Submitted URL: https://wsend.co/20201062992510
Effective URL: https://wsend.co/201062992510
Submission: On November 29 via api from US — Scanned from US

Summary

This website contacted 16 IPs in 1 countries across 11 domains to perform 58 HTTP transactions. The main IP is 2606:4700:20::681a:79f, located in United States and belongs to CLOUDFLARENET, US. The main domain is wsend.co.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 1st 2023. Valid for: a year.
This is the only time wsend.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Apex Domain
Subdomains
Transfer
27 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
388 KB
10 gstatic.com
fonts.gstatic.com
www.gstatic.com
csi.gstatic.com
125 KB
7 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
bid.g.doubleclick.net — Cisco Umbrella Rank: 802
91 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
imasdk.googleapis.com — Cisco Umbrella Rank: 447
136 KB
3 2mdn.net
gcdn.2mdn.net — Cisco Umbrella Rank: 1173
r3---sn-q4flrney.c.2mdn.net — Cisco Umbrella Rank: 146092
343 KB
3 wsend.co
wsend.co
8 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 145
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
64 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
249 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
84 KB
58 11
Domain Requested by
14 pagead2.googlesyndication.com wsend.co
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
13 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
imasdk.googleapis.com
tpc.googlesyndication.com
6 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
5 fonts.gstatic.com wsend.co
fonts.googleapis.com
4 csi.gstatic.com imasdk.googleapis.com
3 imasdk.googleapis.com googleads.g.doubleclick.net
3 wsend.co 1 redirects wsend.co
2 r3---sn-q4flrney.c.2mdn.net imasdk.googleapis.com
2 www.googleadservices.com
2 fonts.googleapis.com googleads.g.doubleclick.net
1 www.google.com tpc.googlesyndication.com
1 gcdn.2mdn.net 1 redirects
1 bid.g.doubleclick.net imasdk.googleapis.com
1 www.gstatic.com googleads.g.doubleclick.net
1 www.googletagservices.com googleads.g.doubleclick.net
1 www.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com wsend.co
58 17

This site contains links to these domains. Also see Links.

Domain
api.whatsapp.com
www.un-web.com
www.wmadaat.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-03-01 -
2024-02-29
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
www.googleadservices.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
www.google.com
GTS CA 1C3
2023-10-23 -
2024-01-15
3 months crt.sh
*.c.docs.google.com
GTS CA 1C3
2023-11-14 -
2024-01-23
2 months crt.sh

This page contains 9 frames:

Primary Page: https://wsend.co/201062992510
Frame ID: C2F2B2553B8729DFAC516B01C2E76060
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: 6E022F5E0EC34F05EE331CAFE0948F0C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1911975768698205&output=html&adk=1812271804&adf=3025194257&lmt=1701270244&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fwsend.co%2F201062992510&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701270244154&bpp=5&bdt=408&idt=237&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4370863409764&frm=20&pv=2&ga_vid=1245855537.1701270244&ga_sid=1701270244&ga_hid=1499417117&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934%2C31078301%2C44807763%2C44808148%2C44808285%2C44809072&oid=2&pvsid=10185140260374&tmod=969196629&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=290
Frame ID: 879E1C4004893DDBB2D668933C06E47A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1911975768698205&output=html&h=280&slotname=8638372222&adk=2644286354&adf=2420951037&pi=t.ma~as.8638372222&w=1090&fwrn=4&fwrnh=100&lmt=1701270244&rafmt=1&format=1090x280&url=https%3A%2F%2Fwsend.co%2F201062992510&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701270244159&bpp=2&bdt=413&idt=298&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4370863409764&frm=20&pv=1&ga_vid=1245855537.1701270244&ga_sid=1701270244&ga_hid=1499417117&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=338&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934%2C31078301%2C44807763%2C44808148%2C44808285%2C44809072&oid=2&pvsid=10185140260374&tmod=969196629&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=308
Frame ID: F9EB0CB0B7FE9BAA16C403DD8F5BC1DB
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1911975768698205&output=html&h=280&slotname=4399507564&adk=2159958853&adf=515906585&pi=t.ma~as.4399507564&w=1090&fwrn=4&fwrnh=100&lmt=1701270244&rafmt=1&format=1090x280&url=https%3A%2F%2Fwsend.co%2F201062992510&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701270244162&bpp=1&bdt=416&idt=318&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280&nras=1&correlator=4370863409764&frm=20&pv=1&ga_vid=1245855537.1701270244&ga_sid=1701270244&ga_hid=1499417117&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=1132&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934%2C31078301%2C44807763%2C44808148%2C44808285%2C44809072&oid=2&pvsid=10185140260374&tmod=969196629&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=323
Frame ID: 8768619B2C3B7C0606E77C555EAC0B5E
Requests: 20 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js
Frame ID: 1AED68DFEE3A8203C43F6291B8F49AF9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CFD2F59A1386FA92655B75D0120770F2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4C536361B9C8ADE79767320BF085692B
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 598872FB5CA4FBC0D8F692AEBBDF6EBC
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

WhatsApp 201062992510

Page URL History Show full URLs

  1. https://wsend.co/20201062992510 HTTP 302
    https://wsend.co/201062992510 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

58
Requests

97 %
HTTPS

88 %
IPv6

11
Domains

17
Subdomains

16
IPs

1
Countries

1238 kB
Transfer

2630 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://wsend.co/20201062992510 HTTP 302
    https://wsend.co/201062992510 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CF2V85FJnZZbRH9vkrr4PkIWW0AejscqVdIa8rtDXEdrZHhABIIi-0iZgyYaAgNyjxBCgAa6SwMsDyAEJqAMByAPLBKoExQFP0L5LEe-gHPOW5rPunpSVMbROFPI9XpYROMTEz4GPaSHOwgVVnNuH-XORfu1EKv4gw6wZIkLVQhZa0z10zDjjkm_ZJ_-39BrQ-k_9CSvOwNTEF5xYH3BiqLBQT70c3Q1u5ZXvGZgfY_js1ePCdreAwGZU9jvi6wiW_DuiAu9VSwzJoCjricteGz7jsnm0PutFH5zs9z1Up1Irq84_EseIOmdgI1LDpPwhcc5DIK4-anjp-NKK974MF0Tj6a_bjQD-TEQfBsAEyYv4wM4DiAX2u8amL5IFBAgEGAGSBQQIBRgEoAYugAe67b80qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQnZER0ggdCIBhEAEYHzICigI6AoBASL39wTpYxZrdxL3pggOaCStodHRwczovL3d3dy5jb250cm9sdXAuY29tL3NvbHV0aW9ucy9jaXRyaXgvgAoByAsBogwcKhoKGOS0sQLutbECtbixAuS0sQLutbECu7uxAtoMEAoKELCyx9zOwJWyWxICAQO4E-QD2BMNiBQF0BUBgBcBshccChoIABIUcHViLTE5MTE5NzU3Njg2OTgyMDUYAA&sigh=psqa72HBRrA&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwDICaaNXJDjh9J007fvzIz3anzJGfUJotpt8LzkgDkPxGpVvn00rQQUW1YRqEOGbVIBhwtE1TxjP8_kAsXGrztWijbcCwzs655dnStHBPsYAQ&template_id=484&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc3b8dab448def1a80000000000000000%22,%222%22:%220xd000b15e3d9cd9b20000000000000000%22,%223%22:%220xb2c48171c23fc5e0000000000000000%22,%224%22:%220xd0a6d805a680afdb0000000000000000%22,%225%22:%220xea199d7a60e88c7b0000000000000000%22},%22debug_key%22:%225754610542623792327%22,%22debug_reporting%22:true,%22destination%22:%22https://controlup.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22963643694%22],%224%22:[%2211-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221016534754773863777%22}&andc=true
Request Chain 47
  • https://gcdn.2mdn.net/videoplayback/id/f2fb96b191ab7b11/itag/45/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3733750477/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/6C716999A9EA210DCC7CF85F311B4FAD5AE6A9E3.98DBE540C36BE702A19DE9427BE41E365EEFB552/key/ck2/file/file.webm HTTP 302
  • https://r3---sn-q4flrney.c.2mdn.net/videoplayback/id/f2fb96b191ab7b11/itag/45/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3733750477/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1BDA3FF75EE8DC6254E86690397CE5FA712F2989.7F98D85EC64A8CB2EE39AB7222B235349693E29D/key/cms1/cms_redirect/yes/mh/6S/mip/2001:550:1d05:1::4/mm/42/mn/sn-q4flrney/ms/onc/mt/1701269730/mv/u/mvi/3/pl/48/file/file.webm

