":443"; ma=86400
rarrow.svg
assets.pngwing.com/public/css/ 		255 B
647 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.pngwing.com/public/css/rarrow.svg
Requested by
Host: assets.pngwing.com
URL: https://assets.pngwing.com/public/css/base.css?20221010
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.192.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b3927ed530706279d763b0f78dbdd8edf2e8d6851dc186cdded8cd06b7fa137

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://assets.pngwing.com/public/css/base.css?20221010
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 21:29:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 01 Jul 2021 02:56:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6644
etag
W/"60dd2ef2-ff"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5qniHBCrz4r5VsWxV7gKD2ZQrFmSeNFzgU6NF9vMVUmIviqBjGLX6lQ8%2FNWbHP0AFwG%2Bk3oHUcRCW%2BMl6mQK7whzXU2iWlQjYwKvMGmiLfkKuc0nDr3cASD58dv7JxkhkZ8u1GY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
84dccffd9fdb4358-EWR
alt-svc
h3=":443"; ma=86400
license.svg
assets.pngwing.com/public/css/ 		307 B
686 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.pngwing.com/public/css/license.svg
Requested by
Host: assets.pngwing.com
URL: https://assets.pngwing.com/public/css/base.css?20221010
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.192.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0665cff3cdc28e3ea8f1591f0debe65a2657dbb90717c922e71b0573e834f1ea

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://assets.pngwing.com/public/css/base.css?20221010
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 21:29:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 01 Jul 2021 01:12:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6644
etag
W/"60dd1690-133"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OG3ajeUGpFht%2FhQ%2ByANETY%2Fot35gVrjCyuRs43EaonTG3XegjQtHd1SojrA6%2BhL%2Bpu%2F%2BmPYMSTL%2Fba9zbw%2FdSKdwYE9A6Zb8IBhKRvBOOtvB88%2F8L0BWzp%2B6D%2Fx6VzoCes2I%2Bq8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
84dccffd9fdd4358-EWR
alt-svc
h3=":443"; ma=86400
ads
googleads.g.doubleclick.net/pagead/ Frame 2054 		39 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2606419576769320&output=html&h=280&slotname=6755779896&adk=3393489949&adf=2897732966&pi=t.ma~as.6755779896&w=1200&fwrn=4&fwrnh=100&lmt=1706650188&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.pngwing.com%2Ffi%2Ffree-png-pypys&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706650188397&bpp=1&bdt=15703&idt=2&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddb17fbc0de342517%3AT%3D1706650176%3ART%3D1706650176%3AS%3DALNI_MYS7sFSNZ2JNL2Oqs0sbffRT8qIHA&gpic=UID%3D00000dbc2e557a6b%3AT%3D1706650176%3ART%3D1706650176%3AS%3DALNI_MYlQOtZR8eVcvzlsyBHbjE9nKk4_Q&eo_id_str=ID%3D58907b6134819514%3AT%3D1706650176%3ART%3D1706650176%3AS%3DAA-AfjYN4aeByAAuH2ctwLlNF7sM&prev_fmts=0x0%2C920x280%2C300x600%2C1600x1200&nras=2&correlator=3524471520251&frm=20&pv=1&ga_vid=1948961691.1706650176&ga_sid=1706650176&ga_hid=2018514282&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1679&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080620%2C44795921%2C95321958%2C95320868%2C95320893%2C95323005&oid=2&psts=AOrYGsm1UtWsKzE706aTRPuZBiBiXsd-md7K_vXXvMjA0ZxbJeODVfbtr95J-aERdAf7I2F879Xh8WIvxH-BAwyOw9MpqyE%2CAOrYGsmuiFPv5uiWXEqzscsJ9vmsr5ih3EA4Bx7wTr-MVDFjmAULAaOGEScT02CS_0w7SgI1Tiu6G0DykK72NSkaCUsi&pvsid=354726131425966&tmod=1420159883&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=5
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401250101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
cafe /
Resource Hash
506b3d8c5f14d4451293c421d00b10bc1ef9a345b7a69d2a815ff63dd543e682
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.pngwing.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
16640
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jan 2024 21:29:48 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
email-decode.min.js
www.pngwing.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.pngwing.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.pngwing.com
URL: https://www.pngwing.com/fi/free-png-pypys
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.192.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.pngwing.com/fi/free-png-pypys
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 21:29:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 26 Jan 2024 10:32:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65b38a27-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=faP9lAw%2B59GR3uE4zoSTXTYZX7mZD1hTvmxzlxWJ%2BpmU0qkLHGQ0VdjUXTb35ryjvXY55aCeo%2FmcF74NfrXY9Z6ZiBYUcDMNKqITWkueHnlcPKSmGJJiUvhsN0SpZrtq2ak%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
84dccffdaff74358-EWR
expires
Thu, 01 Feb 2024 21:29:48 GMT
load.svg
assets.pngwing.com/public/css/ 		1 KB
824 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.pngwing.com/public/css/load.svg
Requested by
Host: assets.pngwing.com
URL: https://assets.pngwing.com/public/css/base.css?20221010
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.192.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3370e45614c256346047754a276504fd351020bf0169ba9dc7f826eaacc25e2c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://assets.pngwing.com/public/css/base.css?20221010
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 21:29:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 20 Aug 2020 10:40:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6684
etag
W/"5f3e5328-5a2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mMDaKF%2F3HLw1HzkyYDPbr02FaVDPd9mB69OeB%2BUhaOMUq1xGEYB8FAYp8rONi8ydsRXz4Vy5u4NDFREV26zQQJK3CXgBXnPIlzWbi920LQvvgYQN5Qp84mzj%2FCpbRLbGkTGzZTI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
84dccffdaff94358-EWR
alt-svc
h3=":443"; ma=86400
scale.svg
assets.pngwing.com/public/css/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.pngwing.com/public/css/scale.svg
Requested by
Host: assets.pngwing.com
URL: https://assets.pngwing.com/public/css/base.css?20221010
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.192.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1a1026bd29787369177df7c8b337bf62deab35e69dec0ccdf338cec4f307ac6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://assets.pngwing.com/public/css/base.css?20221010
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 21:29:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Mar 2019 06:06:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1467
etag
W/"5c9329fa-8d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zo8%2FdLIHBwP7SXkgK7O1MUocpZU%2Bod3H0c40B%2FAUvHxDg%2FnWA3nh9HrO3lANI0A4V0Wwpu%2FTu8kb3EgbpXsGet9CxEqfNPzUssnrZrj1xX2N04b6z26XFeCqR5PxHIw8%2FhBRqvw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
84dccffdaffa4358-EWR
alt-svc
h3=":443"; ma=86400
document.svg
assets.pngwing.com/public/css/ 		1 KB
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.pngwing.com/public/css/document.svg
Requested by
Host: assets.pngwing.com
URL: https://assets.pngwing.com/public/css/base.css?20221010
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.192.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04261972b408d8edaefc199c08d87a13afec67796c540c7f1617127f6f66ab8a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://assets.pngwing.com/public/css/base.css?20221010
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 21:29:48 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 21 Mar 2019 06:07:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6684
etag
W/"5c932a16-574"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=icbODoYuapKVzuwrqNBVSwaGtRg%2BmZggHYCGiEjx8TPvHnI7PJMXbULyjxv2AREgbIwzY0twXTBlYlIuVW9FCVpGYbcMdb3rksN75xiC0BnhQDXxxq%2BKcxNsF81oK1b0bFfte5M%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
84dccffdaffc4358-EWR
alt-svc
h3=":443"; ma=86400
top.png
assets.pngwing.com/public/css/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.pngwing.com/public/css/top.png
Requested by
Host: assets.pngwing.com
URL: https://assets.pngwing.com/public/css/base.css?20221010
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.192.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b04df73090f6b0f3192a3b71874ca3b3cc19dff16adc6cf365cd0c75897f6c0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://assets.pngwing.com/public/css/base.css?20221010
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 21:29:48 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5309561
alt-svc
h3=":443"; ma=86400
content-length
2867
last-modified
Thu, 21 Mar 2019 07:39:28 GMT
server
cloudflare
etag
"5c933fb0-b33"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MLEgxA6sn27bA1XjabyeioPJOd4OfR6BoXoOTPx5gaR9yE2BQjulCVc1CWwtBg3WGQ%2BUwNq%2BFixgEiCs6NOzsQwTIudYBO0jIG8zurYUcQ6GGRTa3NsgDVj6HlDEapH4pai8FoM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=31104000
accept-ranges
bytes
cf-ray
84dccffdbffe4358-EWR
expires
Sun, 24 Nov 2024 10:37:07 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/ Frame 2054 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2606419576769320&output=html&h=280&slotname=6755779896&adk=3393489949&adf=2897732966&pi=t.ma~as.6755779896&w=1200&fwrn=4&fwrnh=100&lmt=1706650188&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.pngwing.com%2Ffi%2Ffree-png-pypys&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706650188397&bpp=1&bdt=15703&idt=2&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddb17fbc0de342517%3AT%3D1706650176%3ART%3D1706650176%3AS%3DALNI_MYS7sFSNZ2JNL2Oqs0sbffRT8qIHA&gpic=UID%3D00000dbc2e557a6b%3AT%3D1706650176%3ART%3D1706650176%3AS%3DALNI_MYlQOtZR8eVcvzlsyBHbjE9nKk4_Q&eo_id_str=ID%3D58907b6134819514%3AT%3D1706650176%3ART%3D1706650176%3AS%3DAA-AfjYN4aeByAAuH2ctwLlNF7sM&prev_fmts=0x0%2C920x280%2C300x600%2C1600x1200&nras=2&correlator=3524471520251&frm=20&pv=1&ga_vid=1948961691.1706650176&ga_sid=1706650176&ga_hid=2018514282&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1679&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080620%2C44795921%2C95321958%2C95320868%2C95320893%2C95323005&oid=2&psts=AOrYGsm1UtWsKzE706aTRPuZBiBiXsd-md7K_vXXvMjA0ZxbJeODVfbtr95J-aERdAf7I2F879Xh8WIvxH-BAwyOw9MpqyE%2CAOrYGsmuiFPv5uiWXEqzscsJ9vmsr5ih3EA4Bx7wTr-MVDFjmAULAaOGEScT02CS_0w7SgI1Tiu6G0DykK72NSkaCUsi&pvsid=354726131425966&tmod=1420159883&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 07:01:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
