Submitted URL: http://fconvert.com/
Effective URL: https://fconvert.com/
Submission: On December 02 via api from US — Scanned from CA

Summary

This website contacted 18 IPs in 3 countries across 13 domains to perform 84 HTTP transactions. The main IP is 144.217.240.221, located in Beauharnois, Canada and belongs to OVH, FR. The main domain is fconvert.com.
TLS certificate: Issued by R3 on November 2nd 2023. Valid for: 3 months.
This is the only time fconvert.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 144.217.240.221 16276 (OVH)
3 172.253.63.97 15169 (GOOGLE)
5 142.251.167.95 15169 (GOOGLE)
6 172.67.140.65 13335 (CLOUDFLAR...)
12 172.253.62.154 15169 (GOOGLE)
2 31.13.66.19 32934 (FACEBOOK)
2 104.17.24.14 13335 (CLOUDFLAR...)
1 151.101.1.229 54113 (FASTLY)
3 142.251.16.94 15169 (GOOGLE)
1 10 172.253.63.154 15169 (GOOGLE)
3 172.253.63.139 15169 (GOOGLE)
14 172.253.63.113 15169 (GOOGLE)
13 142.250.31.132 15169 (GOOGLE)
2 3 172.253.63.99 15169 (GOOGLE)
6 142.250.31.94 15169 (GOOGLE)
2 172.253.122.155 15169 (GOOGLE)
1 172.253.63.155 15169 (GOOGLE)
84 18
Apex Domain
Subdomains
Transfer
25 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
384 KB
17 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1404
www.google.com — Cisco Umbrella Rank: 2
71 KB
9 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
95 KB
9 gstatic.com
fonts.gstatic.com
www.gstatic.com
130 KB
8 fconvert.com
fconvert.com
cdn.fconvert.com
40 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
5 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
200 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 138
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
128 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 204
29 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 168
88 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 313
23 KB
84 13
Domain Requested by
14 fundingchoicesmessages.google.com pagead2.googlesyndication.com
13 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
12 pagead2.googlesyndication.com fconvert.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
9 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
6 www.gstatic.com googleads.g.doubleclick.net
6 cdn.fconvert.com fconvert.com
5 fonts.googleapis.com fconvert.com
googleads.g.doubleclick.net
3 www.google.com 2 redirects tpc.googlesyndication.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 fonts.gstatic.com fonts.googleapis.com
3 www.googletagmanager.com fconvert.com
www.googletagmanager.com
2 www.googleadservices.com
2 www.googletagservices.com googleads.g.doubleclick.net
2 cdnjs.cloudflare.com fconvert.com
2 connect.facebook.net fconvert.com
connect.facebook.net
2 fconvert.com 1 redirects
1 cdn.jsdelivr.net fconvert.com
84 17

This site contains links to these domains. Also see Links.

Domain
fconvert.ru
Subject Issuer Validity Valid
www.fconvert.com
R3
2023-11-02 -
2024-01-31
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
fconvert.com
E1
2023-11-08 -
2024-02-06
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2023-09-10 -
2023-12-09
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-07-03 -
2024-07-02
a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3
2023-09-27 -
2024-10-28
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
www.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
www.googleadservices.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh

This page contains 12 frames:

Primary Page: https://fconvert.com/
Frame ID: 761C7FD0FAC44C71987700B81E10B274
Requests: 44 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_fy2021.html
Frame ID: CC129FA2AE5CD5FDC600BE56695CBA24
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6359925249846371&output=html&adk=1812271804&adf=3025194257&lmt=1649752214&plat=2%3A16777216%2C3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=356x540_r&format=0x0&url=https%3A%2F%2Ffconvert.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701518300830&bpp=12&bdt=277&idt=250&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1472814185414&frm=20&pv=2&ga_vid=210489873.1701518301&ga_sid=1701518301&ga_hid=49204837&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532604%2C31079714%2C31079758%2C44795922%2C31078297%2C44807753%2C44807764%2C44808149%2C44808285%2C44809072&oid=2&pvsid=1344082366910963&tmod=1011493673&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=272
Frame ID: B65DB576E5993C9D8DEC29AA2FD76239
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 365C0EBC3A174C7CEF72053275E7EAAB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7121A655E7FFD6EC762C511A7337E063
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: D00E38BD110E0255766C0FC61FC1A049
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 649CB75F00F166019CEAC9CEC847D196
Requests: 14 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 3516574EF10E2E3099B420A3A29B3117
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: EA0A05D6C2AF947D8206722BC6DC86F7
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 10BA791C9116A610BC5DCA41E489BD65
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Frame ID: 9B309DC2D8FEA44A828694F2407B2C20
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Frame ID: 04F8452AD5D3744857AE32926F17A220
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

fConvert - Free Online Converter

Page URL History Show full URLs

  1. http://fconvert.com/ HTTP 301
    https://fconvert.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

84
Requests

99 %
HTTPS

0 %
IPv6

13
Domains

17
Subdomains

18
IPs

3
Countries

1213 kB
Transfer

3521 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://fconvert.com/ HTTP 301
    https://fconvert.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 67
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 68
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CkUSV3RtrZayNCbjrvPIPjIaO6A6o5cmqdNOemrWgDs7o07jPLxABIKKK1ANg_aCZgegDoAGN7OTZAsgBAakC48CiiJDcqD6oAwHIA8sEqgTLAU_QSaFofS1T41sViN8Tx141ZHGLXABxaQxkolraWRZGG-IVOIsxwZld4KTfalJr3oLyEgwtlJ01G0I7K1rMM1LMLMrudMm89la5gNAK1Q8daUzpW_2MZWP45-DTYwhj3lqz_8o6DhwIZGHCxa2Yv93yjfTb05yyr18KPUEBGVB95M1gPAaVwEk9OYvWgVxBV8PqNGo_yeMlIx-pAusz5XQYTHkNwDBNAeMZXyPk0wWPw5QU6j4BkV0FpiZj9ytpZMrUNIKHmR_Wfc1LwASwuZ3M5gOIBZGl3IA0kgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGAB9uTm6YBqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQkIII0ggdCIBhEAEYHzICigI6AoBASL39wTpY-7Wsz9nwggOaCWJodHRwczovL3BjaGVscHNvZnQuY29tL3N0YXRpYy9scC9kcml2ZXItdXBkYXRlci9lbi9MUDE5LnBocD9jYW1wYWlnbmlkPUFEV09SRFMmZmlsdGVyPTEzMDYxOTQ5NzY0OIAKAcgLAaIMFCoSChDktLEC7rWxArW4sQK7u7EC2gwQCgoQkPf4wNGn9NF-EgIBA9gTDYgUC9AVAYAXAbIXHAoaCAASFHB1Yi02MzU5OTI1MjQ5ODQ2MzcxGAA&sigh=6DwshBQa2ys&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaNbd413PhF3QzVWjOLGNHWDLvjKi-1_HQ_MvzAbudLCN4EdgZ9tKNyBfd4wLiukxMuc4bdR3XRUpPlNhuPVDXBZJIt0kXJUGdgz90YAQ&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc4ef0060f0330acf0000000000000000%22,%222%22:%220xeaee8b875f8304e70000000000000000%22,%223%22:%220x9275acc6c2568c760000000000000000%22,%224%22:%220xa3622fd5bc77c0990000000000000000%22,%225%22:%220x5d9d3ac7cb0bf0d0000000000000000%22},%22debug_key%22:%2214913738893065577859%22,%22debug_reporting%22:true,%22destination%22:%22https://pchelpsoft.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22725169677%22],%224%22:[%2212-02%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210059205775683359217%22}&andc=true