58 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request 201062992510
wsend.co/
Redirect Chain
  • https://wsend.co/20201062992510
  • https://wsend.co/201062992510
14 KB
5 KB
Document
General
Full URL
https://wsend.co/201062992510
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:79f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.34
Resource Hash
b68d073fbc76126fb7c7f47a7d0125e99a108cb5393f4d668ba44c4369718eed

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
82dbbdae5e673359-MIA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 29 Nov 2023 15:04:03 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UmT544JqhbozD8eLEMU4UA%2FiAjSe0E5WFQ4hC1a%2BniUKkgwr08VBd2ykWgpH97GbP9rAYQzGAEo3woG%2Fv0%2BlOpmxeG%2BFysFqFTPLsoJOJ34q19S3tcPTvjr6dS8IdR6bQvddpkSW"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent
x-powered-by
PHP/7.2.34

Redirect headers

cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
82dbbdaaf8ee3359-MIA
content-type
text/html; charset=UTF-8
date
Wed, 29 Nov 2023 15:04:03 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://wsend.co/201062992510
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l3eyQXt60uZM%2B%2Bg%2FB22zlbfizqrrj55wExZrB2U62GSin22MLCvbc5jPZL63%2BkeoDvoSRtSkYbuJKuST%2FW5%2BBZ0uTiN%2BO6OENZdHbFM46kc2O69%2BWzMS%2FHi6i6GeoDTS5Fmq5Wxc"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
User-Agent
x-powered-by
PHP/7.2.34
js
www.googletagmanager.com/gtag/
240 KB
84 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-2ELFHMNZ2B
Requested by
Host: wsend.co
URL: https://wsend.co/201062992510
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ac1e65a6063a71b97192960a9386e0b26cd938a207b879677cf7fac9da5e4ec1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wsend.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:04:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85226
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 29 Nov 2023 15:04:03 GMT
logo.png
wsend.co/
2 KB
2 KB
Image
General
Full URL
https://wsend.co/logo.png
Requested by
Host: wsend.co
URL: https://wsend.co/201062992510
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:79f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c65b940f44dc0c0e6ccba7e4b5dfad9482a287a71d49983b8e7bc06bb513d09

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wsend.co/201062992510
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:04:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
814
cf-polished
origFmt=png, origSize=2383
content-disposition
inline; filename="logo.webp"
content-length
2054
cf-bgj
imgq:100,h2pri
last-modified
Tue, 31 Jan 2023 15:47:36 GMT
server
cloudflare
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2Fd7lKynQ1fRwPyIp2jM%2BvVRRh8nssM27AJJhsPs7GRC7s29O8NghVoGG8Vbdw5Sb7t5GwsVOr%2FurlbwBXlHsS4tl6k8yPXSILEUo%2FQPbTvZE5zbgHbGQsczFaOU0tiJ%2Bj3D8TIm"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
82dbbdaf88753359-MIA
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
151 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: wsend.co
URL: https://wsend.co/201062992510
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f69dcb2d870ba85098ea0370af30f3dc5285569d2111a7c6f21b183f12bd739a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wsend.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:04:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52770
x-xss-protection
0
server
cafe
etag
2472779618083146729
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 29 Nov 2023 15:04:03 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
151 KB
52 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1911975768698205
Requested by
Host: wsend.co
URL: https://wsend.co/201062992510
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
be4583001db5a5930a8e5a876cc30e61f69c33db8f73036f9a0d01cb4a3f1d07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wsend.co/
Origin
https://wsend.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:04:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52920
x-xss-protection
0
server
cafe
etag
9567806786317810421
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 29 Nov 2023 15:04:03 GMT
truncated
/
428 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f711cdb3e5614a6b9c2c609f81f534bb84ae367b160147707f87815826b44b15

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
26 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/gif
tssoApxBaigK_hnnS-agtnqWow.woff2
fonts.gstatic.com/s/almarai/v5/
46 KB
47 KB
Font
General
Full URL
https://fonts.gstatic.com/s/almarai/v5/tssoApxBaigK_hnnS-agtnqWow.woff2
Requested by
Host: wsend.co
URL: https://wsend.co/201062992510
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
420c7579c1de54e20027c1fc6abda9c53ac1c0872c6d147ed2759cce872c2bd4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wsend.co/
Origin
https://wsend.co
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 14:07:21 GMT
x-content-type-options
nosniff
age
3402
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47520
x-xss-protection
0
last-modified
Wed, 24 Mar 2021 17:42:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Nov 2024 14:07:21 GMT
collect
www.google-analytics.com/g/
0
249 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-2ELFHMNZ2B&gtm=45je3b81v872084287&_p=1701270243786&gcd=11l1l1l1l1&dma=0&cid=1245855537.1701270244&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701270244&sct=1&seg=0&dl=https%3A%2F%2Fwsend.co%2F201062992510&dt=WhatsApp%20201062992510&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1260
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2ELFHMNZ2B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::8b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wsend.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:04:04 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://wsend.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/
397 KB
134 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cee95e2322f1ab9560942e6b43be1dc9964cafca708c8a737fc886068e29cb7a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wsend.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:04:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137244
x-xss-protection
0
server
cafe
etag
5507660144961870083
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 29 Nov 2023 15:04:04 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame 6E02
9 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wsend.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