52106
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Feb 2024 07:01:22 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/ Frame 2054 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240124/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2606419576769320&output=html&h=280&slotname=6755779896&adk=3393489949&adf=2897732966&pi=t.ma~as.6755779896&w=1200&fwrn=4&fwrnh=100&lmt=1706650188&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.pngwing.com%2Ffi%2Ffree-png-pypys&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706650188397&bpp=1&bdt=15703&idt=2&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddb17fbc0de342517%3AT%3D1706650176%3ART%3D1706650176%3AS%3DALNI_MYS7sFSNZ2JNL2Oqs0sbffRT8qIHA&gpic=UID%3D00000dbc2e557a6b%3AT%3D1706650176%3ART%3D1706650176%3AS%3DALNI_MYlQOtZR8eVcvzlsyBHbjE9nKk4_Q&eo_id_str=ID%3D58907b6134819514%3AT%3D1706650176%3ART%3D1706650176%3AS%3DAA-AfjYN4aeByAAuH2ctwLlNF7sM&prev_fmts=0x0%2C920x280%2C300x600%2C1600x1200&nras=2&correlator=3524471520251&frm=20&pv=1&ga_vid=1948961691.1706650176&ga_sid=1706650176&ga_hid=2018514282&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1679&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080620%2C44795921%2C95321958%2C95320868%2C95320893%2C95323005&oid=2&psts=AOrYGsm1UtWsKzE706aTRPuZBiBiXsd-md7K_vXXvMjA0ZxbJeODVfbtr95J-aERdAf7I2F879Xh8WIvxH-BAwyOw9MpqyE%2CAOrYGsmuiFPv5uiWXEqzscsJ9vmsr5ih3EA4Bx7wTr-MVDFjmAULAaOGEScT02CS_0w7SgI1Tiu6G0DykK72NSkaCUsi&pvsid=354726131425966&tmod=1420159883&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f132.1e100.net
Software
cafe /
Resource Hash
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 20:57:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
1958
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8501
x-xss-protection
0
server
cafe
etag
9351358253902147912
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 13 Feb 2024 20:57:10 GMT
l
www.google.com/ads/measurement/ Frame 2054 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQjVHqG1P3VwqtGGUw0lWZqcUWOHiFmlKQZxTrfRlFkCwDFxIlYjGDJ9f_k-FoLfEuHM4isn8sPCGqN-JrFhVX_jAkOLw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2606419576769320&output=html&h=280&slotname=6755779896&adk=3393489949&adf=2897732966&pi=t.ma~as.6755779896&w=1200&fwrn=4&fwrnh=100&lmt=1706650188&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.pngwing.com%2Ffi%2Ffree-png-pypys&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706650188397&bpp=1&bdt=15703&idt=2&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddb17fbc0de342517%3AT%3D1706650176%3ART%3D1706650176%3AS%3DALNI_MYS7sFSNZ2JNL2Oqs0sbffRT8qIHA&gpic=UID%3D00000dbc2e557a6b%3AT%3D1706650176%3ART%3D1706650176%3AS%3DALNI_MYlQOtZR8eVcvzlsyBHbjE9nKk4_Q&eo_id_str=ID%3D58907b6134819514%3AT%3D1706650176%3ART%3D1706650176%3AS%3DAA-AfjYN4aeByAAuH2ctwLlNF7sM&prev_fmts=0x0%2C920x280%2C300x600%2C1600x1200&nras=2&correlator=3524471520251&frm=20&pv=1&ga_vid=1948961691.1706650176&ga_sid=1706650176&ga_hid=2018514282&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1679&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080620%2C44795921%2C95321958%2C95320868%2C95320893%2C95323005&oid=2&psts=AOrYGsm1UtWsKzE706aTRPuZBiBiXsd-md7K_vXXvMjA0ZxbJeODVfbtr95J-aERdAf7I2F879Xh8WIvxH-BAwyOw9MpqyE%2CAOrYGsmuiFPv5uiWXEqzscsJ9vmsr5ih3EA4Bx7wTr-MVDFjmAULAaOGEScT02CS_0w7SgI1Tiu6G0DykK72NSkaCUsi&pvsid=354726131425966&tmod=1420159883&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f147.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 2054 		0
0
afr.php
ads.us.criteo.com/delivery/r/ Frame EEE5 		217 KB
57 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.criteo.com/delivery/r/afr.php?z=ZblqTAAGrE0IaATKAAz0uAvjIHqy1I67Xu27VA&u=%7CA%2Fn6i6JSQpJMRU%2FscTtXFZ8hEwP%2BDEdLmbRxZmehp74%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR6JaQbtbG989nU3FNhChtHNLcfO4j9EQpTfpZlEBbPTMTri3BODJW10YvFNSlvvyzZ5cqKxomYXEyqNu2ceMjqWT_VH3TfSpE5lsEMKlZKFTYb7E69U8dhpa9L91iwkDg8PGT7oSU13p5c5kDWQkQEXPB55XryrpGzorKlyG_Tm2oXDUUXYVGXWg4YUq5eB6Wk9OZ4ZzDxCOlIAD-z-aMVQovYWwJHYjCMJyAU_Vxk8-KMTSeWxh3KkgIuTu9l_pSOlFCD4LoNfr-flSgFgOyE-BbHNxzaMEls9UnsUiAdEzsAveRLChmTQeFIjZ97oM9mbZd-BagQiiXDWomIA8TyG0VleNXAT_T2GN_bfyu1b204EIhVybg2rfXzufuIWScrZ6pRS_3AYIxovPPeiQqC3Y1HrLofV8ru7onbyFWHrhlLBbaaa7krW2lbSweHi1kii5tFn0sWIZnSJl_DqtXsgBB8h-D2myLtcM5FNdGAiTf4xAIgwYFrdzqxpToUaCBkG4nDXUXjoUPPE1Z4XyqmhidMcRAFLIob8LgtUsz32RU2MuYN1epnp9FoEYN602RzSRrEw0ANc1-NQB3W3chjxwbKmjaNm4wlTkmFLJB6hVA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCoM9vTGq5Zc3YGsqJoPMPuOmzsAScge-wXPKhqap0wI23ARABIABg_eiigfADggEXY2EtcHViLTI2MDY0MTk1NzY3NjkzMjDIAQmoAwHIAwKqBN0BT9DpwDtG4trBxqGLQT1n8tx-Tw9CBq7G5imxEPfOYaiPcNN_op7CVEoH5ELMhI7_8s6jt7leNVcq8Ch1mRSp-dCNA5rbFI4uZ_8522k_vNLgPcoz_KxmUQPrFmYxOfyUJBH9DR5X7w9q6UVejUXIizGaA9M9bGkW5lDOgZPV2XfB0VJgCMFjct884vQo_CM3QLSkA5_SKKsAt8hUJ0HpY1dF0iltqZG9pQS17HHaP0L0Q4gajOUXf20-ffw2HRqCkffR2-bBdPLQT_Tm6-xvBQOJY3lKFVhT-Yt0MVWABpXoge6I2ZGvQKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOlj4ivOxh4aEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Sk5fAyVHOJCI4TGGNiH8wkdwbpw%26client%3Dca-pub-2606419576769320%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2606419576769320&output=html&h=280&slotname=6755779896&adk=3393489949&adf=2897732966&pi=t.ma~as.6755779896&w=1200&fwrn=4&fwrnh=100&lmt=1706650188&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.pngwing.com%2Ffi%2Ffree-png-pypys&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706650188397&bpp=1&bdt=15703&idt=2&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddb17fbc0de342517%3AT%3D1706650176%3ART%3D1706650176%3AS%3DALNI_MYS7sFSNZ2JNL2Oqs0sbffRT8qIHA&gpic=UID%3D00000dbc2e557a6b%3AT%3D1706650176%3ART%3D1706650176%3AS%3DALNI_MYlQOtZR8eVcvzlsyBHbjE9nKk4_Q&eo_id_str=ID%3D58907b6134819514%3AT%3D1706650176%3ART%3D1706650176%3AS%3DAA-AfjYN4aeByAAuH2ctwLlNF7sM&prev_fmts=0x0%2C920x280%2C300x600%2C1600x1200&nras=2&correlator=3524471520251&frm=20&pv=1&ga_vid=1948961691.1706650176&ga_sid=1706650176&ga_hid=2018514282&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1679&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080620%2C44795921%2C95321958%2C95320868%2C95320893%2C95323005&oid=2&psts=AOrYGsm1UtWsKzE706aTRPuZBiBiXsd-md7K_vXXvMjA0ZxbJeODVfbtr95J-aERdAf7I2F879Xh8WIvxH-BAwyOw9MpqyE%2CAOrYGsmuiFPv5uiWXEqzscsJ9vmsr5ih3EA4Bx7wTr-MVDFjmAULAaOGEScT02CS_0w7SgI1Tiu6G0DykK72NSkaCUsi&pvsid=354726131425966&tmod=1420159883&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.65 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
c768fd171c3dc95e79e30ec7ddea00712e8434e0bb272db8d74a4c573d8c111c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jan 2024 21:29:48 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.us.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.us.criteo.net/heavyad?cppv=3&cpp=xkZ3kEvbDPNNViV2y6YHuxHRNW0WP-JCdtpmMeTrLv0W1-P70sRWq4HWN25jiQSgex5u6wQHuUH1LCl0k9JF5PImSEplEioc37mQUltV_7SliF6ZxYPa7gX6z8AzG91fGsywLBpnl4-roc2FTIMXHr4WL0fL3qnopZvUFN8YIc-ScTQ89wbAaSiNnOIvsyVGQdIUTglFf-muCnZiZ2aWOSZc93_SHHvG3wK1Hu0qYt6sEzMCvnQdbPlXHVAQiAN7wLn26AOr6PbFlFXG"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
100291141
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 10DA 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2606419576769320&output=html&h=280&slotname=6755779896&adk=3393489949&adf=2897732966&pi=t.ma~as.6755779896&w=1200&fwrn=4&fwrnh=100&lmt=1706650188&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.pngwing.com%2Ffi%2Ffree-png-pypys&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706650188397&bpp=1&bdt=15703&idt=2&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddb17fbc0de342517%3AT%3D1706650176%3ART%3D1706650176%3AS%3DALNI_MYS7sFSNZ2JNL2Oqs0sbffRT8qIHA&gpic=UID%3D00000dbc2e557a6b%3AT%3D1706650176%3ART%3D1706650176%3AS%3DALNI_MYlQOtZR8eVcvzlsyBHbjE9nKk4_Q&eo_id_str=ID%3D58907b6134819514%3AT%3D1706650176%3ART%3D1706650176%3AS%3DAA-AfjYN4aeByAAuH2ctwLlNF7sM&prev_fmts=0x0%2C920x280%2C300x600%2C1600x1200&nras=2&correlator=3524471520251&frm=20&pv=1&ga_vid=1948961691.1706650176&ga_sid=1706650176&ga_hid=2018514282&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1679&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080620%2C44795921%2C95321958%2C95320868%2C95320893%2C95323005&oid=2&psts=AOrYGsm1UtWsKzE706aTRPuZBiBiXsd-md7K_vXXvMjA0ZxbJeODVfbtr95J-aERdAf7I2F879Xh8WIvxH-BAwyOw9MpqyE%2CAOrYGsmuiFPv5uiWXEqzscsJ9vmsr5ih3EA4Bx7wTr-MVDFjmAULAaOGEScT02CS_0w7SgI1Tiu6G0DykK72NSkaCUsi&pvsid=354726131425966&tmod=1420159883&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f154.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
49893
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 30 Jan 2024 07:38:15 GMT
etag
48472445140208031
expires
Wed, 31 Jan 2024 07:38:15 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 2054 		207 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
87f42c6fa18a7e52faf12eda252f4f94addecd3e415516e3ba19b8fef1b1605f

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type
image/png
dpixel
cms.quantserve.com/ Frame 10DA 		0
0
i.match
s.tribalfusion.com/z/ Frame 10DA
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEOq1EEt4joNgYVLUzDEAQ_A&google_cver=1&google_push=AXcoOmQ5eXJlGtZflynEDyL5cMl6mKIbVYUD70VJX-mPi6wlP7DGtxN2yu46Xo6ynr-3v4rbmSohXaqYnBR1TYN1uX5A10i9eD-B2...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOq1EEt4joNgYVLUzDEAQ_A&google_cver=1&google_push=AXcoOmQ5eXJlGtZflynEDyL5cMl6mKIbVYUD70VJX-mPi6wlP7DGtxN2yu46Xo6ynr-3v4rbmSohXaqYnBR1TYN1uX5A10i9eD-...