84 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
fconvert.com/
Redirect Chain
  • http://fconvert.com/
  • https://fconvert.com/
17 KB
5 KB
Document
General
Full URL
https://fconvert.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.217.240.221 Beauharnois, Canada, ASN16276 (OVH, FR),
Reverse DNS
vps-d3e924df.vps.ovh.ca
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2cdd23ea630c9da470e2b3b66eda29969bb43c1aa7de25b103caa8b524eddbbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Sat, 02 Dec 2023 11:58:20 GMT
etag
W/"62553896-4274"
last-modified
Tue, 12 Apr 2022 08:30:14 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding

Redirect headers

Connection
keep-alive
Content-Length
178
Content-Type
text/html
Date
Sat, 02 Dec 2023 11:58:20 GMT
Location
https://fconvert.com/
Server
nginx/1.18.0 (Ubuntu)
js
www.googletagmanager.com/gtag/
186 KB
68 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-89777630-1
Requested by
Host: fconvert.com
URL: https://fconvert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
466c1ea84bceb0663588b4c788524ecd1a2a41e1bbb9f04024f1cdcde78de6e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fconvert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 11:58:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69002
x-xss-protection
0
last-modified
Sat, 02 Dec 2023 09:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 02 Dec 2023 11:58:20 GMT
css
fonts.googleapis.com/
3 KB
989 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Montserrat:400,700
Requested by
Host: fconvert.com
URL: https://fconvert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f95.1e100.net
Software
ESF /
Resource Hash
9f432863c5ab1b06046dad2eb47b0171fd1601a468a3ab874f66ceed27be4c0f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fconvert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 02 Dec 2023 11:58:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 02 Dec 2023 10:15:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 02 Dec 2023 11:58:20 GMT
css
fonts.googleapis.com/
3 KB
550 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic
Requested by
Host: fconvert.com
URL: https://fconvert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f95.1e100.net
Software
ESF /
Resource Hash
699e8cb3d0af7f12172315152a58cf8154526ddc2ee3d29ed8861218e9cf91a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fconvert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 02 Dec 2023 11:58:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 02 Dec 2023 11:56:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 02 Dec 2023 11:58:20 GMT
styles.css
cdn.fconvert.com/css/
148 KB
25 KB
Stylesheet
General
Full URL
https://cdn.fconvert.com/css/styles.css
Requested by
Host: fconvert.com
URL: https://fconvert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.140.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
61e88cc49e2d9499a00aadd438cd8b166559d837ad0a8b21ba25cbe97546e1a5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fconvert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 11:58:20 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
168559
cf-polished
origSize=186928
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 21 Dec 2020 19:30:59 GMT
server
cloudflare
etag
W/"5fe0f7f3-2da30"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OwKqPg%2ByufQP9ykyb16qd4FHue1b52gH1TbBLbPOFORogCyGUKQRSQ1ivxF35t1w296TRG%2BMTqNFeFT2VZXYy30hJQsVsX5L%2FiYaG2nFIvh3A5Ts9pmRYbUKGmSy8c0TtDRe"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=3888000
cf-ray
82f365c2f8d139e1-YYZ
expires
Sun, 14 Jan 2024 13:09:01 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
153 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6359925249846371
Requested by
Host: fconvert.com
URL: https://fconvert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
3168adef50ac49a0f7fd0952927fb0bc0edcf52a4e4b9d57901ae4cd687bf437
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fconvert.com/
Origin
https://fconvert.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 11:58:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52922
x-xss-protection
0
server
cafe
etag
17147290799924674139
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 02 Dec 2023 11:58:20 GMT
sdk.js
connect.facebook.net/en_US/
3 KB
3 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: fconvert.com
URL: https://fconvert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
59e5b17113697a681c9428265d86d96e82865417ca84af4000e15deb01b51eea
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://fconvert.com/
Origin
https://fconvert.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 02 Dec 2023 11:58:20 GMT
content-md5
vQc9VlOIoQ9b/Z7kdSSdcQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1682
reporting-endpoints
x-fb-debug
cRsA/XBYXWULTgVTcDrsGz1M7++2aBZaj8ZxcxHe+5wh2KdhnbKUKyQaAi6bKAzIvycOzFizhpxx/F34VscDsQ==
x-fb-content-md5
c076337adb6ef9119b04976769e94ece
cross-origin-opener-policy
same-origin-allow-popups
etag
"918ad80507c3392e7ba7268d579f3689"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sat, 02 Dec 2023 12:15:17 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/
87 KB
28 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: fconvert.com
URL: https://fconvert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fconvert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 11:58:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
187687
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27958
last-modified
Mon, 04 May 2020 23:01:39 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb09ed3-15d84"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EVUd9RkvVCrHjK8dZZIipETl3BmqSo9ktIjvZ91UOt%2BAiat32%2BzWmx2mQ6CHtD8TUeSYCFCnEedoD5RW4cj0G%2BPTYdRBxK8CB%2ByV1kDl%2FgzxopUQjgVP4T6hcuzJyHIhYScE3Zd9"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
82f365c2cf103a06-YYZ
expires
Thu, 21 Nov 2024 11:58:20 GMT
bootstrap.bundle.min.js
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/
82 KB
23 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/js/bootstrap.bundle.min.js
Requested by
Host: fconvert.com
URL: https://fconvert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.229 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fconvert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 02 Dec 2023 11:58:20 GMT
x-content-type-options
nosniff
content-encoding
br
age
22058084
x-jsd-version
4.5.3
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
23383
x-served-by
cache-fra-eddf8230067-FRA, cache-yyz4534-YYZ
x-jsd-version-type
version
etag
W/"148b8-qycDEVlyTiQh9v9ccPSOZXq+nTk"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
jquery.easing.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-easing/1.4.1/
2 KB
1 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-easing/1.4.1/jquery.easing.min.js
Requested by
Host: fconvert.com
URL: https://fconvert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f7723b6b9bfced0deba108df48e3287888dd986f1ff2d5133bacc9807ac0349
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fconvert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 11:58:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
358988
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
747
last-modified
Mon, 04 May 2020 16:11:45 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec1-9e4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8Wxl4nrMHDwlTOJxwVIT3agASNjslzRPsKBMCRTT9B5R2yLdfzMl8eGfU%2FopjnWPbdbxrB8yaDuE8kZzWPWSOsIlA8QkxGhRrrqrdjMg2rN%2BmkInNZ4OYZI3Fe0yPSOvce7yiz5I"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
82f365c2cf0f3a06-YYZ
expires
Thu, 21 Nov 2024 11:58:20 GMT
scripts.js
cdn.fconvert.com/js/
1 KB
919 B
Script
General
Full URL
https://cdn.fconvert.com/js/scripts.js
Requested by
Host: fconvert.com
URL: https://fconvert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.140.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bb977847830b40e630c8f203b178b26541b896d0dbb2ecbb959bf4b3c5aa154

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fconvert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 11:58:20 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
43406
cf-polished
origSize=2239
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sat, 19 Dec 2020 16:53:33 GMT
server
cloudflare
etag
W/"5fde300d-8bf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cuIDNF8%2FVN9mxcPi%2Fm39r5DmvzEL%2FtbEpzlYnAE3ZoJFDCuHJdv8v7d2zwEYWLqgMeO6pyOVt%2B4cc8fHqzOlJFOeLNtb40ZWFVXG%2F7K90iHkVLf%2F%2Fjgr8IjJO6ei9yW3BW5z"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=3888000
cf-ray
82f365c2f8d439e1-YYZ
expires
Mon, 15 Jan 2024 23:54:54 GMT
cookie.js
cdn.fconvert.com/js/
957 B
907 B
Script
General
Full URL
https://cdn.fconvert.com/js/cookie.js
Requested by
Host: fconvert.com
URL: https://fconvert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.140.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9667900a69d77cb0f74d83954dcd04be0e25d284a133f9b5a0cab8f8a3312bb9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fconvert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 11:58:20 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
246660
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 26 Sep 2016 10:13:08 GMT
server
cloudflare
etag
W/"57e8f4b4-3bd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1N5Z9OQDQY7eEQoJaBY4Qi3xFfJwEN2OU%2BeEtj4apUlXS7E5aAVgHn8G50l%2FcJTl0ziwkxDG%2F0abtwXLiU5HnkriAtFtgLHsTWmkJuwfg3ZdU1X6J6tAAu9HdxmOI11KmDAt"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=3888000
cf-ray
82f365c2f8d639e1-YYZ
expires
Sat, 13 Jan 2024 15:27:20 GMT
jquery.form.js
cdn.fconvert.com/js/
19 KB
7 KB
Script
General
Full URL
https://cdn.fconvert.com/js/jquery.form.js
Requested by
Host: fconvert.com
URL: https://fconvert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.140.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd0240f9db7e6bb68d2acb0f6db05ee01c0d635a5c4f44eced3256fd55ca7126