age
42271
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4118
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 29 Nov 2023 03:19:33 GMT
etag
16674218716276178799
expires
Wed, 13 Dec 2023 03:19:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 879E
0
188 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1911975768698205&output=html&adk=1812271804&adf=3025194257&lmt=1701270244&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fwsend.co%2F201062992510&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701270244154&bpp=5&bdt=408&idt=237&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4370863409764&frm=20&pv=2&ga_vid=1245855537.1701270244&ga_sid=1701270244&ga_hid=1499417117&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934%2C31078301%2C44807763%2C44808148%2C44808285%2C44809072&oid=2&pvsid=10185140260374&tmod=969196629&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=290
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wsend.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 29 Nov 2023 15:04:04 GMT
expires
Wed, 29 Nov 2023 15:04:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=A&cls=fixed-link&ign=false&pw=1600&ph=1200&x=1575&y=1175
Requested by
Host: wsend.co
URL: https://wsend.co/201062992510
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wsend.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:04:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=myBtn&cls=qr-icon&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: wsend.co
URL: https://wsend.co/201062992510
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wsend.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:04:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame F9EB
116 KB
40 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1911975768698205&output=html&h=280&slotname=8638372222&adk=2644286354&adf=2420951037&pi=t.ma~as.8638372222&w=1090&fwrn=4&fwrnh=100&lmt=1701270244&rafmt=1&format=1090x280&url=https%3A%2F%2Fwsend.co%2F201062992510&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701270244159&bpp=2&bdt=413&idt=298&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4370863409764&frm=20&pv=1&ga_vid=1245855537.1701270244&ga_sid=1701270244&ga_hid=1499417117&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=338&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934%2C31078301%2C44807763%2C44808148%2C44808285%2C44809072&oid=2&pvsid=10185140260374&tmod=969196629&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=308
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5b2983c6d30fb83b4832f63815272ae26853b286b40ed2b918b0ead8e7b4bdd6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wsend.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
40509
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 29 Nov 2023 15:04:04 GMT
expires
Wed, 29 Nov 2023 15:04:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 8768
86 KB
28 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1911975768698205&output=html&h=280&slotname=4399507564&adk=2159958853&adf=515906585&pi=t.ma~as.4399507564&w=1090&fwrn=4&fwrnh=100&lmt=1701270244&rafmt=1&format=1090x280&url=https%3A%2F%2Fwsend.co%2F201062992510&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701270244162&bpp=1&bdt=416&idt=318&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280&nras=1&correlator=4370863409764&frm=20&pv=1&ga_vid=1245855537.1701270244&ga_sid=1701270244&ga_hid=1499417117&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=1132&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934%2C31078301%2C44807763%2C44808148%2C44808285%2C44809072&oid=2&pvsid=10185140260374&tmod=969196629&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=323
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8e960cd78bd99dbd84374364e287fe8e8704f618ce02529b1e10db15cc016668
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wsend.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
28137
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 29 Nov 2023 15:04:04 GMT
expires
Wed, 29 Nov 2023 15:04:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 8768
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1911975768698205&output=html&h=280&slotname=4399507564&adk=2159958853&adf=515906585&pi=t.ma~as.4399507564&w=1090&fwrn=4&fwrnh=100&lmt=1701270244&rafmt=1&format=1090x280&url=https%3A%2F%2Fwsend.co%2F201062992510&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701270244162&bpp=1&bdt=416&idt=318&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280&nras=1&correlator=4370863409764&frm=20&pv=1&ga_vid=1245855537.1701270244&ga_sid=1701270244&ga_hid=1499417117&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=1132&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934%2C31078301%2C44807763%2C44808148%2C44808285%2C44809072&oid=2&pvsid=10185140260374&tmod=969196629&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=323
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 04:35:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
37691
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9282
x-xss-protection
0
server
cafe
etag
14645652906762492339
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Dec 2023 04:35:54 GMT
css
fonts.googleapis.com/ Frame 8768
8 KB
823 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1911975768698205&output=html&h=280&slotname=4399507564&adk=2159958853&adf=515906585&pi=t.ma~as.4399507564&w=1090&fwrn=4&fwrnh=100&lmt=1701270244&rafmt=1&format=1090x280&url=https%3A%2F%2Fwsend.co%2F201062992510&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701270244162&bpp=1&bdt=416&idt=318&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280&nras=1&correlator=4370863409764&frm=20&pv=1&ga_vid=1245855537.1701270244&ga_sid=1701270244&ga_hid=1499417117&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=1132&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934%2C31078301%2C44807763%2C44808148%2C44808285%2C44809072&oid=2&pvsid=10185140260374&tmod=969196629&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=323
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 29 Nov 2023 15:04:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 29 Nov 2023 14:26:42 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 29 Nov 2023 15:04:05 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame 8768
15 KB
3 KB
Stylesheet
General
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.css
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1911975768698205&output=html&h=280&slotname=4399507564&adk=2159958853&adf=515906585&pi=t.ma~as.4399507564&w=1090&fwrn=4&fwrnh=100&lmt=1701270244&rafmt=1&format=1090x280&url=https%3A%2F%2Fwsend.co%2F201062992510&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701270244162&bpp=1&bdt=416&idt=318&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280&nras=1&correlator=4370863409764&frm=20&pv=1&ga_vid=1245855537.1701270244&ga_sid=1701270244&ga_hid=1499417117&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=1132&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934%2C31078301%2C44807763%2C44808148%2C44808285%2C44809072&oid=2&pvsid=10185140260374&tmod=969196629&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=323
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::5f Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 16:13:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
427824
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2920
x-xss-protection
0
last-modified
Mon, 13 Nov 2023 11:34:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Nov 2024 16:13:41 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/ Frame 8768
376 KB
131 KB
Script
General
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1911975768698205&output=html&h=280&slotname=4399507564&adk=2159958853&adf=515906585&pi=t.ma~as.4399507564&w=1090&fwrn=4&fwrnh=100&lmt=1701270244&rafmt=1&format=1090x280&url=https%3A%2F%2Fwsend.co%2F201062992510&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701270244162&bpp=1&bdt=416&idt=318&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280&nras=1&correlator=4370863409764&frm=20&pv=1&ga_vid=1245855537.1701270244&ga_sid=1701270244&ga_hid=1499417117&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=1132&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934%2C31078301%2C44807763%2C44808148%2C44808285%2C44809072&oid=2&pvsid=10185140260374&tmod=969196629&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=323
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::5f Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
28c5732eefa979245ff326045f37b6b7cdfc92385c594caea33e265e4a066c7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Tue, 28 Nov 2023 05:16:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
121653
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133672
x-xss-protection
0
last-modified
Mon, 13 Nov 2023 11:34:13 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 27 Nov 2024 05:16:32 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 8768
20 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1911975768698205&output=html&h=280&slotname=4399507564&adk=2159958853&adf=515906585&pi=t.ma~as.4399507564&w=1090&fwrn=4&fwrnh=100&lmt=1701270244&rafmt=1&format=1090x280&url=https%3A%2F%2Fwsend.co%2F201062992510&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701270244162&bpp=1&bdt=416&idt=318&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280&nras=1&correlator=4370863409764&frm=20&pv=1&ga_vid=1245855537.1701270244&ga_sid=1701270244&ga_hid=1499417117&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=1132&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934%2C31078301%2C44807763%2C44808148%2C44808285%2C44809072&oid=2&pvsid=10185140260374&tmod=969196629&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=323
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 09:13:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
21048
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Dec 2023 09:13:17 GMT
css
fonts.googleapis.com/ Frame F9EB
4 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1911975768698205&output=html&h=280&slotname=8638372222&adk=2644286354&adf=2420951037&pi=t.ma~as.8638372222&w=1090&fwrn=4&fwrnh=100&lmt=1701270244&rafmt=1&format=1090x280&url=https%3A%2F%2Fwsend.co%2F201062992510&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701270244159&bpp=2&bdt=413&idt=298&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4370863409764&frm=20&pv=1&ga_vid=1245855537.1701270244&ga_sid=1701270244&ga_hid=1499417117&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=338&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934%2C31078301%2C44807763%2C44808148%2C44808285%2C44809072&oid=2&pvsid=10185140260374&tmod=969196629&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=308
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c06::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 29 Nov 2023 15:04:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 29 Nov 2023 14:24:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 29 Nov 2023 15:04:05 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame F9EB
2 KB
903 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1911975768698205&output=html&h=280&slotname=8638372222&adk=2644286354&adf=2420951037&pi=t.ma~as.8638372222&w=1090&fwrn=4&fwrnh=100&lmt=1701270244&rafmt=1&format=1090x280&url=https%3A%2F%2Fwsend.co%2F201062992510&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701270244159&bpp=2&bdt=413&idt=298&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4370863409764&frm=20&pv=1&ga_vid=1245855537.1701270244&ga_sid=1701270244&ga_hid=1499417117&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=338&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934%2C31078301%2C44807763%2C44808148%2C44808285%2C44809072&oid=2&pvsid=10185140260374&tmod=969196629&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=308
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 10:53:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
15042
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Dec 2023 10:53:23 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame F9EB
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1911975768698205&output=html&h=280&slotname=8638372222&adk=2644286354&adf=2420951037&pi=t.ma~as.8638372222&w=1090&fwrn=4&fwrnh=100&lmt=1701270244&rafmt=1&format=1090x280&url=https%3A%2F%2Fwsend.co%2F201062992510&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701270244159&bpp=2&bdt=413&idt=298&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4370863409764&frm=20&pv=1&ga_vid=1245855537.1701270244&ga_sid=1701270244&ga_hid=1499417117&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=338&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934%2C31078301%2C44807763%2C44808148%2C44808285%2C44809072&oid=2&pvsid=10185140260374&tmod=969196629&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=308
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 04:35:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
37691
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9282
x-xss-protection
0
server
cafe
etag
14645652906762492339
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Dec 2023 04:35:54 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame F9EB
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1911975768698205&output=html&h=280&slotname=8638372222&adk=2644286354&adf=2420951037&pi=t.ma~as.8638372222&w=1090&fwrn=4&fwrnh=100&lmt=1701270244&rafmt=1&format=1090x280&url=https%3A%2F%2Fwsend.co%2F201062992510&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701270244159&bpp=2&bdt=413&idt=298&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4370863409764&frm=20&pv=1&ga_vid=1245855537.1701270244&ga_sid=1701270244&ga_hid=1499417117&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=338&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934%2C31078301%2C44807763%2C44808148%2C44808285%2C44809072&oid=2&pvsid=10185140260374&tmod=969196629&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=308
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 09:13:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
21048
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Dec 2023 09:13:17 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame F9EB
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1911975768698205&output=html&h=280&slotname=8638372222&adk=2644286354&adf=2420951037&pi=t.ma~as.8638372222&w=1090&fwrn=4&fwrnh=100&lmt=1701270244&rafmt=1&format=1090x280&url=https%3A%2F%2Fwsend.co%2F201062992510&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701270244159&bpp=2&bdt=413&idt=298&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4370863409764&frm=20&pv=1&ga_vid=1245855537.1701270244&ga_sid=1701270244&ga_hid=1499417117&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=338&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934%2C31078301%2C44807763%2C44808148%2C44808285%2C44809072&oid=2&pvsid=10185140260374&tmod=969196629&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=308
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 09:13:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
21048
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 13 Dec 2023 09:13:17 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame F9EB
202 KB
64 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1911975768698205&output=html&h=280&slotname=8638372222&adk=2644286354&adf=2420951037&pi=t.ma~as.8638372222&w=1090&fwrn=4&fwrnh=100&lmt=1701270244&rafmt=1&format=1090x280&url=https%3A%2F%2Fwsend.co%2F201062992510&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701270244159&bpp=2&bdt=413&idt=298&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4370863409764&frm=20&pv=1&ga_vid=1245855537.1701270244&ga_sid=1701270244&ga_hid=1499417117&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=338&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934%2C31078301%2C44807763%2C44808148%2C44808285%2C44809072&oid=2&pvsid=10185140260374&tmod=969196629&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=308
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:04:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65070
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700193896630564"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 29 Nov 2023 15:04:05 GMT
a6de5423b7c632060e8f86136bd5d27a.js
www.gstatic.com/mysidia/ Frame F9EB
37 KB
16 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1911975768698205&output=html&h=280&slotname=8638372222&adk=2644286354&adf=2420951037&pi=t.ma~as.8638372222&w=1090&fwrn=4&fwrnh=100&lmt=1701270244&rafmt=1&format=1090x280&url=https%3A%2F%2Fwsend.co%2F201062992510&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701270244159&bpp=2&bdt=413&idt=298&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4370863409764&frm=20&pv=1&ga_vid=1245855537.1701270244&ga_sid=1701270244&ga_hid=1499417117&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=338&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934%2C31078301%2C44807763%2C44808148%2C44808285%2C44809072&oid=2&pvsid=10185140260374&tmod=969196629&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=308
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Thu, 23 Nov 2023 03:01:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
561732
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15478
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 14:10:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 21 Feb 2024 03:01:53 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/14619684184455455089/ Frame F9EB
18 KB
18 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/14619684184455455089/14763004658117789537?w=600&h=314&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1911975768698205&output=html&h=280&slotname=8638372222&adk=2644286354&adf=2420951037&pi=t.ma~as.8638372222&w=1090&fwrn=4&fwrnh=100&lmt=1701270244&rafmt=1&format=1090x280&url=https%3A%2F%2Fwsend.co%2F201062992510&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701270244159&bpp=2&bdt=413&idt=298&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4370863409764&frm=20&pv=1&ga_vid=1245855537.1701270244&ga_sid=1701270244&ga_hid=1499417117&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=338&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934%2C31078301%2C44807763%2C44808148%2C44808285%2C44809072&oid=2&pvsid=10185140260374&tmod=969196629&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=308
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e877aa982203a9834412147cc5475351440585402ff9026c630de5262f585af9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:04:05 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18530
x-xss-protection
0
last-modified
Thu, 15 Jun 2023 10:25:08 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 28 Nov 2024 15:04:05 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/11529883366274606994/ Frame F9EB
2 KB
2 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/11529883366274606994/14763004658117789537?w=100&h=100&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1911975768698205&output=html&h=280&slotname=8638372222&adk=2644286354&adf=2420951037&pi=t.ma~as.8638372222&w=1090&fwrn=4&fwrnh=100&lmt=1701270244&rafmt=1&format=1090x280&url=https%3A%2F%2Fwsend.co%2F201062992510&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701270244159&bpp=2&bdt=413&idt=298&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4370863409764&frm=20&pv=1&ga_vid=1245855537.1701270244&ga_sid=1701270244&ga_hid=1499417117&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=338&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934%2C31078301%2C44807763%2C44808148%2C44808285%2C44809072&oid=2&pvsid=10185140260374&tmod=969196629&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=308
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c57f640e35ec9bfae268cb18a4539daae1c9fe0ec5ec883c0413ef1d17127634
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 09:22:33 GMT
x-content-type-options
nosniff
age
20492
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1776
x-xss-protection
0
last-modified
Fri, 24 Jun 2022 15:54:39 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 28 Nov 2024 09:22:33 GMT
truncated
/ Frame F9EB
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
87b8b2c8810808adf35b7eb89b1b08285a32d18092d0c8fa0d050b5297b29895