43 B
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOq1EEt4joNgYVLUzDEAQ_A&google_cver=1&google_push=AXcoOmQ5eXJlGtZflynEDyL5cMl6mKIbVYUD70VJX-mPi6wlP7DGtxN2yu46Xo6ynr-3v4rbmSohXaqYnBR1TYN1uX5A10i9eD-B22g&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQ5eXJlGtZflynEDyL5cMl6mKIbVYUD70VJX-mPi6wlP7DGtxN2yu46Xo6ynr-3v4rbmSohXaqYnBR1TYN1uX5A10i9eD-B22g%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2606419576769320&output=html&h=280&slotname=6755779896&adk=3393489949&adf=2897732966&pi=t.ma~as.6755779896&w=1200&fwrn=4&fwrnh=100&lmt=1706650188&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.pngwing.com%2Ffi%2Ffree-png-pypys&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706650188397&bpp=1&bdt=15703&idt=2&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddb17fbc0de342517%3AT%3D1706650176%3ART%3D1706650176%3AS%3DALNI_MYS7sFSNZ2JNL2Oqs0sbffRT8qIHA&gpic=UID%3D00000dbc2e557a6b%3AT%3D1706650176%3ART%3D1706650176%3AS%3DALNI_MYlQOtZR8eVcvzlsyBHbjE9nKk4_Q&eo_id_str=ID%3D58907b6134819514%3AT%3D1706650176%3ART%3D1706650176%3AS%3DAA-AfjYN4aeByAAuH2ctwLlNF7sM&prev_fmts=0x0%2C920x280%2C300x600%2C1600x1200&nras=2&correlator=3524471520251&frm=20&pv=1&ga_vid=1948961691.1706650176&ga_sid=1706650176&ga_hid=2018514282&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1679&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080620%2C44795921%2C95321958%2C95320868%2C95320893%2C95323005&oid=2&psts=AOrYGsm1UtWsKzE706aTRPuZBiBiXsd-md7K_vXXvMjA0ZxbJeODVfbtr95J-aERdAf7I2F879Xh8WIvxH-BAwyOw9MpqyE%2CAOrYGsmuiFPv5uiWXEqzscsJ9vmsr5ih3EA4Bx7wTr-MVDFjmAULAaOGEScT02CS_0w7SgI1Tiu6G0DykK72NSkaCUsi&pvsid=354726131425966&tmod=1420159883&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=5
Protocol
H2
Server
104.18.25.173 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 21:29:52 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
84dcd015be7239f5-YYZ
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 30 Jan 2024 21:29:52 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
1732
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOq1EEt4joNgYVLUzDEAQ_A&google_cver=1&google_push=AXcoOmQ5eXJlGtZflynEDyL5cMl6mKIbVYUD70VJX-mPi6wlP7DGtxN2yu46Xo6ynr-3v4rbmSohXaqYnBR1TYN1uX5A10i9eD-B22g&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQ5eXJlGtZflynEDyL5cMl6mKIbVYUD70VJX-mPi6wlP7DGtxN2yu46Xo6ynr-3v4rbmSohXaqYnBR1TYN1uX5A10i9eD-B22g%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
84dcd014ecf239f5-YYZ
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 10DA
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEEZ7LMRi85YU97nq0-SJ8hw&google_cver=1&google_push=AXcoOmSqbN4KtLt3cWOHjiXuYf-HawZaIJoHDi1f80Nnd9zEKO9o6jfjLmmBnyWhIZx8JB9SftB22ycO...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEEZ7LMRi85YU97nq0-SJ8hw&google_cver=1&google_push=AXcoOmSqbN4KtLt3cWOHjiXuYf-HawZaIJoHDi1f80Nnd9zEKO9o6jfjLmmBnyWhIZx8JB9SftB...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODkzMjAyMjE4MzYwODMzMTAyMg&google_push=AXcoOmSqbN4KtLt3cWOHjiXuYf-HawZaIJoHDi1f80Nnd9zEKO9o6jfjLmmBnyWhIZx8JB9SftB22y...
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODkzMjAyMjE4MzYwODMzMTAyMg&google_push=AXcoOmSqbN4KtLt3cWOHjiXuYf-HawZaIJoHDi1f80Nnd9zEKO9o6jfjLmmBnyWhIZx8JB9SftB22ycO6nOY2EXq6BkLZV3gFVbS-Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2606419576769320&output=html&h=280&slotname=6755779896&adk=3393489949&adf=2897732966&pi=t.ma~as.6755779896&w=1200&fwrn=4&fwrnh=100&lmt=1706650188&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.pngwing.com%2Ffi%2Ffree-png-pypys&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706650188397&bpp=1&bdt=15703&idt=2&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddb17fbc0de342517%3AT%3D1706650176%3ART%3D1706650176%3AS%3DALNI_MYS7sFSNZ2JNL2Oqs0sbffRT8qIHA&gpic=UID%3D00000dbc2e557a6b%3AT%3D1706650176%3ART%3D1706650176%3AS%3DALNI_MYlQOtZR8eVcvzlsyBHbjE9nKk4_Q&eo_id_str=ID%3D58907b6134819514%3AT%3D1706650176%3ART%3D1706650176%3AS%3DAA-AfjYN4aeByAAuH2ctwLlNF7sM&prev_fmts=0x0%2C920x280%2C300x600%2C1600x1200&nras=2&correlator=3524471520251&frm=20&pv=1&ga_vid=1948961691.1706650176&ga_sid=1706650176&ga_hid=2018514282&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1679&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080620%2C44795921%2C95321958%2C95320868%2C95320893%2C95323005&oid=2&psts=AOrYGsm1UtWsKzE706aTRPuZBiBiXsd-md7K_vXXvMjA0ZxbJeODVfbtr95J-aERdAf7I2F879Xh8WIvxH-BAwyOw9MpqyE%2CAOrYGsmuiFPv5uiWXEqzscsJ9vmsr5ih3EA4Bx7wTr-MVDFjmAULAaOGEScT02CS_0w7SgI1Tiu6G0DykK72NSkaCUsi&pvsid=354726131425966&tmod=1420159883&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=5
Protocol
H2
Server
142.251.163.154 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 21:29:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 30 Jan 2024 21:29:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODkzMjAyMjE4MzYwODMzMTAyMg&google_push=AXcoOmSqbN4KtLt3cWOHjiXuYf-HawZaIJoHDi1f80Nnd9zEKO9o6jfjLmmBnyWhIZx8JB9SftB22ycO6nOY2EXq6BkLZV3gFVbS-Q
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
sync
dsp.adkernel.com/ Frame 10DA 		0
0
google
sync-dmp.mobtrakk.com/match/ Frame 10DA 		0
0
google
gtrace.mediago.io/ju/cs/ Frame 10DA 		0
0
pixel
www.temu.com/api/adx/cm/ Frame 10DA 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame 10DA 		0
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JXb40MkCuPxz8VDOCMCqvrMRmCCegsrNJa3hXvJ06Hcz_j6Jv_0OhbJr1-AIZMENAwdkZn8Dih
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2606419576769320&output=html&h=280&slotname=6755779896&adk=3393489949&adf=2897732966&pi=t.ma~as.6755779896&w=1200&fwrn=4&fwrnh=100&lmt=1706650188&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.pngwing.com%2Ffi%2Ffree-png-pypys&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706650188397&bpp=1&bdt=15703&idt=2&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddb17fbc0de342517%3AT%3D1706650176%3ART%3D1706650176%3AS%3DALNI_MYS7sFSNZ2JNL2Oqs0sbffRT8qIHA&gpic=UID%3D00000dbc2e557a6b%3AT%3D1706650176%3ART%3D1706650176%3AS%3DALNI_MYlQOtZR8eVcvzlsyBHbjE9nKk4_Q&eo_id_str=ID%3D58907b6134819514%3AT%3D1706650176%3ART%3D1706650176%3AS%3DAA-AfjYN4aeByAAuH2ctwLlNF7sM&prev_fmts=0x0%2C920x280%2C300x600%2C1600x1200&nras=2&correlator=3524471520251&frm=20&pv=1&ga_vid=1948961691.1706650176&ga_sid=1706650176&ga_hid=2018514282&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1679&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080620%2C44795921%2C95321958%2C95320868%2C95320893%2C95323005&oid=2&psts=AOrYGsm1UtWsKzE706aTRPuZBiBiXsd-md7K_vXXvMjA0ZxbJeODVfbtr95J-aERdAf7I2F879Xh8WIvxH-BAwyOw9MpqyE%2CAOrYGsmuiFPv5uiWXEqzscsJ9vmsr5ih3EA4Bx7wTr-MVDFjmAULAaOGEScT02CS_0w7SgI1Tiu6G0DykK72NSkaCUsi&pvsid=354726131425966&tmod=1420159883&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.163.154 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 21:29:52 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
privacy_small.svg
static.criteo.net/flash/icon/ Frame EEE5 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZblqTAAGrE0IaATKAAz0uAvjIHqy1I67Xu27VA&u=%7CA%2Fn6i6JSQpJMRU%2FscTtXFZ8hEwP%2BDEdLmbRxZmehp74%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR6JaQbtbG989nU3FNhChtHNLcfO4j9EQpTfpZlEBbPTMTri3BODJW10YvFNSlvvyzZ5cqKxomYXEyqNu2ceMjqWT_VH3TfSpE5lsEMKlZKFTYb7E69U8dhpa9L91iwkDg8PGT7oSU13p5c5kDWQkQEXPB55XryrpGzorKlyG_Tm2oXDUUXYVGXWg4YUq5eB6Wk9OZ4ZzDxCOlIAD-z-aMVQovYWwJHYjCMJyAU_Vxk8-KMTSeWxh3KkgIuTu9l_pSOlFCD4LoNfr-flSgFgOyE-BbHNxzaMEls9UnsUiAdEzsAveRLChmTQeFIjZ97oM9mbZd-BagQiiXDWomIA8TyG0VleNXAT_T2GN_bfyu1b204EIhVybg2rfXzufuIWScrZ6pRS_3AYIxovPPeiQqC3Y1HrLofV8ru7onbyFWHrhlLBbaaa7krW2lbSweHi1kii5tFn0sWIZnSJl_DqtXsgBB8h-D2myLtcM5FNdGAiTf4xAIgwYFrdzqxpToUaCBkG4nDXUXjoUPPE1Z4XyqmhidMcRAFLIob8LgtUsz32RU2MuYN1epnp9FoEYN602RzSRrEw0ANc1-NQB3W3chjxwbKmjaNm4wlTkmFLJB6hVA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCoM9vTGq5Zc3YGsqJoPMPuOmzsAScge-wXPKhqap0wI23ARABIABg_eiigfADggEXY2EtcHViLTI2MDY0MTk1NzY3NjkzMjDIAQmoAwHIAwKqBN0BT9DpwDtG4trBxqGLQT1n8tx-Tw9CBq7G5imxEPfOYaiPcNN_op7CVEoH5ELMhI7_8s6jt7leNVcq8Ch1mRSp-dCNA5rbFI4uZ_8522k_vNLgPcoz_KxmUQPrFmYxOfyUJBH9DR5X7w9q6UVejUXIizGaA9M9bGkW5lDOgZPV2XfB0VJgCMFjct884vQo_CM3QLSkA5_SKKsAt8hUJ0HpY1dF0iltqZG9pQS17HHaP0L0Q4gajOUXf20-ffw2HRqCkffR2-bBdPLQT_Tm6-xvBQOJY3lKFVhT-Yt0MVWABpXoge6I2ZGvQKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOlj4ivOxh4aEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Sk5fAyVHOJCI4TGGNiH8wkdwbpw%26client%3Dca-pub-2606419576769320%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 