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fconvert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 11:58:20 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
246660
cf-polished
origSize=19531
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 26 Sep 2016 10:13:08 GMT
server
cloudflare
etag
W/"57e8f4b4-4c4b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wMU%2F4CFNMp5mnGdkwZZsVKwylk%2F7L7t6CiM%2BCRA7tUszyOTmKblt9BNE7WVvFWSh11PQDZh440wNnALJVX3KgxnEvDeOIHHOT3qjhrTM56g0wt18GOMWk8DrFbbxii2SVfBk"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=3888000
cf-ray
82f365c2f8d539e1-YYZ
expires
Sat, 13 Jan 2024 15:27:20 GMT
jquery.waiting.js
cdn.fconvert.com/js/
2 KB
911 B
Script
General
Full URL
https://cdn.fconvert.com/js/jquery.waiting.js
Requested by
Host: fconvert.com
URL: https://fconvert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.140.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8849ecc8f0c4a0078325ae1e27cecc6e1a326ccd4d3ecacf741cbd92ddc5422

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fconvert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 11:58:20 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
43406
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 26 Sep 2016 10:13:08 GMT
server
cloudflare
etag
W/"57e8f4b4-6fc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hUU7Eg2SIYtzOrqPMwLAPokTIluhVgNgzUrXvcLdT%2B0ZMGtfdfJmoqHMgtnlhKPUcMwjWyI0exFdKQqivMi5mv08PDmOjtVpJsSPIRbMI%2BvgWKvofgogdomMlMHXlWzwU433"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=3888000
cf-ray
82f365c2f8d239e1-YYZ
expires
Mon, 15 Jan 2024 23:54:54 GMT
waiting.css
cdn.fconvert.com/css/
759 B
630 B
Stylesheet
General
Full URL
https://cdn.fconvert.com/css/waiting.css
Requested by
Host: fconvert.com
URL: https://fconvert.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.140.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c298e784c25e1b1e61e902624531e921ee2828afd38920f6a6e4c4ae3ca3cc5e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fconvert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 11:58:20 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11777
cf-polished
origSize=942
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 20 Sep 2016 04:06:52 GMT
server
cloudflare
etag
W/"57e0b5dc-3ae"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9iUOK2Y3gFzBCG9meaTGTOZOz6%2FZHTtpj0d4ZRXee27IAHjV7MTqDUzVeklRZXzH%2FkeuRtHiPX2cOM6IYj1WpKMrPR41uYTQsFhvQVVN%2FKm1z2XkFhD9bOX%2FicbtrPpqsHfa"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=3888000
cf-ray
82f365c2f8d039e1-YYZ
expires
Tue, 16 Jan 2024 08:42:03 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/
32 KB
33 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:400,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f94.1e100.net
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://fconvert.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 08:07:10 GMT
x-content-type-options
nosniff
age
273070
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Nov 2024 08:07:10 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/
23 KB
23 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,400italic,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f94.1e100.net
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://fconvert.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 13:11:23 GMT
x-content-type-options
nosniff
age
82017
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 30 Nov 2024 13:11:23 GMT
sdk.js
connect.facebook.net/en_US/
297 KB
85 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=fee99bb8b51ec0ec3fb049cbf3da174a
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
dea9c73e5654af12e7f7ea3615c796de32ca479e87a0eb5fc7cdeb3fc45fe4fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://fconvert.com/
Origin
https://fconvert.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

permissions-policy-report-only
autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), gamepad=(), keyboard-map=(), otp-credentials=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 02 Dec 2023 11:58:20 GMT
content-md5
GZyVTyIFcPoZhWafDceh2w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86868
reporting-endpoints
x-fb-debug
g7uE+tT9v7A5NFh9y7XDHssGxiHb2onf5XzTM0/YVEfF8o/r2PpIPFNWWQ/KlZbEdju4R/rwXeLGEYO9CwTWLA==
x-fb-content-md5
9ee3a456ca6c20d300f5dc16c102614e
cross-origin-opener-policy
same-origin-allow-popups
etag
"f0733092fb3ff954df459efc76cffe1d"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin
*
expires
Sun, 01 Dec 2024 11:18:11 GMT
js
www.googletagmanager.com/gtag/
238 KB
83 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RNL4DN9PVS&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-89777630-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
535ee062ce6469ab06cdb8610fe0459e06dd13c4d23c0754f0953a5fb745efc9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fconvert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 11:58:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
84403
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 02 Dec 2023 11:58:20 GMT
js
www.googletagmanager.com/gtag/
129 KB
49 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-89777630-2&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-89777630-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
8c9f7548de079f27e89a15189c4b908a8e1d5914708c70d08b4c9253f874c60c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fconvert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 11:58:20 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
50582
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 02 Dec 2023 11:58:20 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/
397 KB
134 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6359925249846371
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
0a628764de23e85cdce574cc30e670e609451009e5e495b04a18ae1e4e3f0962
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fconvert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 11:58:20 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137250
x-xss-protection
0
server
cafe
etag
3660469608885639615
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Dec 2023 11:58:20 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/ Frame CC12
9 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231129/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6359925249846371
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
cafe /
Resource Hash
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fconvert.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
37889
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4121
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 02 Dec 2023 01:26:51 GMT
etag
12051592065903069241
expires
Sat, 16 Dec 2023 01:26:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-89777630-2&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f139.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fconvert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 02 Dec 2023 10:46:10 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
4331
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 02 Dec 2023 12:46:10 GMT
collect
www.google-analytics.com/g/
0
169 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-RNL4DN9PVS&gtm=45je3bt0v9113156165&_p=1701518300582&gcd=11l1l1l1l1&dma=0&cid=210489873.1701518301&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&ngs=1&_s=1&sid=1701518300&sct=1&seg=0&dl=https%3A%2F%2Ffconvert.com%2F&dt=fConvert%20-%20Free%20Online%20Converter&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=589
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RNL4DN9PVS&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f139.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fconvert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Dec 2023 11:58:21 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://fconvert.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/
1 B
91 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=49204837&t=pageview&_s=1&dl=https%3A%2F%2Ffconvert.com%2F&ul=en-us&de=UTF-8&dt=fConvert%20-%20Free%20Online%20Converter&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=890545430&gjid=1383281866&cid=210489873.1701518301&tid=UA-89777630-2&_gid=921559543.1701518301&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma=0&jsscut=1&z=693181837
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.139 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f139.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://fconvert.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 02 Dec 2023 11:58:21 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://fconvert.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame B65D
347 KB
82 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6359925249846371&output=html&adk=1812271804&adf=3025194257&lmt=1649752214&plat=2%3A16777216%2C3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=356x540_r&format=0x0&url=https%3A%2F%2Ffconvert.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701518300830&bpp=12&bdt=277&idt=250&shv=r20231129&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1472814185414&frm=20&pv=2&ga_vid=210489873.1701518301&ga_sid=1701518301&ga_hid=49204837&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42532604%2C31079714%2C31079758%2C44795922%2C31078297%2C44807753%2C44807764%2C44808149%2C44808285%2C44809072&oid=2&pvsid=1344082366910963&tmod=1011493673&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=272
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
cafe /
Resource Hash
646233f020d2bcf4e2840e8db786b2b3ae0c0c777ebcdb7d4b573a603c8a5f27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fconvert.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
83682
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 02 Dec 2023 11:58:21 GMT
expires
Sat, 02 Dec 2023 11:58:21 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=NAV&id=mainNav&cls=navbar%20navbar-expand-lg%20bg-secondary%20text-uppercase%20fixed-top&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: fconvert.com
URL: https://fconvert.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fconvert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Dec 2023 11:58:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231129&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
762fe43c342ecf063e0ecb55057b1d7e04ae2d724f22d460f11c7b3938db110b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fconvert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 11:58:22 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12170
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/
160 KB
55 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
94933fcbb75722bf3d52127c502261c4a255e2704191130a9a146defe8c939ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fconvert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 11:58:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55846
x-xss-protection
0
server
cafe
etag
15800066717216634302
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sat, 02 Dec 2023 11:58:22 GMT
ca-pub-6359925249846371
fundingchoicesmessages.google.com/i/
176 KB
59 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/i/ca-pub-6359925249846371?ers=2
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f113.1e100.net
Software
ESF /
Resource Hash
3d11b8399771a02c049d03fa3500dc550c4a31081afa8250ae2690afa4f63dc6
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-9NvrFuluuDDWYfD51GhnMw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fconvert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 11:58:22 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-9NvrFuluuDDWYfD51GhnMw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.132 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fconvert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 11:58:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 02 Dec 2023 11:58:22 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 365C
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.132 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fconvert.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