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
csi
csi.gstatic.com/ Frame 8768
0
45 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lpjwdmrt&c=4106141138917&slotId=2053070569458.5&qqid=CNL33sS96YIDFWU3wQodHUgF3w&fb=outstream-lima&sei=44752538%2C44807615%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4023:1000::5e Fort Worth, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:04:05 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8768
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sun, 26 Nov 2023 15:37:37 GMT
x-content-type-options
nosniff
age
257188
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 25 Nov 2024 15:37:37 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8768
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 00:09:00 GMT
x-content-type-options
nosniff
age
485705
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Nov 2024 00:09:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8768
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=Cev085FJnZdL1IOXuhAadkJX4DYqF955x_c7d1rMRZBABIIi-0iZgyYaAgNyjxBCgAeLrj9UoyAEFqAMByAObBKoE5gFP0MOAp1qx3q5zvcTrhatnnefCI6Q4dJ3sdhYJExyXHQTwch-A8EkabzthUT9riEDzE9HKuG5H0dHvpgJkWU0bX-zSFQlD4SsS6pOmRtK3Oa3hIr_L4MTlImMLbP8HRppmM99QqQ1oS2CQaLTQLIeJT085mmOz2xq49eqYbfUm3_Tx4btd5SjgKcpv4o0y9wdH3qOV6BFbYKqa4fNJ2EumgKLcsvHEwpwmywfV7bXDXvrXrIohekAXujMQb-ktOOw404XEqVIP8kMCvrvgI1kwEkJCeZEFtBSzA4YB4wFP2dQAtO6oWcAEzbrA3KoE4AQDiAWs_IfOS5AGAaAGToAH4qPgtAOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEYHzICigI6AoBASL39wTpYranexL3pggOACgGYCwHICwGADAGiDBQqEgoQ5LSxAu61sQK1uLECu7uxAqoNAlVTsBOtpasV0BMA2BMNiBTSBtgUAdAVAfgWAYAXAQ&eventType=clickstring&clientTime=1701270245529&ai=Cev085FJnZdL1IOXuhAadkJX4DYqF955x_c7d1rMRZBABIIi-0iZgyYaAgNyjxBCgAeLrj9UoyAEFqAMByAObBKoE5gFP0MOAp1qx3q5zvcTrhatnnefCI6Q4dJ3sdhYJExyXHQTwch-A8EkabzthUT9riEDzE9HKuG5H0dHvpgJkWU0bX-zSFQlD4SsS6pOmRtK3Oa3hIr_L4MTlImMLbP8HRppmM99QqQ1oS2CQaLTQLIeJT085mmOz2xq49eqYbfUm3_Tx4btd5SjgKcpv4o0y9wdH3qOV6BFbYKqa4fNJ2EumgKLcsvHEwpwmywfV7bXDXvrXrIohekAXujMQb-ktOOw404XEqVIP8kMCvrvgI1kwEkJCeZEFtBSzA4YB4wFP2dQAtO6oWcAEzbrA3KoE4AQDiAWs_IfOS5AGAaAGToAH4qPgtAOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEYHzICigI6AoBASL39wTpYranexL3pggOACgGYCwHICwGADAGiDBQqEgoQ5LSxAu61sQK1uLECu7uxAqoNAlVTsBOtpasV0BMA2BMNiBTSBtgUAdAVAfgWAYAXAQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1911975768698205&output=html&h=280&slotname=4399507564&adk=2159958853&adf=515906585&pi=t.ma~as.4399507564&w=1090&fwrn=4&fwrnh=100&lmt=1701270244&rafmt=1&format=1090x280&url=https%3A%2F%2Fwsend.co%2F201062992510&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701270244162&bpp=1&bdt=416&idt=318&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280&nras=1&correlator=4370863409764&frm=20&pv=1&ga_vid=1245855537.1701270244&ga_sid=1701270244&ga_hid=1499417117&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=1132&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934%2C31078301%2C44807763%2C44808148%2C44808285%2C44809072&oid=2&pvsid=10185140260374&tmod=969196629&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=323
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:04:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 8768
0
234 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lpjwdmsb&c=4106141138917&slotId=2053070569458.5&qqid=CNL33sS96YIDFWU3wQodHUgF3w&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.ti&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4023:1000::5e Fort Worth, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:04:05 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 8768
33 KB
19 KB
XHR
General
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-DawUDq1yLrlnzQLLDV_df4GnZJLvlZ3_zBLlXUkrR7WwIOFNSkEElJ1MXMfPiCvdkj5K-o1NbGee4_b_nXmJxAz8A7xA&cry=1&dbm_d=AKAmf-DxvCgqtGGhNJFRT-xApGdaN72OPgen6EeG5ZKGxMfCpddmEfYua97uIntbUQQHGUY1sPb94cty4HAGsM7wblVcmI-AR7XqCjvRMY1Ge8bsCyCKp2B9DWfsX2kx9e9FGCFu-yEXLiD_mzcH4Tj_rAYRl8JywVYHhG3-cnD-Z6muo6dOF5ygD-HTDqkfkbsp3W-0VHsMsecHvB_mvT9H-phC6AoFOklZ3BB4Dv2bgtyWVgI8-j7EJTVvxUnftYH5vdKNvkPrvUjlCmtUFn9FcIYqy_kxGxrl_4bMZDnVA0oEO45oXVrPjHdVfNIp2TTAB-E9QY41sn4BW2lCIbEijpx1fLgZEUjeDnWyboGoMigX1YGIrNq3kJFfGrol6DN7VWyeqd9bkdWtQrHJT9pcJeQE0WBgR9j_pWLEwR-_3tGdKRGeWCIobmfxs7x1gPSCVq-xRhVbmtfocRbUgps7vdFNYQPx6fiUqwHIAxyPt-Huprxpf3ZOJN3EDt_PtFePsVNobA2FFaumkFYBmv19hFEW2UNJDIUXEfE60mKMSjW_UgYZ3g3CAYHLzdeOLw-5E6Zo-rEK41gebJ7TblFPrpLj7z47NiOEJ1U9OtoxXo0A3ohu0Y1z-cZm8DilBfqST-X1fdCw2_wz-ZV9AUUlQR4x_ytQNJFaeatzCsz-f7GH6FRW-DZIrfLz19mSUy3sohfCGsUsqd0S217ureuidJdZHlNMhRUMRHRTnlipphPEl0-YQoHUg0diaafC7j9cvKh7JkM3iq8gcwDL0NYogxOMKcDKAT6xHbntQkJlFcED7mAKV3deyBGPZqe_YskS2YctrZyfPHQZFPk5gc_Bk3VTZRBXdiVqO8aF7gyz4PE33zYDjaWpjtRTHEuV0C83Vs36ZbOmLE9JmYFfPJbufTI2B1D70SZZuxp2MK2aerQZ_2m8y8d_iLsYTo1aLsTIiEMiefTmpO2OzDZckvgvZpdXDDDpXETs8JQuFiJP41y5z_sCOaGN6_URnXOFUwkc98E4tbdtwylCBMgt6tsl7V-Ydx_EOmg0hQ-WlixB7p5HUCY5Agk79tdN9W1JRDoHe9YvKjvGn-mwm7QACxJvBZIqhSUi4rFCBIIDVuoLOH42nySNlIUC_tHX3QX2MXRpJI0RPIA9SE9HUjXjhlOiLApxR8HVPxJ7w9chFnu4wNFl-fJZ3444EMK-4nbBm5UF9-dB_FeHQqWSlqV3ns_Cr6Gkm8OQOH0a_gCcx5CfKiloZxCu70yoHrW_aFawUcPiiJYgr_9lZVF7zyyWadEWY9bYBJi_PlSfCYug5ywqsxyFRnnh6bM110ww5aVhDmcAUt3P7D1X0LJ-Aan9G5Jo524EIbfbtVnTC_O_IxxnfofyKYqW27tNErXek9fqpsvFGiL6nbcXvmWh6reOoArQ6umFpbGBtFYUdcywpoa-a7lMMI9YxeqPwmF0Tk_Wdxk1fNMKKtIJe9DakttmW090WsV6E_KiGYIxIfIeKImkRgNF_hNbPStvM7o843T-OqZ7xk_bcO04uZ0_0TBLMc-3sf6lJeQaQs2zQzPgNqpzQqOtD6g5_KgiWL4_NvRcbWAZebwRfCKmkK3udROk8DyAo3BkHHqZ0t69_T2Yb9ZWkLA45OPYkknxUIIg6khJMO_bifcLvdRYGDhTJHpNPlbXRncSi6ec-cqdZKLr0JBVOYSxD17B53j1Wc6ApkdlqDY6Rlz2wiIIc0ZNAyq7YXLKV8zzcOj6R-Aha9F8RgM-V1MI8-0MVYABsrozcR_iGB6RcDTQmgVvXGNJ29cMm_gP1mn00Thg5ZwBUpQfgv1WoAIxtZwbQO0aIU1a8G4N-a5Hr5s9s4Vmokm7x67lKG_mDRRndyYj7vZEIRaxJIeNoJfoBqhczQYaALNDqgcqnBEwLGY3Ip6j8wrs6VYbSWaifAZ4gHZInF4seg2DB_UYn4LCGScWELUB0o1AZXjSi29A-HOvHwAf2byKcmJdGrPd3unntq5X1UbbAFA2iTyb-F0VQ4O1PCIpubv8MQu7luvZeqJEhW-j3BQVGbjTrKdw2tvlgHRJHzBOE0zNNMvUQpQPyaag20rZFaba5yk48VZFuDhiVOerTqHJElKR1MKy9aEASz27kbmheSJsqjGMFdrMPfsV3FpsqZNI6iUNs7Ii5iUDPU8xB6K2_Qww1RKyMipMIsHXLcjFO9L8hAelIDrLNZZ0bzWoscC_livHZdneXwh3KOXhH3ritFHXIggmgYcdW_z-6JCqzTKCdlpIJ2o_4pXFpXrGajrNDOaoxwqEJb7cu9E7_gNV_K2hQukog8Qezysvk2RgXYQ_0JYKTKoIU7JofLgzHvA0qa7EIoixy0o6rzfFQbafrwCGOcPX3qGEp4Zi47lvSgBnvCQRq9DHLYNOWOf-JQfeX2_sCMmMlw6LQIqrJ-tIAHSpdva4kHSQxThPs3oban5ZpE7YZghZs7eLtgPAKSSY6Rw1YUBpe8hi1Z-8JI8ij_xUJOsS4s5X_5f6Nv1wr21luLzsoSHkdaGHjjw6T-o4c2ieB4k8KfblzoaPseKDX1ycQEbV9PHsLlFos_9bFqNAQDS7guvyTU9rgcabN2c7tgJi5I5pNcSNP59u_nHJ7e1Nk-ZMSyGvDRlPeBBQysU6P-1Yj0moU0A22xbICWsvnmnI527yEEVT8-OwGZKpuiDYs9S6k13Tjru0Ab3UqIwah22viDt6l79BBMkFbAw6uafbkdt26HLDvAOQrdieOqQcdOAAVFXCmgWTuklibzEpfPmk_yXQCBqrNhvCoA3bgqcy9855mfFAUfAzQctu_vh9vuw7h00dHnb3BafmirdpyALZMbfi5tlYxz5o6duyyDxSSoyALSc1hrfvbWxUpT1UUE7_MdUZEdrGwfPBdxzzlwYWS6ezZMJNcQDh6c9v5_o56cLpZUXv8mp9NqyIVEuFKv8lBl46siTudwHn_V03hQa7z_qKrPDECeu9klsM216naXeNIjCrn1PitT0GVObMxhWtN-zlj-3PNnFZgg3WlFF5b80493AnV0r8vUOXH81FtpTKD6bwtMWn8YyVQED0tdSgSU6KAaaulKR53LPOwAkKDYzKz8oacxJ-C1TYt6ZUmG2UVMntOh0fDN6x5uLFmvpyBxgH7iaRPZEtkd_bHTBtXvtSuKvpqIfXOdgGA3FuZZYiwym3ryZNcv8k7OaJFFlfbkm7LoBWn6UsaApphunSAIHDxcT_PJQFvVLH5cICJVMj0wBtKOpL3ejq-x697eDTRGe3UkxQ9EKZGaxkLbAf65aSZZgHNz815ALPHO69OqoBJWpwvpnCCROrEzK59-jYgZfQ89X3CE2a3N-W07HKv_ErkIWaNNbMIubYCz7P8zp4eX_STtY0I4asD60rDepmp1AQJVn3ng_-dZRUPUvJ_l2xYDRmrKfB0G4McTKtam53kL3VsyN-1-fqRxBffEJEXob3HtHsBt6eZRM7RMnOsbyMpBarcOCgJzRZcTVHJAc7KdJBCqhAvbK7LIQivsEmRE3EqHMbPovEEwvqaHY45mW_TsEs9r2rEmbs89miPq0Rxgwd418W8f3TKkmXTfhqNT7LJUbYkzp-q-mM4LDx10upHKDtWD4DEWOp6_1WAWqonfl-yK72vW9onzTRoEkn7Z5nr_aq-Ie1KcNpSGB3c7FlWsaa7QN98X6YD_fg_TC4-IMh7bIz3d3NNJGLRSzQVCqEipmzeP1l_bxVbnIebl1PNag3QCc8a7g_e99R25dW5BqPvW1zuPB3Ev1XaYYNO1IPU_fkcjUq31TIbA6SvcFZ7orI2tU9lDldMSr3zDQAZzMmGFY3ZDeUqlnmWM8mi34xNiPO-Q&cid=CAQSTgDICaaN7rTjyQLBIQWXuWo3ZZJj5y1Vgvz705jRlhicpLsmXI1_usy560ICl1MxJc0vDJ8y4ckaU6PMbnx_YOPNZolwq9BH_ti7Y47R7RgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f157.1e100.net
Software
cafe /
Resource Hash
c78e65ad03681bbc9232c9be0ffd200565c94e39113c63ccdb758d87fa8e353b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:04:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18206
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F9EB
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Sat, 25 Nov 2023 18:52:28 GMT
x-content-type-options
nosniff
age
331897
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 24 Nov 2024 18:52:28 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F9EB
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Fri, 24 Nov 2023 00:09:00 GMT
x-content-type-options
nosniff
age
485705
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Nov 2024 00:09:00 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame F9EB
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CF2V85FJnZZbRH9vkrr4PkIWW0AejscqVdIa8rtDXEdrZHhABIIi-0iZgyYaAgNyjxBCgAa6SwMsDyAEJqAMByAPLBKoExQFP0L5LEe-gHPOW5rPunpSVMbROFPI9XpYROMTEz4GPaSHOwgV...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc3b8dab448def1a80000000000000000%22,%222%22:%220xd000b15e3d9cd9b20000000000000000%22,%223%22:%220xb2c481...
0
0
Fetch
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc3b8dab448def1a80000000000000000%22,%222%22:%220xd000b15e3d9cd9b20000000000000000%22,%223%22:%220xb2c48171c23fc5e0000000000000000%22,%224%22:%220xd0a6d805a680afdb0000000000000000%22,%225%22:%220xea199d7a60e88c7b0000000000000000%22},%22debug_key%22:%225754610542623792327%22,%22debug_reporting%22:true,%22destination%22:%22https://controlup.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22963643694%22],%224%22:[%2211-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221016534754773863777%22}&andc=true
Protocol
H3
Server
142.251.111.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:04:06 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"aggregation_keys":{"1":"0xc3b8dab448def1a80000000000000000","2":"0xd000b15e3d9cd9b20000000000000000","3":"0xb2c48171c23fc5e0000000000000000","4":"0xd0a6d805a680afdb0000000000000000","5":"0xea199d7a60e88c7b0000000000000000"},"debug_key":"5754610542623792327","debug_reporting":true,"destination":"https://controlup.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["963643694"],"4":["11-29"],"6":["true"]},"priority":"500","source_event_id":"1016534754773863777"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 29 Nov 2023 15:04:06 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 29 Nov 2023 15:04:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0xc3b8dab448def1a80000000000000000","2":"0xd000b15e3d9cd9b20000000000000000","3":"0xb2c48171c23fc5e0000000000000000","4":"0xd0a6d805a680afdb0000000000000000","5":"0xea199d7a60e88c7b0000000000000000"},"debug_key":"5754610542623792327","debug_reporting":true,"destination":"https://controlup.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["963643694"],"4":["11-29"],"6":["true"]},"priority":"500","source_event_id":"1016534754773863777"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
truncated
/ Frame 8768
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
264cd65ec9f0aa1d527ce332756aa6bcd5c41f18c4850967ba7997145833baa8