21:29:49 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 24 Jan 2025 21:29:49 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame EEE5 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZblqTAAGrE0IaATKAAz0uAvjIHqy1I67Xu27VA&u=%7CA%2Fn6i6JSQpJMRU%2FscTtXFZ8hEwP%2BDEdLmbRxZmehp74%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR6JaQbtbG989nU3FNhChtHNLcfO4j9EQpTfpZlEBbPTMTri3BODJW10YvFNSlvvyzZ5cqKxomYXEyqNu2ceMjqWT_VH3TfSpE5lsEMKlZKFTYb7E69U8dhpa9L91iwkDg8PGT7oSU13p5c5kDWQkQEXPB55XryrpGzorKlyG_Tm2oXDUUXYVGXWg4YUq5eB6Wk9OZ4ZzDxCOlIAD-z-aMVQovYWwJHYjCMJyAU_Vxk8-KMTSeWxh3KkgIuTu9l_pSOlFCD4LoNfr-flSgFgOyE-BbHNxzaMEls9UnsUiAdEzsAveRLChmTQeFIjZ97oM9mbZd-BagQiiXDWomIA8TyG0VleNXAT_T2GN_bfyu1b204EIhVybg2rfXzufuIWScrZ6pRS_3AYIxovPPeiQqC3Y1HrLofV8ru7onbyFWHrhlLBbaaa7krW2lbSweHi1kii5tFn0sWIZnSJl_DqtXsgBB8h-D2myLtcM5FNdGAiTf4xAIgwYFrdzqxpToUaCBkG4nDXUXjoUPPE1Z4XyqmhidMcRAFLIob8LgtUsz32RU2MuYN1epnp9FoEYN602RzSRrEw0ANc1-NQB3W3chjxwbKmjaNm4wlTkmFLJB6hVA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCoM9vTGq5Zc3YGsqJoPMPuOmzsAScge-wXPKhqap0wI23ARABIABg_eiigfADggEXY2EtcHViLTI2MDY0MTk1NzY3NjkzMjDIAQmoAwHIAwKqBN0BT9DpwDtG4trBxqGLQT1n8tx-Tw9CBq7G5imxEPfOYaiPcNN_op7CVEoH5ELMhI7_8s6jt7leNVcq8Ch1mRSp-dCNA5rbFI4uZ_8522k_vNLgPcoz_KxmUQPrFmYxOfyUJBH9DR5X7w9q6UVejUXIizGaA9M9bGkW5lDOgZPV2XfB0VJgCMFjct884vQo_CM3QLSkA5_SKKsAt8hUJ0HpY1dF0iltqZG9pQS17HHaP0L0Q4gajOUXf20-ffw2HRqCkffR2-bBdPLQT_Tm6-xvBQOJY3lKFVhT-Yt0MVWABpXoge6I2ZGvQKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOlj4ivOxh4aEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Sk5fAyVHOJCI4TGGNiH8wkdwbpw%26client%3Dca-pub-2606419576769320%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 21:29:49 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 24 Jan 2025 21:29:49 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame EEE5 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZblqTAAGrE0IaATKAAz0uAvjIHqy1I67Xu27VA&u=%7CA%2Fn6i6JSQpJMRU%2FscTtXFZ8hEwP%2BDEdLmbRxZmehp74%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR6JaQbtbG989nU3FNhChtHNLcfO4j9EQpTfpZlEBbPTMTri3BODJW10YvFNSlvvyzZ5cqKxomYXEyqNu2ceMjqWT_VH3TfSpE5lsEMKlZKFTYb7E69U8dhpa9L91iwkDg8PGT7oSU13p5c5kDWQkQEXPB55XryrpGzorKlyG_Tm2oXDUUXYVGXWg4YUq5eB6Wk9OZ4ZzDxCOlIAD-z-aMVQovYWwJHYjCMJyAU_Vxk8-KMTSeWxh3KkgIuTu9l_pSOlFCD4LoNfr-flSgFgOyE-BbHNxzaMEls9UnsUiAdEzsAveRLChmTQeFIjZ97oM9mbZd-BagQiiXDWomIA8TyG0VleNXAT_T2GN_bfyu1b204EIhVybg2rfXzufuIWScrZ6pRS_3AYIxovPPeiQqC3Y1HrLofV8ru7onbyFWHrhlLBbaaa7krW2lbSweHi1kii5tFn0sWIZnSJl_DqtXsgBB8h-D2myLtcM5FNdGAiTf4xAIgwYFrdzqxpToUaCBkG4nDXUXjoUPPE1Z4XyqmhidMcRAFLIob8LgtUsz32RU2MuYN1epnp9FoEYN602RzSRrEw0ANc1-NQB3W3chjxwbKmjaNm4wlTkmFLJB6hVA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCoM9vTGq5Zc3YGsqJoPMPuOmzsAScge-wXPKhqap0wI23ARABIABg_eiigfADggEXY2EtcHViLTI2MDY0MTk1NzY3NjkzMjDIAQmoAwHIAwKqBN0BT9DpwDtG4trBxqGLQT1n8tx-Tw9CBq7G5imxEPfOYaiPcNN_op7CVEoH5ELMhI7_8s6jt7leNVcq8Ch1mRSp-dCNA5rbFI4uZ_8522k_vNLgPcoz_KxmUQPrFmYxOfyUJBH9DR5X7w9q6UVejUXIizGaA9M9bGkW5lDOgZPV2XfB0VJgCMFjct884vQo_CM3QLSkA5_SKKsAt8hUJ0HpY1dF0iltqZG9pQS17HHaP0L0Q4gajOUXf20-ffw2HRqCkffR2-bBdPLQT_Tm6-xvBQOJY3lKFVhT-Yt0MVWABpXoge6I2ZGvQKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOlj4ivOxh4aEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Sk5fAyVHOJCI4TGGNiH8wkdwbpw%26client%3Dca-pub-2606419576769320%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 21:29:49 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Fri, 24 Jan 2025 21:29:49 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame EEE5 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZblqTAAGrE0IaATKAAz0uAvjIHqy1I67Xu27VA&u=%7CA%2Fn6i6JSQpJMRU%2FscTtXFZ8hEwP%2BDEdLmbRxZmehp74%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR6JaQbtbG989nU3FNhChtHNLcfO4j9EQpTfpZlEBbPTMTri3BODJW10YvFNSlvvyzZ5cqKxomYXEyqNu2ceMjqWT_VH3TfSpE5lsEMKlZKFTYb7E69U8dhpa9L91iwkDg8PGT7oSU13p5c5kDWQkQEXPB55XryrpGzorKlyG_Tm2oXDUUXYVGXWg4YUq5eB6Wk9OZ4ZzDxCOlIAD-z-aMVQovYWwJHYjCMJyAU_Vxk8-KMTSeWxh3KkgIuTu9l_pSOlFCD4LoNfr-flSgFgOyE-BbHNxzaMEls9UnsUiAdEzsAveRLChmTQeFIjZ97oM9mbZd-BagQiiXDWomIA8TyG0VleNXAT_T2GN_bfyu1b204EIhVybg2rfXzufuIWScrZ6pRS_3AYIxovPPeiQqC3Y1HrLofV8ru7onbyFWHrhlLBbaaa7krW2lbSweHi1kii5tFn0sWIZnSJl_DqtXsgBB8h-D2myLtcM5FNdGAiTf4xAIgwYFrdzqxpToUaCBkG4nDXUXjoUPPE1Z4XyqmhidMcRAFLIob8LgtUsz32RU2MuYN1epnp9FoEYN602RzSRrEw0ANc1-NQB3W3chjxwbKmjaNm4wlTkmFLJB6hVA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCoM9vTGq5Zc3YGsqJoPMPuOmzsAScge-wXPKhqap0wI23ARABIABg_eiigfADggEXY2EtcHViLTI2MDY0MTk1NzY3NjkzMjDIAQmoAwHIAwKqBN0BT9DpwDtG4trBxqGLQT1n8tx-Tw9CBq7G5imxEPfOYaiPcNN_op7CVEoH5ELMhI7_8s6jt7leNVcq8Ch1mRSp-dCNA5rbFI4uZ_8522k_vNLgPcoz_KxmUQPrFmYxOfyUJBH9DR5X7w9q6UVejUXIizGaA9M9bGkW5lDOgZPV2XfB0VJgCMFjct884vQo_CM3QLSkA5_SKKsAt8hUJ0HpY1dF0iltqZG9pQS17HHaP0L0Q4gajOUXf20-ffw2HRqCkffR2-bBdPLQT_Tm6-xvBQOJY3lKFVhT-Yt0MVWABpXoge6I2ZGvQKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOlj4ivOxh4aEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Sk5fAyVHOJCI4TGGNiH8wkdwbpw%26client%3Dca-pub-2606419576769320%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 21:29:49 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Fri, 24 Jan 2025 21:29:49 GMT
lg.php
cat.va.us.criteo.com/delivery/ Frame EEE5 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.va.us.criteo.com/delivery/lg.php?cppv=3&cpp=jUzM5MEB3GDy-u37ZfrMmgFSfjPocHMOrCgDlK6NyTVMEq6WP9s2C0skJQlwAHZmBNqQsbGoL_BJC2jVypIPdJX5YH9QMcjlC9toxQ703nfSbiR5J4vSvTJP7U9BhZEow-x0n1lpMkFT-ExFc54x-UWrKlxq4tWli01ZVUPYnqi7jwuDQapi_12etaQMHkVfpvYeh70XJrAgPtGpPjaFX9qbFqqDZucSiJVT2vlQl1o5c5-tGpJ995gTOpb0VlpD76mzhjTchuRkNfhYgRXeBypk6HvKNJuFeeJn7aUCU4crCu22qvYlnhFb_m3iMqxEwK2--YT7UhN0p2wwnoCM-t-9KzcNzhhK0BJvATJPmd2Aq0Gl9zoBG81j5LtdAI1XnP7RqkNYZDIXYXmRfCiDJJRYBcP1JnEMLNlSmxkgq9uNW_DQ
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZblqTAAGrE0IaATKAAz0uAvjIHqy1I67Xu27VA&u=%7CA%2Fn6i6JSQpJMRU%2FscTtXFZ8hEwP%2BDEdLmbRxZmehp74%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR6JaQbtbG989nU3FNhChtHNLcfO4j9EQpTfpZlEBbPTMTri3BODJW10YvFNSlvvyzZ5cqKxomYXEyqNu2ceMjqWT_VH3TfSpE5lsEMKlZKFTYb7E69U8dhpa9L91iwkDg8PGT7oSU13p5c5kDWQkQEXPB55XryrpGzorKlyG_Tm2oXDUUXYVGXWg4YUq5eB6Wk9OZ4ZzDxCOlIAD-z-aMVQovYWwJHYjCMJyAU_Vxk8-KMTSeWxh3KkgIuTu9l_pSOlFCD4LoNfr-flSgFgOyE-BbHNxzaMEls9UnsUiAdEzsAveRLChmTQeFIjZ97oM9mbZd-BagQiiXDWomIA8TyG0VleNXAT_T2GN_bfyu1b204EIhVybg2rfXzufuIWScrZ6pRS_3AYIxovPPeiQqC3Y1HrLofV8ru7onbyFWHrhlLBbaaa7krW2lbSweHi1kii5tFn0sWIZnSJl_DqtXsgBB8h-D2myLtcM5FNdGAiTf4xAIgwYFrdzqxpToUaCBkG4nDXUXjoUPPE1Z4XyqmhidMcRAFLIob8LgtUsz32RU2MuYN1epnp9FoEYN602RzSRrEw0ANc1-NQB3W3chjxwbKmjaNm4wlTkmFLJB6hVA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCoM9vTGq5Zc3YGsqJoPMPuOmzsAScge-wXPKhqap0wI23ARABIABg_eiigfADggEXY2EtcHViLTI2MDY0MTk1NzY3NjkzMjDIAQmoAwHIAwKqBN0BT9DpwDtG4trBxqGLQT1n8tx-Tw9CBq7G5imxEPfOYaiPcNN_op7CVEoH5ELMhI7_8s6jt7leNVcq8Ch1mRSp-dCNA5rbFI4uZ_8522k_vNLgPcoz_KxmUQPrFmYxOfyUJBH9DR5X7w9q6UVejUXIizGaA9M9bGkW5lDOgZPV2XfB0VJgCMFjct884vQo_CM3QLSkA5_SKKsAt8hUJ0HpY1dF0iltqZG9pQS17HHaP0L0Q4gajOUXf20-ffw2HRqCkffR2-bBdPLQT_Tm6-xvBQOJY3lKFVhT-Yt0MVWABpXoge6I2ZGvQKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOlj4ivOxh4aEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Sk5fAyVHOJCI4TGGNiH8wkdwbpw%26client%3Dca-pub-2606419576769320%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.147 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 21:29:48 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2769695
expires
Mon, 26 Jul 1997 05:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame EEE5 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZblqTAAGrE0IaATKAAz0uAvjIHqy1I67Xu27VA&u=%7CA%2Fn6i6JSQpJMRU%2FscTtXFZ8hEwP%2BDEdLmbRxZmehp74%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR6JaQbtbG989nU3FNhChtHNLcfO4j9EQpTfpZlEBbPTMTri3BODJW10YvFNSlvvyzZ5cqKxomYXEyqNu2ceMjqWT_VH3TfSpE5lsEMKlZKFTYb7E69U8dhpa9L91iwkDg8PGT7oSU13p5c5kDWQkQEXPB55XryrpGzorKlyG_Tm2oXDUUXYVGXWg4YUq5eB6Wk9OZ4ZzDxCOlIAD-z-aMVQovYWwJHYjCMJyAU_Vxk8-KMTSeWxh3KkgIuTu9l_pSOlFCD4LoNfr-flSgFgOyE-BbHNxzaMEls9UnsUiAdEzsAveRLChmTQeFIjZ97oM9mbZd-BagQiiXDWomIA8TyG0VleNXAT_T2GN_bfyu1b204EIhVybg2rfXzufuIWScrZ6pRS_3AYIxovPPeiQqC3Y1HrLofV8ru7onbyFWHrhlLBbaaa7krW2lbSweHi1kii5tFn0sWIZnSJl_DqtXsgBB8h-D2myLtcM5FNdGAiTf4xAIgwYFrdzqxpToUaCBkG4nDXUXjoUPPE1Z4XyqmhidMcRAFLIob8LgtUsz32RU2MuYN1epnp9FoEYN602RzSRrEw0ANc1-NQB3W3chjxwbKmjaNm4wlTkmFLJB6hVA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCoM9vTGq5Zc3YGsqJoPMPuOmzsAScge-wXPKhqap0wI23ARABIABg_eiigfADggEXY2EtcHViLTI2MDY0MTk1NzY3NjkzMjDIAQmoAwHIAwKqBN0BT9DpwDtG4trBxqGLQT1n8tx-Tw9CBq7G5imxEPfOYaiPcNN_op7CVEoH5ELMhI7_8s6jt7leNVcq8Ch1mRSp-dCNA5rbFI4uZ_8522k_vNLgPcoz_KxmUQPrFmYxOfyUJBH9DR5X7w9q6UVejUXIizGaA9M9bGkW5lDOgZPV2XfB0VJgCMFjct884vQo_CM3QLSkA5_SKKsAt8hUJ0HpY1dF0iltqZG9pQS17HHaP0L0Q4gajOUXf20-ffw2HRqCkffR2-bBdPLQT_Tm6-xvBQOJY3lKFVhT-Yt0MVWABpXoge6I2ZGvQKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOlj4ivOxh4aEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Sk5fAyVHOJCI4TGGNiH8wkdwbpw%26client%3Dca-pub-2606419576769320%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 21:29:52 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