accept-ranges
bytes
age
11382
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 02 Dec 2023 08:48:40 GMT
expires
Sun, 01 Dec 2024 08:48:40 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 7121
829 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f99.1e100.net
Software
GSE /
Resource Hash
2e0796e48e2f6d13b8fa7007228c34bcdb324d301c4a3ffd9f9992295c3781c8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-HWyk7z_rsHn0lgQP2aaQFw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://fconvert.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-HWyk7z_rsHn0lgQP2aaQFw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 02 Dec 2023 11:58:22 GMT
expires
Sat, 02 Dec 2023 11:58:22 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/ Frame D00E
9 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
cafe /
Resource Hash
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fconvert.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
56726
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4121
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 20:12:56 GMT
etag
12051592065903069241
expires
Fri, 15 Dec 2023 20:12:56 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/ Frame 649C
9 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
cafe /
Resource Hash
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fconvert.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
56726
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4121
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 01 Dec 2023 20:12:56 GMT
etag
12051592065903069241
expires
Fri, 15 Dec 2023 20:12:56 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AGSKWxVBTd_y00Ji9dgBG8FGYjCzOxY1q8Y76_pHUjvOfvPrsO2TmLl-F3ko_icbuCMjxIUQm2kVn5dJ4OMTIGCgK-GXNxnpIbiUCLFfISl-6xsRFKbSYkT_nVqHIVPt5ikCMgmO355SJg==
fundingchoicesmessages.google.com/f/
4 KB
3 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVBTd_y00Ji9dgBG8FGYjCzOxY1q8Y76_pHUjvOfvPrsO2TmLl-F3ko_icbuCMjxIUQm2kVn5dJ4OMTIGCgK-GXNxnpIbiUCLFfISl-6xsRFKbSYkT_nVqHIVPt5ikCMgmO355SJg==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAxNTE4MzAyLDM0MjAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly9mY29udmVydC5jb20vIixudWxsLFtbOCwiRmFZUHVSd2VxSUkiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTYsIlsxLDEsMV0iXSxbMTksIjIiXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.FaYPuRweqII.es5.O/am=CAM/d=1/rs=AJlcJMwtXJqxLeKc2R0IUIFp1d5liGKRSg/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f113.1e100.net
Software
ESF /
Resource Hash
01595536f304edec028110d58a727c60ad6513579b11c5c4079542d8b8b31666
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7PptpIdm3NwBqfnY2MMFYg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fconvert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 11:58:22 GMT
content-security-policy
script-src 'report-sample' 'nonce-7PptpIdm3NwBqfnY2MMFYg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
css2
fonts.googleapis.com/ Frame D00E
4 KB
767 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f95.1e100.net
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 02 Dec 2023 11:58:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 02 Dec 2023 11:23:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 02 Dec 2023 11:58:22 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame D00E
205 B
518 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.94 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f94.1e100.net
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 10:48:54 GMT
x-content-type-options
nosniff
age
4168
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 01 Dec 2024 10:48:54 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame D00E
604 B
695 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.94 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f94.1e100.net
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 00:30:42 GMT
x-content-type-options
nosniff
age
41260
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Sun, 01 Dec 2024 00:30:42 GMT
fullscreen_api_adapter_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame D00E
16 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.132 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f132.1e100.net
Software
cafe /
Resource Hash
a6df8215439f8c1a4f31e4407a93cdb72cfc12b525cc378678ad717f8451325d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 22:55:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
46971
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6758
x-xss-protection
0
server
cafe
etag
13232977368472197749
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 15 Dec 2023 22:55:31 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/ Frame D00E
22 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.132 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f132.1e100.net
Software
cafe /
Resource Hash
bbbf189ee0fd46edc91bdc96aeac86c78c35c8d497ecd9a786ef318ccb62e985
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 01:13:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
38670
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9189
x-xss-protection
0
server
cafe
etag
14682237860056745894
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Dec 2023 01:13:52 GMT
38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js
www.gstatic.com/mysidia/ Frame 649C
9 KB
4 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.94 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f94.1e100.net
Software
sffe /
Resource Hash
70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 01:55:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36184
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4046
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 19:21:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 01 Mar 2024 01:55:18 GMT
78b00c21e40332afd18050ebd59c6b08.js
www.gstatic.com/mysidia/ Frame 649C
11 KB
5 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/78b00c21e40332afd18050ebd59c6b08.js?tag=text/vanilla_highlight_ms
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.94 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f94.1e100.net
Software
sffe /
Resource Hash
b82aa6c527e41e336e9cd392fffa550353f896f71a3c632a5bdd51e22de4ca0f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 01:55:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36180
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4753
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 19:21:37 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Fri, 01 Mar 2024 01:55:22 GMT
css
fonts.googleapis.com/ Frame 649C
14 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f95.1e100.net
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 02 Dec 2023 11:58:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 02 Dec 2023 11:31:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 02 Dec 2023 11:58:22 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 649C
2 KB
822 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.132 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f132.1e100.net
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 02:32:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
33930
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Dec 2023 02:32:52 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 649C
24 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.132 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f132.1e100.net
Software
cafe /
Resource Hash
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 19:55:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
57765
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9305
x-xss-protection
0
server
cafe
etag
13635642240219548939
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 15 Dec 2023 19:55:37 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 649C
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.132 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 01:13:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
38670
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Dec 2023 01:13:52 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 649C
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.132 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f132.1e100.net
Software
cafe /
Resource Hash
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 01:13:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
38669
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8544
x-xss-protection
0
server
cafe
etag
17124069415086231762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Dec 2023 01:13:53 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 649C
202 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 11:58:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Dec 2023 11:58:22 GMT
a6de5423b7c632060e8f86136bd5d27a.js
www.gstatic.com/mysidia/ Frame 649C
37 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.94 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f94.1e100.net
Software
sffe /
Resource Hash
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 00:30:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
386845
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15478
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 14:10:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 26 Feb 2024 00:30:57 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 7121
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231129&jk=1344082366910963&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 365C
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 11:42:14 GMT
content-encoding
br
x-content-type-options
nosniff
age
968
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 01 Dec 2024 11:42:14 GMT
AGSKWxVOhBrfEbSunI8QLytn5ZkQ-wq10a_JAzCdfUA_BDEFbfdaJalLEfM7Z2sxMD-O5JIQBroSuYWQ6dMjAtD3uXrZKZTWO7gxy4-LPGcpK_XyTP4QeFF8JVQHm8JOU83NtTlkBda5XQ==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVOhBrfEbSunI8QLytn5ZkQ-wq10a_JAzCdfUA_BDEFbfdaJalLEfM7Z2sxMD-O5JIQBroSuYWQ6dMjAtD3uXrZKZTWO7gxy4-LPGcpK_XyTP4QeFF8JVQHm8JOU83NtTlkBda5XQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.FaYPuRweqII.es5.O/am=CAM/d=1/rs=AJlcJMwtXJqxLeKc2R0IUIFp1d5liGKRSg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f113.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-KRIWxxav1tRmnf_UK--fcA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://fconvert.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 02 Dec 2023 11:58:22 GMT
content-security-policy
script-src 'report-sample' 'nonce-KRIWxxav1tRmnf_UK--fcA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://fconvert.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWQDJ2QMLFD45znEqdYQjryo2soJXbChIVPWYfD4FfQMIpKhL2Pq-WkJnqc6sEC6n9eyJkhRZezTKoq5DAVEXv5UTeEBZk5gI25ojxHoKV1zt1wxPcLZVabj3RfFYvkWBi0lTyC6Q==
fundingchoicesmessages.google.com/f/
13 KB
6 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWQDJ2QMLFD45znEqdYQjryo2soJXbChIVPWYfD4FfQMIpKhL2Pq-WkJnqc6sEC6n9eyJkhRZezTKoq5DAVEXv5UTeEBZk5gI25ojxHoKV1zt1wxPcLZVabj3RfFYvkWBi0lTyC6Q==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAxNTE4MzAyLDQzMDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTBdXSwiaHR0cHM6Ly9mY29udmVydC5jb20vIixudWxsLFtbOCwiRmFZUHVSd2VxSUkiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTYsIlsxLDEsMV0iXSxbMTksIjIiXV1d
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.FaYPuRweqII.es5.O/am=CAM/d=1/rs=AJlcJMwtXJqxLeKc2R0IUIFp1d5liGKRSg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f113.1e100.net
Software
ESF /
Resource Hash
e10197743efc52dbcde31c96e4a841f06e043c799afe1f3751e9a3d9a2687dfe
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-R93iBPWiPs0xZSGSy7iSSQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fconvert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 11:58:22 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-R93iBPWiPs0xZSGSy7iSSQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 3516
14 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f95.1e100.net
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 02 Dec 2023 11:58:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 02 Dec 2023 11:31:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 02 Dec 2023 11:58:22 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 3516
2 KB
822 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.132 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f132.1e100.net
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 02:32:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
33930
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Dec 2023 02:32:52 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/ Frame 3516
24 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.132 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f132.1e100.net
Software
cafe /
Resource Hash
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 01 Dec 2023 19:55:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
57765
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9305
x-xss-protection
0
server
cafe
etag
13635642240219548939
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 15 Dec 2023 19:55:37 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame EA0A
143 B
166 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
332
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 02 Dec 2023 11:52:50 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 3516
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.132 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 01:13:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
38670
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Dec 2023 01:13:52 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 3516
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.132 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f132.1e100.net
Software
cafe /
Resource Hash
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 01:13:53 GMT
content-encoding
br
x-content-type-options
nosniff
age
38669
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8544
x-xss-protection
0
server
cafe
etag
17124069415086231762
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 16 Dec 2023 01:13:53 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 3516
202 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.122.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bh-in-f155.1e100.net
Software
sffe /
Resource Hash
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 11:58:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65067
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701261208926228"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Dec 2023 11:58:22 GMT
a6de5423b7c632060e8f86136bd5d27a.js
www.gstatic.com/mysidia/ Frame 3516
37 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.31.94 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f94.1e100.net
Software
sffe /
Resource Hash
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 00:30:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
386845
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15478
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 14:10:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 26 Feb 2024 00:30:57 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame EA0A
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 02 Dec 2023 11:58:22 GMT
expires
Sat, 02 Dec 2023 11:58:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 02 Dec 2023 11:58:22 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 10BA
143 B
166 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
332
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 02 Dec 2023 11:52:50 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 649C
213 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
370a52233d67107be5b286d75f378c3a58054bbbe8320d7d19ab647de2884ecb