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Content-Type
image/png
6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js
pagead2.googlesyndication.com/bg/ Frame 1AED
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1911975768698205&output=html&h=280&slotname=8638372222&adk=2644286354&adf=2420951037&pi=t.ma~as.8638372222&w=1090&fwrn=4&fwrnh=100&lmt=1701270244&rafmt=1&format=1090x280&url=https%3A%2F%2Fwsend.co%2F201062992510&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701270244159&bpp=2&bdt=413&idt=298&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4370863409764&frm=20&pv=1&ga_vid=1245855537.1701270244&ga_sid=1701270244&ga_hid=1499417117&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=338&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934%2C31078301%2C44807763%2C44808148%2C44808285%2C44809072&oid=2&pvsid=10185140260374&tmod=969196629&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=308
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea1ece673616b82840316d3236fc1a02a37f6eb1fcf653812c7117a3c11b315a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Mon, 27 Nov 2023 01:15:11 GMT
content-encoding
br
x-content-type-options
nosniff
age
222534
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15097
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 26 Nov 2024 01:15:11 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 8768
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cj0Q85FJnZdL1IOXuhAadkJX4DYqF955x_c7d1rMRZBABIIi-0iZgyYaAgNyjxBCgAeLrj9UoyAEFqAMBqgTjAU_Qw4CnWrHernO9xOuFq2ed58IjpDh0nex2FgkTHJcdBPByH4DwSRpvO2FRP2uIQPMT0cq4bkfR0e-mAmRZTRtf7NIVCUPhKxLqk6ZG0rc5reEiv8vgxOUiYwts_wdGmmYz31CpDWhLYJBotNAsh4lPTzmaY7PbGrj16pht9Sbf9PHhu13lKOApym_ijTL3B0feo5XoEVtgqprh80nYS6aAotzq8HaolAwrNEcLXGgxPny4ZOB5ldbMzOgoFP2c4BDarNxDiu-1vtgTlc47xsXLQZeaDSmYDFfeNW4nX9s_8cYPwATNusDcqgTgBAOIBaz8h85LkgUECAMYAZIFBggbEAEYAZIFCwgiEAMYA0izl8EBkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZOgAfio-C0A6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcKEPnbDRjbrdDLAdIIHQiAYRABGB8yAooCOgKAQEi9_cE6WK2p3sS96YIDgAoByAsBogwUKhIKEOS0sQLutbECtbixAru7sQLaDBAKChDgjt-u0KOIgRISAgEDsBOtpasVyBPg9Z_jA9ATANgTDYgU0gbYFAHQFQGAFwGyFxwKGggAEhRwdWItMTkxMTk3NTc2ODY5ODIwNRgA&sigh=TkCGeE1-f_w&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgDICaaN7rTjyQLBIQWXuWo3ZZJj5y1Vgvz705jRlhicpLsmXI1_usy560ICl1MxJc0vDJ8y4ckaU6PMbnx_YOPNZolwq9BH_ti7Y47R7RgB&vt=10&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1911975768698205&output=html&h=280&slotname=4399507564&adk=2159958853&adf=515906585&pi=t.ma~as.4399507564&w=1090&fwrn=4&fwrnh=100&lmt=1701270244&rafmt=1&format=1090x280&url=https%3A%2F%2Fwsend.co%2F201062992510&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701270244162&bpp=1&bdt=416&idt=318&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280&nras=1&correlator=4370863409764&frm=20&pv=1&ga_vid=1245855537.1701270244&ga_sid=1701270244&ga_hid=1499417117&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=1132&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934%2C31078301%2C44807763%2C44808148%2C44808285%2C44809072&oid=2&pvsid=10185140260374&tmod=969196629&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=323
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c1b::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1911975768698205&output=html&h=280&slotname=4399507564&adk=2159958853&adf=515906585&pi=t.ma~as.4399507564&w=1090&fwrn=4&fwrnh=100&lmt=1701270244&rafmt=1&format=1090x280&url=https%3A%2F%2Fwsend.co%2F201062992510&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701270244162&bpp=1&bdt=416&idt=318&shv=r20231109&mjsv=m202311150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1090x280&nras=1&correlator=4370863409764&frm=20&pv=1&ga_vid=1245855537.1701270244&ga_sid=1701270244&ga_hid=1499417117&ga_fc=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=255&ady=1132&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44798934%2C31078301%2C44807763%2C44808148%2C44808285%2C44809072&oid=2&pvsid=10185140260374&tmod=969196629&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=323
Attribution-Reporting-Eligible
event-source
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 29 Nov 2023 15:04:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 29 Nov 2023 15:04:05 GMT
sodar
pagead2.googlesyndication.com/getconfig/
16 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
67dc4772a027d0e3332086fb48dfaa20ac53fb0f83afe0ee1e30a57bdc4f6d27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wsend.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:04:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12265
x-xss-protection
0
/
www.googleadservices.com/pagead/ar-adview/ Frame
0
0
Preflight
General
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220xc3b8dab448def1a80000000000000000%22,%222%22:%220xd000b15e3d9cd9b20000000000000000%22,%223%22:%220xb2c48171c23fc5e0000000000000000%22,%224%22:%220xd0a6d805a680afdb0000000000000000%22,%225%22:%220xea199d7a60e88c7b0000000000000000%22},%22debug_key%22:%225754610542623792327%22,%22debug_reporting%22:true,%22destination%22:%22https://controlup.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22963643694%22],%224%22:[%2211-29%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221016534754773863777%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 29 Nov 2023 15:04:06 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311150101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wsend.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:04:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 29 Nov 2023 15:04:05 GMT
csi
csi.gstatic.com/ Frame 8768
0
45 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lpjwdmsz&c=4106141138917&slotId=2053070569458.5&qqid=CNL33sS96YIDFWU3wQodHUgF3w&fb=outstream-lima&vast_v=2.0&vmfc=18&vhc=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4023:1000::5e Fort Worth, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:04:05 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 8768
41 KB
15 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 11:17:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
13624
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 28 Nov 2024 11:17:01 GMT
file.webm
r3---sn-q4flrney.c.2mdn.net/videoplayback/id/f2fb96b191ab7b11/itag/45/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3733750477/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mi... Frame 8768
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/f2fb96b191ab7b11/itag/45/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3733750477/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/sign...
  • https://r3---sn-q4flrney.c.2mdn.net/videoplayback/id/f2fb96b191ab7b11/itag/45/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3733750477/sparams/acao,ctier,expire,id,ip,ipbits,it...
0
0
Fetch
General
Full URL
https://r3---sn-q4flrney.c.2mdn.net/videoplayback/id/f2fb96b191ab7b11/itag/45/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3733750477/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1BDA3FF75EE8DC6254E86690397CE5FA712F2989.7F98D85EC64A8CB2EE39AB7222B235349693E29D/key/cms1/cms_redirect/yes/mh/6S/mip/2001:550:1d05:1::4/mm/42/mn/sn-q4flrney/ms/onc/mt/1701269730/mv/u/mvi/3/pl/48/file/file.webm
Protocol
HTTP/1.1
Server
2607:f8b0:4000:49::8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