7824739
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=de6nx3YV63uE8zj42gjFRl1mRhwIY%2FUNQVsCT5OryvW9%2Fk7A7ZKrDaY1ZyE1IVUsQQMkz3qaej5pywFz7FqWTRmqVGsf9ARVivgjBYGfQP%2B6ETG5P0MtiB%2BHzNWvaN0C%2FJ%2BxaDru"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
84dcd0144e475437-YYZ
expires
Sun, 19 Jan 2025 21:29:52 GMT
animejs.js
static.criteo.net/animejs/ Frame EEE5 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZblqTAAGrE0IaATKAAz0uAvjIHqy1I67Xu27VA&u=%7CA%2Fn6i6JSQpJMRU%2FscTtXFZ8hEwP%2BDEdLmbRxZmehp74%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR6JaQbtbG989nU3FNhChtHNLcfO4j9EQpTfpZlEBbPTMTri3BODJW10YvFNSlvvyzZ5cqKxomYXEyqNu2ceMjqWT_VH3TfSpE5lsEMKlZKFTYb7E69U8dhpa9L91iwkDg8PGT7oSU13p5c5kDWQkQEXPB55XryrpGzorKlyG_Tm2oXDUUXYVGXWg4YUq5eB6Wk9OZ4ZzDxCOlIAD-z-aMVQovYWwJHYjCMJyAU_Vxk8-KMTSeWxh3KkgIuTu9l_pSOlFCD4LoNfr-flSgFgOyE-BbHNxzaMEls9UnsUiAdEzsAveRLChmTQeFIjZ97oM9mbZd-BagQiiXDWomIA8TyG0VleNXAT_T2GN_bfyu1b204EIhVybg2rfXzufuIWScrZ6pRS_3AYIxovPPeiQqC3Y1HrLofV8ru7onbyFWHrhlLBbaaa7krW2lbSweHi1kii5tFn0sWIZnSJl_DqtXsgBB8h-D2myLtcM5FNdGAiTf4xAIgwYFrdzqxpToUaCBkG4nDXUXjoUPPE1Z4XyqmhidMcRAFLIob8LgtUsz32RU2MuYN1epnp9FoEYN602RzSRrEw0ANc1-NQB3W3chjxwbKmjaNm4wlTkmFLJB6hVA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCoM9vTGq5Zc3YGsqJoPMPuOmzsAScge-wXPKhqap0wI23ARABIABg_eiigfADggEXY2EtcHViLTI2MDY0MTk1NzY3NjkzMjDIAQmoAwHIAwKqBN0BT9DpwDtG4trBxqGLQT1n8tx-Tw9CBq7G5imxEPfOYaiPcNN_op7CVEoH5ELMhI7_8s6jt7leNVcq8Ch1mRSp-dCNA5rbFI4uZ_8522k_vNLgPcoz_KxmUQPrFmYxOfyUJBH9DR5X7w9q6UVejUXIizGaA9M9bGkW5lDOgZPV2XfB0VJgCMFjct884vQo_CM3QLSkA5_SKKsAt8hUJ0HpY1dF0iltqZG9pQS17HHaP0L0Q4gajOUXf20-ffw2HRqCkffR2-bBdPLQT_Tm6-xvBQOJY3lKFVhT-Yt0MVWABpXoge6I2ZGvQKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOlj4ivOxh4aEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Sk5fAyVHOJCI4TGGNiH8wkdwbpw%26client%3Dca-pub-2606419576769320%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 21:29:49 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 24 Jan 2025 21:29:49 GMT
img
imageproxy.us.criteo.net/img/ Frame EEE5 		0
0
img
imageproxy.us.criteo.net/img/ Frame EEE5 		0
0
img
imageproxy.us.criteo.net/img/ Frame EEE5 		0
0
img
imageproxy.us.criteo.net/img/ Frame EEE5 		0
0
img
imageproxy.us.criteo.net/img/ Frame EEE5 		0
0
img
imageproxy.us.criteo.net/img/ Frame EEE5 		0
0
img
imageproxy.us.criteo.net/img/ Frame EEE5 		0
0
img
imageproxy.us.criteo.net/img/ Frame EEE5 		0
0
img
imageproxy.us.criteo.net/img/ Frame EEE5 		0
0
img
imageproxy.us.criteo.net/img/ Frame EEE5 		0
0
img
imageproxy.us.criteo.net/img/ Frame EEE5 		0
0
all
csm.us.criteo.net/ Frame EEE5 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=xkZ3kEvbDPNNViV2y6YHuxHRNW0WP-JCdtpmMeTrLv0W1-P70sRWq4HWN25jiQSgex5u6wQHuUH1LCl0k9JF5PImSEplEioc37mQUltV_7SliF6ZxYPa7gX6z8AzG91fGsywLBpnl4-roc2FTIMXHr4WL0fL3qnopZvUFN8YIc-ScTQ89wbAaSiNnOIvsyVGQdIUTglFf-muCnZiZ2aWOSZc93_SHHvG3wK1Hu0qYt6sEzMCvnQdbPlXHVAQiAN7wLn26AOr6PbFlFXG&sds=2&rev=90409&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZblqTAAGrE0IaATKAAz0uAvjIHqy1I67Xu27VA&u=%7CA%2Fn6i6JSQpJMRU%2FscTtXFZ8hEwP%2BDEdLmbRxZmehp74%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR6JaQbtbG989nU3FNhChtHNLcfO4j9EQpTfpZlEBbPTMTri3BODJW10YvFNSlvvyzZ5cqKxomYXEyqNu2ceMjqWT_VH3TfSpE5lsEMKlZKFTYb7E69U8dhpa9L91iwkDg8PGT7oSU13p5c5kDWQkQEXPB55XryrpGzorKlyG_Tm2oXDUUXYVGXWg4YUq5eB6Wk9OZ4ZzDxCOlIAD-z-aMVQovYWwJHYjCMJyAU_Vxk8-KMTSeWxh3KkgIuTu9l_pSOlFCD4LoNfr-flSgFgOyE-BbHNxzaMEls9UnsUiAdEzsAveRLChmTQeFIjZ97oM9mbZd-BagQiiXDWomIA8TyG0VleNXAT_T2GN_bfyu1b204EIhVybg2rfXzufuIWScrZ6pRS_3AYIxovPPeiQqC3Y1HrLofV8ru7onbyFWHrhlLBbaaa7krW2lbSweHi1kii5tFn0sWIZnSJl_DqtXsgBB8h-D2myLtcM5FNdGAiTf4xAIgwYFrdzqxpToUaCBkG4nDXUXjoUPPE1Z4XyqmhidMcRAFLIob8LgtUsz32RU2MuYN1epnp9FoEYN602RzSRrEw0ANc1-NQB3W3chjxwbKmjaNm4wlTkmFLJB6hVA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCoM9vTGq5Zc3YGsqJoPMPuOmzsAScge-wXPKhqap0wI23ARABIABg_eiigfADggEXY2EtcHViLTI2MDY0MTk1NzY3NjkzMjDIAQmoAwHIAwKqBN0BT9DpwDtG4trBxqGLQT1n8tx-Tw9CBq7G5imxEPfOYaiPcNN_op7CVEoH5ELMhI7_8s6jt7leNVcq8Ch1mRSp-dCNA5rbFI4uZ_8522k_vNLgPcoz_KxmUQPrFmYxOfyUJBH9DR5X7w9q6UVejUXIizGaA9M9bGkW5lDOgZPV2XfB0VJgCMFjct884vQo_CM3QLSkA5_SKKsAt8hUJ0HpY1dF0iltqZG9pQS17HHaP0L0Q4gajOUXf20-ffw2HRqCkffR2-bBdPLQT_Tm6-xvBQOJY3lKFVhT-Yt0MVWABpXoge6I2ZGvQKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOlj4ivOxh4aEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Sk5fAyVHOJCI4TGGNiH8wkdwbpw%26client%3Dca-pub-2606419576769320%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 30 Jan 2024 21:29:49 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame EEE5 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZblqTAAGrE0IaATKAAz0uAvjIHqy1I67Xu27VA&u=%7CA%2Fn6i6JSQpJMRU%2FscTtXFZ8hEwP%2BDEdLmbRxZmehp74%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR6JaQbtbG989nU3FNhChtHNLcfO4j9EQpTfpZlEBbPTMTri3BODJW10YvFNSlvvyzZ5cqKxomYXEyqNu2ceMjqWT_VH3TfSpE5lsEMKlZKFTYb7E69U8dhpa9L91iwkDg8PGT7oSU13p5c5kDWQkQEXPB55XryrpGzorKlyG_Tm2oXDUUXYVGXWg4YUq5eB6Wk9OZ4ZzDxCOlIAD-z-aMVQovYWwJHYjCMJyAU_Vxk8-KMTSeWxh3KkgIuTu9l_pSOlFCD4LoNfr-flSgFgOyE-BbHNxzaMEls9UnsUiAdEzsAveRLChmTQeFIjZ97oM9mbZd-BagQiiXDWomIA8TyG0VleNXAT_T2GN_bfyu1b204EIhVybg2rfXzufuIWScrZ6pRS_3AYIxovPPeiQqC3Y1HrLofV8ru7onbyFWHrhlLBbaaa7krW2lbSweHi1kii5tFn0sWIZnSJl_DqtXsgBB8h-D2myLtcM5FNdGAiTf4xAIgwYFrdzqxpToUaCBkG4nDXUXjoUPPE1Z4XyqmhidMcRAFLIob8LgtUsz32RU2MuYN1epnp9FoEYN602RzSRrEw0ANc1-NQB3W3chjxwbKmjaNm4wlTkmFLJB6hVA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCoM9vTGq5Zc3YGsqJoPMPuOmzsAScge-wXPKhqap0wI23ARABIABg_eiigfADggEXY2EtcHViLTI2MDY0MTk1NzY3NjkzMjDIAQmoAwHIAwKqBN0BT9DpwDtG4trBxqGLQT1n8tx-Tw9CBq7G5imxEPfOYaiPcNN_op7CVEoH5ELMhI7_8s6jt7leNVcq8Ch1mRSp-dCNA5rbFI4uZ_8522k_vNLgPcoz_KxmUQPrFmYxOfyUJBH9DR5X7w9q6UVejUXIizGaA9M9bGkW5lDOgZPV2XfB0VJgCMFjct884vQo_CM3QLSkA5_SKKsAt8hUJ0HpY1dF0iltqZG9pQS17HHaP0L0Q4gajOUXf20-ffw2HRqCkffR2-bBdPLQT_Tm6-xvBQOJY3lKFVhT-Yt0MVWABpXoge6I2ZGvQKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOlj4ivOxh4aEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Sk5fAyVHOJCI4TGGNiH8wkdwbpw%26client%3Dca-pub-2606419576769320%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 21:29:49 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 24 Jan 2025 21:29:49 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame EEE5 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZblqTAAGrE0IaATKAAz0uAvjIHqy1I67Xu27VA&u=%7CA%2Fn6i6JSQpJMRU%2FscTtXFZ8hEwP%2BDEdLmbRxZmehp74%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR6JaQbtbG989nU3FNhChtHNLcfO4j9EQpTfpZlEBbPTMTri3BODJW10YvFNSlvvyzZ5cqKxomYXEyqNu2ceMjqWT_VH3TfSpE5lsEMKlZKFTYb7E69U8dhpa9L91iwkDg8PGT7oSU13p5c5kDWQkQEXPB55XryrpGzorKlyG_Tm2oXDUUXYVGXWg4YUq5eB6Wk9OZ4ZzDxCOlIAD-z-aMVQovYWwJHYjCMJyAU_Vxk8-KMTSeWxh3KkgIuTu9l_pSOlFCD4LoNfr-flSgFgOyE-BbHNxzaMEls9UnsUiAdEzsAveRLChmTQeFIjZ97oM9mbZd-BagQiiXDWomIA8TyG0VleNXAT_T2GN_bfyu1b204EIhVybg2rfXzufuIWScrZ6pRS_3AYIxovPPeiQqC3Y1HrLofV8ru7onbyFWHrhlLBbaaa7krW2lbSweHi1kii5tFn0sWIZnSJl_DqtXsgBB8h-D2myLtcM5FNdGAiTf4xAIgwYFrdzqxpToUaCBkG4nDXUXjoUPPE1Z4XyqmhidMcRAFLIob8LgtUsz32RU2MuYN1epnp9FoEYN602RzSRrEw0ANc1-NQB3W3chjxwbKmjaNm4wlTkmFLJB6hVA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCoM9vTGq5Zc3YGsqJoPMPuOmzsAScge-wXPKhqap0wI23ARABIABg_eiigfADggEXY2EtcHViLTI2MDY0MTk1NzY3NjkzMjDIAQmoAwHIAwKqBN0BT9DpwDtG4trBxqGLQT1n8tx-Tw9CBq7G5imxEPfOYaiPcNN_op7CVEoH5ELMhI7_8s6jt7leNVcq8Ch1mRSp-dCNA5rbFI4uZ_8522k_vNLgPcoz_KxmUQPrFmYxOfyUJBH9DR5X7w9q6UVejUXIizGaA9M9bGkW5lDOgZPV2XfB0VJgCMFjct884vQo_CM3QLSkA5_SKKsAt8hUJ0HpY1dF0iltqZG9pQS17HHaP0L0Q4gajOUXf20-ffw2HRqCkffR2-bBdPLQT_Tm6-xvBQOJY3lKFVhT-Yt0MVWABpXoge6I2ZGvQKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOlj4ivOxh4aEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Sk5fAyVHOJCI4TGGNiH8wkdwbpw%26client%3Dca-pub-2606419576769320%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 21:29:49 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 24 Jan 2025 21:29:49 GMT