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 649C
33 KB
33 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f94.1e100.net
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 06:31:11 GMT
x-content-type-options
nosniff
age
278831
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Nov 2024 06:31:11 GMT
a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
pagead2.googlesyndication.com/bg/ Frame 9B30
50 KB
19 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Requested by
Host: fconvert.com
URL: https://fconvert.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
sffe /
Resource Hash
6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 04:34:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
26658
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19601
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 01 Dec 2024 04:34:04 GMT
generate_204
tpc.googlesyndication.com/ Frame 365C
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?IrAtFw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.31.132 Oxford, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bj-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 11:58:22 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 10BA
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 02 Dec 2023 11:58:22 GMT
expires
Sat, 02 Dec 2023 11:58:22 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 02 Dec 2023 11:58:22 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame 649C
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CkUSV3RtrZayNCbjrvPIPjIaO6A6o5cmqdNOemrWgDs7o07jPLxABIKKK1ANg_aCZgegDoAGN7OTZAsgBAakC48CiiJDcqD6oAwHIA8sEqgTLAU_QSaFofS1T41sViN8Tx141ZHGLXABxaQx...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc4ef0060f0330acf0000000000000000%22,%222%22:%220xeaee8b875f8304e70000000000000000%22,%223%22:%220x9275ac...
0
0
Fetch
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc4ef0060f0330acf0000000000000000%22,%222%22:%220xeaee8b875f8304e70000000000000000%22,%223%22:%220x9275acc6c2568c760000000000000000%22,%224%22:%220xa3622fd5bc77c0990000000000000000%22,%225%22:%220x5d9d3ac7cb0bf0d0000000000000000%22},%22debug_key%22:%2214913738893065577859%22,%22debug_reporting%22:true,%22destination%22:%22https://pchelpsoft.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22725169677%22],%224%22:[%2212-02%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210059205775683359217%22}&andc=true
Protocol
H3
Server
172.253.63.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 11:58:23 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0xc4ef0060f0330acf0000000000000000","2":"0xeaee8b875f8304e70000000000000000","3":"0x9275acc6c2568c760000000000000000","4":"0xa3622fd5bc77c0990000000000000000","5":"0x5d9d3ac7cb0bf0d0000000000000000"},"debug_key":"14913738893065577859","debug_reporting":true,"destination":"https://pchelpsoft.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["725169677"],"4":["12-02"],"6":["true"]},"priority":"500","source_event_id":"10059205775683359217"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 02 Dec 2023 11:58:23 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sat, 02 Dec 2023 11:58:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xc4ef0060f0330acf0000000000000000","2":"0xeaee8b875f8304e70000000000000000","3":"0x9275acc6c2568c760000000000000000","4":"0xa3622fd5bc77c0990000000000000000","5":"0x5d9d3ac7cb0bf0d0000000000000000"},"debug_key":"14913738893065577859","debug_reporting":true,"destination":"https://pchelpsoft.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["725169677"],"4":["12-02"],"6":["true"]},"priority":"500","source_event_id":"10059205775683359217"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
pagead2.googlesyndication.com/bg/ Frame 04F8
50 KB
19 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/a_HaIzZFyEVJYJ9hlnDU0-lGrGHVFv1T5ZfBCtEAYIo.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231129/r20110914/zrt_lookup_fy2021.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
sffe /
Resource Hash
6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 04:34:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
26658
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19601
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 01 Dec 2024 04:34:04 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame
0
0
Preflight
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc4ef0060f0330acf0000000000000000%22,%222%22:%220xeaee8b875f8304e70000000000000000%22,%223%22:%220x9275acc6c2568c760000000000000000%22,%224%22:%220xa3622fd5bc77c0990000000000000000%22,%225%22:%220x5d9d3ac7cb0bf0d0000000000000000%22},%22debug_key%22:%2214913738893065577859%22,%22debug_reporting%22:true,%22destination%22:%22https://pchelpsoft.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22725169677%22],%224%22:[%2212-02%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210059205775683359217%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f155.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Sat, 02 Dec 2023 11:58:23 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231129&jk=1344082366910963&bg=!Li2lLWLNAAY3kmNgF5I7ADQBe5WfOFbma8Wu3C6NdQPzVQTBo3awzq2oYiwtyXSRizkXmNWTkrfVVmwL30JiCdk_9xrsAgAAAW1SAAAABGgBBwoAYlvpjiTFyLXDtQbA3Xdh9bysAsOics_s13eCpTIuCKs_H6oCZwHtlEgdq_wyUdM5BbLOsDNEySuP35PBSGt2BybVZqcI9UCSw7bYj10gh-WfsU42tIsaOgR4hVJ1C5Cl3a4HmQKwGDNSS0dyBUK2DF5PWNjlNkQFmYF9aESD0AWB3pTdsH5_E3uYaZ2clcQ-eUTbYd0cW6DXh91Dc-adsm0O9mghls2W_8CIMn8cUGD85u9kEVJbelYu5keAX-0YoopZ-dyM7WXZHX_Sl3Xi-c-wacRObrdK7s9E0ULP6AyK3EDGsamutDsdleaP7_A_2ZTj-KT9synbsaebTVrXr7nfQXsYlUwzW8s9sXlaAL1GyYvk9eeMaVbxfLQmZJtkBK-mkJboy590vcBl_wfGcHksJZp4nCBz-23p_0dKjqs1XVgtdF1pmVcr-7Jb-UaQ6UUTnmg649wnL8bcccaCgh5jT8qsRcXlO2zNQcRJpOKnofWHi8j9uIbR5GhgBTHnKOsd63MTQsCvdlsSZvKI8DsNqfqC-nUL-D4z_rlVxP1uDbeDlJZecvJ_jx21giFa8H02C5Qg_gj-rij05GPgaeXl5nXQ9NCIAuRQJqPpKgtA7Qo6bU9D_iyJrS4XeQlQhtUfKUah9tvCy0Eb6Wli3BlC-8GBRxpBeJ9VnkqvXVJHM3DM1Y_Uvh60N-pgfTM4vFKJLGNaSHchkb9t4Z5W6YNwGP4vQ4noj3sEO87xGAlyE3qiJi1Jq-oR3tlvZhii2CLPqHMswjvZPWMWOv4vn_G_rDaIxtSn1C6U7w41xQQOQk9yzuOhdKBE0yulJfp_soE-I47KTFgRmCVUpr0XNOV0PhreWmh3JnesrueGvFZzWhmz--3FcMRxyyEuq0VWOWN0JnVMDlGZ1B8Kk_af6DvkdvPpvrGgw1984wxxzuVeQtCesHln780oFEwEy6zdR39OrpIV4AownDd7dM5_aJbJ_OA4NtbvYIwXTDBUJcz0dw1yj5T8vUyjtvaYumW0i4I0wPhdU7WsU11pkhNwXPCI7OjmSA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fconvert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