Date
Wed, 29 Nov 2023 15:04:07 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length
1865786
Last-Modified
Tue, 12 May 2020 16:54:36 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/webm
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Wed, 29 Nov 2023 15:04:07 GMT

Redirect headers

date
Wed, 29 Nov 2023 15:04:06 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
650
x-xss-protection
0
pragma
no-cache
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
location
https://r3---sn-q4flrney.c.2mdn.net/videoplayback/id/f2fb96b191ab7b11/itag/45/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3733750477/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1BDA3FF75EE8DC6254E86690397CE5FA712F2989.7F98D85EC64A8CB2EE39AB7222B235349693E29D/key/cms1/cms_redirect/yes/mh/6S/mip/2001:550:1d05:1::4/mm/42/mn/sn-q4flrney/ms/onc/mt/1701269730/mv/u/mvi/3/pl/48/file/file.webm
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
https://googleads.g.doubleclick.net
expires
Fri, 01 Jan 1990 00:00:00 GMT
help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame 8768
453 B
594 B
Image
General
Full URL
https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-pub-1911975768698205
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::5f Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:04:05 GMT
x-content-type-options
nosniff
last-modified
Wed, 13 Oct 2021 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
image/png
cache-control
public, max-age=3000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
453
x-xss-protection
0
expires
Wed, 29 Nov 2023 15:54:05 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CFD2
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://wsend.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
29101
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 29 Nov 2023 06:59:05 GMT
expires
Thu, 28 Nov 2024 06:59:05 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4C53
829 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1b::93 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f9fd54dda9760ba88e7e0fd7b7cd6a1074c77efa170fab04c82d497a64ab3f85
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-z-J6MExaVt1I6u-svUZHGQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://wsend.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-z-J6MExaVt1I6u-svUZHGQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 29 Nov 2023 15:04:06 GMT
expires
Wed, 29 Nov 2023 15:04:06 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 5988
23 KB
8 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
13615
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
7799
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 29 Nov 2023 11:17:11 GMT
expires
Thu, 28 Nov 2024 11:17:11 GMT
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 5988
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 05:52:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
33103
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Nov 2024 05:52:23 GMT
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame CFD2
39 KB
15 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 05:52:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
33103
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 28 Nov 2024 05:52:23 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4C53
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=10185140260374&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame CFD2
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?Lr8YDw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::84 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

date
Wed, 29 Nov 2023 15:04:06 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5988
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BYK7M5VJnZaq3LumCnboPxJCzoAQAAAAAOAHgBAI&bg=!mpmlmdbNAAZxrfrxUa07ADQBe5WfOOz7z84vDMRw67xBXQijy_dtPOoqCsqMT_9cGegTRy5EtVPoo_VZYc0UCw1AJTOXAgAAAQRSAAAACWgBB5kC311jE0Dz3m4wfmBq4uLP7iUCrW9gLm9hp59r2vO49Unv92Xq69ZfnGduPV8BI9YDMKrERtbO9zA7IM8aY4uLVmyNQMdcXS40_4CkVJtrkjXexXZuw8g81p190EH7dwIMFOCUGvh4KfEvqjS6DDbtPj-EK62r60MWR6QdK53_lIQnAUxbmZxesPjzPXxPH8UmZWjwtluK3Emy0JmNvKRS3ToB34OB6vn2fLC_IGN-v04UQVzrDMKE9bRQ0kKQtleslzEV_WfIQWZ5Vr_80ihgJf5eQ_LzZV4ORyKmfi_Awax8A_vtxrkFRWCcTVonwePyj4HjhVt9vR-0ZBEbinm3QCe0zlaifs3QYBksX7d_JhdJjG0p5zIv2khf9AmG37I3hum9JvnPwgql9Nyk4FM2QTeHfAknUaLUtsqvYTMv0kxC7agjPSML9YT5Qzps0f8wGBmvSP-saaOjnvhXv9DCMRURmj3S02DvXggawq5qZGtO6t6LDCtogLTYaYVl1MmX5SpNL82Dww-PV_lxyvE_gzT-zunKbDrVlY4AZKP1_nH2uNjS9OfK3KeJB0pgG1tN8J5JcTvnEOmOGrQrLRqZrphiZPbmddfiRWXSb2EZiA9L_AaDdbobCEVVNbBga18zggFUpHyFcwB6BswArsLexM99IbWbqIBJ9Hgejminxm66s9hF7kHCYISzSaJsavUcir3v2MEyNsLLD6bqg9AFi2HoaRX6gMI14EAXAPVp5UpTDETn4QF4L6pP4jQXRD4b4TYXMHi4tWmfNAmfB10Vkpje22B32Vgwak9Z_MZbWCxQOX4wiBSclXaVAIgf16TBn9OGOnjiwopSMjQn7bh6pVM1iG89vht0vGIZI0EqiBWkKFJCv23l2YKAzRv5WSgLjZzNLyYYDpv-AVrpL7jwQcgU6XGuXg7krfkNQW_kiO1F7OgTWDajcBYE_rjFaqyvJ-nD_bipfMHPUt7goPV-xw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:04:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame F9EB
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuTsfRYq3hh8vynYkl_UpYdpHd-RDKykTsbarvuA2jyjPwKbu8vvdrBPxfTApreqylykyc8YkSd0buAE4S3aij10pJj0ofZToVhLgfch5cwH6K3SYUrN1GG62UDqYeFTMjCAb0gc8uz5wIjyWYo7ZzvIF16Tcmz2HWdjVosQA&sai=AMfl-YQpTYSYN5z4c6UU9sLxWTqiG1_FKatvJYcSlO57FZVM8n9a1ubglo6c8iQeRArHmbyIpQQGi_Izv5y-ycSyasSd_GTAxoGb4sf9mJ2RJyPh3N04YXBVMfZeqRCsVJhHHzSQ0sKLI36xkJuK31ManBS5NnnsA35lhbdY&sig=Cg0ArKJSzEDf-lKQLUWOEAE&cid=CAQSTwDICaaNXJDjh9J007fvzIz3anzJGfUJotpt8LzkgDkPxGpVvn00rQQUW1YRqEOGbVIBhwtE1TxjP8_kAsXGrztWijbcCwzs655dnStHBPsYAQ&id=lidar2&mcvt=1000&p=0,0,280,1090&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231116&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2644286354&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1701270244471&rpt=1166&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:04:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 8768
0
17 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lpjwdn1b&c=4106141138917&slotId=2053070569458.5&qqid=CNL33sS96YIDFWU3wQodHUgF3w&fb=outstream-lima&gpm_i=12&gpm_c=12&gpm_a=12&smb=Infinity&br=2286&mt=video%2Fwebm&vs=1280x720&msm=1&aits=17%2C36%2C18%2C22%2C37%2C59%2C342%2C343%2C344%2C345%2C346%2C347%2C43%2C44%2C45%2C46%2C0%2C692&webm=3&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fwebm%2Cvideo%2Fwebm%2Cvideo%2Fwebm&hvmf=false&vms=1&bit=45&vsrc=doubleclick_dmm&hcn=0&met.4=arp_a_e.12b~atrd.12v&ua_e=1&ple=1&ape=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4023:1000::5e Fort Worth, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Nov 2023 15:04:06 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=10185140260374&bg=!9fal9rnNAAZxrfrxUa07ADQBe5WfOHj515U3Q1YG2qTRZoQZGxwKrbWGTSMutIKFvH4dXRB7_T7k75qIsdcVndt4AbAAAgAAAONSAAAABGgBB5kCw53Edc-jSBckp3ddGlebbzns9BM7MmSye5wKmyrRlzvh5JP1cnII1Xy6V6lzi-1DJVSvsam-nHEo_MQUcBWReCZT1MQjjnBI9UpDCpt3e-06T6my64HVOwt3eA5FpDM1aP9lIae0zrgOelmAPN9fvW4P_MYRg7ZR-PwYFpJZkHb48tcGdqFGz9F4dS69d4KTS0KvuOwUsE9geQg1Z_cUK4iJNRIW7Zr9ezd-zIfJ7yKRI60wuN7ocEXJ1t1FD6LalWhVoaT_p0LJXYMkp9qB8-z0sJa8rFD37GUXxRZZb2kIp27jk1T0_TEuGSbfDKuWsDmMl3XItm7HYVgLzrQUGITcYb1V5ayEquaVS8qJsOEuAbhYaxG9N8hM0HxgNl3C8pd_9z1Vmy67RV_mHMI61hN06ljH53a8nH-66Z07yE1L0F4VTP1yhg5rKj9BPQ9DFW5TmXukAyzY22fXPsISRoHmKUhrbc5s0rfs2d41R1leNrmUJGRKPqm2gsu4hxmrl4LgdACPeD7vHqhRNVOnm0ZfaFo7yWtFf-moEfkAbw8VknRykI1xYHO6thtxj5ahHrgTa-_ZoK0kvnnVHVQiP_C8_VW8XbuxeypkfBjrqQaoLaRVulFoWO1YtpbKbIhIy_cAjD-DlWm_fG_MuuuaMa4HSbRCP5tO722Un_hnY78ZpZnZvSwYGIVBbBMpEVfEAH-za0L2--ycQkUvySc4u3G8A11KvjlgzO27tgWduF2gz1uDpQbGHQ5JukDWCW4b82v4c9bg8NKTqyRrY8oFX5U7Qlfmw7XUkcFcAtmM_z0YAs9RGqH3Lkobk3isGl3J1bt-1DuPfcIhGUEUiBAJbOCAj74CEXRAPj4-WjwOv9wg2VYgktMoEfuaF2nP71W4AhnugWLad7bIZaTjvdXrPZa3jsNdU-t0uYzwlV816Zpsp-CE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9a Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-US,en;q=0.9
Referer
https://wsend.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