all
csm.us.criteo.net/ Frame EEE5 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.us.criteo.net/all?cppv=3&cpp=xkZ3kEvbDPNNViV2y6YHuxHRNW0WP-JCdtpmMeTrLv0W1-P70sRWq4HWN25jiQSgex5u6wQHuUH1LCl0k9JF5PImSEplEioc37mQUltV_7SliF6ZxYPa7gX6z8AzG91fGsywLBpnl4-roc2FTIMXHr4WL0fL3qnopZvUFN8YIc-ScTQ89wbAaSiNnOIvsyVGQdIUTglFf-muCnZiZ2aWOSZc93_SHHvG3wK1Hu0qYt6sEzMCvnQdbPlXHVAQiAN7wLn26AOr6PbFlFXG&sds=2&rev=90409&sendBeacon=true
Requested by
Host: ads.us.criteo.com
URL: https://ads.us.criteo.com/delivery/r/afr.php?z=ZblqTAAGrE0IaATKAAz0uAvjIHqy1I67Xu27VA&u=%7CA%2Fn6i6JSQpJMRU%2FscTtXFZ8hEwP%2BDEdLmbRxZmehp74%3D%7C&c1=m7oIQCLYgBslArNoBtbzWGPvj6heTG_nq948FPMQexFgSXZ5qfLYlz1Dr0C5Jfeybmk8T_2vGR6JaQbtbG989nU3FNhChtHNLcfO4j9EQpTfpZlEBbPTMTri3BODJW10YvFNSlvvyzZ5cqKxomYXEyqNu2ceMjqWT_VH3TfSpE5lsEMKlZKFTYb7E69U8dhpa9L91iwkDg8PGT7oSU13p5c5kDWQkQEXPB55XryrpGzorKlyG_Tm2oXDUUXYVGXWg4YUq5eB6Wk9OZ4ZzDxCOlIAD-z-aMVQovYWwJHYjCMJyAU_Vxk8-KMTSeWxh3KkgIuTu9l_pSOlFCD4LoNfr-flSgFgOyE-BbHNxzaMEls9UnsUiAdEzsAveRLChmTQeFIjZ97oM9mbZd-BagQiiXDWomIA8TyG0VleNXAT_T2GN_bfyu1b204EIhVybg2rfXzufuIWScrZ6pRS_3AYIxovPPeiQqC3Y1HrLofV8ru7onbyFWHrhlLBbaaa7krW2lbSweHi1kii5tFn0sWIZnSJl_DqtXsgBB8h-D2myLtcM5FNdGAiTf4xAIgwYFrdzqxpToUaCBkG4nDXUXjoUPPE1Z4XyqmhidMcRAFLIob8LgtUsz32RU2MuYN1epnp9FoEYN602RzSRrEw0ANc1-NQB3W3chjxwbKmjaNm4wlTkmFLJB6hVA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCoM9vTGq5Zc3YGsqJoPMPuOmzsAScge-wXPKhqap0wI23ARABIABg_eiigfADggEXY2EtcHViLTI2MDY0MTk1NzY3NjkzMjDIAQmoAwHIAwKqBN0BT9DpwDtG4trBxqGLQT1n8tx-Tw9CBq7G5imxEPfOYaiPcNN_op7CVEoH5ELMhI7_8s6jt7leNVcq8Ch1mRSp-dCNA5rbFI4uZ_8522k_vNLgPcoz_KxmUQPrFmYxOfyUJBH9DR5X7w9q6UVejUXIizGaA9M9bGkW5lDOgZPV2XfB0VJgCMFjct884vQo_CM3QLSkA5_SKKsAt8hUJ0HpY1dF0iltqZG9pQS17HHaP0L0Q4gajOUXf20-ffw2HRqCkffR2-bBdPLQT_Tm6-xvBQOJY3lKFVhT-Yt0MVWABpXoge6I2ZGvQKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOlj4ivOxh4aEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Sk5fAyVHOJCI4TGGNiH8wkdwbpw%26client%3Dca-pub-2606419576769320%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.149 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.us.criteo.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 30 Jan 2024 21:29:50 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
/
googleads.g.doubleclick.net/pagead/interaction/ Frame A21F 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CRTREQGq5ZZmuDdaM6tkP6e6l6AarkquddLnh8oCbEojTx7-WRxABIPDY1i1g_eiigfADoAHX_5nTA8gBCakCUepBnQ0xsj6oAwHIA8sEqgTiAU_QKXQgqLQSkJ1YfXvTfFTLjbgHy4nvDic6id9gwd3zmJsvPwmSzeMxcmDd5nLfZZjVZk-k2wTDyQgYRHMzAcqT7dv8R70XQzEiuPW8PFU_bAvTKow3niERayVVzYyHWqG6COiZlRZjFKuoJkGyJ315quofQYr3TwUBgrlu5auh7ci9hoqo75KFlHxjuYvaIH9lciPeDsWcWRArLQ714MEn4kyVv1vvCgIRe8b233tm8cTUksQOi3cpYEx540axz9ubLPVi047a_3nLye3sMrv1oqc_2KmEytsOoseZmTSKO4_ABICF26PdBIgFru-8tU2gBi6AB_vPvSuoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAfKqbECqAfrpbECqAfqsbECqAeZtbECqAe-t7EC2AcA0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOli9zIesh4aEA5oJmgFodHRwczovL3d3dy5pbmZpbmVvbi5jb20vY21zL2VuL3Byb2R1Y3QvdW5pdmVyc2FsLXNlcmlhbC1idXMvdXNiLXBlcmlwaGVyYWwtY29udHJvbGxlcnMtZm9yLXN1cGVyc3BlZWQvZXotdXNiLXN4My1maWZvLXRvLXVzYi01Z2Jwcy1wZXJpcGhlcmFsLWNvbnRyb2xsZXIvsQl9LdligSBFBIAKAcgLAeALAYAMAdoMEAoKEIDO8ejcg_aMaxICAQOqDQJDQcgNAbgTnBvYEwrQFQGYFgH4FgGAFwE&sigh=uyRgFVbQNoU&cid=CAQSTgAvHhf_Y1CwT8i36pDWUxN5V9ROvNjWP3ziKNLgkglh_olU_WzN1LwKrRb8z2sUlSJRdofh863pRCZvOCrBDKImOh7a6TAoLEpKGXKEOg&label=videoplaytime10s
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&h=600&slotname=6755779896&adk=3097730508&adf=449867342&pi=t.ma~as.6755779896&w=300&fwrn=4&fwrnh=100&lmt=1706650176&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.pngwing.com%2Ffi%2Ffree-png-pypys&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706650175944&bpp=1&bdt=3250&idt=204&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C920x280&nras=1&correlator=3524471520251&frm=20&pv=1&ga_vid=1948961691.1706650176&ga_sid=1706650176&ga_hid=2018514282&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1118&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080620%2C44795921%2C95321958%2C95320868%2C95320893%2C95323005&oid=2&pvsid=354726131425966&tmod=1420159883&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=206
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&h=600&slotname=6755779896&adk=3097730508&adf=449867342&pi=t.ma~as.6755779896&w=300&fwrn=4&fwrnh=100&lmt=1706650176&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.pngwing.com%2Ffi%2Ffree-png-pypys&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706650175944&bpp=1&bdt=3250&idt=204&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C920x280&nras=1&correlator=3524471520251&frm=20&pv=1&ga_vid=1948961691.1706650176&ga_sid=1706650176&ga_hid=2018514282&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1118&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080620%2C44795921%2C95321958%2C95320868%2C95320893%2C95323005&oid=2&pvsid=354726131425966&tmod=1420159883&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=206
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 21:29:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame A21F 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CRTREQGq5ZZmuDdaM6tkP6e6l6AarkquddLnh8oCbEojTx7-WRxABIPDY1i1g_eiigfADoAHX_5nTA8gBCakCUepBnQ0xsj6oAwHIA8sEqgTiAU_QKXQgqLQSkJ1YfXvTfFTLjbgHy4nvDic6id9gwd3zmJsvPwmSzeMxcmDd5nLfZZjVZk-k2wTDyQgYRHMzAcqT7dv8R70XQzEiuPW8PFU_bAvTKow3niERayVVzYyHWqG6COiZlRZjFKuoJkGyJ315quofQYr3TwUBgrlu5auh7ci9hoqo75KFlHxjuYvaIH9lciPeDsWcWRArLQ714MEn4kyVv1vvCgIRe8b233tm8cTUksQOi3cpYEx540axz9ubLPVi047a_3nLye3sMrv1oqc_2KmEytsOoseZmTSKO4_ABICF26PdBIgFru-8tU2gBi6AB_vPvSuoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAfKqbECqAfrpbECqAfqsbECqAeZtbECqAe-t7EC2AcA0ggfCIBhEAEYHzICigI6BIBAgEBIvf3BOli9zIesh4aEA5oJmgFodHRwczovL3d3dy5pbmZpbmVvbi5jb20vY21zL2VuL3Byb2R1Y3QvdW5pdmVyc2FsLXNlcmlhbC1idXMvdXNiLXBlcmlwaGVyYWwtY29udHJvbGxlcnMtZm9yLXN1cGVyc3BlZWQvZXotdXNiLXN4My1maWZvLXRvLXVzYi01Z2Jwcy1wZXJpcGhlcmFsLWNvbnRyb2xsZXIvsQl9LdligSBFBIAKAcgLAeALAYAMAdoMEAoKEIDO8ejcg_aMaxICAQOqDQJDQcgNAbgTnBvYEwrQFQGYFgH4FgGAFwE&sigh=uyRgFVbQNoU&cid=CAQSTgAvHhf_Y1CwT8i36pDWUxN5V9ROvNjWP3ziKNLgkglh_olU_WzN1LwKrRb8z2sUlSJRdofh863pRCZvOCrBDKImOh7a6TAoLEpKGXKEOg&label=videoplaytime50
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&h=600&slotname=6755779896&adk=3097730508&adf=449867342&pi=t.ma~as.6755779896&w=300&fwrn=4&fwrnh=100&lmt=1706650176&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.pngwing.com%2Ffi%2Ffree-png-pypys&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706650175944&bpp=1&bdt=3250&idt=204&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C920x280&nras=1&correlator=3524471520251&frm=20&pv=1&ga_vid=1948961691.1706650176&ga_sid=1706650176&ga_hid=2018514282&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1118&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080620%2C44795921%2C95321958%2C95320868%2C95320893%2C95323005&oid=2&pvsid=354726131425966&tmod=1420159883&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=206
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2606419576769320&output=html&h=600&slotname=6755779896&adk=3097730508&adf=449867342&pi=t.ma~as.6755779896&w=300&fwrn=4&fwrnh=100&lmt=1706650176&rafmt=1&format=300x600&url=https%3A%2F%2Fwww.pngwing.com%2Ffi%2Ffree-png-pypys&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706650175944&bpp=1&bdt=3250&idt=204&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C920x280&nras=1&correlator=3524471520251&frm=20&pv=1&ga_vid=1948961691.1706650176&ga_sid=1706650176&ga_hid=2018514282&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1118&ady=101&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080620%2C44795921%2C95321958%2C95320868%2C95320893%2C95323005&oid=2&pvsid=354726131425966&tmod=1420159883&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=206
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jan 2024 21:29:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
opensans-700.css
static.criteo.net/design/googlefont/opensans/ Frame EEE5 		2 KB