px.gif
fundingchoicesmessages.google.com/img/
43 B
68 B
Image
General
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=1&rn=1.8817821316766201
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f113.1e100.net
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-KuysYDwc_bftHXrxgaLjyg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fconvert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 11:58:23 GMT
content-security-policy
script-src 'report-sample' 'nonce-KuysYDwc_bftHXrxgaLjyg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
px.gif
fundingchoicesmessages.google.com/img/
43 B
68 B
Image
General
Full URL
https://fundingchoicesmessages.google.com/img/px.gif?ch=2&rn=1.7233356989109125
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f113.1e100.net
Software
ESF /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-sQPZcVTYxAMhCe68vMIVxg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fconvert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 11:58:23 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorServingDetectionHttp/cspreport, script-src 'report-sample' 'nonce-sQPZcVTYxAMhCe68vMIVxg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingDetectionHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingDetectionHttp/cspreport/allowlist
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVOhBrfEbSunI8QLytn5ZkQ-wq10a_JAzCdfUA_BDEFbfdaJalLEfM7Z2sxMD-O5JIQBroSuYWQ6dMjAtD3uXrZKZTWO7gxy4-LPGcpK_XyTP4QeFF8JVQHm8JOU83NtTlkBda5XQ==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVOhBrfEbSunI8QLytn5ZkQ-wq10a_JAzCdfUA_BDEFbfdaJalLEfM7Z2sxMD-O5JIQBroSuYWQ6dMjAtD3uXrZKZTWO7gxy4-LPGcpK_XyTP4QeFF8JVQHm8JOU83NtTlkBda5XQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.FaYPuRweqII.es5.O/am=CAM/d=1/rs=AJlcJMwtXJqxLeKc2R0IUIFp1d5liGKRSg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f113.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-3MkscnxDf3LFGc-W0_z5sQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://fconvert.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 02 Dec 2023 11:58:23 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-3MkscnxDf3LFGc-W0_z5sQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://fconvert.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 649C
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuSrj6EPJFWq6BTJNLuhbS7zvvoCiEY_CwiGjOU5FvKK6_BIfZl5zMMgvLvx26zvCp0okyRaMpL7yTH1GYEhhxuIY4IKIzF5vR4DJRS1gfZRu_vOdYAvrK3seFn8ATQcGSoTExTCeuJxw&sai=AMfl-YQ-foBEwrcTJ9WOfEeqHfhSsH5bhRgVLLfRUr7pqH4DEObXGPXcdD6vWPTO4rtvnTOfU9vSoWct58eyC3ScJu1vmnmYx4vAEsbb9MJimsZOucrdNv-YI7ih6SLB_dnD5TU0feCwOZNUmcaZvBksLSIkvfifmTeuIwdY&sig=Cg0ArKJSzHRczr65jyJ4EAE&cid=CAQSTwDICaaNbd413PhF3QzVWjOLGNHWDLvjKi-1_HQ_MvzAbudLCN4EdgZ9tKNyBfd4wLiukxMuc4bdR3XRUpPlNhuPVDXBZJIt0kXJUGdgz90YAQ&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=354,1000,1000,1000,1000&tos=354,646,0,0,0&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701518302326&rpt=566&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 02 Dec 2023 11:58:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adv_server._970x30_
fundingchoicesmessages.google.com/f/AGSKWxXhWiTTVdEXsQjjWTSn8w2uLzKKqCzdhHeRuwMFAWqstK0D59ijay3krZWcBl9Z6lIVKLQBV6BGPXruJgbQvInG8sFx3cM-BMbZAzkMQg0gYf68TRljl1QdKPPx4v5Rt1PKVs561bTj4J-215TpBtgxeS4N0...
54 B
109 B
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXhWiTTVdEXsQjjWTSn8w2uLzKKqCzdhHeRuwMFAWqstK0D59ijay3krZWcBl9Z6lIVKLQBV6BGPXruJgbQvInG8sFx3cM-BMbZAzkMQg0gYf68TRljl1QdKPPx4v5Rt1PKVs561bTj4J-215TpBtgxeS4N0E1RXj_3Z3C5yZsSY48Ih5B1lw6R-dAe/_.ad-cloud./acc_random=.popupvideoad./adv_server._970x30_
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.FaYPuRweqII.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_ccpa_signal_executable/ed=1/rs=AJlcJMzufRugCfZ2QricSdnhl71g5NspTQ/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f113.1e100.net
Software
ESF /
Resource Hash
25d1efde12632007d4812e9ab6a525b3657945d7607732f6e3ee076f5b3603df
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-eDoE8mUPuqXvNIR3mueIrw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fconvert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 11:58:24 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-eDoE8mUPuqXvNIR3mueIrw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
show_companion_ad.js
pagead2.googlesyndication.com/pagead/
30 KB
11 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_companion_ad.js?fcd=true
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.FaYPuRweqII.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_ccpa_signal_executable/ed=1/rs=AJlcJMzufRugCfZ2QricSdnhl71g5NspTQ/m=ad_blocking_detection_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f154.1e100.net
Software
cafe /
Resource Hash
6ce905072505aac215cab5bc80d4d9f950b3de59d558b7a5d68d2718e0263e11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fconvert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 11:29:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
1730
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11374
x-xss-protection
0
server
cafe
etag
663686755502650751
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Sat, 02 Dec 2023 12:29:34 GMT