file.webm
r3---sn-q4flrney.c.2mdn.net/videoplayback/id/f2fb96b191ab7b11/itag/45/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3733750477/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mi... Frame 8768
342 KB
342 KB
XHR
General
Full URL
https://r3---sn-q4flrney.c.2mdn.net/videoplayback/id/f2fb96b191ab7b11/itag/45/source/doubleclick_dmm/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3733750477/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/1BDA3FF75EE8DC6254E86690397CE5FA712F2989.7F98D85EC64A8CB2EE39AB7222B235349693E29D/key/cms1/cms_redirect/yes/mh/6S/mip/2001:550:1d05:1::4/mm/42/mn/sn-q4flrney/ms/onc/mt/1701269730/mv/u/mvi/3/pl/48/file/file.webm?range=0-349999
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20231113_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4000:49::8 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
dff80035aa393fdf52649ad9219e59e22fa432be5b9f610c0352fb742dad78ad
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.199 Safari/537.36

Response headers

client-protocol
quic
date
Wed, 29 Nov 2023 15:04:07 GMT
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
content-length
350000
last-modified
Tue, 12 May 2020 16:54:36 GMT
server
gvs 1.0
vary
Origin
content-type
video/webm
access-control-allow-origin
https://googleads.g.doubleclick.net
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://googleads.g.doubleclick.net
expires
Wed, 29 Nov 2023 15:04:07 GMT

Verdicts & Comments Add Verdict or Comment

40 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| documentPictureInPicture function| gtag object| dataLayer function| DlCopy object| adsbygoogle function| show_website_content object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_sa_impl object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| googletag object| GoogleGcLKhOms

8 Cookies

Domain/Path Name / Value
wsend.co/ Name: PHPSESSID
Value: 399ff78c2e66a52290212af7000f2583
.wsend.co/ Name: _ga_2ELFHMNZ2B
Value: GS1.1.1701270244.1.0.1701270244.0.0.0
.wsend.co/ Name: _ga
Value: GA1.1.1245855537.1701270244
.wsend.co/ Name: __gads
Value: ID=db111b90d842191a:T=1701270244:RT=1701270244:S=ALNI_MYLSES-OXC9FZDHaQRLESdxQCpbsw
.wsend.co/ Name: __gpi
Value: UID=00000da496237666:T=1701270244:RT=1701270244:S=ALNI_MZ9qLZc0CD3v-IDOwrh4cUYA0jb-Q
.doubleclick.net/ Name: IDE
Value: AHWqTUlA4UxmyXcmiOB5T2EliqNl45B6G224uhvFLRHeFnqoCUz9OMvdX9M177CC2vY
.doubleclick.net/ Name: APC
Value: AfxxVi6Tsy250ggjta4kwC5h3e4Vk8QjVt9SAKcVyMCwBArqMUIjNA
.googleadservices.com/ Name: ar_debug
Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bid.g.doubleclick.net
csi.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
imasdk.googleapis.com
pagead2.googlesyndication.com
r3---sn-q4flrney.c.2mdn.net
tpc.googlesyndication.com
wsend.co
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
142.251.111.154
142.251.167.157
2606:4700:20::681a:79f
2607:f8b0:4000:49::8
2607:f8b0:4004:c06::5f
2607:f8b0:4004:c06::64
2607:f8b0:4004:c07::9a
2607:f8b0:4004:c08::5e
2607:f8b0:4004:c09::5e
2607:f8b0:4004:c0b::5f
2607:f8b0:4004:c17::61
2607:f8b0:4004:c17::84
2607:f8b0:4004:c1b::93
2607:f8b0:4004:c1b::9b
2607:f8b0:4004:c1d::8b
2607:f8b0:4023:1000::5e
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
264cd65ec9f0aa1d527ce332756aa6bcd5c41f18c4850967ba7997145833baa8
28c5732eefa979245ff326045f37b6b7cdfc92385c594caea33e265e4a066c7b
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
420c7579c1de54e20027c1fc6abda9c53ac1c0872c6d147ed2759cce872c2bd4
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5b2983c6d30fb83b4832f63815272ae26853b286b40ed2b918b0ead8e7b4bdd6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
67dc4772a027d0e3332086fb48dfaa20ac53fb0f83afe0ee1e30a57bdc4f6d27
6c65b940f44dc0c0e6ccba7e4b5dfad9482a287a71d49983b8e7bc06bb513d09
87b8b2c8810808adf35b7eb89b1b08285a32d18092d0c8fa0d050b5297b29895
8e960cd78bd99dbd84374364e287fe8e8704f618ce02529b1e10db15cc016668
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
ac1e65a6063a71b97192960a9386e0b26cd938a207b879677cf7fac9da5e4ec1
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b68d073fbc76126fb7c7f47a7d0125e99a108cb5393f4d668ba44c4369718eed
be4583001db5a5930a8e5a876cc30e61f69c33db8f73036f9a0d01cb4a3f1d07
c57f640e35ec9bfae268cb18a4539daae1c9fe0ec5ec883c0413ef1d17127634
c78e65ad03681bbc9232c9be0ffd200565c94e39113c63ccdb758d87fa8e353b
cee95e2322f1ab9560942e6b43be1dc9964cafca708c8a737fc886068e29cb7a
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
dff80035aa393fdf52649ad9219e59e22fa432be5b9f610c0352fb742dad78ad
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e877aa982203a9834412147cc5475351440585402ff9026c630de5262f585af9
ea1ece673616b82840316d3236fc1a02a37f6eb1fcf653812c7117a3c11b315a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f69dcb2d870ba85098ea0370af30f3dc5285569d2111a7c6f21b183f12bd739a
f711cdb3e5614a6b9c2c609f81f534bb84ae367b160147707f87815826b44b15
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
f9fd54dda9760ba88e7e0fd7b7cd6a1074c77efa170fab04c82d497a64ab3f85