900 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/opensans/opensans-700.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
3cd346aff1efcc38119a600f75667ba0089a7a6bece2b905503fb7c0c65ddcb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 21:29:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:11:05 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f079-9fe"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 24 Jan 2025 21:29:52 GMT
opensans-400.css
static.criteo.net/design/googlefont/opensans/ Frame EEE5 		2 KB
899 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/opensans/opensans-400.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://ads.us.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 21:29:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:11:03 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f077-9fe"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 24 Jan 2025 21:29:52 GMT
opensans-400-latin.woff2
static.criteo.net/design/googlefont/opensans/ Frame EEE5 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/opensans/opensans-400-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/opensans/opensans-400.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
f885ec8a0a68847aff7c6bb94968bf7cb5099c0c449ae1535cf8515cc0ff8e18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/opensans/opensans-400.css
Origin
https://ads.us.criteo.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 21:29:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:11:03 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f077-4164"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 24 Jan 2025 21:29:52 GMT
opensans-700-latin.woff2
static.criteo.net/design/googlefont/opensans/ Frame EEE5 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/opensans/opensans-700-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/opensans/opensans-700.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.131 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
1baff9bf8d69c7de6ea553b53218dc5990e8a58d69200bab0c4763e70639fef4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/opensans/opensans-700.css
Origin
https://ads.us.criteo.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Tue, 30 Jan 2024 21:29:52 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:11:05 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f079-3ff4"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 24 Jan 2025 21:29:52 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fonts.googleapis.com
URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Domain
www.googletagservices.com
URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Domain
fonts.googleapis.com
URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Domain
www.googletagservices.com
URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Domain
fonts.googleapis.com
URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Domain
www.googletagservices.com
URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Domain
cms.quantserve.com
URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFQdKGmuzYiQPqIE3qK93XY&google_cver=1&google_push=AXcoOmSKV7vliu5JgrOe5OVU9GWyN836qaWXu1P64c8eKpUNwYwr14pg3vAKHY8XbZG8WNPtkyP1wtdUUoo2O0qUqUORAoshww0CO4A
Domain
dsp.adkernel.com
URL
https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEDZp7slfaQv0YicHM3t8bpw&google_cver=1&google_push=AXcoOmTndeCQzDEB7-9czbNxXhJZ-7FByxqJFXCDFbhcBKmdh7lyH9KzStw256TlIOG7mZowB-jk1wiTozbpc9ZT8P8F3DYUQuTK1kQ
Domain
sync-dmp.mobtrakk.com
URL
https://sync-dmp.mobtrakk.com/match/google?google_gid=CAESEBRSY-0Exhot_SUDyHst6iw&google_cver=1&google_push=AXcoOmTCP4oHjf5IG6F1IFO4myWZXT4rpgZfZ7hX1Bfqxps3UYdhU9-yUzBjHu0_pwi1cjh9DSuGkC6clTOFk3ULgpd_TjcPtZ_tzLwd
Domain
gtrace.mediago.io
URL
https://gtrace.mediago.io/ju/cs/google?google_gid=CAESEEtZ0qO_ErkPhZseg1HLutQ&google_cver=1&google_push=AXcoOmR91nTGi1Tswa_lURSx1jb1FBcYNZUkrmDV4c9NVb7vHNw7TNWEyJhzNCpCZl55P9OWrc1OClCfOh08kBtEyTo5_W2Q-yGCNDb6
Domain
www.temu.com
URL
https://www.temu.com/api/adx/cm/pixel?google_gid=CAESEJCwsPhmVX9y5tJfXApj0Q0&google_cver=1&google_push=AXcoOmSt_qz2T2XLwJKPtf5yN8QrLHsLiCwVUyj3pGeqAD2ahJ8HqKcVFsMEpRucPVHL59tp8oPZMHv1UiVds5_9oUpvsVYi1GLPLszf
Domain
imageproxy.us.criteo.net
URL
https://imageproxy.us.criteo.net/img/img?h=556&m=0&partner=96594&q=80&r=0&u=http%3A%2F%2Fstatic.va.us.criteo.net%2Fdesign%2Fdt%2F96594%2F220812%2F14f98d06f6be4e3f924b906acbc2a64a_logo_moores_logotype_eng-fr_rgb_blk.png&v=3&w=196&rid=4&s=1Xh-heh1yuAXuZ3Eio6rndgA
Domain
imageproxy.us.criteo.net
URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=96594&q=80&r=0&u=https%3A%2F%2Fimage.mooresclothing.com%2Fis%2Fimage%2FMoores%2F40FX_02_NUNN_BUSH_BOOTS_BROWN_MAIN%3F%24browse_thumbnail%24&v=3&w=800&rid=4&s=xNIpEev-aS7naEUV90T777g7&b=1200
Domain
imageproxy.us.criteo.net
URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=96594&q=80&r=0&u=https%3A%2F%2Fimage.mooresclothing.com%2Fis%2Fimage%2FMoores%2F83K1_45_CALVIN_KLEIN_UNDERWEAR_BLACK_SOLID_MAIN%3F%24browse_thumbnail%24&v=3&w=800&rid=4&s=Ie3emRoskGGxozAJZ81ryEMF&b=1200
Domain
imageproxy.us.criteo.net
URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=96594&q=80&r=0&u=https%3A%2F%2Fimage.mooresclothing.com%2Fis%2Fimage%2FMoores%2F40FY_01_NUNN_BUSH_BOOTS_BLACK_MAIN%3F%24browse_thumbnail%24&v=3&w=800&rid=4&s=ZsD9W8lVRspBb_Exq6s1SxuH&b=1200
Domain
imageproxy.us.criteo.net
URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=96594&q=80&r=0&u=https%3A%2F%2Fimage.mooresclothing.com%2Fis%2Fimage%2FMoores%2F37K4_31_LAUREN_BY_RALPH_LAUREN_SUIT_SEPARATE_JACKETS_NAVY_MAIN%3F%24browse_thumbnail%24&v=3&w=800&rid=4&s=tYqtBXAKkLalF0IEIAG9ByYW&b=1200
Domain
imageproxy.us.criteo.net
URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=96594&q=80&r=0&u=https%3A%2F%2Fimage.mooresclothing.com%2Fis%2Fimage%2FMoores%2F714J_45_JOSEPH_ABBOUD_HERITAGE_WOOL_COATS_GREY_SOLID_MAIN%3F%24browse_thumbnail%24&v=3&w=800&rid=4&s=2itwVC6UIZlOHXGic-WHZRbx&b=1200
Domain
imageproxy.us.criteo.net
URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=96594&q=80&r=0&u=https%3A%2F%2Fimage.mooresclothing.com%2Fis%2Fimage%2FMoores%2F714J_25_JOSEPH_ABBOUD_HERITAGE_WOOL_COATS_NAVY_SOLID_MAIN%3F%24browse_thumbnail%24&v=3&w=800&rid=4&s=3M6Ieay5zu1801hIkvnCoqw7&b=1200
Domain
imageproxy.us.criteo.net
URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=96594&q=80&r=0&u=https%3A%2F%2Fimage.mooresclothing.com%2Fis%2Fimage%2FMoores%2F40G6_04_COLE_HAAN_CASUAL_SHOES_COGNAC_MAIN%3F%24browse_thumbnail%24&v=3&w=800&rid=4&s=eUWgP91qYrbpPLqj6dYa9Dhi&b=1200
Domain
imageproxy.us.criteo.net
URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=96594&q=80&r=0&u=https%3A%2F%2Fimage.mooresclothing.com%2Fis%2Fimage%2FMoores%2F40GH_01_COTTAGE_COLLECTION_SLIPPERS_BLACK_MAIN%3F%24browse_thumbnail%24&v=3&w=800&rid=4&s=flZbnxU2nScoGhE1DcGbZ_ek&b=1200
Domain
imageproxy.us.criteo.net
URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=96594&q=80&r=0&u=https%3A%2F%2Fimage.mooresclothing.com%2Fis%2Fimage%2FMoores%2F714E_25_JOSEPH_ABBOUD_HERITAGE_WOOL_COATS_NAVY_SOLID_MAIN%3F%24browse_thumbnail%24&v=3&w=800&rid=4&s=yyj41L50nJmTwAgvg4kNDLL3&b=1200
Domain
imageproxy.us.criteo.net
URL
https://imageproxy.us.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=96594&q=80&r=0&u=https%3A%2F%2Fimage.mooresclothing.com%2Fis%2Fimage%2FMoores%2F83K1_01_CALVIN_KLEIN_UNDERWEAR_WHITE_SOLID_MAIN%3F%24browse_thumbnail%24&v=3&w=800&rid=4&s=cdA7FadEo1hWMq-2UCmfvA5k&b=1200

Verdicts & Comments Add Verdict or Comment

96 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 function| gtag object| dataLayer object| adsbygoogle object| atOptions object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| google_tag_manager object| gaGlobal function| google_sa_impl object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| googlefc boolean| adsbygoogle_ama_fc_has_run object| googletag object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| ZTEyZjdhZTA3ZDFlZDYwOGxvYWRlcl9qcw== string| ZTEyZjdhZTA3ZDFlZDYwOGNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __tcfapiEventListeners function| __tcfapi object| __tcfapiManager boolean| __tcfapiPostMessageReady boolean| google_empty_script_included boolean| 28deac1d-e162-4810-beb7-1e9492f80532 string| site function| _toConsumableArray function| _nonIterableSpread function| _iterableToArray function| _arrayWithoutHoles function| _extends function| _typeof object| mailtouiApp function| waterFall number| cwd object| lazyLoadInstance function| getClient function| getScrollTop number| page function| g function| input_size function| callAjax function| gup number| h function| setCookie function| dl_png function| forceDownload function| resample undefined| xyArr boolean| click_flag undefined| info function| pcaptcha function| close_pcaptcha function| load_captcha_img function| stepn undefined| id undefined| xhr object| cookieconsent function| LazyLoad function| saveAs object| FileSaver object| nanoajax