AGSKWxVOhBrfEbSunI8QLytn5ZkQ-wq10a_JAzCdfUA_BDEFbfdaJalLEfM7Z2sxMD-O5JIQBroSuYWQ6dMjAtD3uXrZKZTWO7gxy4-LPGcpK_XyTP4QeFF8JVQHm8JOU83NtTlkBda5XQ==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVOhBrfEbSunI8QLytn5ZkQ-wq10a_JAzCdfUA_BDEFbfdaJalLEfM7Z2sxMD-O5JIQBroSuYWQ6dMjAtD3uXrZKZTWO7gxy4-LPGcpK_XyTP4QeFF8JVQHm8JOU83NtTlkBda5XQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.FaYPuRweqII.es5.O/am=CAM/d=1/rs=AJlcJMwtXJqxLeKc2R0IUIFp1d5liGKRSg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f113.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Kdj5Dvoe9umjaFV-Zu35mw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://fconvert.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 02 Dec 2023 11:58:24 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-Kdj5Dvoe9umjaFV-Zu35mw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://fconvert.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVOhBrfEbSunI8QLytn5ZkQ-wq10a_JAzCdfUA_BDEFbfdaJalLEfM7Z2sxMD-O5JIQBroSuYWQ6dMjAtD3uXrZKZTWO7gxy4-LPGcpK_XyTP4QeFF8JVQHm8JOU83NtTlkBda5XQ==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVOhBrfEbSunI8QLytn5ZkQ-wq10a_JAzCdfUA_BDEFbfdaJalLEfM7Z2sxMD-O5JIQBroSuYWQ6dMjAtD3uXrZKZTWO7gxy4-LPGcpK_XyTP4QeFF8JVQHm8JOU83NtTlkBda5XQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.FaYPuRweqII.es5.O/am=CAM/d=1/rs=AJlcJMwtXJqxLeKc2R0IUIFp1d5liGKRSg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f113.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-d0BwOE7lHBBR34tNJ-GH1w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://fconvert.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 02 Dec 2023 11:58:24 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-d0BwOE7lHBBR34tNJ-GH1w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://fconvert.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVOhBrfEbSunI8QLytn5ZkQ-wq10a_JAzCdfUA_BDEFbfdaJalLEfM7Z2sxMD-O5JIQBroSuYWQ6dMjAtD3uXrZKZTWO7gxy4-LPGcpK_XyTP4QeFF8JVQHm8JOU83NtTlkBda5XQ==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVOhBrfEbSunI8QLytn5ZkQ-wq10a_JAzCdfUA_BDEFbfdaJalLEfM7Z2sxMD-O5JIQBroSuYWQ6dMjAtD3uXrZKZTWO7gxy4-LPGcpK_XyTP4QeFF8JVQHm8JOU83NtTlkBda5XQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.FaYPuRweqII.es5.O/am=CAM/d=1/rs=AJlcJMwtXJqxLeKc2R0IUIFp1d5liGKRSg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f113.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-t5Npc73bAeziN4iocxtqoA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://fconvert.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 02 Dec 2023 11:58:24 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-t5Npc73bAeziN4iocxtqoA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://fconvert.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxVOhBrfEbSunI8QLytn5ZkQ-wq10a_JAzCdfUA_BDEFbfdaJalLEfM7Z2sxMD-O5JIQBroSuYWQ6dMjAtD3uXrZKZTWO7gxy4-LPGcpK_XyTP4QeFF8JVQHm8JOU83NtTlkBda5XQ==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxVOhBrfEbSunI8QLytn5ZkQ-wq10a_JAzCdfUA_BDEFbfdaJalLEfM7Z2sxMD-O5JIQBroSuYWQ6dMjAtD3uXrZKZTWO7gxy4-LPGcpK_XyTP4QeFF8JVQHm8JOU83NtTlkBda5XQ==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.FaYPuRweqII.es5.O/am=CAM/d=1/rs=AJlcJMwtXJqxLeKc2R0IUIFp1d5liGKRSg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f113.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7ayRpnG7gN_sPBsmAaKhgA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://fconvert.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 02 Dec 2023 11:58:24 GMT
content-security-policy
script-src 'report-sample' 'nonce-7ayRpnG7gN_sPBsmAaKhgA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
access-control-max-age
86400
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
text/html; charset=utf-8
access-control-allow-origin
https://fconvert.com
access-control-allow-methods
POST, GET, OPTIONS
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUiAVLpmEGoryNn08CgAFkb9YFuxGNMf_k_UV9Vguv6412fY4YwTLd4HjyaFtMjQkk9dt8ejlkBb1Kc5TMfS3p4pOLOT0EjDLMrSi0VjG3Es5Y6xNbARylWerSJWIzBMwKCjYO6JQ==
fundingchoicesmessages.google.com/f/
3 KB
2 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxUiAVLpmEGoryNn08CgAFkb9YFuxGNMf_k_UV9Vguv6412fY4YwTLd4HjyaFtMjQkk9dt8ejlkBb1Kc5TMfS3p4pOLOT0EjDLMrSi0VjG3Es5Y6xNbARylWerSJWIzBMwKCjYO6JQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzAxNTE4MzA0LDMyNDAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsMTAsNl0sbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLG51bGwsMV0sImh0dHBzOi8vZmNvbnZlcnQuY29tLyIsbnVsbCxbWzgsIkZhWVB1UndlcUlJIl0sWzksImVuLVVTIl0sWzE4LCJbW1swXV1dIl0sWzE2LCJbMSwxLDFdIl0sWzE5LCIyIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.FaYPuRweqII.es5.O/am=CAM/d=1/rs=AJlcJMwtXJqxLeKc2R0IUIFp1d5liGKRSg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f113.1e100.net
Software
ESF /
Resource Hash
2d5eb8028076d112132f045eaab6002e1232c40ff4dad91e15f0dd68346246f1
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-WGQJF6jMLIi34cv1Hbwi5w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://fconvert.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 02 Dec 2023 11:58:24 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-WGQJF6jMLIi34cv1Hbwi5w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxUT45y7SR5QvPT-nEgxJEBC-BEu4KL7kTaJvqUWt0UXzrkt9xJXbuxcL8fMF85hGfSB5PViV9X4XsWsXnEJqFLeW9R97OMyDDo3YSZVUtL8Hma_rjr4f0aETKPcQJLGMqQKbYYDGw==
fundingchoicesmessages.google.com/el/
0
28 B
XHR
General
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxUT45y7SR5QvPT-nEgxJEBC-BEu4KL7kTaJvqUWt0UXzrkt9xJXbuxcL8fMF85hGfSB5PViV9X4XsWsXnEJqFLeW9R97OMyDDo3YSZVUtL8Hma_rjr4f0aETKPcQJLGMqQKbYYDGw==
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.FaYPuRweqII.es5.O/am=CAM/d=1/rs=AJlcJMwtXJqxLeKc2R0IUIFp1d5liGKRSg/m=kernel_loader,loader_js_executable
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f113.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-k_y0pYpNdoAlFTqj-2mEXQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://fconvert.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 02 Dec 2023 11:58:24 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-k_y0pYpNdoAlFTqj-2mEXQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-max-age
86400
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://fconvert.com
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

80 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| documentPictureInPicture function| gtag object| dataLayer function| $ function| jQuery object| bootstrap object| uploadField function| SetCookie function| GetCookie function| SubmitCookie function| RefreshCookie object| FB object| google_tag_manager object| google_tag_data object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint object| __buffer string| GoogleAnalyticsObject function| ga object| googletag object| gaGlobal object| gaplugins object| gaData function| google_sa_impl object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| googlefc boolean| adsbygoogle_ama_fc_has_run object| GoogleGcLKhOms object| default_ContributorServingResponseClientJs object| _F_toggles object| __googlefc string| __fcInvoked string| __fcexpdef string| M2Y3NjBmNDc5ZTk3NzVlOGxvYWRlcl9qcw== string| M2Y3NjBmNDc5ZTk3NzVlOGNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady function| __uspapi object| __uspapiManager boolean| __uspapiPostMessageReady object| __gppEventListeners function| __gpp object| __gppManager boolean| __gppPostMessageReady function| googleCompanionsServicePresent function| googleGetCompanionAdSlots function| googleSetCompanionAdContents function| google_companion_error boolean| 51bf6a27-54fd-42d0-be0d-d83cbdccd4f3

10 Cookies

Domain/Path Name / Value
.fconvert.com/ Name: _ga
Value: GA1.2.210489873.1701518301
.fconvert.com/ Name: _gid
Value: GA1.2.921559543.1701518301
.fconvert.com/ Name: _gat_gtag_UA_89777630_2
Value: 1
.fconvert.com/ Name: __gads
Value: ID=a412a59f4de8d68c:T=1701518301:RT=1701518301:S=ALNI_MbcsKmeYLqRigwsVJYYs8ragx_aBQ
.fconvert.com/ Name: __gpi
Value: UID=00000da52da976ee:T=1701518301:RT=1701518301:S=ALNI_MYPZCiHl5utC9BqkVHqutK-lzpA0Q
.doubleclick.net/ Name: DSID
Value: NO_DATA
.fconvert.com/ Name: _ga_RNL4DN9PVS
Value: GS1.1.1701518300.1.0.1701518302.0.0.0
.doubleclick.net/ Name: IDE
Value: AHWqTUksAynymu1Jr4WVfK5PvAXB4VM1_mMB1ouvJ_ATy9jRsur3sOLNLvH2gq4Det4
.googleadservices.com/ Name: ar_debug
Value: 1
.fconvert.com/ Name: FCNEC
Value: %5B%5B%22AKsRol_ucDGL8lY_ewOkQcpcKJgO_bhxzys3guts9epROUxBeW0yW6lBqfYryZVBtb3ZJVro9hAnjsXNza_dFDLvy0XGlUpLNopSkfNkLbsQHoFMlieI1DByCNxiEt2DaIg0hQ-lu4pfyhyFT_HXLH40rPA9nmVTDA%3D%3D%22%5D%2Cnull%2C%5B%5D%5D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.fconvert.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
connect.facebook.net
fconvert.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.17.24.14
142.250.31.132
142.250.31.94
142.251.16.94
142.251.167.95
144.217.240.221
151.101.1.229
172.253.122.155
172.253.62.154
172.253.63.113
172.253.63.139
172.253.63.154
172.253.63.155
172.253.63.97
172.253.63.99
172.67.140.65
31.13.66.19
01595536f304edec028110d58a727c60ad6513579b11c5c4079542d8b8b31666
09b186dc119230c8ab2c806d31bcc8dd4a0a2ba347165f35156422307b8e10ff
0a628764de23e85cdce574cc30e670e609451009e5e495b04a18ae1e4e3f0962
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
1f7723b6b9bfced0deba108df48e3287888dd986f1ff2d5133bacc9807ac0349
25d1efde12632007d4812e9ab6a525b3657945d7607732f6e3ee076f5b3603df
2cdd23ea630c9da470e2b3b66eda29969bb43c1aa7de25b103caa8b524eddbbd
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d5eb8028076d112132f045eaab6002e1232c40ff4dad91e15f0dd68346246f1
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e0796e48e2f6d13b8fa7007228c34bcdb324d301c4a3ffd9f9992295c3781c8
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3168adef50ac49a0f7fd0952927fb0bc0edcf52a4e4b9d57901ae4cd687bf437
370a52233d67107be5b286d75f378c3a58054bbbe8320d7d19ab647de2884ecb
3d11b8399771a02c049d03fa3500dc550c4a31081afa8250ae2690afa4f63dc6
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
466c1ea84bceb0663588b4c788524ecd1a2a41e1bbb9f04024f1cdcde78de6e2
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
535ee062ce6469ab06cdb8610fe0459e06dd13c4d23c0754f0953a5fb745efc9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59e5b17113697a681c9428265d86d96e82865417ca84af4000e15deb01b51eea
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e88cc49e2d9499a00aadd438cd8b166559d837ad0a8b21ba25cbe97546e1a5
646233f020d2bcf4e2840e8db786b2b3ae0c0c777ebcdb7d4b573a603c8a5f27
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
699e8cb3d0af7f12172315152a58cf8154526ddc2ee3d29ed8861218e9cf91a2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bf1da233645c84549609f619670d4d3e946ac61d516fd53e597c10ad100608a
6ce905072505aac215cab5bc80d4d9f950b3de59d558b7a5d68d2718e0263e11
70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4
762fe43c342ecf063e0ecb55057b1d7e04ae2d724f22d460f11c7b3938db110b
8bb977847830b40e630c8f203b178b26541b896d0dbb2ecbb959bf4b3c5aa154
8c9f7548de079f27e89a15189c4b908a8e1d5914708c70d08b4c9253f874c60c
8d7089253dca29c9cd8d9deb7ec69b0a3d445f88f6a26478c719be1f90adcb01
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
94933fcbb75722bf3d52127c502261c4a255e2704191130a9a146defe8c939ef
9667900a69d77cb0f74d83954dcd04be0e25d284a133f9b5a0cab8f8a3312bb9
9f432863c5ab1b06046dad2eb47b0171fd1601a468a3ab874f66ceed27be4c0f
9f6e245ec73203f99ecb888db309a2bdaf91f8696c1cebaa94e477a953fab30a
a6df8215439f8c1a4f31e4407a93cdb72cfc12b525cc378678ad717f8451325d
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
b67ad968ba3668562f331df45b73501e17c7c166bcf7e5443c33633cbc9d5783
b82aa6c527e41e336e9cd392fffa550353f896f71a3c632a5bdd51e22de4ca0f
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bbbf189ee0fd46edc91bdc96aeac86c78c35c8d497ecd9a786ef318ccb62e985
c298e784c25e1b1e61e902624531e921ee2828afd38920f6a6e4c4ae3ca3cc5e
cd0240f9db7e6bb68d2acb0f6db05ee01c0d635a5c4f44eced3256fd55ca7126
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dea9c73e5654af12e7f7ea3615c796de32ca479e87a0eb5fc7cdeb3fc45fe4fb
e10197743efc52dbcde31c96e4a841f06e043c799afe1f3751e9a3d9a2687dfe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8849ecc8f0c4a0078325ae1e27cecc6e1a326ccd4d3ecacf741cbd92ddc5422
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d