9 Cookies

Domain/Path Name / Value
.pngwing.com/ Name: _ga_DL3LYM7LC0
Value: GS1.1.1706650175.1.0.1706650175.0.0.0
.pngwing.com/ Name: _ga
Value: GA1.1.1948961691.1706650176
.pngwing.com/ Name: __gads
Value: ID=db17fbc0de342517:T=1706650176:RT=1706650176:S=ALNI_MYS7sFSNZ2JNL2Oqs0sbffRT8qIHA
.pngwing.com/ Name: __gpi
Value: UID=00000dbc2e557a6b:T=1706650176:RT=1706650176:S=ALNI_MYlQOtZR8eVcvzlsyBHbjE9nKk4_Q
.pngwing.com/ Name: __eoi
Value: ID=58907b6134819514:T=1706650176:RT=1706650176:S=AA-AfjYN4aeByAAuH2ctwLlNF7sM
.pngwing.com/ Name: FCNEC
Value: %5B%5B%22AKsRol_JlbMTi2XrbwBjP7rsLkFbYPvRG17TGWehnuLvB9BUhefl6_RT9SQN7Kkzikkf_HLRPRXpJmA4hyEvEFxoehYZjmcJM7H9-hbi2QfZwJLy4fpAkqx7XrQI3W8arv0rKAG0n7Q7LkglZ1gplMDr8fmkpO8SNg%3D%3D%22%5D%5D
.doubleclick.net/ Name: IDE
Value: AHWqTUmkbwngI-Ftlfxdr1GJnUMc44nfS0mE2zMudgJnFDgBxAkdJZE8HYUJEL5e6Vs
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 8932022183608331022

4 Console Messages

Source Level URL
Text
javascript warning URL: https://www.pngwing.com/fi/free-png-pypys(Line 133)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://qualitiesstopsallegiance.com/11028a078def20a8e59006ba19f41753/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://www.pngwing.com/fi/free-png-pypys(Line 133)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://qualitiesstopsallegiance.com/11028a078def20a8e59006ba19f41753/invoke.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://qualitiesstopsallegiance.com/11028a078def20a8e59006ba19f41753/invoke.js
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2606419576769320&output=html&h=280&slotname=6755779896&adk=3393489949&adf=2897732966&pi=t.ma~as.6755779896&w=1200&fwrn=4&fwrnh=100&lmt=1706650188&rafmt=1&format=1200x280&url=https%3A%2F%2Fwww.pngwing.com%2Ffi%2Ffree-png-pypys&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706650188397&bpp=1&bdt=15703&idt=2&shv=r20240124&mjsv=m202401250101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Ddb17fbc0de342517%3AT%3D1706650176%3ART%3D1706650176%3AS%3DALNI_MYS7sFSNZ2JNL2Oqs0sbffRT8qIHA&gpic=UID%3D00000dbc2e557a6b%3AT%3D1706650176%3ART%3D1706650176%3AS%3DALNI_MYlQOtZR8eVcvzlsyBHbjE9nKk4_Q&eo_id_str=ID%3D58907b6134819514%3AT%3D1706650176%3ART%3D1706650176%3AS%3DAA-AfjYN4aeByAAuH2ctwLlNF7sM&prev_fmts=0x0%2C920x280%2C300x600%2C1600x1200&nras=2&correlator=3524471520251&frm=20&pv=1&ga_vid=1948961691.1706650176&ga_sid=1706650176&ga_hid=2018514282&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1679&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31080620%2C44795921%2C95321958%2C95320868%2C95320893%2C95323005&oid=2&psts=AOrYGsm1UtWsKzE706aTRPuZBiBiXsd-md7K_vXXvMjA0ZxbJeODVfbtr95J-aERdAf7I2F879Xh8WIvxH-BAwyOw9MpqyE%2CAOrYGsmuiFPv5uiWXEqzscsJ9vmsr5ih3EA4Bx7wTr-MVDFjmAULAaOGEScT02CS_0w7SgI1Tiu6G0DykK72NSkaCUsi&pvsid=354726131425966&tmod=1420159883&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=1&fsb=1&dtd=5
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'none'
X-Frame-Options DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ads.us.criteo.com
assets.pngwing.com
c1.adform.net
cat.va.us.criteo.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
csi.gstatic.com
csm.us.criteo.net
dsp.adkernel.com
fonts.googleapis.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
gtrace.mediago.io
imageproxy.us.criteo.net
pagead2.googlesyndication.com
qualitiesstopsallegiance.com
rr2---sn-ab5sznzd.googlevideo.com
s.tribalfusion.com
static.criteo.net
sync-dmp.mobtrakk.com
tpc.googlesyndication.com
w7.pngwing.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.pngwing.com
www.temu.com
cms.quantserve.com
dsp.adkernel.com
fonts.googleapis.com
gtrace.mediago.io
imageproxy.us.criteo.net
sync-dmp.mobtrakk.com
www.googletagservices.com
www.temu.com
104.17.25.14
104.18.25.173
142.250.192.227
142.251.163.102
142.251.163.154
142.251.163.94
142.251.163.97
142.251.167.138
142.251.167.147
142.251.179.154
172.253.115.132
172.253.122.155
172.64.192.31
185.167.164.39
192.243.59.13
74.119.119.131
74.119.119.147
74.119.119.149
74.119.119.65
74.125.174.103
04261972b408d8edaefc199c08d87a13afec67796c540c7f1617127f6f66ab8a
0665cff3cdc28e3ea8f1591f0debe65a2657dbb90717c922e71b0573e834f1ea
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
17cc7a160a8086504535742f98211272bbbce44d9702dfaa2b33ec637a515181
1984c4bb2ce10d00cb478c4ab216301e04502e25f2025b30dbeeb019172beb0d
1b04df73090f6b0f3192a3b71874ca3b3cc19dff16adc6cf365cd0c75897f6c0
1baff9bf8d69c7de6ea553b53218dc5990e8a58d69200bab0c4763e70639fef4
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
27761d1e16ba385ac746251030f05d72ce6ef91e737c31a8763deecb61912d55
30aa488cbf5a7fd7d688ae6a5b997f9756631252c3bfdd2480765bb85ebb1e29
311125729804fcddf437f9d0b65f700649496043f55e2d4605c542692c6725c4
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3370e45614c256346047754a276504fd351020bf0169ba9dc7f826eaacc25e2c
3b3927ed530706279d763b0f78dbdd8edf2e8d6851dc186cdded8cd06b7fa137
3cd346aff1efcc38119a600f75667ba0089a7a6bece2b905503fb7c0c65ddcb8
3f34c7efc91e2a8f2d525160dd82d4b34fd346ec7e684c4769d6dfa7a4ca8032
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
4600cf482ffdbc2e5cd23175e0f8aef1ab81eeb9a8d60cb1ba9196c75b37a6a8
4852e58b654f278f26b4c5573249d53c3f4e3bac28389c826188cb51682de9a6
488331cd580120dea03e17b1b7abdaade1255e3edb082f80adf97ba3b2db031d
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fd0283a3453e726708958914348b695770cd02068dcdfd64a9349d9c30ef30e
506b3d8c5f14d4451293c421d00b10bc1ef9a345b7a69d2a815ff63dd543e682
54090d5321bc8e3a05531aacf2ef2b7769f24e94b14f4a0687587375fffa2523
54db8dca7039b548a0aa4e5e22fcea2a4e536b8aaec0b13a750dbc61ca3f3538
5789b3efdcb3487cf62cfbbe6c8c4c79b5c6a26700855c3c83925859c0d50edc
5bba5e5bdc70318f5852a13da924eb1c4f80525a63e62e2b435d07358537a456
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
67b8949811116073f3b2bcca3048dc71584889e0383a221bd165760d29c99236
688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
6973fee2cde98fdf50adab3d0c19c1a8a8dcc927f01df28fe67dbb4526cd65e9
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132
81cacd6b187878c8eb795e61e66c648ee76c410dafc63852de35290c1e56f9f1
87f42c6fa18a7e52faf12eda252f4f94addecd3e415516e3ba19b8fef1b1605f
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8fe56c48ec5abf75949984e0c9a796e898254cfe97e4eadcd638b9393def8eee
97c530c44249746307c2b01b37eed0f53757d139bc4243798f468c71da9844da
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a903e3e73b7b338c7be7e66ad5e65ff509221abdd7e6a828c2163558983d361e
b0ba1c47fe9e4f283d90a908e831d0d76116db560376cef367eb405586e6505e
b1a1026bd29787369177df7c8b337bf62deab35e69dec0ccdf338cec4f307ac6
b76d745e00b46747ed39c9a15afb3334baedafa583fea7110b282c929f798d4c
c6f8aad2c2e01e81032eb3ce744f73450e33b1718dd95ee9cb968e76b8512f59
c768fd171c3dc95e79e30ec7ddea00712e8434e0bb272db8d74a4c573d8c111c
c7f42fd7e961148cbacb3643b669d55768ded74e587cd30d429a4e8112c05a5c
cc2507f7017b5687ea44a563970092c6e2abd849ec77a703e8a4bc7d28670f56
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
d72e6e774687d365b01945a9fd6a321d59c850f806c4af6736c005bbcd061bf8
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e2cce6e94b674055da0065bb54f19025b274b48828fbf940e8e16c90bba5187b
e2f8985c5c94a8d8b7a7086e55ed61fd1fa0cfd5c570c87a2bb40b6d20614176
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e738a1f12d893677e2d231f674bbd4c8579efb646d94cff5b9b7bcb5945394d7
e73fa54234be538390e33e10d5cc21c7fde0d267bacb51b2f66b8b9f9a2c9109
e748461e4c05c8d92e84fe606cba2f1c2ea97854587e023c97c20b119ddc46f5
eab58a707e312636d5debdb007ae3a0f99435edd7047b0053e4104388e686621
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f11813f4bd9e753dd4a2757eb321123745890c9fcb0384f285d9faa586a7cd10
f885ec8a0a68847aff7c6bb94968bf7cb5099c0c449ae1535cf8515cc0ff8e18
fe9b4812b34f03b4aa2867ce74492d7205303ab48a3335020facca79cdc6c59b